[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [qemu-mainline bisection] complete test-amd64-i386-xl-qemuu-debianhvm-amd64
branch xen-unstable xenbranch xen-unstable job test-amd64-i386-xl-qemuu-debianhvm-amd64 testid debian-hvm-install Tree: linux git://xenbits.xen.org/linux-pvops.git Tree: linuxfirmware git://xenbits.xen.org/osstest/linux-firmware.git Tree: qemu git://xenbits.xen.org/qemu-xen-traditional.git Tree: qemuu git://git.qemu.org/qemu.git Tree: xen git://xenbits.xen.org/xen.git *** Found and reproduced problem changeset *** Bug is in tree: qemuu git://git.qemu.org/qemu.git Bug introduced: b04fc428356a540fdb9065fa8c3c71ee476c2031 Bug not present: f2155a089600e80cf7bcdc814520ef3304882cc4 Last fail repro: http://logs.test-lab.xenproject.org/osstest/logs/65229/ commit b04fc428356a540fdb9065fa8c3c71ee476c2031 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 26 17:50:12 2015 +0000 Update version for v2.5.0-rc2 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 72f75c76d84e2eefc6806dafca116860ffe847f0 Merge: a5df350 d08e42a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 26 16:50:59 2015 +0000 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging vhost, pc: fixes for 2.5 Minor vhost fixes. HW version tweak for PC. Documentation and test updates. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu 26 Nov 2015 16:40:25 GMT using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: vhost-user-test: fix migration overlap test Fix memory leak on error Revert "vhost: send SET_VRING_ENABLE at start/stop" tests/vhost-user-bridge: read command line arguments tests/vhost-user-bridge: propose GUEST_ANNOUNCE feature vhost-user: clarify start and enable vhost-user: set link down when the char device is closed pc: Don't set hw_version on pc-*-2.5 osdep: Change default value of qemu_hw_version() to "2.5+" Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d08e42a1125d384cb53423f5810b0c7ea52dc6c9 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Nov 26 15:14:02 2015 +0200 vhost-user-test: fix migration overlap test During migration, source does GET_BASE, destination does SET_BASE. Use that as opposed to fds being configured to detect vhost user running on both source and destination. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit a5df35070a4c7fa8e2d9c6bd7175ee8e3e0f7641 Merge: 317e4db df64983 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 26 16:27:26 2015 +0000 Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-11-26' into staging QMP and QObject patches # gpg: Signature made Thu 26 Nov 2015 09:07:18 GMT using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-monitor-2015-11-26: qjson: Limit number of tokens in addition to total size qjson: surprise, allocating 6 QObjects per token is expensive qjson: store tokens in a GQueue qjson: Convert to parser to recursive descent qjson: replace QString in JSONLexer with GString qjson: Inline token_is_escape() and simplify qjson: Inline token_is_keyword() and simplify qjson: Give each of the six structural chars its own token type qjson: Spell out some silent assumptions check-qjson: Add test for JSON nesting depth limit qjson: Don't crash when input exceeds nesting limit qjson: Apply nesting limit more sanely monitor: Plug memory leak on QMP error Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 317e4db6e90421abeeebc78f1a3e8472a76b2e74 Merge: fe4cf57 5120901 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 26 15:56:53 2015 +0000 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging Small patches, without the one that introduces -fwrapv. # gpg: Signature made Thu 26 Nov 2015 15:48:53 GMT using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" * remotes/bonzini/tags/for-upstream: target-i386: kvm: Print warning when clearing mcg_cap bits target-i386: kvm: Use env->mcg_cap when setting up MCE target-i386: kvm: Abort if MCE bank count is not supported by host virtio-scsi: don't crash without a valid device target-sparc: fix 32-bit truncation in fpackfix exec: remove warning about mempath and hugetlbfs Revert "exec: silence hugetlbfs warning under qtest" call bdrv_drain_all() even if the vm is stopped MAINTAINERS: Update TCG CPU cores section Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5120901a378501403d5454b69cf43e666fc29d5b Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Nov 25 18:19:16 2015 +0100 target-i386: kvm: Print warning when clearing mcg_cap bits Instead of silently clearing mcg_cap bits when the host doesn't support them, print a warning when doing that. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> [Avoid \n at end of error_report. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1448471956-66873-10-git-send-email-pbonzini@xxxxxxxxxx> commit 2590f15b13cc57487518996b32bb7626b0d80909 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Nov 25 18:19:15 2015 +0100 target-i386: kvm: Use env->mcg_cap when setting up MCE When setting up MCE, instead of using the MCE_*_DEF macros directly, just filter the existing env->mcg_cap value. As env->mcg_cap is already initialized as MCE_CAP_DEF|MCE_BANKS_DEF at target-i386/cpu.c:mce_init(), this doesn't change any behavior. But it will allow us to change mce_init() in the future, to implement different defaults depending on CPU model, machine-type or command-line parameters. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1448471956-66873-9-git-send-email-pbonzini@xxxxxxxxxx> commit 49b69cbfcd6e32e2178d6ff7e5d60689c3f79c6e Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Nov 25 18:19:14 2015 +0100 target-i386: kvm: Abort if MCE bank count is not supported by host Instead of silently changing the number of banks in mcg_cap based on kvm_get_mce_cap_supported(), abort initialization if the host doesn't support MCE_BANKS_DEF banks. Note that MCE_BANKS_DEF was always 10 since it was introduced in QEMU, and Linux always returned 32 at KVM_CAP_MCE since KVM_CAP_MCE was introduced, so no behavior is being changed and the error can't be triggered by any Linux version. The point of the new check is to ensure we won't silently change the bank count if we change MCE_BANKS_DEF or make the bank count configurable in the future. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> [Avoid Yoda condition and \n at end of error_report. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1448471956-66873-8-git-send-email-pbonzini@xxxxxxxxxx> commit 3e32e8a96e6995cde3d8a13d68e31226ee83f290 Author: Eugene (jno) Dvurechenski <jno@xxxxxxxxxxxxxxxxxx> Date: Thu Nov 26 15:45:35 2015 +0100 virtio-scsi: don't crash without a valid device Make sure that we actually have a device when checking the aio context. Otherwise guests could trigger QEMU crashes. Signed-off-by: "Eugene (jno) Dvurechenski" <jno@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Message-Id: <1448549135-6582-2-git-send-email-jno@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 12a3567c4099be194b44987ac5d7d65b99bcfab7 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Nov 2 15:05:34 2015 +0100 target-sparc: fix 32-bit truncation in fpackfix This is reported by Coverity. The algorithm description at ftp://ftp.icm.edu.pl/packages/ggi/doc/hw/sparc/Sparc.pdf suggests that the 32-bit parts of rs2, after the left shift, is treated as a 64-bit integer. Bits 32 and above are used to do the saturating truncation. Message-Id: <1446473134-4330-1-git-send-email-pbonzini@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bfc2a1a1f41c2861b20e8318c0541d0823427802 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Nov 25 10:52:29 2015 +0000 exec: remove warning about mempath and hugetlbfs The gethugepagesize() method in exec.c printed a warning if the file path for "-mem-path" or "-object memory-backend-file" was not on a hugetlbfs filesystem. This warning is bogus, because QEMU functions perfectly well with the path on a regular tmpfs filesystem. Use of hugetlbfs vs tmpfs is a choice for the management application or end user to make as best fits their needs. As such it is inappropriate for QEMU to have an opinion on whether the user's choice is right or wrong in this case. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1448448749-1332-3-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2c189a4e12a37b1c7cae2a2643c378c5af8f67fc Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Nov 25 10:52:28 2015 +0000 Revert "exec: silence hugetlbfs warning under qtest" This reverts commit 1c7ba94a184df1eddd589d5400d879568d3e5d08. That commit changed QEMU initialization order from - object-initial, chardev, qtest, object-late to - chardev, qtest, object-initial, object-late This breaks chardev setups which need to rely on objects having been created. For example, when chardevs use TLS encryption in the future, they need to have tls credential objects created first. This revert, restores the ordering introduced in commit f08f9271bfe3f19a5eb3d7a2f48532065304d5c8 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 13 17:14:04 2015 +0100 vl: Create (most) objects before creating chardev backends Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1448448749-1332-2-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b2780d325306dc80ec07db9c0c61e9b2ac10e559 Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Fri Nov 20 17:34:38 2015 +0800 call bdrv_drain_all() even if the vm is stopped There are still I/O operations when the vm is stopped. For example, stop the vm, and do block migration. In this case, we don't drain all I/O operation, and may meet the following problem: qemu-system-x86_64: migration/block.c:731: block_save_complete: Assertion `block_mig_state.submitted == 0' failed. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Message-Id: <564EE92E.4070701@xxxxxxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 903a41d3415960240cb3b9f1d66f3707b27010d6 Author: Stefano Dong (è?£å?´æ°´) <opensource.dxs@xxxxxxxxxx> Date: Thu Nov 26 12:00:12 2015 +0000 Fix memory leak on error hw/ppc/spapr.c: Fix memory leak on error, it was introduced in bc09e0611 hw/acpi/memory_hotplug.c: Fix memory leak on error, it was introduced in 34f2af3d Signed-off-by: Stefano Dong (è?£å?´æ°´) <opensource.dxs@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fe4cf57da7a85fa65488448acdc22a65096e832a Merge: b8b0ee0 7fe4a41 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 26 10:58:10 2015 +0000 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-20151126-1' into staging vnc: fix segfault # gpg: Signature made Thu 26 Nov 2015 07:37:43 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vnc-20151126-1: vnc: fix segfault Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b8b0ee0ea3d2789d8ee7372b9a173e7952e18087 Merge: 7ef7ddf 44c6e00 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 26 10:24:18 2015 +0000 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-11-25-v2-tag' into staging qemu-ga patch queue for 2.5 * include additional w32 MSI install components needed for guest-exec * fix 'make install' when compiling with --disable-tools * fix potential data corruption/loss when accessing files bi-directionally via guest-file-{read,write} * explicitly document how integer args for guest-file-seek map to SEEK_SET/SEEK_CUR/etc to avoid platform-specific differences v2: * fixed missing SoB # gpg: Signature made Wed 25 Nov 2015 23:58:45 GMT using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" * remotes/mdroth/tags/qga-pull-2015-11-25-v2-tag: qga: added another non-interactive gspawn() helper file. qga: Better mapping of SEEK_* in guest-file-seek tests: add file-write-read test qga: flush explicitly when needed qga: gspawn() console helper to Windows guest agent msi build makefile: fix qemu-ga make install for --disable-tools Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 449e3578107799817a81249b189f6f82aa9e787d Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Nov 25 13:39:57 2015 +0200 Revert "vhost: send SET_VRING_ENABLE at start/stop" This reverts commit 3a12f32229a046f4d4ab0a3a52fb01d2d5a1ab76. In case of live migration several queues can be enabled and not only the first one. So informing backend that only the first queue is enabled is wrong. Reported-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> Cc: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> commit 7ef7ddf37674f7147ef23c311cbc3c37e908c8b0 Merge: c7933a8 9c73517 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 26 09:44:25 2015 +0000 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Wed 25 Nov 2015 20:25:21 GMT using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" * remotes/jnsnow/tags/ide-pull-request: ide-test: fix timeouts atapi: Fix code indentation atapi: Account for failed and invalid operations in cd_read_sector() ide-test: cdrom_pio_impl fixup Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit df649835fe48f635a93316fdefe96ced7189316e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:33 2015 +0100 qjson: Limit number of tokens in addition to total size Commit 29c75dd "json-streamer: limit the maximum recursion depth and maximum token count" attempts to guard against excessive heap usage by limiting total token size (it says "token count", but that's a lie). Total token size is a rather imprecise predictor of heap usage: many small tokens use more space than few large tokens with the same input size, because there's a constant per-token overhead: 37 bytes on my system. Tighten this up: limit the token count to 2Mi. Chosen to roughly match the 64MiB total token size limit. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1448486613-17634-13-git-send-email-armbru@xxxxxxxxxx> commit 9bada8971173345ceb37ed1a47b00a01a4dd48cf Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Nov 25 22:23:32 2015 +0100 qjson: surprise, allocating 6 QObjects per token is expensive Replace the contents of the tokens GQueue with a simple struct. This cuts the amount of memory allocated by tests/check-qjson from ~500MB to ~20MB, and the execution time from 600ms to 80ms on my laptop. Still a lot (some could be saved by using an intrusive list, such as QSIMPLEQ, instead of the GQueue), but the savings are already massive and the right thing to do would probably be to get rid of json-streamer completely. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1448300659-23559-5-git-send-email-pbonzini@xxxxxxxxxx> [Straightforwardly rebased on my patches] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 95385fe9ace7db156b924da6b6f5c9082b68ba68 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Nov 25 22:23:31 2015 +0100 qjson: store tokens in a GQueue Even though we still have the "streamer" concept, the tokens can now be deleted as they are read. While doing so convert from QList to GQueue, since the next step will make tokens not a QObject and we will have to do the conversion anyway. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1448300659-23559-4-git-send-email-pbonzini@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit d538b25543f4db026bb435066e2403a542522c40 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:30 2015 +0100 qjson: Convert to parser to recursive descent We backtrack in parse_value(), even though JSON is LL(1) and thus can be parsed by straightforward recursive descent. Do exactly that. Based on an almost-correct patch from Paolo Bonzini. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448486613-17634-10-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit d2ca7c0b0d876cf0e219ae7a92252626b0913a28 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Nov 25 22:23:29 2015 +0100 qjson: replace QString in JSONLexer with GString JSONLexer only needs a simple resizable buffer. json-streamer.c can allocate memory for each token instead of relying on reference counting of QStrings. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1448300659-23559-2-git-send-email-pbonzini@xxxxxxxxxx> [Straightforwardly rebased on my patches, checkpatch made happy] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 6b9606f68ec589def27bd2a9cea97ec63cffd581 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:28 2015 +0100 qjson: Inline token_is_escape() and simplify Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448486613-17634-8-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 50e2a467f5315fa36c547fb6330659ba45f6bb83 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:27 2015 +0100 qjson: Inline token_is_keyword() and simplify Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448486613-17634-7-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit c54616608af442edf4cfb7397a1909c2653efba0 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:26 2015 +0100 qjson: Give each of the six structural chars its own token type Simplifies things, because we always check for a specific one. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448486613-17634-6-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit b8d3b1da3cdbb02e180618d6be346c564723015d Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:25 2015 +0100 qjson: Spell out some silent assumptions Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448486613-17634-5-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit f0ae0304c7a41a42b7d4a6cde450da938d3c2cc7 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:24 2015 +0100 check-qjson: Add test for JSON nesting depth limit This would have prevented the regression mentioned in the previous commit. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1448486613-17634-4-git-send-email-armbru@xxxxxxxxxx> commit 0753113a26bb8c77f951b1ea91fd4f36d099c37a Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:23 2015 +0100 qjson: Don't crash when input exceeds nesting limit We limit nesting depth and input size to defend against input triggering excessive heap or stack memory use (commit 29c75dd json-streamer: limit the maximum recursion depth and maximum token count). However, when the nesting limit is exceeded, parser_context_peek_token()'s assertion fails. Broken in commit 65c0f1e "json-parser: don't replicate tokens at each level of recursion". To reproduce stuff 1025 open braces or brackets into QMP. Fix by taking the error exit instead of the normal one. Reported-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1448486613-17634-3-git-send-email-armbru@xxxxxxxxxx> commit 4f2d31fbc0bfdf41feea7d1be49f4f7ffa005534 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:22 2015 +0100 qjson: Apply nesting limit more sanely The nesting limit from commit 29c75dd "json-streamer: limit the maximum recursion depth and maximum token count" applies separately to braces and brackets. This makes no sense. Apply it to their sum, because that's actually a measure of recursion depth. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1448486613-17634-2-git-send-email-armbru@xxxxxxxxxx> commit 3a81a10179b702e031d8f84438193d83a64b4122 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 29 12:15:09 2015 +0100 monitor: Plug memory leak on QMP error Leak introduced in commit 8a4f501..710aec9, v2.4.0. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1446117309-15322-1-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 7fe4a41c262e2529dc79f77f6fe63c5309fa2fd9 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Nov 25 08:04:05 2015 +0100 vnc: fix segfault Commit "c7628bf vnc: only alloc server surface with clients connected" missed one rarely used codepath (cirrus with guest drivers using 2d accel) where we have to check for the server surface being present, to avoid qemu crashing with a NULL pointer dereference. Add the check. Reported-by: Anthony PERARD <anthony.perard@xxxxxxxxxx> Tested-by: Anthony PERARD <anthony.perard@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 44c6e00c3fd85b9c496bd3e74108ace126813a59 Author: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Date: Wed Nov 25 22:02:26 2015 +0300 qga: added another non-interactive gspawn() helper file. With previous commit we added gspawn-win64-helper-console.exe, required for gspawn() mingw implementation. Unfortunatly when running as a service without interactive desktop, gspawn() also requires another helper app. Added gspawn-win64-helper.exe and gspawn-win32-helper.exe for corresponding architectures. Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> * remove trailing whitespace Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 0a982b1bf3953dc8640c4d6e619fb1132ebbebc3 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Wed Nov 25 10:37:15 2015 -0700 qga: Better mapping of SEEK_* in guest-file-seek Exposing OS-specific SEEK_ constants in our qapi was a mistake (if the host has SEEK_CUR as 1, but the guest has it as 2, then the semantics are unclear what should happen); if we had a time machine, we would instead expose only a symbolic enum. It's too late to change the fact that we have an integer in qapi, but we can at least document what mapping we want to enforce for all qga clients (and luckily, it happens to be the mapping that both Linux and Windows use); then fix the code to match that mapping. It also helps us filter out unsupported SEEK_DATA and SEEK_HOLE. In the future, we may wish to move our QGA_SEEK_* constants into qga/qapi-schema.json, along with updating the schema to take an alternate type (either the integer, or the string value of the enum name) - but that's too much risk during hard freeze. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 4eaab85cb1c1ba9c575d29921df81d63c7aa35df Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Wed Nov 25 13:59:12 2015 +0100 tests: add file-write-read test This test exhibits a POSIX behaviour regarding switching between write and read. It's undefined result if the application doesn't ensure a flush between the two operations (with glibc, the flush can be implicit when the buffer size is relatively small). The previous commit fixes this test. Related to: https://bugzilla.redhat.com/show_bug.cgi?id=1210246 Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 895b00f62a7e86724dc7352d67c7808d37366130 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Wed Nov 25 13:59:11 2015 +0100 qga: flush explicitly when needed According to the specification: http://pubs.opengroup.org/onlinepubs/9699919799/functions/fopen.html "the application shall ensure that output is not directly followed by input without an intervening call to fflush() or to a file positioning function (fseek(), fsetpos(), or rewind()), and input is not directly followed by output without an intervening call to a file positioning function, unless the input operation encounters end-of-file." Without this change, an fwrite() followed by an fread() may lose the previously written content, as shown in the following test. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1210246 Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> * don't confuse {write,read}() with f{write,read}() in commit msg (Laszlo) Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 9c73517ca56d6611371376bd298b4b20f3ad6140 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Nov 24 14:36:11 2015 -0500 ide-test: fix timeouts Use explicit timeouts instead of trying to approximate it by counting the cumulative duration of nsleep calls. In practice, the timeout if inb() dwarfed the nsleep delays, and as a result the real timeout value became a lot larger than 5 seconds. So: change the semantics from "Not sooner than 5 seconds" to "no more than 5 seconds" to ensure we don't hang the tester for very long. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1448393771-15483-2-git-send-email-jsnow@xxxxxxxxxx commit f2b608ab80a336b0136d35d9b49419a917656d44 Author: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Date: Thu Nov 19 15:20:37 2015 +0300 qga: gspawn() console helper to Windows guest agent msi build This helper, gspawn-win64-helper-console.exe for 64-bit and gspawn-win32-helper-console.exe for 32-bit environment, is needed for gspawn() mingw implementation, used by guest-exec command. Without these files guest-exec command on Windows will not work with "file not found" diagnostic message. Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 68aa262ad09c81b8b1284340cc0d26b65c605df5 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Mon Nov 23 15:48:58 2015 -0600 makefile: fix qemu-ga make install for --disable-tools ab59e3e introduced a fix for `make install` on w32 that involved filtering out qemu-ga from $TOOLS install recipe so that we could append $(EXESUF) to it before attempting to install the binary via install-prog function. install-prog takes a list of binaries to install to a particular directory. If the list is empty it breaks. We guard against this by ensuring $TOOLS is not empty prior to calling. However, ab59e3e introduces extra filtering after this check which can still result on us attempting to call install-prog with an empty list of binaries. In particular, this occurs if we build with the --disable-tools configure option, which results in qemu-ga being the only member of $TOOLS. Fix this by doing a simple s/qemu-ga/qemu-ga$(EXESUF)/ pass through $TOOLS instead of filtering out qemu-ga to handle it seperately. Reported-by: Steve Ellcey <sellcey@xxxxxxxxxx> Cc: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit c7933a80bc6f3bb79c341f8fc17b4cf76622e2f3 Merge: 1a4dab8 f77dcdb Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 25 16:20:58 2015 +0000 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20151125' into staging migration/next for 20151125 # gpg: Signature made Wed 25 Nov 2015 14:28:47 GMT using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20151125: block-migration: limit the memory usage Assume madvise for (no)hugepage works Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1a4dab849d5d06191ab5e5850f6b8bfcad8ceb47 Merge: e85dda8 8c34d89 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 25 14:47:06 2015 +0000 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches # gpg: Signature made Wed 25 Nov 2015 13:33:14 GMT using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: qemu-iotests: Add -nographic when starting QEMU in 119 and 120 block/qapi: Plug memory leak on query-block error path raw-posix.c: Make GetBSDPath() handle caching options nand: fix flash erase when oob is in memory test-aio: Fix event notifier cleanup tests/Makefile: Add more dependencies for test-timed-average Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f77dcdbc76dbf9bade9739e85e1013639e535835 Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Fri Nov 20 17:37:13 2015 +0800 block-migration: limit the memory usage If we set migration speed in a very large value, block-migration will try to read all data to the memory. Because (block_mig_state.submitted + block_mig_state.read_done) * BLOCK_SIZE will be overflow, and it will be always less than rate limit. There is no need to read too many data into memory when the rate limit is very large. So limit the memory usage can fix the overflow problem. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 1d7414396f926651c4d7a673eb3a10aca5246d76 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 19 15:27:48 2015 +0000 Assume madvise for (no)hugepage works madvise() returns EINVAL in the case of many failures, but also returns it in cases where the host kernel doesn't have THP enabled. Postcopy only really cares that THP is off before it detects faults, and turns it back on afterwards; so we're going to have to assume that if the madvise fails then the host just doesn't do THP and we can carry on with the postcopy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Tested-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 8c34d891b1594840d8394a3c9b92236c13254fd8 Merge: 903c341 4d7f853 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Nov 25 14:33:01 2015 +0100 Merge remote-tracking branch 'mreitz/tags/pull-block-for-kevin-2015-11-25' into queue-block One block patch for qemu 2.5-rc2. # gpg: Signature made Wed Nov 25 14:30:45 2015 CET using RSA key ID E838ACAD # gpg: Good signature from "Max Reitz <mreitz@xxxxxxxxxx>" * mreitz/tags/pull-block-for-kevin-2015-11-25: qemu-iotests: Add -nographic when starting QEMU in 119 and 120 Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4d7f853ff0054989a4f20f1f22d1ec489c669c3b Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 23 10:32:10 2015 +0800 qemu-iotests: Add -nographic when starting QEMU in 119 and 120 Otherwise, a window flashes on my desktop (built with SDL). Add this as other cases have it. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1448245930-15031-1-git-send-email-famz@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 903c341d5742b160e52752eb6fdc1ba9b87dc52e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Nov 20 13:53:35 2015 +0100 block/qapi: Plug memory leak on query-block error path Spotted by Coverity. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 98caa5bc0083ed4fe4833addd3078b56ce2f6cfa Author: Programmingkid <programmingkidx@xxxxxxxxx> Date: Fri Nov 20 19:17:48 2015 -0500 raw-posix.c: Make GetBSDPath() handle caching options Add support for caching options that can be specified from the command line. The CD-ROM raw char device bypasses the host page cache and therefore has alignment requirements. Alignment probing is necessary so only use the raw char device if BDRV_O_NOCACHE is set. This patch fixes -cdrom /dev/cdrom on Mac OS X hosts, where bdrv_read() used to fail due to misaligned requests during image format probing. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8e37ca6d0be8aae2887c167da783fd2d9536c962 Author: Ricard Wanderlof <ricard.wanderlof@xxxxxxxx> Date: Fri Nov 13 14:17:28 2015 +0100 nand: fix flash erase when oob is in memory For the "main area on file, oob in memory" case, fix the shifts so that we erase the correct number of pages. Signed-off-by: Ricard Wanderlöf <ricardw@xxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7595ed743914b9de1d146213dedc1e007283f723 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Nov 23 13:30:23 2015 +0100 test-aio: Fix event notifier cleanup One test case closed an event notifier (event_notifier_cleanup()) without first disabling it (set_event_notifier(..., NULL)). This resulted in a leftover handle 0 that was added to each subsequent WaitForMultipleObjects() call, causing the function to fail (invalid handle). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5e41fbffa115608fe6f7159d345d6caa0019e687 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Nov 23 13:28:12 2015 +0100 tests/Makefile: Add more dependencies for test-timed-average 'make check' failed to compile the test case for mingw because of undefined references. Pull in a few more dependencies so that it builds. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e85dda8070b20dd8765d52daf64de70a9ccf395f Merge: 1aae36d 22037db Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 25 12:09:34 2015 +0000 Merge remote-tracking branch 'remotes/sstabellini/tags/xen-20151125' into staging Xen 2015/11/25 # gpg: Signature made Wed 25 Nov 2015 11:19:26 GMT using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>" * remotes/sstabellini/tags/xen-20151125: xen_disk: Remove ioreq.postsync xen: fix usage of xc_domain_create in domain builder Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2b1641d0a2fc10bdbffb1c0aa9836186af008766 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Nov 13 18:49:54 2015 +0100 MAINTAINERS: Update TCG CPU cores section These are the people that I think have been touching it lately or reviewing patches. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7cf32491eac9dc32fd8ca7933f3edc9d42f884ee Author: Victor Kaplansky <victork@xxxxxxxxxx> Date: Tue Nov 24 12:56:00 2015 +0200 tests/vhost-user-bridge: read command line arguments Now some vhost-user-bridge parameters can be passed from the command line: Usage: prog [-u ud_socket_path] [-l lhost:lport] [-r rhost:rport] -u path to unix doman socket. default: /tmp/vubr.sock -l local host and port. default: 127.0.0.1:4444 -r remote host and port. default: 127.0.0.1:5555 Signed-off-by: Victor Kaplansky <victork@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 85ea9da5b8d8c0b2ab77b493d5ce62599279bf33 Author: Victor Kaplansky <victork@xxxxxxxxxx> Date: Tue Nov 24 12:55:56 2015 +0200 tests/vhost-user-bridge: propose GUEST_ANNOUNCE feature The backend has to know whether VIRTIO_NET_F_GUEST_ANNOUNCE was negotiated, so, as a hack we propose the feature by vhost-user-bridge during the feature negotiation. Signed-off-by: Victor Kaplansky <victork@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c61f09ed855b5009f816242ce281fd01586d4646 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Nov 23 12:48:52 2015 +0200 vhost-user: clarify start and enable It seems that we currently have some duplication between started and enabled states. The actual reason is that enable is not documented correctly: what it does is connecting ring to the backend. This is important for MQ, because a Linux guest expects TX packets to be completed even if it disables some queues temporarily. Cc: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Cc: Victor Kaplansky <victork@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d39c87d70763f2755d1d7a719817b06f0281fb01 Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Wed Nov 11 14:53:29 2015 +0800 vhost-user: set link down when the char device is closed Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> commit 463b52f285164ec3dc0649763e06e40cea9e8a1f Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Nov 12 15:29:55 2015 -0200 pc: Don't set hw_version on pc-*-2.5 Now that qemu_hw_version() returns a fixed "2.5+" string instead of QEMU_VERSION, we don't need to set hw_version on pc-*-2.5 explicitly. Suggested-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fac862ffa605f6fa41f52033b27346d26a96bea5 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Nov 12 15:29:54 2015 -0200 osdep: Change default value of qemu_hw_version() to "2.5+" There are two issues with qemu_hw_version() today: 1) If a machine has hw_version set, the value returned by it is not very useful, because it is not the actual QEMU version. 2) If a machine does't set hw_version, the return value of qemu_hw_version() is broken, because it will change when upgrading QEMU. For those reasons, using qemu_hw_version() is strongly discouraged, and should be used only in code that used QEMU_VERSION in the past and needs to keep compatibility. To fix (2), instead of making every machine broken by default unless they set hw_version, make qemu_hw_version() simply return "2.5+" if qemu_set_hw_version() is not called. Suggested-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1aae36df4b8ed884c6ef6995e70c67fad79b49df Merge: 4b6eda6 1d64924 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 25 11:38:03 2015 +0000 Merge remote-tracking branch 'remotes/armbru/tags/pull-ivshmem-2015-11-25' into staging ivshmem patches for 2.5 # gpg: Signature made Wed 25 Nov 2015 09:25:38 GMT using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-ivshmem-2015-11-25: ivshmem: Rename property memdev to x-memdev for 2.5 ivshmem: Mark questionable socket type test FIXME tests/ivshmem-test: Supply missing initializer in get_device() qemu-doc: Fix ivshmem usage example with shm=... qemu-doc: Fix ivshmem example markup Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 22037db38ccfe497bd13a94edead6657781b9b37 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Nov 25 11:54:14 2015 +0200 xen_disk: Remove ioreq.postsync This code has been dead for three years (since commit 7e7b7cba1). Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 1d649244b3695cb148dd2ae66999db0f6f9566b3 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Nov 24 18:06:29 2015 +0100 ivshmem: Rename property memdev to x-memdev for 2.5 The device's guest interface and its QEMU user interface are flawed^Whotly debated. We'll resolve that in the next development cycle, probably by deprecating the device in favour of a cleaned up, but not quite compatible revision. To avoid adding more baggage to the soon-to-be-deprecated interface, mark property "memdev" as experimental, by renaming it to "x-memdev". It's the only recent user interface change. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448384789-14830-6-git-send-email-armbru@xxxxxxxxxx> [Update of qemu-doc.texi squashed in] Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 2825717c02f5b1367e8e315b222888db00618170 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Nov 24 18:06:28 2015 +0100 ivshmem: Mark questionable socket type test FIXME Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 1613094766602bdb8cae337ceecd8ab68f956197 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Nov 24 18:06:27 2015 +0100 tests/ivshmem-test: Supply missing initializer in get_device() If the device isn't found, the assertion uses dev without initialization. Fix that. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448384789-14830-4-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit a9282c25a5e2e860dfba5eca6d08fb2e42ee4f1a Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Nov 24 18:06:26 2015 +0100 qemu-doc: Fix ivshmem usage example with shm=... The example suggests you can omit "shm". This isn't true; you must specify exactly one of "shm", "chardev", "memdev". Fix it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448384789-14830-3-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 50d34c4e357c41231b1106fc3f46cfd479a31e41 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Nov 24 18:06:25 2015 +0100 qemu-doc: Fix ivshmem example markup Use @var{foo} like we do everywhere else, not <foo>. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448384789-14830-2-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 73a27d9ac35e3da3a2cf0ebd0bcc2be6de19dd0a Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Nov 24 14:18:00 2015 +0200 atapi: Fix code indentation This was accidentally changed by commit 5f81724d Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 93fb43522e3b8dddb6c709d568919347d9a5ba3f.1448367341.git.berto@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 36be0929f53260cb9b1e2720c7c22f6b5fb5910f Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Nov 24 14:17:59 2015 +0200 atapi: Account for failed and invalid operations in cd_read_sector() Commit 5f81724d made PIO read requests async but didn't add the relevant block_acct_failed() and block_acct_invalid() calls. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 9b87e09d61019c128139b6c999ed0c07f0674170.1448367341.git.berto@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit a421f3c38509ee4ce47230ec68c5c3a184efb538 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Nov 20 17:53:55 2015 -0500 ide-test: cdrom_pio_impl fixup Final tidying: move the interrupt wait into the loop, document that the status read clears the IRQ, and move the final interrupt check outside of the loop. This should be functionally equivalent to how it works currently, but a little less ambiguous and slightly more explicit about the state transitions. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1448060035-31973-3-git-send-email-jsnow@xxxxxxxxxx commit 4b6eda626fdb8bf90472c6868d502a2ac09abeeb Merge: d9636b6 f93c3a8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 24 17:05:06 2015 +0000 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20151124' into staging MIPS patches 2015-11-24 Changes: * Fixes for enabling/disabling 64-bit addressing # gpg: Signature made Tue 24 Nov 2015 14:54:35 GMT using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" * remotes/lalrae/tags/mips-20151124: target-mips: flush QEMU TLB when disabling 64-bit addressing target-mips: Fix exceptions while UX=0 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d9636b6c2b533ab43fad8c9f47633debeef94561 Merge: 229c037 e14f0eb Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 24 14:22:37 2015 +0000 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151124' into staging target-arm queue: * fix minimum RAM check warning on xlnx-ep108 * remove unused define from aarch64-linux-user.mak config * don't mask out bits [47:40] in ARMv8 LPAE descriptors * correct unallocated instruction checks for ldst_excl # gpg: Signature made Tue 24 Nov 2015 14:17:10 GMT using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20151124: target-arm/translate-a64.c: Correct unallocated checks for ldst_excl target-arm: Don't mask out bits [47:40] in LPAE descriptors for v8 default-configs/aarch64-linux-user.mak: Remove unused define xlnx-ep108: Fix minimum RAM check Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e14f0eb12f920fd96b9f79d15cedd437648e8667 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 24 14:12:15 2015 +0000 target-arm/translate-a64.c: Correct unallocated checks for ldst_excl The checks for the unallocated encodings in the ldst_excl group (exclusives and load-acquire/store-release) were not correct. This error meant that in turn we ended up with code attempting to handle the non-existent case of "non-exclusive load-acquire/store-release pair". Delete that broken and now unreachable code. Reported-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> commit 6109769a8b42bd0c3d5b1601c9b35fe7ea6a603e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 24 14:12:15 2015 +0000 target-arm: Don't mask out bits [47:40] in LPAE descriptors for v8 In an LPAE format descriptor in ARMv8 the address field extends up to bit 47, not just bit 39. Correct the masking so we don't give incorrect results if the output address size is greater than 40 bits, as it can be for AArch64. (Note that we don't yet support the new-in-v8 Address Size fault which should be generated if any translation table entry or TTBR contains an address with non-zero bits above the most significant bit of the maximum output address size.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1448029971-9875-1-git-send-email-peter.maydell@xxxxxxxxxx commit f72c0a79f76f1b7ed1a1e0ff8be31f5df06b3269 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 24 14:12:15 2015 +0000 default-configs/aarch64-linux-user.mak: Remove unused define The uses of the CONFIG_GDBSTUB_XML define were removed in commit b77abd95a9484c, but the define in aarch64-linux-user.mak somehow escaped the cull (the patchset probably crossed in the mail with the patches adding aarch64 support). Remove the stray define. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Message-id: 1447690178-4560-1-git-send-email-peter.maydell@xxxxxxxxxx commit 5b4a047fbe8ceb68ad1a78d51f0fadbe2bb12af7 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Nov 24 14:12:15 2015 +0000 xlnx-ep108: Fix minimum RAM check The minimum RAM check logic for the Xiilnx EP108 was off by one, which caused a false positive. Correct the logic to only print warnings when the RAM is below 0x8000000. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Message-id: fba8112ca7b01efd72553332b8045ecf107b7662.1448021100.git.alistair.francis@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f93c3a8d0c0c1038dbe1e957eb8ab92671137975 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Thu Nov 19 19:15:35 2015 +0000 target-mips: flush QEMU TLB when disabling 64-bit addressing CP0.Status.KX/SX/UX bits are responsible for enabling access to 64-bit Kernel/Supervisor/User Segments. If bit is cleared an access to corresponding segment should generate Address Error Exception. However, the guest may still be able to access some pages belonging to the disabled 64-bit segment because we forget to flush QEMU TLB. This patch fixes it. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 7871abb94c2f4adc39f2487f6edf5e69ba872a65 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Tue Nov 17 17:13:54 2015 +0000 target-mips: Fix exceptions while UX=0 Commit 01f728857941 ("target-mips: Status.UX/SX/KX enable 32-bit address wrapping") added a new hflag MIPS_HFLAG_AWRAP, which indicates that 64-bit addressing is disallowed in the current mode, so hflag users don't need to worry about the complexities of working that out, for example checking both MIPS_HFLAG_KSU and MIPS_HFLAG_UX. However when exceptions are taken outside of exception level, mips_cpu_do_interrupt() manipulates the env->hflags directly rather than using compute_hflags() to update them, and this code wasn't updated accordingly. As a result, when UX is cleared, MIPS_HFLAG_AWRAP is set, but it doesn't get cleared on entry back into kernel mode due to an exception. Kernel mode then cannot access the 64-bit segments resulting in a nested exception loop. The same applies to errors and debug exceptions. Fix by updating mips_cpu_do_interrupt() to clear the MIPS_HFLAG_WRAP flag when necessary, according to compute_hflags(). Fixes: 01f728857941 ("target-mips: Status.UX/SX/KX enable 32-bit...") Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 229c0372cf3ca201c41d2bb121627e6752e776ad Merge: 5522a84 466138d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 24 10:27:19 2015 +0000 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Tue 24 Nov 2015 08:04:07 GMT using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: virtio-blk: Move resetting of req->mr_next to virtio_blk_handle_rw_error parallels: dirty BAT properly for continuous allocations Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 466138dc689b6b14f31d5d20316affb4b4efd177 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 23 08:41:20 2015 +0800 virtio-blk: Move resetting of req->mr_next to virtio_blk_handle_rw_error "werror=report" would free the req in virtio_blk_handle_rw_error, we mustn't write to it in that case. Reported-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1448239280-15025-1-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c9f6856ded10602147ca1d1806e7afb545430fd9 Author: Vladimir Sementsov-Ogievskiy <vsementsov@xxxxxxxxxxxxx> Date: Tue Nov 17 20:02:58 2015 +0300 parallels: dirty BAT properly for continuous allocations This patch marks part of the BAT dirty properly. There is a possibility that multy-block allocation could have one block allocated on one BAT page and next block on the next page. The code without the patch could not save updated position to the file. Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Message-id: 1447779778-26062-1-git-send-email-den@xxxxxxxxxx CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5522a841cab5f15ac0f8d207b320c21755a7a1a5 Merge: 68c6128 a3567ba Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Nov 23 16:07:49 2015 +0000 Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging NUMA fix for -rc2 # gpg: Signature made Mon 23 Nov 2015 12:45:34 GMT using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" * remotes/ehabkost/tags/numa-pull-request: hostmem: Ignore ENOSYS while setting MPOL_DEFAULT Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 68c61282fe8a02aa3bddfa7a9c2b7ad7e6177f69 Merge: 541abd1 644da9b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Nov 23 13:54:41 2015 +0000 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20151123' into staging Last minute fix. # gpg: Signature made Mon 23 Nov 2015 12:17:26 GMT using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20151123: tcg: Fix highwater check Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a3567ba1e6171ef7cfad55ae549c0cd8bffb1195 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Tue Oct 27 15:51:31 2015 +0300 hostmem: Ignore ENOSYS while setting MPOL_DEFAULT Currently hostmem backend fails if CONFIG_NUMA is enabled in QEMU (the default) but NUMA is not supported by the kernel. This makes it impossible to use ivshmem in such configurations. This patch fixes the problem by ignoring ENOSYS error if policy is set to MPOL_DEFAULT. This way the code behaves in the same way as if CONFIG_NUMA was not defined. qemu will still fail if the user specifies some other policy, so that the user knows it. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 644da9b39e477caa80bab69d2847dfcb468f0d33 Author: John Clarke <johnc@xxxxxxxxxxx> Date: Thu Nov 19 10:30:50 2015 +0100 tcg: Fix highwater check A simple typo in the variable to use when comparing vs the highwater mark. Reports are that qemu can in fact segfault occasionally due to this mistake. Signed-off-by: John Clarke <johnc@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 541abd10a01da56c5f16582cd32d67114ec22a5c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Nov 20 17:43:46 2015 +0000 Update version for v2.5.0-rc1 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f348daf3d5d2e349519764cd0c3ec3aaca113732 Author: Peter Lieven <pl@xxxxxxx> Date: Fri Nov 20 15:29:02 2015 +0100 tests: fix cdrom_pio_impl in ide-test The check for the cleared BSY flag has to be performed before each data transfer and not just before the first one. Commit 5f81724d revealed this glitch as the BSY flag was not set in ATAPI PIO transfers before. While at it fix the descriptions and add a comment before the nested for loop that transfers the data. Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1448029742-19771-1-git-send-email-pl@xxxxxxx Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 28c3e6ee72a34d3c2c44ef508b599fa460b273bb Merge: 348c327 9f4aa7c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 19 17:54:46 2015 +0000 Merge remote-tracking branch 'remotes/afaerber/tags/qom-devices-for-peter' into staging QOM infrastructure fixes and device conversions * Fix for properties on objects > 4 GiB * Performance improvements for QOM property handling * Assertion cleanups * MAINTAINERS additions # gpg: Signature made Thu 19 Nov 2015 14:32:16 GMT using RSA key ID 3E7E013F # gpg: Good signature from "Andreas Färber <afaerber@xxxxxxx>" # gpg: aka "Andreas Färber <afaerber@xxxxxxxx>" * remotes/afaerber/tags/qom-devices-for-peter: MAINTAINERS: Add check-qom-{interface,proplist} to QOM qom: Clean up assertions to display values on failure qom: Replace object property list with GHashTable qom: Add a test case for complex property finalization net: Convert net filter code to use object property iterators ppc: Convert spapr code to use object property iterators vl: Convert machine help code to use object property iterators qmp: Convert QMP code to use object property iterators qom: Introduce ObjectPropertyIterator struct for iteration qdev: Change Property::offset field to ptrdiff_t type Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 348c32709fdbeb475dd072af49523cfdd75873f1 Merge: c601a24 1c7ba94 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 19 16:26:08 2015 +0000 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging vhost, pc: fixes for 2.5 Fixes all over the place. This also re-enables a test we disabled in 2.5 cycle now that there's a way not to get a warning from it. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu 19 Nov 2015 13:27:43 GMT using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: exec: silence hugetlbfs warning under qtest tests: re-enable vhost-user-test acpi: fix buffer overrun on migration vhost-user: fix log size vhost-user: ignore qemu-only features specs/vhost-user: fix spec to match reality tests/vhost-user-bridge: implement logging of dirty pages i440fx: print an error message if user tries to enable iommu q35: Check propery to determine if iommu is set vhost-user: start/stop all rings vhost-user: print original request on error vhost-user-test: support VHOST_USER_SET_VRING_ENABLE vhost-user: update spec description vhost: don't send RESET_OWNER at stop vhost: let SET_VRING_ENABLE message depends on protocol feature Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c601a244a49f4e0be2539cbc5ffd288727cd4e89 Merge: 80fda8f ce8a1b5 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 19 15:56:50 2015 +0000 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151119' into staging target-arm queue: * add missing condexec updates when emulating architectural breakpoints and coprocessor access checks in Thumb translation (could in theory cause problems when these happened inside a Thumb IT block and an exception was taken) * arm_gic: correctly restore nested IRQ priority # gpg: Signature made Thu 19 Nov 2015 13:29:37 GMT using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20151119: target-arm: Update condexec before arch BP check in AA32 translation target-arm: Update condexec before CP access check in AA32 translation hw/arm_gic: Correctly restore nested irq priority Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 80fda8f609457736ab43f0cb8027abb0e28a67f8 Merge: 8f28030 79b3c12 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 19 15:05:06 2015 +0000 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20151119' into staging migration/next for 20151119 # gpg: Signature made Thu 19 Nov 2015 11:17:07 GMT using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20151119: migration: normalize locking in migration/savevm.c migration: implement bdrv_all_find_vmstate_bs helper migration: reorder processing in hmp_savevm snapshot: create bdrv_all_create_snapshot helper migration: drop find_vmstate_bs check in hmp_delvm snapshot: create bdrv_all_find_snapshot helper migration: factor our snapshottability check in load_vmstate snapshot: create bdrv_all_goto_snapshot helper snapshot: create bdrv_all_delete_snapshot helper snapshot: return error code from bdrv_snapshot_delete_by_id_or_name snapshot: create helper to test that block drivers supports snapshots Unneeded NULL check migration: Dead assignment of current_time Set last_sent_block Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9f4aa7cef2214137db192b252f1d4fc1799d05c7 Author: Andreas Färber <afaerber@xxxxxxx> Date: Wed Nov 18 19:03:29 2015 +0100 MAINTAINERS: Add check-qom-{interface,proplist} to QOM Add the QOM unit tests to the QOM maintenance area so that maintainers get CC'ed on changes and to document QOM test coverage. Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 8438a13543a281e3e61542cc0763bf1b05169016 Author: Andreas Färber <afaerber@xxxxxxx> Date: Mon Nov 16 17:49:20 2015 +0100 qom: Clean up assertions to display values on failure Instead of using g_assert() for integer comparisons, use g_assert_cmpint() so that we can see the respective values. While at it, fix one stray indentation. Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit b604a854e843505007c59d68112c654556102a20 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Tue Oct 13 13:37:45 2015 +0100 qom: Replace object property list with GHashTable ARM GICv3 systems with large number of CPUs create lots of IRQ pins. Since every pin is represented as a property, number of these properties becomes very large. Every property add first makes sure there's no duplicates. Traversing the list becomes very slow, therefore QEMU initialization takes significant time (several seconds for e. g. 16 CPUs). This patch replaces list with GHashTable, making lookup very fast. The only drawback is that object_child_foreach() and object_child_foreach_recursive() cannot add or remove properties during traversal, since GHashTableIter does not have modify-safe version. However, the code seems not to modify objects via these functions. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Tested-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> [AF: Fixed object_property_del_{all,child}() issues; g_hash_table_contains() -> g_hash_table_lookup(), suggested by Daniel] Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 1c7ba94a184df1eddd589d5400d879568d3e5d08 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Wed Nov 18 10:02:58 2015 +0100 exec: silence hugetlbfs warning under qtest vhost-user-test prints a warning. A test should not need to run on hugetlbfs, let's silence the warning under qtest. The condition can't check on qtest_enabled() since vhost-user-test actually doesn't use qtest accel. However, qtest_driver() can be used, if qtest_init() is called early enough. For that reason, move chardev and qtest initialization early. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 421f4448cec3e42f8477499c5c584699e2cf656b Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Mon Oct 26 15:32:00 2015 +0100 tests: re-enable vhost-user-test Commit 7fe34ca9c2e actually disabled vhost-user-test altogether, since CONFIG_VHOST_NET is a per-target config variable. tests/vhost-user-test is already x86/x64 softmmu specific test, in order to enable it correctly, kvm & vhost-net are also conditions. To check that, set CONFIG_VHOST_NET_TEST_$target when kvm is also enabled. Since "check-qtest-x86_64-y = $(check-qtest-i386-y)", avoid duplication when both x86 & x64 are enabled. Other targets than x86 aren't enabled yet, and is intentionally left as a future improvement, since I can't easily test those. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d9a3b33d2c9f996537b7f1d0246dee2d0120cefb Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Nov 19 15:14:07 2015 +0200 acpi: fix buffer overrun on migration ich calls acpi_gpe_init with length ICH9_PMIO_GPE0_LEN so ICH9_PMIO_GPE0_LEN/2 bytes are allocated, but then the full ICH9_PMIO_GPE0_LEN bytes are migrated. As a quick work-around, allocate twice the memory. We'll probably want to tweak code to avoid migrating the extra ICH9_PMIO_GPE0_LEN/2 bytes, but that is a bit trickier to do without breaking migration compatibility. Tested-by: "Dr. David Alan Gilbert" <dgilbert@xxxxxxxxxx> Reported-by: "Dr. David Alan Gilbert" <dgilbert@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ce8a1b5449cd8c4c2831abb581d3208c3a3745a0 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Tue Nov 17 16:38:47 2015 +0300 target-arm: Update condexec before arch BP check in AA32 translation Architectural breakpoint check could raise an exceptions, thus condexec bits should be updated before calling gen_helper_check_breakpoints(). Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1447767527-21268-3-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 43bfa4a100687af8d293fef0a197839b51400fca Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Tue Nov 17 16:38:46 2015 +0300 target-arm: Update condexec before CP access check in AA32 translation Coprocessor access instructions are allowed inside IT block. gen_helper_access_check_cp_reg() can raise an exceptions thus condexec bits should be updated before. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1447767527-21268-2-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a859595791e6ac5c14afe0b8a53634bf1cc21f0f Author: François Baldassari <francois@xxxxxxxxxx> Date: Thu Nov 19 12:09:52 2015 +0000 hw/arm_gic: Correctly restore nested irq priority Upon activating an interrupt, set the corresponding priority bit in the APR/NSAPR registers without touching the currently set bits. In the event of nested interrupts, the GIC will then have the information it needs to restore the priority of the pre-empted interrupt once the higher priority interrupt finishes execution. Signed-off-by: François Baldassari <francois@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 79b3c12ac5714e036a16d1a163a3517d74504f87 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:11 2015 +0300 migration: normalize locking in migration/savevm.c basically all bdrv_* operations must be called under aio_context_acquire except ones with bdrv_all prefix. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> CC: Juan Quintela <quintela@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 7cb14481498e7acd969a76b53be0535cd90f7d53 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:10 2015 +0300 migration: implement bdrv_all_find_vmstate_bs helper The patch also ensures proper locking for the operation. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 0b46160521ab72744da94988583a45d4d45e2986 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:09 2015 +0300 migration: reorder processing in hmp_savevm State deletion can be performed on running VM which reduces VM downtime This approach looks a bit more natural. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a9085f9b5583ba7a02b412ba08f929555112c244 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:08 2015 +0300 snapshot: create bdrv_all_create_snapshot helper to create snapshot for all loaded block drivers. The patch also ensures proper locking. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit c6258b04f19bc690b576b089f621cb5333c533d7 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:07 2015 +0300 migration: drop find_vmstate_bs check in hmp_delvm There is no much sense to do the check and write warning. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 723ccda1a0eecece8e70dbcdd35a603f6c41a475 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:06 2015 +0300 snapshot: create bdrv_all_find_snapshot helper to check that snapshot is available for all loaded block drivers. The check bs != bs1 in hmp_info_snapshots is an optimization. The check for availability of this snapshot will return always true as the list of snapshots was collected from that image. The patch also ensures proper locking. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 849f96e2f71b52444516a0880fd9d12691b63d20 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:05 2015 +0300 migration: factor our snapshottability check in load_vmstate We should check that all inserted and not read-only images support snapshotting. This could be made using already invented helper bdrv_all_can_snapshot(). Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 4c1cdbaad07d067f3d156687d79014ab44387e2c Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:04 2015 +0300 snapshot: create bdrv_all_goto_snapshot helper to switch to snapshot on all loaded block drivers. The patch also ensures proper locking. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 9b00ea376d42e543feb12d7ce5435366d01aab1b Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:03 2015 +0300 snapshot: create bdrv_all_delete_snapshot helper to delete snapshots from all loaded block drivers. The patch also ensures proper locking. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 25af925fffc29f2e4c05aee10c61c823c4cdf398 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:02 2015 +0300 snapshot: return error code from bdrv_snapshot_delete_by_id_or_name this will make code better in the next patch Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit e9ff957ac26e0e11869a3568cfa7423ae33c51e7 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:01 2015 +0300 snapshot: create helper to test that block drivers supports snapshots The patch enforces proper locking for this operation. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 5df5416e639cd75bd85d243af41387c2418fa580 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Nov 18 11:48:41 2015 +0000 Unneeded NULL check The check is unneccesary, we read the value at the start of the thread, use it, and never change it. The value is checked to be non-NULL before thread creation. Spotted by coverity, CID 1339211 Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 95a7788b2faa81ff95675f1e46a3272a612b35de Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Nov 18 11:48:40 2015 +0000 migration: Dead assignment of current_time I set current_time before the postcopy test but never use it; (I think this was from the original version where it was time based). Spotted by coverity, CID 1339208 Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 84e7b80a05c0c44b90533c6cd2f1db5c932ccf77 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Nov 18 11:48:39 2015 +0000 Set last_sent_block In a82d593b61054b3dea43 I accidentally removed the setting of last_sent_block, put it back. Symptoms: Multithreaded compression only uses one thread. Migration is a bit less efficient since it won't use 'cont' flags. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Fixes: a82d593b61054b3dea43 Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 8c4d156c187c84b574d287bd4b9ddf9a6975de7c Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Mon Nov 16 15:37:34 2015 +0000 qom: Add a test case for complex property finalization Devices have some quite complex object child/link relationships which place some requirements on the object_property_del_all() function to consider that properties can be modified while being iterated over. This extends the QOM property test case to replicate the device like structure and expose any potential bugs in the object_property_del_all() function. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 456fb0bfe0b27c54d316be7fe3b362247f732656 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Oct 13 13:37:44 2015 +0100 net: Convert net filter code to use object property iterators Stop directly accessing the Object::properties field data structure and instead use the formal object property iterator APIs. This insulates the code from future data structure changes in the Object struct. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Tested-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 9a842f7d3ce421b39c7edbfe2c47efeac5db6c28 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Oct 13 13:37:43 2015 +0100 ppc: Convert spapr code to use object property iterators Stop directly accessing the Object::properties field data structure and instead use the formal object property iterator APIs. This insulates the code from future data structure changes in the Object struct. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Tested-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 2465bc564d39d9b62fa21b3e84313be3b32dbc16 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Oct 13 13:37:42 2015 +0100 vl: Convert machine help code to use object property iterators Stop directly accessing the Object::properties field data structure and instead use the formal object property iterator APIs. This insulates the code from future data structure changes in the Object struct. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Tested-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 1b30c094dcb69273b7661897c067906f81e5b967 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Oct 13 13:37:41 2015 +0100 qmp: Convert QMP code to use object property iterators Stop directly accessing the Object::properties field data structure and instead use the formal object property iterator APIs. This insulates the code from future data structure changes in the Object struct. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Tested-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit a00c94824126901168bca5b89147f9e334a49e87 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Oct 13 13:37:40 2015 +0100 qom: Introduce ObjectPropertyIterator struct for iteration Some users of QOM need to be able to iterate over properties defined against an object instance. Currently they are just directly using the QTAIL macros against the object properties data structure. This is bad because it exposes them to changes in the data structure used to store properties, as well as changes in functionality such as ability to register properties against the class. This provides an ObjectPropertyIterator struct which will insulate the callers from the particular data structure used to store properties. It can be used thus ObjectProperty *prop; ObjectPropertyIterator *iter; iter = object_property_iter_init(obj); while ((prop = object_property_iter_next(iter))) { ... do something with prop ... } object_property_iter_free(iter); Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Tested-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> [AF: Fixed examples, style cleanups] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 3b6ca4022d150ad273d4cd9556c2f4873389f965 Author: Ildar Isaev <ild@xxxxxxxx> Date: Wed Mar 4 17:09:46 2015 +0300 qdev: Change Property::offset field to ptrdiff_t type Property::offset field is calculated as a diff between two pointers: arrayprop->prop.offset = eltptr - (void *)dev; If offset is declared as int, this subtraction can cause type overflow, thus leading to failure of the subsequent assertion: assert(qdev_get_prop_ptr(dev, &arrayprop->prop) == eltptr); So ptrdiff_t should be used instead. Signed-off-by: Ildar Isaev <ild@xxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 8f280309030331a912fd8924c129d8bd59e1bdc7 Merge: 7199c89 ca4fa82 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 18 17:07:24 2015 +0000 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches # gpg: Signature made Wed 18 Nov 2015 15:28:32 GMT using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: block: Call external_snapshot_clean after blockdev-snapshot blockdev: Add missing bdrv_unref() in drive-backup iotests: fix race in 030 nand: fix address overflow Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 48854f57ce3e6aa4bd13368559e5c292e1c44e49 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Nov 18 16:13:54 2015 +0200 vhost-user: fix log size commit 2b8819c6eee517c1582983773f8555bb3f9ed645 ("vhost-user: modify SET_LOG_BASE to pass mmap size and offset") passes log size in units of 4 byte chunks instead of the expected size in bytes. Fix this up. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 72018d1e1917a56d05e24aedc9f582b7c8385e19 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Nov 17 16:55:17 2015 +0200 vhost-user: ignore qemu-only features Some features (such as ctrl vq) are supported by qemu without need to communicate with the backend. Drop them from the feature mask so we set them unconditionally. Reported-by: Victor Kaplansky <vkaplans@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 7199c89d8c6bbd0eda2cadb0d3fc7149934202bf Merge: ab9b872 08cb175 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 18 16:27:15 2015 +0000 Merge remote-tracking branch 'remotes/berrange/tags/qcrypto-fixes-20151118-1' into staging Pull qcrypto fixes 2015/11/18 v1 # gpg: Signature made Wed 18 Nov 2015 15:44:07 GMT using RSA key ID 15104FDF # gpg: Good signature from "Daniel P. Berrange <dan@xxxxxxxxxxxx>" # gpg: aka "Daniel P. Berrange <berrange@xxxxxxxxxx>" * remotes/berrange/tags/qcrypto-fixes-20151118-1: crypto: avoid passing NULL to access() syscall crypto: fix leaks in TLS x509 helper functions crypto: fix mistaken setting of Error in success code path crypto: fix leak of gnutls_dh_params_t data on credential unload Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 08cb175a24d642a40e41db2fef2892b0a1ab504e Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Nov 18 15:42:26 2015 +0000 crypto: avoid passing NULL to access() syscall The qcrypto_tls_creds_x509_sanity_check() checks whether certs exist by calling access(). It is valid for this method to be invoked with certfile==NULL though, since for client credentials the cert is optional. This caused it to call access(NULL), which happens to be harmless on current Linux, but should none the less be avoided. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit ca4fa82fe66076284f702adcfe7c319ebbf909ec Merge: 0702d3d 4ad6f3d Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Nov 18 16:27:44 2015 +0100 Merge remote-tracking branch 'mreitz/tags/pull-block-for-kevin-2015-11-18' into queue-block One block patch for qemu 2.5-rc1. # gpg: Signature made Wed Nov 18 16:26:59 2015 CET using RSA key ID E838ACAD # gpg: Good signature from "Max Reitz <mreitz@xxxxxxxxxx>" * mreitz/tags/pull-block-for-kevin-2015-11-18: block: Call external_snapshot_clean after blockdev-snapshot Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4ad6f3db7db154d5274274bd0079d6318367ab16 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Fri Nov 13 15:00:24 2015 +0200 block: Call external_snapshot_clean after blockdev-snapshot Otherwise the AioContext will never be released. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1447419624-21918-1-git-send-email-berto@xxxxxxxxxx Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 0702d3d88c2059814212b83f01e14ff3bb7b0c66 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Nov 9 23:39:10 2015 +0100 blockdev: Add missing bdrv_unref() in drive-backup All error paths after a successful bdrv_open() of target_bs should contain a bdrv_unref(target_bs). This one did not yet, so add it. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7b35030eedc26eff82210caa2b0fff2f9d0df453 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Nov 18 14:44:31 2015 +0000 crypto: fix leaks in TLS x509 helper functions The test_tls_get_ipaddr() method forgot to free the returned data from getaddrinfo(). The test_tls_write_cert_chain() method forgot to free the allocated buffer holding the certificate data after writing it out to a file. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 6ef8cd7a4142049707b70b8278aaa9d8ee2bc5f5 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Nov 18 14:42:40 2015 +0000 crypto: fix mistaken setting of Error in success code path The qcrypto_tls_session_check_certificate() method was setting an Error even when the ACL check suceeded. This didn't affect the callers detection of errors because they relied on the function return status, but this did cause a memory leak since the caller would not free an Error they did not expect to be set. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 61b9251a3aaa65e65c4aab3a6800e884bb3b82f9 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Nov 18 14:41:35 2015 +0000 crypto: fix leak of gnutls_dh_params_t data on credential unload The QCryptoTLSCredsX509 object was not free'ing the allocated gnutls_dh_params_t data when unloading the credentials Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 01809194a06d8e6c51c3e69600f14355225f4855 Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Nov 11 15:27:36 2015 -0500 iotests: fix race in 030 the stop_test case tests that we can resume a block-stream command after it has stopped/paused due to error. We cannot always reliably query it before it finishes after resume, though, so make this a conditional. The important thing is that we are still testing that it has stopped, and that it finishes successfully after we send a resume command. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a184e74f24f83935c8fc7cd76c06ad0717f89fdb Author: Rabin Vincent <rabin.vincent@xxxxxxxx> Date: Tue Nov 10 14:25:47 2015 +0100 nand: fix address overflow The shifts of the address mask and value shift beyond 32 bits when there are 5 address cycles. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Rabin Vincent <rabin.vincent@xxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ab9b872ab3147faf3c04e91d525815b9139dd996 Merge: 6b79f25 ab59e3e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 18 12:47:29 2015 +0000 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-11-13-v2-tag' into staging qemu-ga patch queue for 2.5 * fixes for guest-exec gspawn() usage: - inherit default lookup path by default instead of explicitly defining it as being empty. - don't inherit default PATH when PATH/ENV are explicit v2: * added fix for w32 'make install' target * added version check for new g_spawn() flag # gpg: Signature made Tue 17 Nov 2015 22:33:03 GMT using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" * remotes/mdroth/tags/qga-pull-2015-11-13-v2-tag: makefile: fix w32 install target for qemu-ga qga: allow to lookup in PATH from the passed envp for guest-exec qga: fix for default env processing for guest-exec Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6b79f253a37708f21e8d1cd2831b8d8c03f58989 Merge: 55db5ee d66a8fa Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 18 12:16:14 2015 +0000 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Tue 17 Nov 2015 20:06:58 GMT using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" * remotes/jnsnow/tags/ide-pull-request: ide: enable buffered requests for PIO read requests ide: enable buffered requests for ATAPI devices ide: orphan all buffered requests on DMA cancel ide: add support for IDEBufferedRequest block: add blk_abort_aio_request ide/atapi: make PIO read requests async Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ab59e3ecb2c12fafa89f7bedca7d329a078f3870 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Sun Nov 15 09:46:06 2015 -0600 makefile: fix w32 install target for qemu-ga fafcaf1 added a 'qemu-ga' install target on w32, which can be used in place of the existing qemu-ga.exe target to also handle dealing with other components such as DLLs for VSS/fsfreeze and generating an MSI package if appropriate configure options are present. As part of that, qemu-ga$(EXESUF) was removed from $TOOLS in favor of this new qemu-ga target. The install rule however relies on a direct mapping of the $TOOLS entry to the actual resulting binary. In the case of w32, qemu-ga is not identical to qemu-ga$(EXESUF), and the install recipe fails to find the 'qemu-ga' binary. Fix this by essentially remapping 'qemu-ga' back to 'qemu-ga.exe' in the install recipe. This raises the question of whether or not qemu-ga should continue to live in TOOLS as opposed to its own special target, but as a late fix for a regression in 2.5 this commit should be safer, since we rely on qemu-ga's presence in $TOOLS in several places throughout Makefile. Reported-by: Stefan Weil <sw@xxxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 0be40839519215988e207b86bc1638de53567588 Author: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Date: Thu Nov 12 16:36:21 2015 +0300 qga: allow to lookup in PATH from the passed envp for guest-exec This was original behaviour before GLIB gspawn() rework and we rely on this behaviour. Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> * add version check (2.33.2) for G_SPAWN_SEARCH_PATH_FROM_ENVP Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 02a4d82e8c19267ad06b08389b5e914ba668450e Author: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Date: Thu Nov 12 16:36:20 2015 +0300 qga: fix for default env processing for guest-exec envp == NULL must be passed inside gspawn() if it was not passed with the command line. Original code inherits environment from the QGA, which is wrong. Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 55db5eeeb7aa3328515817dc4e45728580e517a0 Merge: c27e901 33b5e8c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 17 22:00:45 2015 +0000 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 fixes, 2015-11-17 Two X86 fixes, hopefully in time for -rc1. # gpg: Signature made Tue 17 Nov 2015 19:06:53 GMT using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" * remotes/ehabkost/tags/x86-pull-request: target-i386: Disable rdtscp on Opteron_G* CPU models target-i386: Fix mulx for identical target regs Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d66a8fa83b00b3b3d631a0e28cdce8c9b5698822 Author: Peter Lieven <pl@xxxxxxx> Date: Tue Nov 17 15:06:39 2015 -0500 ide: enable buffered requests for PIO read requests Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1447345846-15624-7-git-send-email-pl@xxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 02506b20b6609ed4ecb09de9900ba9f1dd20b205 Author: Peter Lieven <pl@xxxxxxx> Date: Tue Nov 17 15:06:33 2015 -0500 ide: enable buffered requests for ATAPI devices Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1447345846-15624-6-git-send-email-pl@xxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 7cda62087c0baf064486f3d803184c2c3b35c04a Author: Peter Lieven <pl@xxxxxxx> Date: Tue Nov 17 15:06:29 2015 -0500 ide: orphan all buffered requests on DMA cancel If the guests canceles a DMA request we can prematurely invoke all callbacks of buffered requests and flag all them as orphaned. Ideally this avoids the need for draining all requests. For CDROM devices this works in 100% of all cases. Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1447345846-15624-5-git-send-email-pl@xxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 1d8c11d631545ee43aff16b0763aff7181b61f20 Author: Peter Lieven <pl@xxxxxxx> Date: Tue Nov 17 15:06:25 2015 -0500 ide: add support for IDEBufferedRequest this patch adds a new aio readv compatible function which copies all data through a bounce buffer. These buffered requests can be flagged as orphaned which means that their original callback has already been invoked and the request has just not been completed by the backend storage. The bounce buffer guarantees that guest memory corruption is avoided when such a orphaned request is completed by the backend at a later stage. This trick only works for read requests as a write request completed at a later stage might corrupt data as there is no way to control if and what data has already been written to the storage. Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1447345846-15624-4-git-send-email-pl@xxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit ca78ecfa72f311cd647b12a41d93e1ce54f18e66 Author: Peter Lieven <pl@xxxxxxx> Date: Tue Nov 17 15:06:21 2015 -0500 block: add blk_abort_aio_request Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1447345846-15624-3-git-send-email-pl@xxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 5f81724d80a1492c73d329242663962139db739b Author: Peter Lieven <pl@xxxxxxx> Date: Tue Nov 17 14:59:52 2015 -0500 ide/atapi: make PIO read requests async PIO read requests on the ATAPI interface used to be sync blk requests. This has two significant drawbacks. First the main loop hangs util an I/O request is completed and secondly if the I/O request does not complete (e.g. due to an unresponsive storage) Qemu hangs completely. Note: Due to possible race conditions requests during an ongoing elementary transfer are still sync. Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1447345846-15624-2-git-send-email-pl@xxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 33b5e8c03ae7a62d320d3c5c1104fe297d5c300d Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Nov 13 17:07:13 2015 -0200 target-i386: Disable rdtscp on Opteron_G* CPU models KVM can't virtualize rdtscp on AMD CPUs yet, so there's no point in enabling it by default on AMD CPU models, as all we are getting are confused users because of the "host doesn't support requested feature" warnings. Disable rdtscp on Opteron_G* models, but keep compatibility on pc-*-2.4 and older (just in case there are people are doing funny stuff using AMD CPU models on Intel hosts). Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 9ecac5dad16722ce2a8c3e88d8eeba5794990031 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Nov 17 12:41:47 2015 +0100 target-i386: Fix mulx for identical target regs The Intel specification clearly indicates that the low part of the result is written first and the high part of the result is written second; thus if ModRM:reg and VEX.vvvv are identical, the final result should be the high part of the result. At present, TCG may either produce incorrect results or crash with --enable-checking. Reported-by: Toni Nedialkov <farmdve@xxxxxxxxx> Reported-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 7ebcfe569211f6ff5402b558b85e2ce1e1066cf6 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Nov 17 13:55:48 2015 +0200 specs/vhost-user: fix spec to match reality We wanted to start/stop rings on VRING_ENABLE, but that is not what QEMU does. Rather than tweaking code some more, with risk to stability, let's just document it as it is. We'll be able to fix this in the future with a new protocol feature bit. Reported-by: Victor Kaplansky <victork@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 5c93c47338dbaa8a21a8ccc9d95dc5ade3f7fa19 Author: Victor Kaplansky <victork@xxxxxxxxxx> Date: Tue Nov 17 12:04:06 2015 +0200 tests/vhost-user-bridge: implement logging of dirty pages During migration devices continue writing to the guest's memory. The writes has to be reported to QEMU. This change implements minimal support in vhost-user-bridge required for successful migration of a guest with virtio-net device. Signed-off-by: Victor Kaplansky <victork@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8d211f622b11ac2877c344f29de284d5a842d9d7 Author: Bandan Das <bsd@xxxxxxxxxx> Date: Fri Nov 13 01:55:48 2015 -0500 i440fx: print an error message if user tries to enable iommu There's no indication of any sort that i440fx doesn't support "iommu=on" Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Bandan Das <bsd@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Bandan Das <bsd@xxxxxxxxxx> commit 1f8431f42d833e8914f2d16ce4a49b7b72b90db0 Author: Bandan Das <bsd@xxxxxxxxxx> Date: Fri Nov 13 01:55:47 2015 -0500 q35: Check propery to determine if iommu is set The helper function machine_iommu() isn't necesary. We can directly check for the property. Signed-off-by: Bandan Das <bsd@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Bandan Das <bsd@xxxxxxxxxx> commit c27e9014d56fa4880e7d741275d887c3a5949997 Merge: 9be060f 382e173 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 17 12:34:07 2015 +0000 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-20151116-1' into staging vnc: buffer code improvements, bugfixes. # gpg: Signature made Mon 16 Nov 2015 17:20:02 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vnc-20151116-1: vnc: fix mismerge buffer: allow a buffer to shrink gracefully buffer: factor out buffer_adj_size buffer: factor out buffer_req_size vnc: recycle empty vs->output buffer vnc: fix local state init vnc: only alloc server surface with clients connected vnc: use vnc_{width,height} in vnc_set_area_dirty vnc: factor out vnc_update_server_surface vnc: add vnc_width+vnc_height helpers vnc: zap dead code vnc-jobs: move buffer reset, use new buffer move vnc: kill jobs queue buffer vnc: attach names to buffers buffer: add tracing buffer: add buffer_shrink buffer: add buffer_move buffer: add buffer_move_empty buffer: add buffer_init buffer: make the Buffer capacity increase in powers of two Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9be060f5278dc0d732ebfcf2bf0a293f88b833eb Merge: 361cb26 10f5a72 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 17 11:33:38 2015 +0000 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Tue 17 Nov 2015 11:13:05 GMT using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: virtio-blk: Fix double completion for werror=stop block: make 'stats-interval' an array of ints instead of a string aio-epoll: Fix use-after-free of node disas/arm: avoid clang shifting negative signed warning tpm: avoid clang shifting negative signed warning tests: Ignore recent test binaries docs: update bitmaps.md Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 10f5a72f70862d299ddbdf226d6dc71fa4ae34dd Author: Fam Zheng <famz@xxxxxxxxxx> Date: Tue Nov 17 18:20:11 2015 +0800 virtio-blk: Fix double completion for werror=stop When a request R is absorbed by request M, it is appended to the "mr_next" queue led by M, and is completed together with the completion of M, in virtio_blk_rw_complete. During DMA restart in virtio_blk_dma_restart_bh, requests in s->rq are parsed and submitted again, possibly with a stale req->mr_next. It could be a problem if the request merging in virtio_blk_handle_request hasn't refreshed every mr_next pointer, in which case, virtio_blk_rw_complete could walk through unexpected requests following the stale pointers. Fix this by unsetting the pointer in virtio_blk_rw_complete. It is safe because this req is either completed and freed right away, or it will be restarted and parsed from scratch out of the vq later. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 40119effc5c36dbd0ca19ca85a5897d5b3d37d6d Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Nov 16 11:28:38 2015 +0200 block: make 'stats-interval' an array of ints instead of a string This is the natural JSON representation and prevents us from having to decode the list manually. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 0e3da8fa206f4ab534ae3ce6086e75fe84f1557e.1447665472.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 0ed39f3df2d3cf7f0fc3468b057f952a3b251ad9 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 16 14:32:14 2015 +0800 aio-epoll: Fix use-after-free of node aio_epoll_update needs the fields in node, so delay the free. Reported-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1447655534-13974-1-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 02460c3b4287776062715b95c59cd8829015615d Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Nov 10 15:57:35 2015 +0000 disas/arm: avoid clang shifting negative signed warning clang 3.7.0 on x86_64 warns about the following: disas/arm.c:1782:17: warning: shifting a negative signed value is undefined [-Wshift-negative-value] imm |= (-1 << 7); ~~ ^ Note that this patch preserves the tab indent in this source file because the surrounding code still uses tabs. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 886ce6f8b6ede74eb04314ef62d15bcdf5df7ef1 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Nov 10 15:57:34 2015 +0000 tpm: avoid clang shifting negative signed warning clang 3.7.0 on x86_64 warns about the following: hw/tpm/tpm_tis.c:1000:36: warning: shifting a negative signed value is undefined [-Wshift-negative-value] tis->loc[c].iface_id = TPM_TIS_IFACE_ID_SUPPORTED_FLAGS1_3; ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ hw/tpm/tpm_tis.c:144:10: note: expanded from macro 'TPM_TIS_IFACE_ID_SUPPORTED_FLAGS1_3' (~0 << 4)/* all of it is don't care */) ~~ ^ Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a12e52a151ab48fbfe462110a36d2399713271e6 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 12 20:47:03 2015 -0700 tests: Ignore recent test binaries Commits 6c6f312d and bd797fc1 added new tests (test-blockjob-txn and test-timed-average, respectively), but did not mark them for exclusion in .gitignore. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1447386423-13160-1-git-send-email-eblake@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c4c2daa1ae9ed03c6dd78477a9b132edbce9e08c Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Nov 10 18:00:17 2015 -0500 docs: update bitmaps.md Include new error handling scenarios for 2.5. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1447196417-26081-1-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 361cb26827ffd5f24af05b0e473ecd82d6a33bde Merge: c257779 513e7cd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 17 10:20:25 2015 +0000 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-11-17' into staging QAPI patches # gpg: Signature made Tue 17 Nov 2015 08:28:24 GMT using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-11-17: input: Document why x-input-send-event is still experimental qapi: Document introspection stability considerations Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 513e7cdbaeec56c77e4cf26f151d7ee79f3a6be9 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 12 11:50:43 2015 -0700 input: Document why x-input-send-event is still experimental The x-input-send-event command was introduced in 2.2 with mention that it is experimental, but now that several releases have elapsed without any changes, it would be nice to document why that was done and should still remain experimental in 2.5. Meanwhile, our documentation states that we prefer 'lower-case', rather than 'CamelCase', for qapi enum values. The InputButton and InputAxis enums violate this convention. However, because they are currently used primarily for generating code that is used internally; and their only exposure through QMP is via the experimental 'x-input-send-event' command, we are free to change their spelling. Of course, it would be nicer to delay such a change until the same time we promote the command to non-experimental. Adding documentation will help us remember to do that rename. We have plans to tighten the qapi generator to flag instances of inconsistent use of naming conventions; if that lands first, it will just need to whitelist these exceptions until the time we settle on the final interface. Fix a typo in the docs for InputAxis while at it. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1447354243-31825-1-git-send-email-eblake@xxxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 39a65e2c243978a480e03cab865462d98873fc3c Author: Eric Blake <eblake@xxxxxxxxxx> Date: Wed Nov 11 10:50:02 2015 -0700 qapi: Document introspection stability considerations We are not ready (and might never be ready) to declare introspection stable between releases. Clients written to control multiple versions of qemu, and desiring to know whether a particular member is supported for a given command, must be prepared to locate that member in spite of qapi changes that may affect the member's location or type within the overall object, even though such changes did not break QMP wire back-compatibility. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1447264202-19554-1-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit dc3db6adde329548771ab2addc2ef8376b2b8b32 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Nov 16 18:40:18 2015 +0200 vhost-user: start/stop all rings We are currently only sending VRING_ENABLE message for the first ring, that's wrong: we must start/stop them all. Reported-by: Victor Kaplansky <victork@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 5421f318ecc82294ad089fd54924df787b67c971 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Nov 16 13:55:53 2015 +0200 vhost-user: print original request on error When we get an unexpected response, print out the original request. Helps debug protocol errors tremendously. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 87656d50181e1be475303c1b88be6df0963c5bfd Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Nov 16 13:33:36 2015 +0200 vhost-user-test: support VHOST_USER_SET_VRING_ENABLE vhost-user-test is broken now: it assumes QEMU sends RESET_OWNER, and we stopped doing that. Wait for ENABLE_RING with 0 instead. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c257779e2a586043a1480bb7e96fb6bcd0129634 Merge: bc7c6c1 ba060c5 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Nov 16 12:09:47 2015 +0000 Merge remote-tracking branch 'remotes/otubo/tags/pull-seccomp-20151116' into staging seccomp branch queue # gpg: Signature made Mon 16 Nov 2015 08:50:28 GMT using RSA key ID 12F8BD2F # gpg: Good signature from "Eduardo Otubo (Software Engineer @ ProfitBricks) <eduardo.otubo@xxxxxxxxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 1C96 46B6 E1D1 C38A F2EC 3FDE FD0C FF5B 12F8 BD2F * remotes/otubo/tags/pull-seccomp-20151116: seccomp: loosen library version dependency configure: arm/aarch64: allow enable-seccomp seccomp: add cacheflush to whitelist Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a586e65bbd017ab55fe4149dd1bcba5c3a72bcd1 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Sun Nov 15 21:25:11 2015 +0200 vhost-user: update spec description Clarify logging setup to make sure all clients comply in a way that is future-proof. Document how rings are started/stopped. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Victor Kaplansky <victork@xxxxxxxxxx> commit bc7c6c1fec2e9aa1ff6f2e018ed641db1429315c Merge: 8337c6c 917158d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Nov 16 10:14:33 2015 +0000 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Fri 13 Nov 2015 20:16:21 GMT using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" * remotes/jnsnow/tags/ide-pull-request: qtest/ahci: use raw format when qemu-img is absent libqos: add qemu-img presence check qtest/ahci: always specify image format ahci/qtest: don't use tcp sockets for migration tests atapi: Prioritize unknown cmd error over BCL error atapi: add byte_count_limit helper Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 12b8cbac3c8243b3dd485aaebb82547aefa06adb Author: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Date: Fri Nov 13 15:24:10 2015 +0800 vhost: don't send RESET_OWNER at stop First of all, RESET_OWNER message is sent incorrectly, as it's sent before GET_VRING_BASE. And the reset message would let the later call get nothing correct. And, sending SET_VRING_ENABLE at stop, which has already been done, makes more sense than RESET_OWNER. Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 923e2d98ede7404882656aeb4364c3964a95db3d Author: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Date: Fri Nov 13 15:24:09 2015 +0800 vhost: let SET_VRING_ENABLE message depends on protocol feature But not depend on PROTOCOL_F_MQ feature bit. So that we could use SET_VRING_ENABLE to sign the backend on stop, even if MQ is disabled. That's reasonable, since we will have one queue pair at least. Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ba060c53d585d186ff0ac6b181f4b2a867acc210 Author: dann frazier <dann.frazier@xxxxxxxxxxxxx> Date: Fri Oct 23 15:34:22 2015 -0600 seccomp: loosen library version dependency Drop the libseccomp required version back to 2.1.0, restoring the ability to build w/ --enable-seccomp on Ubuntu 14.04. Commit 4cc47f8b3cc4f32586ba2f7fce1dc267da774a69 tightened the dependency on libseccomp from version 2.1.0 to 2.1.1. This broke building on Ubuntu 14.04, the current Ubuntu LTS release. The commit message didn't mention any specific functional need for 2.1.1, just that it was the most recent stable version at the time. I reviewed the changes between 2.1.0 and 2.1.1, but it looks like that update just contained minor fixes and cleanups - no obvious (to me) new interfaces or critical bug fixes. Signed-off-by: dann frazier <dann.frazier@xxxxxxxxxxxxx> Acked-by: Eduardo Otubo <eduardo.otubo@xxxxxxxxxxxxxxxx> commit 693e59105d2ce4d6f4c96a2373fec06a24d0e6be Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Wed Sep 30 11:59:18 2015 -0400 configure: arm/aarch64: allow enable-seccomp This is a revert of ae6e8ef11e6cb, but with a bit of refactoring, and also specifically adding arm/aarch64, rather than all architectures. Currently, libseccomp code appears to also support mips, ppc, and s390. We could therefore allow qemu to enable seccomp for those platforms as well, with additional configure patches, given they're tested and proven to work. Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> Acked-by: Eduardo Otubo <eduardo.otubo@xxxxxxxxxxxxxxxx> commit 47d2067af3424c1a9b1b215dfc6b0c55ac4b3ee7 Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Mon Nov 2 23:53:26 2015 +0100 seccomp: add cacheflush to whitelist cacheflush is an arm-specific syscall that qemu built for arm uses. Add it to the whitelist, but only if we're linking with a recent enough libseccomp. Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> commit 917158dc3b22924922dc1f3b9d4049a4fc83d926 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Nov 13 14:31:43 2015 -0500 qtest/ahci: use raw format when qemu-img is absent If we don't have the qemu-img tool, use the raw format for tests and skip the high-sector LBA48 tests. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1447439479-16775-4-git-send-email-jsnow@xxxxxxxxxx commit cb11e7b2f3878575f23d49454c02d8dce35c8d35 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Nov 13 14:31:42 2015 -0500 libqos: add qemu-img presence check To allow tests to optionally exercise additional tests that require the qemu-img tool that may not be present in all builds. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1447439479-16775-3-git-send-email-jsnow@xxxxxxxxxx commit b236b61056ff0a6b69aa2a92cf5bb10a81450753 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Nov 13 14:31:42 2015 -0500 qtest/ahci: always specify image format Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1447439479-16775-2-git-send-email-jsnow@xxxxxxxxxx commit 6d9e7295c5ff6fdd2d7989639b836c6fdc01ac61 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Nov 13 14:31:42 2015 -0500 ahci/qtest: don't use tcp sockets for migration tests Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1447108074-20609-1-git-send-email-jsnow@xxxxxxxxxx commit f36aa12d2f2d5b5a877e38641183259e119e1568 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Nov 13 14:31:42 2015 -0500 atapi: Prioritize unknown cmd error over BCL error If we don't know about the command at all, we need to prioritize that failure above the zero byte-count-limit failure. This fixes a failure in the sparc64 NetBSD 7.0 installer bootup. Reported-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Tested-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Message-id: 1447095959-10046-3-git-send-email-jsnow@xxxxxxxxxx commit af0e00db0e389dfa33d597f917a21454643bd314 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Nov 13 14:31:42 2015 -0500 atapi: add byte_count_limit helper Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Tested-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Message-id: 1447095959-10046-2-git-send-email-jsnow@xxxxxxxxxx commit cdadde39a80779b52f72aedf80839cabac975e57 Author: Roger Pau Monne <roger.pau@xxxxxxxxxx> Date: Fri Nov 13 17:38:06 2015 +0000 xen: fix usage of xc_domain_create in domain builder Due to the addition of HVMlite and the requirement to always provide a valid xc_domain_configuration_t, xc_domain_create now always takes an arch domain config, which can be NULL in order to mimic previous behaviour. Add a small stub called xen_domain_create that encapsulates the correct call to xc_domain_create depending on the libxc version detected. Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 8337c6cbc37c6b2184f41bab3eaff47d5e68012a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Nov 13 17:10:36 2015 +0000 Update version for v2.5.0-rc0 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 74fcbd22d20a2fbc1a47a7b00cce5bf98fd7be5f Author: Guenter Roeck <linux@xxxxxxxxxxxx> Date: Thu Nov 12 09:54:55 2015 -0800 hw/misc: Add support for ADC controller in Xilinx Zynq 7000 Add support for the Xilinx XADC core used in Zynq 7000. References: - Zynq-7000 All Programmable SoC Technical Reference Manual - 7 Series FPGAs and Zynq-7000 All Programmable SoC XADC Dual 12-Bit 1 MSPS Analog-to-Digital Converter Tested with Linux using QEMU machine xilinx-zynq-a9 with devicetree files zynq-zc702.dtb and zynq-zc706.dtb, and kernel configuration multi_v7_defconfig. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Guenter Roeck <linux@xxxxxxxxxxxx> [ PC changes: * Changed macro names to match TRM where possible * Made programmers model macro scheme consistent * Dropped XADC_ZYNQ_ prefix on local macros * Fix ALM field width * Update threshold-comparison interrupts in _update_ints() * factored out DFIFO pushes into helper. Renamed to "push/pop" * Changed xadc_reg to 10 bits and added OOB check. * Reduced scope of MCTL reset to just stop channel coms. * Added dummy read data to write commands * Changed _ to - seperators in string names and filenames * Dropped ------------ in header comment * Catchall'ed _update_ints() in _write handler. * Minor whitespace changes. * Use ZYNQ_XADC_FIFO_DEPTH instead of ARRAY_SIZE() ] Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Tested-by: Guenter Roeck <linux@xxxxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f3bcfc5663646f74e62fe9d3d8774b8f0adda7bf Merge: b2df6a7 389775d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 12 18:08:19 2015 +0000 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20151112' into staging migration/next for 20151112 # gpg: Signature made Thu 12 Nov 2015 16:56:44 GMT using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20151112: migration_init: Fix lock initialisation/make it explicit migrate-start-postcopy: Improve text Postcopy: Fix TP!=HP zero case Finish non-postcopiable iterative devices before package migration: Make 32bit linux compile with RDMA migration: print ram_addr_t as RAM_ADDR_FMT not %zx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b2df6a79df6343d0ed4ea05d83b3ff1d849e8d25 Merge: cfcc7c1 aece5ed Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 12 17:22:06 2015 +0000 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches (rebased Stefan's pull request) # gpg: Signature made Thu 12 Nov 2015 15:34:16 GMT using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: (43 commits) block: Update copyright of the accounting code scsi-disk: Account for failed operations macio: Account for failed operations ide: Account for failed and invalid operations atapi: Account for failed and invalid operations xen_disk: Account for failed and invalid operations virtio-blk: Account for failed and invalid operations nvme: Account for failed and invalid operations iotests: Add test for the block device statistics block: Use QEMU_CLOCK_VIRTUAL for the accounting code in qtest mode qemu-io: Account for failed, invalid and flush operations block: New option to define the intervals for collecting I/O statistics block: Add average I/O queue depth to BlockDeviceTimedStats block: Compute minimum, maximum and average I/O latencies block: Allow configuring whether to account failed and invalid ops block: Add statistics for failed and invalid I/O operations block: Add idle_time_ns to BlockDeviceStats util: Infrastructure for computing recent averages block: define 'clock_type' for the accounting code ide: Account for write operations correctly ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 389775d1f67b2c8f44f9473b1e5363735972e389 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 12 15:38:27 2015 +0000 migration_init: Fix lock initialisation/make it explicit Peter reported a lock error on MacOS after my a82d593b patch. migrate_get_current does one-time initialisation of a bunch of variables. migrate_init does reinitialisation even on a 2nd migrate after a cancel. The problem here was that I'd initialised the mutex in migrate_get_current, and the memset in migrate_init corrupted it. Remove the memset and replace it by explicit initialisation of fields that need initialising; this also turns out to be simpler than the old code that had to preserve some fields. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Fixes: a82d593b Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a54d340b9d0902fa73ff9e5541974b9b51fb1d45 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 12 11:34:44 2015 +0000 migrate-start-postcopy: Improve text Improve the text in both the qapi-schema and hmp help to point out you need to set the postcopy-ram capability prior to issuing migrate-start-postcopy. Also fix the text of the migrate_start_postcopy error that deals with capabilities. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Acked-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit cfcc7c144879ebe61ac2472216314fc1331b4450 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 12 11:29:49 2015 -0500 configure: check for $cxx before use I broke this when adding checks for clang++. Reported-by: Laurent Vivier <lvivier@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1447345789-840-1-git-send-email-jsnow@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a3b6ff6d0a7a964c5c7cd5f9a0d5e42752b6347a Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Nov 11 14:02:28 2015 +0000 Postcopy: Fix TP!=HP zero case Where the target page size is different from the host page we special case it, but I messed up on the zero case check. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 1c0d249ddf3c75c3992847d0af67f79a1cfd23d2 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Nov 11 14:02:27 2015 +0000 Finish non-postcopiable iterative devices before package Where we have iterable, but non-postcopiable devices (e.g. htab or block migration), complete them before forming the 'package' but with the CPUs stopped. This stops them filling up the package. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 80e60c6e1c417aa50a4fed1cb1a2f73885be3bef Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Tue Nov 10 17:43:04 2015 +0100 migration: Make 32bit linux compile with RDMA Rest of the file already use that trick. 64bit offsets make no sense in 32bit archs, but that is ram_addr_t for you. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit 9458ad6b445ff1e886f74ed75cf5050721f93b3e Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Tue Nov 10 17:42:05 2015 +0100 migration: print ram_addr_t as RAM_ADDR_FMT not %zx Not all the wold is 64bits (yet). Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit ed6c64489ef11d9ac5fb4b4c89d455a4f1ae8083 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Thu Nov 12 15:10:43 2015 +0000 target-arm: Update PC before calling gen_helper_check_breakpoints() PC should be updated in the CPU state before calling check_breakpoints() helper. Otherwise, the helper would not see the correct PC in the CPU state if it is not at the start of a TB. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1447176222-16401-1-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8f0da01d189077647adf79618acc3832f77b7918 Merge: 17e50a7 4652f16 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 12 15:15:30 2015 +0000 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio, vhost: fixes for 2.5 This fixes a performance regression with virtio 1, and makes device stop/start more robust for vhost-user. virtio devices on pcie bus now have pcie and pm capability, as required by the PCI Express spec. migration now works better with virtio 9p. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu 12 Nov 2015 14:40:42 GMT using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: virtio-9p: add savem handlers hw/virtio: Add PCIe capability to virtio devices vhost: send SET_VRING_ENABLE at start/stop vhost: rename RESET_DEVICE backto RESET_OWNER vhost-user: modify SET_LOG_BASE to pass mmap size and offset virtio-pci: unbreak queue_enable read virtio-pci: introduce pio notification capability for modern device virtio-pci: use zero length mmio eventfd for 1.0 notification cap when possible KVM: add support for any length io eventfd memory: don't try to adjust endianness for zero length eventfd virtio-pci: fix 1.0 virtqueue migration Conflicts: include/hw/compat.h [Fixed a trivial merge conflict in compat.h] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit aece5edc96f211eec6febdafc9bbbb99315a2efd Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:18 2015 +0200 block: Update copyright of the accounting code Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 80a2278e3ec2dafd5daab20a7cb2d6a9b83371e4.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d7628080f3bd074f80666561beadfdd5e2f5b0df Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:17 2015 +0200 scsi-disk: Account for failed operations Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 0ead7b0e59c22926e033ca12725e3a31985ec46b.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b88b3c8b836ca55d8a4f738deed3b63c0ca84060 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:16 2015 +0200 macio: Account for failed operations Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: ee6f4fde6a7c1071ca96d4ddd53e4934ff812fcd.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ecca3b397d06a957b18913ff9afc63860001cfdf Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:15 2015 +0200 ide: Account for failed and invalid operations Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: bf4d6c9c563877e699b0bf42e7eaf8b096c4a35e.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ece2d05ed4adb9a9aa3ca9da0496be769dfb3a25 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:14 2015 +0200 atapi: Account for failed and invalid operations Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 59dee4e2921b0c79d41c49b67dfb93d32db9f7f9.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 57ee366ce9cf8d9f7a52b7b654b9db78fe887349 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:13 2015 +0200 xen_disk: Account for failed and invalid operations Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: e0cbb96cb0e1f86c37c7ce332efdf02b57b9d365.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 01762e03222154fef6d98087ce391aed8a157be5 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:12 2015 +0200 virtio-blk: Account for failed and invalid operations Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 4f623ce52c9d673d35a043fc2959526b41b685c6.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 1753f3dc177a82f8b3c5ea8d2a32737db9411dd4 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:11 2015 +0200 nvme: Account for failed and invalid operations Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 678dc67da229759d404b44f7cc2bf5ed8bf8ad14.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4214face09bed08279c68a67fa1a4b01be887346 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:10 2015 +0200 iotests: Add test for the block device statistics Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 0fb8501bbf3666b3d5d3f67fa899729c88f21baf.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 918a17a464bac332b14a19d87106acc81e476f05 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:09 2015 +0200 block: Use QEMU_CLOCK_VIRTUAL for the accounting code in qtest mode This patch switches to QEMU_CLOCK_VIRTUAL for the accounting code in qtest mode, and makes the latency of the operation constant. This way we can perform tests on the accounting code with reproducible results. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 35ed0501450fa572684e9b5e92c361ab6cce565b.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 556c2b60714e7dae3ed0eb3488910435263dc09f Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:08 2015 +0200 qemu-io: Account for failed, invalid and flush operations Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 78a7662a8636e55991737ece50003a2dc5a5f3e0.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 2be5506fc85d5fef1abdb2128d446cb0b14b12bc Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:07 2015 +0200 block: New option to define the intervals for collecting I/O statistics The BlockAcctStats structure contains a list of BlockAcctTimedStats. Each one of these collects statistics about the minimum, maximum and average latencies of all I/O operations in a certain interval of time. This patch adds a new "stats-intervals" option that allows defining these intervals. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 41cbcd334a61c6157f0f495cdfd21eff6c156f2a.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 96e4dedaff9922f87e4ec351d51d3f093198382a Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:06 2015 +0200 block: Add average I/O queue depth to BlockDeviceTimedStats This patch adds two new fields to BlockDeviceTimedStats that track the average number of pending read and write requests for a block device. The values are calculated for the period of time defined for that interval. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: fd31fef53e2714f2f30d59ed58ca2f67ec9ab926.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 979e9b03fc8c85d3b78a14410c64cbb16d348095 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:05 2015 +0200 block: Compute minimum, maximum and average I/O latencies This patch keeps track of the minimum, maximum and average latencies of I/O operations during a certain interval of time. The values are exposed in the BlockDeviceTimedStats structure. An option to define the intervals to collect these statistics will be added in a separate patch. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: c7382dc89622c64f918d09f32815827772628f8e.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 362e9299b34b3101aaa20f20363441c9f055fa5e Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:04 2015 +0200 block: Allow configuring whether to account failed and invalid ops This patch adds two options, "stats-account-invalid" and "stats-account-failed", that can be used to decide whether invalid and failed I/O operations must be used when collecting statistics for latency and last access time. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: ebc7e5966511a342cad428a392c5f5ad56b15213.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7ee12dafe96a86dfa96af38cea1289305e429a55 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:03 2015 +0200 block: Add statistics for failed and invalid I/O operations This patch adds the block_acct_failed() and block_acct_invalid() functions to allow keeping track of failed and invalid I/O operations. The number of failed and invalid operations is exposed in BlockDeviceStats. We don't keep track of the time spent on invalid operations because they are cancelled immediately when they are started. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: a7256ccb883a86356b1c6c46b5a29ed5448546a5.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit cb38fffbc968e797ae32039b1e2c47b940b30cb4 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:02 2015 +0200 block: Add idle_time_ns to BlockDeviceStats This patch adds the new field 'idle_time_ns' to the BlockDeviceStats structure, indicating the time that has passed since the previous I/O operation. It also adds the block_acct_idle_time_ns() call, to ensure that all references to the clock type used for accounting are in the same place. This will later allow us to use a different clock for iotests. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 7d8cfcf931453e1a2443e6626e8c1edc347c7c8a.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit bd797fc15b4290e02c219b7cd6289a33cd6cd18b Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:01 2015 +0200 util: Infrastructure for computing recent averages This module computes the average of a set of values within a time window, keeping also track of the minimum and maximum values. In order to produce more accurate results it works internally by creating two time windows of the same period, offsetted by half of that period. Values are accounted on both windows and the data is always returned from the oldest one. [Add missing util/replay.o to test-timed-average dependencies to fix the build. --Stefan] Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 201b09c21bbc9c329779d2b2365ee2b9c80dceeb.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5519593c07c71c55b196546a00c08106bd9a100b Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:00 2015 +0200 block: define 'clock_type' for the accounting code Its value is still QEMU_CLOCK_REALTIME, but having it in a variable will allow us to change its value easily in the future when running in qtest mode. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 547485eb841cf9e3b2770c96539ae9ae5996e214.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit c618f331d314c34ff2390d2dbd3f926e513c7059 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:32:59 2015 +0200 ide: Account for write operations correctly Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 2e71323c0875c2b66a8ae22229545e0c013af8d4.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 693044ebd20ce8730aae679ff58d52aa8ec60b0a Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:32:58 2015 +0200 xen_disk: Account for flush operations Currently both BLKIF_OP_WRITE and BLKIF_OP_FLUSH_DISKCACHE are being accounted as write operations. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 7a2a14e3ac62027aa6267a6c02abc70717be9c0a.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 6c6f312dd752c74c124ecfc4c34e8aaf7254c3b8 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Nov 5 18:13:20 2015 -0500 tests: add BlockJobTxn unit test The BlockJobTxn unit test verifies that both single jobs and pairs of jobs behave as a transaction group. Either all jobs complete successfully or the group is cancelled. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-15-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit fc6c796ff2b049303473702d1ade9196d1843f5d Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:13:19 2015 -0500 iotests: 124 - transactional failure test Use a transaction to request an incremental backup across two drives. Coerce one of the jobs to fail, and then re-run the transaction. Verify that no bitmap data was lost due to the partial transaction failure. To support the 'err-cancel' QMP argument name it's necessary for transaction_action() to convert underscores in Python argument names to hyphens for QMP argument names. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1446765200-3054-14-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 94d16a640a1058653327392e08c6d39eeba1e499 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:13:18 2015 -0500 block: add transactional properties Add both transactional properties to the QMP transactional interface, and add the BlockJobTxn that we create as a result of the err-cancel property to the BlkActionState structure. [split up from a patch originally by Stefan and Fam. --js] Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-13-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 78f51fde88d1925b5ae51ba789339baa9ff72ad1 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:13:17 2015 -0500 block: Add BlockJobTxn support to backup_run Allow a BlockJobTxn to be passed into backup_run, which will allow the job to join a transactional group if present. Propagate this new parameter outward into new QMP helper functions in blockdev.c to allow transaction commands to pass forward their BlockJobTxn object in a forthcoming patch. [split up from a patch originally by Stefan and Fam. --js] Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-12-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit c347b2c62a53b73cf6cc31225feb125d2f20f186 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:13:16 2015 -0500 block/backup: Rely on commit/abort for cleanup Switch over to the new .commit/.abort handlers for cleaning up incremental bitmaps. [split up from a patch originally by Stefan and Fam. --js] Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-11-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit c55a832fdddec2c350b585ade0476501f616608d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Nov 5 18:13:15 2015 -0500 block: Add block job transactions Sometimes block jobs must execute as a transaction group. Finishing jobs wait until all other jobs are ready to complete successfully. Failure or cancellation of one job cancels the other jobs in the group. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-10-git-send-email-jsnow@xxxxxxxxxx [Rewrite the implementation which is now contained in block_job_completed. --Fam] Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 94db6d2d30962cc0422a69c88c3b3e9981b33e50 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Nov 5 18:13:14 2015 -0500 blockjob: Simplify block_job_finish_sync With job->completed and job->ret to replace BlockFinishData. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-9-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a689dbf2df74a55d43e3fc4d6aec30ed67ca998f Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Nov 5 18:13:13 2015 -0500 blockjob: Add "completed" and "ret" in BlockJob They are set when block_job_completed is called. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-8-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 57901ecb8e02f03464d5f37bb6edf82e5076812d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Nov 5 18:13:12 2015 -0500 blockjob: Add .commit and .abort block job actions Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-7-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 18930ba3d17866fff6df52ae6d2e54ce5c5ca04b Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Nov 5 18:13:11 2015 -0500 blockjob: Introduce reference count and fix reference to job->bs Add reference count to block job, meanwhile move the ownership of the reference to job->bs from the caller (which is released in two completion callbacks) to the block job itself. It is necessary for block_job_complete_sync to work, because block job shouldn't live longer than its bs, as asserted in bdrv_delete. Now block_job_complete_sync can be simplified. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-6-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b976ea3cf591ac994cc17dcf0fc550c9aa9c0f5d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Nov 5 18:13:10 2015 -0500 backup: Extract dirty bitmap handling as a separate function This will be reused by the coming new transactional completion code. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-5-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 50f43f0ff9a640b901b2657492d642e14a57bd4d Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:13:09 2015 -0500 block: rename BlkTransactionState and BdrvActionOps These structures are misnomers, somewhat. (1) BlockTransactionState is not state for a transaction, but is rather state for a single transaction action. Rename it "BlkActionState" to be more accurate. (2) The BdrvActionOps describes operations for the BlkActionState, above. This name might imply a 'BdrvAction' or a 'BdrvActionState', which there isn't. Rename this to 'BlkActionOps' to match 'BlkActionState'. Lastly, update the surrounding in-line documentation and comments to reflect the current nature of how Transactions operate. This patch changes only comments and names, and should not affect behavior in any way. Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-4-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 749ad5e887e85fd51d83bf4d08ed72858f937fd9 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:13:08 2015 -0500 iotests: add transactional incremental backup test Test simple usage cases for using transactions to create and synchronize incremental backups. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1446765200-3054-3-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit df9a681dc9ad41c9cdeb9ecc5d060ba9abd27e01 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:54 2015 +0800 qed: Implement .bdrv_drain The "need_check_timer" is used to clear the "NEED_CHECK" flag in the image header after a grace period once metadata update has finished. In compliance to the bdrv_drain semantics we should make sure it remains deleted once .bdrv_drain is called. We cannot reuse qed_need_check_timer_cb because here it doesn't satisfy the assertion. Do the "plug" and "flush" calls manually. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1447064214-29930-10-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 67da1dc5ce696c7b309b1db100da7d94292847b7 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:53 2015 +0800 block: Introduce BlockDriver.bdrv_drain callback Drivers can have internal request sources that generate IO, like the need_check_timer in QED. Since we want quiesced periods that contain nested event loops in block layer, we need to have a way to disable such event sources. Block drivers must implement the "bdrv_drain" callback if it has any internal sources that can generate I/O activity, like a timer or a worker thread (even in a library) that can schedule QEMUBH in an asynchronous callback. Update the comments of bdrv_drain and bdrv_drained_begin accordingly. Like bdrv_requests_pending(), we should consider all the children of bs. Before, the while loop just works, as bdrv_requests_pending() already tracks its children; now we mustn't miss the callback, so recurse down explicitly. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1447064214-29930-9-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 83c98d7b924eab36a0a2c7813731dbef439a91d3 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:52 2015 +0800 block: Drop BlockDriver.bdrv_ioctl Now the callback is not used any more, drop the field along with all implementations in block drivers, which are iscsi and raw. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1447064214-29930-8-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5c5ae76acb024f05b8f021e9f1e10a0299328bdd Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:51 2015 +0800 block: Emulate bdrv_ioctl with bdrv_aio_ioctl and track both Currently all drivers that support .bdrv_aio_ioctl also implement .bdrv_ioctl redundantly. To track ioctl requests in block layer it is easier if we unify the two paths, because we'll need to run it in a coroutine, as required by tracked_request_begin. While we're at it, use .bdrv_aio_ioctl plus aio_poll() to emulate bdrv_ioctl(). Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1447064214-29930-7-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8b45f6878d291646cadc4786ae807e6a42c188b4 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:50 2015 +0800 block: Add ioctl parameter fields to BlockRequest The two fields that will be used by ioctl handling code later are added as union, because it's used exclusively by ioctl code which dosn't need the four fields in the other struct of the union. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1447064214-29930-6-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4bb17ab51a78c6daaaa9d6c86d1c890d24c091c4 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:49 2015 +0800 iscsi: Emulate commands in iscsi_aio_ioctl as iscsi_ioctl iscsi_ioctl emulates SG_GET_VERSION_NUM and SG_GET_SCSI_ID. Now that bdrv_ioctl() will be emulated with .bdrv_aio_ioctl, replicate the logic into iscsi_aio_ioctl to make them consistent. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1447064214-29930-5-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b1066c875597649be1d1d6db4712bc504b4c4c81 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:48 2015 +0800 block: Track discard requests Both bdrv_discard and bdrv_aio_discard will call into bdrv_co_discard, so add tracked_request_begin/end calls around the loop. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1447064214-29930-4-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit cdb5e3155eb323380c59f19fe88e28fedd85d3d8 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:47 2015 +0800 block: Track flush requests Both bdrv_flush and bdrv_aio_flush eventually call bdrv_co_flush, add tracked_request_begin and tracked_request_end pair in that function so that all flush requests are now tracked. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1447064214-29930-3-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ebde595ce63369921dbbe1bd16fec0b230050d67 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:46 2015 +0800 block: Add more types for tracked request We'll track more request types besides read and write, change the boolean field to an enum. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1447064214-29930-2-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4652f1640e029e1f2433fa77ba6af285c7cd923a Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Thu Oct 22 19:38:42 2015 +0200 virtio-9p: add savem handlers We don't support migration of mounted 9p shares. This is handled by a migration blocker. One would expect, however, to be able to migrate if the share is unmounted. Unfortunately virtio-9p-device does not register savevm handlers at all ! Migration succeeds and leaves the guest with a dangling device... This patch simply registers migration handlers for virtio-9p-device. Whether migration is possible or not still depends on the migration blocker. Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1811e64c35fe1d9bce77952937a16c001dc08465 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Nov 10 13:41:29 2015 +0200 hw/virtio: Add PCIe capability to virtio devices The virtio devices are converted to PCI-Express if they are plugged into a PCI-Express bus and the 'modern' protocol is enabled. Devices plugged directly into the Root Complex as Integrated Endpoints remain PCI. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 17e50a72a3aade0eddfebc012a5d7bdd40a03573 Merge: df1ac44 39bec4f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 12 14:15:32 2015 +0000 Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging # gpg: Signature made Thu 12 Nov 2015 08:01:55 GMT using RSA key ID 398D6211 # gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211 * remotes/jasowang/tags/net-pull-request: net: netmap: use error_setg() helpers in place of error_report() net: netmap: Fix compilation issue e1000: Introducing backward compatibility command line parameter e1000: Implementing various counters e1000: Fixing the packet address filtering procedure e1000: Fixing the received/transmitted octets' counters e1000: Fixing the received/transmitted packets' counters e1000: Trivial implementation of various MAC registers e1000: Introduced an array to control the access to the MAC registers e1000: Add support for migrating the entire MAC registers' array e1000: Cosmetic and alignment fixes slirp: Fix type casts and format strings in debug code Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3a12f32229a046f4d4ab0a3a52fb01d2d5a1ab76 Author: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Date: Wed Nov 11 21:24:41 2015 +0800 vhost: send SET_VRING_ENABLE at start/stop Send SET_VRING_ENABLE at start/stop, to give the backend an explicit sign of our state. Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 60915dc4691768c4dc62458bb3e16c843fab091d Author: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Date: Wed Nov 11 21:24:37 2015 +0800 vhost: rename RESET_DEVICE backto RESET_OWNER This patch basically reverts commit d1f8b30e. It turned out that it breaks stuff, so revert it: http://lists.nongnu.org/archive/html/qemu-devel/2015-10/msg00949.html CC: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Reported-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 2b8819c6eee517c1582983773f8555bb3f9ed645 Author: Victor Kaplansky <victork@xxxxxxxxxx> Date: Wed Nov 11 16:26:02 2015 +0200 vhost-user: modify SET_LOG_BASE to pass mmap size and offset Unlike the kernel, vhost-user application accesses log table by mmaping it to its user space. This change adds two new fields to VhostUserMsg payload: mmap_size, and mmap_offset and make QEMU to pass the to vhost-user application in VHOST_USER_SET_LOG_BASE request. Signed-off-by: Victor Kaplansky <victork@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 393f04d3ab40d03aa2fde0017ff7f02fc34cbd4e Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Nov 6 16:02:49 2015 +0800 virtio-pci: unbreak queue_enable read Guest always get zero when reading queue_enable. This violates spec. Fixing this by setting the queue_enable to true during any guest writing and setting it to zero during reset. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 9824d2a39d9893ef9bbe71f94efb57da265b73f6 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Nov 6 16:02:48 2015 +0800 virtio-pci: introduce pio notification capability for modern device We used to use mmio for notification. This could be slow on some arch (e.g on x86 without EPT). So this patch introduces pio bar and a pio notification cap for modern device. This ability is enabled through property "modern-pio-notify" for virtio pci devices and was disabled by default. Management can enable when it thinks it was needed. Benchmarks shows almost no obvious difference compared to legacy device on machines without ept. Thanks Wenli Quan <wquan@xxxxxxxxxx> for the benchmarking. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit bc85ccfdf5cc045588f665c84b5707d7364c8a6c Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Nov 6 16:02:47 2015 +0800 virtio-pci: use zero length mmio eventfd for 1.0 notification cap when possible We use data match eventfd for 1.0 notification currently. This could be slow since software decoding is needed for mmio exit. To speed this up, we can switch to use zero length mmio eventfd for 1.0 notification since we can examine the queue index directly from the writing address. KVM kernel module can utilize this by registering it to fast mmio bus which could be as fast as pio on ept capable machine when fast mmio is supported by host kernel. Lots of improvements were seen on a ept capable machine: Guest RX:(TCP) size/session/+throughput%/+cpu%/-+per cpu%/ 64/1/+1.6807%/[-16.2421%]/[+21.3984%]/ 64/2/+0.6091%/[-11.0187%]/[+13.0678%]/ 64/4/+0.0553%/[-5.9768%]/[+6.4155%]/ 64/8/+0.1206%/[-4.0057%]/[+4.2984%]/ 256/1/-0.0031%/[-10.1166%]/[+11.2517%]/ 256/2/-0.5058%/[-6.1656%]/+6.0317%]/ ... Guest TX:(TCP) size/session/+throughput%/+cpu%/-+per cpu%/ 64/1/[+18.9183%]/-0.2823%/[+19.2550%]/ 64/2/[+13.5714%]/[+2.2675%]/[+11.0533%]/ 64/4/[+13.1070%]/[+2.1817%]/[+10.6920%]/ 64/8/[+13.0426%]/[+2.0887%]/[+10.7299%]/ 256/1/[+36.2761%]/+6.3434%/[+28.1471%]/ ... 1024/1/[+44.8873%]/+2.0811%/[+41.9335%]/ ... 1024/4/+0.0228%/[-2.2044%]/[+2.2774%]/ ... 16384/2/+0.0127%/[-5.0346%]/[+5.3148%]/ ... 65535/1/[+0.0062%]/[-4.1183%]/[+4.3017%]/ 65535/2/+0.0004%/[-4.2311%]/[+4.4185%]/ 65535/4/+0.0107%/[-4.6106%]/[+4.8446%]/ 65535/8/-0.0090%/[-5.5178%]/[+5.8306%]/ Latency:(TCP_RR) size/session/+transaction rate%/+cpu%/-+per cpu%/ 64/1/[+6.5248%]/[-9.2882%]/[+17.4322%]/ 64/25/[+11.0854%]/[+0.8000%]/[+10.2038%]/ 64/50/[+12.1076%]/[+2.4627%]/[+9.4131%]/ 256/1/[+5.3677%]/[+10.5669%]/-4.7024%/ 256/25/[+5.6402%]/-0.8962%/[+6.5955%]/ 256/50/[+5.9685%]/[+1.7766%]/[+4.1188%]/ 4096/1/+0.2508%/[-10.4941%]/[+12.0047%]/ 4096/25/[+1.8533%]/-0.0273%/+1.8812%/ 4096/50/[+1.2156%]/-1.4134%/+2.6667%/ Notes: data with '[]' is the one whose significance is greater than 95%. Thanks Wenli Quan <wquan@xxxxxxxxxx> for the benchmarking. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 351082238d5d45d6836ec94eabe3fe7d72b36f46 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Nov 6 16:02:46 2015 +0800 KVM: add support for any length io eventfd Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b8aecea23aaccf39da54c77ef248f5fa50dcfbc1 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Nov 6 16:02:45 2015 +0800 memory: don't try to adjust endianness for zero length eventfd There's no need to adjust endianness for zero length eventfd since the data wrote was actually ignored by kernel. So skip the adjust in this case to fix a possible crash when trying to use wildcard mmio eventfd in ppc. Cc: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit a6df8adf3edbb3062f087e425564df35077e8410 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Nov 6 16:02:44 2015 +0800 virtio-pci: fix 1.0 virtqueue migration We don't migrate the followings fields for virtio-pci: uint32_t dfselect; uint32_t gfselect; uint32_t guest_features[2]; struct { uint16_t num; bool enabled; uint32_t desc[2]; uint32_t avail[2]; uint32_t used[2]; } vqs[VIRTIO_QUEUE_MAX]; This will confuse driver if migrating during initialization. Solves this issue by: - introduce transport specific callbacks to load and store extra virtqueue states. - add a new subsection for virtio to migrate transport specific modern device state. - implement pci specific callbacks. - add a new property for virtio-pci for whether or not to migrate extra state. - compat the migration for 2.4 and elder machine types Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit df1ac44e9f0c1b1d775c65b6e86fbcac0be77930 Merge: fd717e7 0a9516c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 12 13:41:44 2015 +0000 Merge remote-tracking branch 'remotes/dgibson/tags/ppc-next-20151112' into staging ppc patch queue -2015-11-12 Highlights: - A number of fixes for MacOS 9 compatibility based on the old MOL (Mac-On-Linux) code and a GSoC project. - Cleaner and more general way of handling register access from the monitor # gpg: Signature made Thu 12 Nov 2015 04:33:26 GMT using RSA key ID 20D9B392 # gpg: Good signature from "David Gibson <david@xxxxxxxxxxxxxxxxxxxxx>" # gpg: aka "David Gibson (Red Hat) <dgibson@xxxxxxxxxx>" # gpg: aka "David Gibson (ozlabs.org) <dgibson@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392 * remotes/dgibson/tags/ppc-next-20151112: monitor/target-ppc: Define target_get_monitor_def cuda.c: add delay to setting of SR_INT bit cuda.c: fix T2 timer and enable its interrupt cuda.c: rename get_counter() state variable from s to ti for consistency cuda.c: refactor get_tb() so that the time can be passed in cuda.c: add defines for CUDA registers cuda.c: fix CUDA SR interrupt clearing cuda.c: implement dummy IIC access commands cuda.c: implement simple CUDA_GET_6805_ADDR command cuda.c: fix CUDA_PACKET response packet format cuda.c: fix CUDA ADB error packet format PPC: mac99: Always add USB controller PPC: Fix lswx bounds checks PPC: Allow Rc bit to be set on mtspr Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit fd717e789010012c5f0537269df19ef19d469baf Merge: 2048a2a 52074d0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 12 13:11:06 2015 +0000 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-11-11-tag' into staging qemu-ga patch queue * fix for unintended overwriting of data on w32 using guest-file-open with append mode # gpg: Signature made Wed 11 Nov 2015 22:14:52 GMT using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" * remotes/mdroth/tags/qga-pull-2015-11-11-tag: qga: fix append file open modes for win32 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2048a2a49188af7a9df065f7553021f89d8e9ec5 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Nov 12 12:10:18 2015 +0100 tests: classify some ivshmem tests as slow Some tests may take long to run, move them under g_test_slow() condition. The 5s timeout for the "server" test will have to be adjusted to the worst known time (for the records, it takes ~0.2s on my host). The "pair" test takes ~1.7, a quickest version could be implemented. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Message-id: 1447326618-11686-1-git-send-email-marcandre.lureau@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c459343b8552e65398a05581f7ff31a068b5b551 Merge: 7497b8d 455b0fd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 12 10:09:14 2015 +0000 Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2015-11-11' into staging error: More error_setg() usage # gpg: Signature made Wed 11 Nov 2015 17:57:15 GMT using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-error-2015-11-11: error: More error_setg() usage Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 39bec4f38b028a2cff8c38f3455aef44d7b3b6c4 Author: Vincenzo Maffione <v.maffione@xxxxxxxxx> Date: Tue Nov 10 10:47:22 2015 +0100 net: netmap: use error_setg() helpers in place of error_report() This update was required to align error reporting of netmap backend initialization to the modifications introduced by commit a30ecde. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Vincenzo Maffione <v.maffione@xxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 54c59b4de584b3467166febb4ff84627a2f29a0e Author: Vincenzo Maffione <v.maffione@xxxxxxxxx> Date: Tue Nov 10 10:47:21 2015 +0100 net: netmap: Fix compilation issue Reorganization of struct NetClientOptions (commit e4ba22b) caused a compilation failure of the netmap backend. This patch fixes the issue by properly accessing the union field. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Vincenzo Maffione <v.maffione@xxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit ba63ec8594a5dd412182aced07b4bf042403766a Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:47 2015 +0200 e1000: Introducing backward compatibility command line parameter This follows the previous patches, where support for migrating the entire MAC registers' array, and some new MAC registers were introduced. This patch introduces the e1000-specific boolean parameter "extra_mac_registers", which is on by default. Setting it to off will enable migration to older versions of QEMU, but will disable the read and write access to the new registers, that were introduced since adding the ability to migrate the entire MAC array. Example for usage to enable backward compatibility and to disable the new MAC registers: qemu-system-x86_64 -device e1000,extra_mac_registers=off,... ... As mentioned above, the default value is "on". Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 3b27430177498a1728b6765c70b455900f93d73a Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:46 2015 +0200 e1000: Implementing various counters This implements the following Statistic registers (various counters) according to Intel's specs: TSCTC GOTCL GOTCH GORCL GORCH MPRC BPRC RUC ROC BPTC MPTC PTC... PRC... PLEASE NOTE: these registers will not be active, nor will migrate, until a compatibility flag will be set (in the next patch in this series). Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 4aeea330f022f45d0dabff6090ecbb98755c2116 Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:45 2015 +0200 e1000: Fixing the packet address filtering procedure Previously, if promiscuous unicast was enabled, a packet was received straight away, even if it was a multicast or a broadcast packet. This patch fixes that behavior, while making the filtering procedure a bit more human-readable. Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 45e93764711484440e56f580f233009bb3da18bc Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:44 2015 +0200 e1000: Fixing the received/transmitted octets' counters Previously, these 64-bit registers did not stick at their maximal values when (and if) they reached them, as they should do, according to the specs. This patch introduces a function that takes care of such registers, avoiding code duplication, making the relevant parts more compatible with the QEMU coding style, while ensuring that in the unlikely case of reaching the maximal value, the counter will stick there, as it supposed to. Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 1f67f92c4fdf59a98c2fdf67d3e78deba489a370 Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:43 2015 +0200 e1000: Fixing the received/transmitted packets' counters According to Intel's specs, these counters (as the other Statistic registers) stick at 0xffffffff when this maximal value is reached. Previously, they would reset after the max. value. Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 72ea771c9711cba63686d5d3284bc6645d13f7d2 Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:42 2015 +0200 e1000: Trivial implementation of various MAC registers These registers appear in Intel's specs, but were not implemented. These registers are now implemented trivially, i.e. they are initiated with zero values, and if they are RW, they can be written or read by the driver, or read only if they are R (essentially retaining their zero values). For these registers no other procedures are performed. For the trivially implemented Diagnostic registers, a debug warning is produced on read/write attempts. PLEASE NOTE: these registers will not be active, nor will migrate, until a compatibility flag will be set (in a later patch in this series). The registers implemented here are: Transmit: RW: AIT Management: RW: WUC WUS IPAV IP6AT* IP4AT* FFLT* WUPM* FFMT* FFVT* Diagnostic: RW: RDFH RDFT RDFHS RDFTS RDFPC PBM* TDFH TDFT TDFHS TDFTS TDFPC Statistic: RW: FCRUC R: RNBC TSCTFC MGTPRC MGTPDC MGTPTC RFC RJC SCC ECOL LATECOL MCC COLC DC TNCRS SEC CEXTERR RLEC XONRXC XONTXC XOFFRXC XOFFTXC Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit bc0f0674f037a01f2ce0870ad6270a356a7a8347 Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:41 2015 +0200 e1000: Introduced an array to control the access to the MAC registers The array of uint8_t's which is introduced here, contains access metadata about the MAC registers: if a register is accessible, but partly implemented, or if a register requires a certain compatibility flag in order to be accessed. Currently, 6 hypothetical flags are supported (3 exist for e1000 so far) but in the future, if more than 6 flags will be needed, the datatype of this array can simply be swapped for a larger one. This patch is intended to solve the following current problems: 1) In a scenario of migration between different versions of QEMU, which differ by the MAC registers implemented in them, some registers need not to be active if a compatibility flag is set, in order to preserve the machine's state perfectly for the older version. Checking this for each register individually, would create a lot of clutter in the code. 2) Some registers are (or may be) only partly implemented (e.g. placeholders that allow reading and writing, but lack other functions). In such cases it is better to print a debug warning on read/write attempts. As above, dealing with this functionality on a per-register level, would require longer and more messy code. Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 9e11773417d98fd2ec961568ec2875063b95569b Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:40 2015 +0200 e1000: Add support for migrating the entire MAC registers' array This patch makes the migration of the entire array of MAC registers possible during live migration. The entire array is just 128 KB long, so practically no penalty should be felt when transmitting it, additionally to the previously transmitted individual registers. The advantage here is eliminating the need to introduce new vmstate subsections in the future, when additional MAC registers will be implemented. Backward compatibility is preserved by introducing a e1000-specific boolean parameter (in a later patch), which will be on by default. Setting it to off would enable migration to older versions of QEMU. Additionally, this parameter will be used to control the access to the extra MAC registers in the future. Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 20f3e86362758b5085aa17baa7bc109c858acf67 Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:39 2015 +0200 e1000: Cosmetic and alignment fixes This fixes some alignment and cosmetic issues. The changes are made in order that the following patches in this series will look like integral parts of the code surrounding them, while conforming to the coding style. Although some changes in unrelated areas are also made. Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit ecc804cac31cec6cb90feaa459503afda8b38d09 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Sat Aug 29 09:12:35 2015 +0200 slirp: Fix type casts and format strings in debug code Casting pointers to long won't work on 64 bit Windows. It is not needed with the right format strings. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 0a9516c2d6711cb6760a726952bdbbe931fd045c Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu Nov 12 14:44:23 2015 +1100 monitor/target-ppc: Define target_get_monitor_def At the moment get_monitor_def() returns only registers from statically defined monitor_defs array. However there is a lot of BOOK3S SPRs which are not in the list and cannot be printed from the monitor. This adds a new target platform hook - target_get_monitor_def(). The hook is called if a register was not found in the static array returned by the target_monitor_defs() hook. The hook is only defined for POWERPC, it returns registered SPRs and fails on unregistered ones providing the user with information on what is actually supported on the running CPU. The register value is saved as uint64_t as it is the biggest supported register size; target_ulong cannot be used because of the stub - it is in a "common" code and cannot include "cpu.h", etc; this is also why the hook prototype is redefined in the stub instead of being included from some header. This replaces static descriptors for GPRs, FPRs, SRs with a helper which looks for a value in a corresponding array in the CPUPPCState. The immediate effect is that all 32 SRs can be printed now (instead of 16); later this can be reused for VSX or TM registers. This replaces callbacks for MSR and XER with static descriptors in monitor_defs as they are stored in CPUPPCState. While we are here, this adds "cr" as a synonym of "ccr". Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit cffc331a3156870d54883bc79e4278472ffd8f1d Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:51 2015 +0000 cuda.c: add delay to setting of SR_INT bit MacOS 9 is racy when it comes to accessing the shift register. Fix this by introducing a small delay between data accesses and raising the SR_INT interrupt bit. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit a53cfdcca2834ec7e61fd955c4f24ac233c4ec16 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:50 2015 +0000 cuda.c: fix T2 timer and enable its interrupt Fix the counter loading logic and enable the T2 interrupt when the timer expires. Otherwise MacOS 9 hangs on boot. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 0174adb611a22bcfeeb123851cf4874e6d922d06 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:49 2015 +0000 cuda.c: rename get_counter() state variable from s to ti for consistency Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit eda14abbb804f8ed2cb903c99ad1852848fa2e42 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:48 2015 +0000 cuda.c: refactor get_tb() so that the time can be passed in This is in preparation for sharing the code between timers. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit b5ac04103bc3b24042418df1a561096187165fd7 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:47 2015 +0000 cuda.c: add defines for CUDA registers Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit d271ae36dc1e292ae140f5bbf23e0fc1392dd325 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:46 2015 +0000 cuda.c: fix CUDA SR interrupt clearing Make sure that we also clear the data and clock interrupts at the same time. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit ce8d3b647b5acc2bec19602d9fac87d3da11ae77 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:45 2015 +0000 cuda.c: implement dummy IIC access commands These are used by MacOS 9 on boot. Here we return an error except for 4-byte commands which write to the IIC bus in a similar manner to MOL. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit f1f46f74a9de7298977a3ed668e71843fa904c38 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:44 2015 +0000 cuda.c: implement simple CUDA_GET_6805_ADDR command This simply returns an empty response with no error status as implemented by MOL to allow MacOS 9 boot to proceed further. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 4202e63c0432c72ba518dd882e99a794620d1665 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:43 2015 +0000 cuda.c: fix CUDA_PACKET response packet format According to comments in MOL, the response to a CUDA_PACKET should be one of the following: Reply: (CUDA_PACKET, status, cmd) Error: (ERROR_PACKET, status, CUDA_PACKET, cmd) Update cuda_receive_packet() accordingly to reflect this in order to make MacOS 9 happy. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 6729aa40135bc96d69b5bf5e65a7d463ef7793e7 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:42 2015 +0000 cuda.c: fix CUDA ADB error packet format According to MOL, ADB error packets should be of the form (type, status, cmd) rather than just (type, status). This fixes ADB device detection under MacOS 9. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 72f1f97d4927f798167855fda7881b0e22756b20 Author: Alexander Graf <agraf@xxxxxxx> Date: Wed Nov 11 22:49:41 2015 +0000 PPC: mac99: Always add USB controller The mac99 machines always have a USB controller. Usually not having one around doesn't hurt quite as much, but Mac OS 9 really really wants one or it crashes on bootup. So always add OHCI to make it happy. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 488661ee9dd300110a6612d52fe68e2bb3539a5f Author: Alexander Graf <agraf@xxxxxxx> Date: Wed Nov 11 22:49:40 2015 +0000 PPC: Fix lswx bounds checks The lswx instruction checks whether the desired string actually fits into all defined registers. Unfortunately it does the calculation wrong, resulting in illegal instruction traps for loads that really should fit. Fix it up, making Mac OS happier. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 4248b336d3c1b74e343842c5b478b165d75f5ce8 Author: Alexander Graf <agraf@xxxxxxx> Date: Wed Nov 11 22:49:39 2015 +0000 PPC: Allow Rc bit to be set on mtspr According to the ISA setting the Rc bit on mtspr is undefined behavior. Real 750 hardware simply ignores the bit and doesn't touch cr0 though. Unfortunately, Mac OS 9 relies on this fact and executes a few mtspr instructions (to set XER for example) with Rc set. So let's handle the bit the same way hardware does and ignore it. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 7497b8dddcaee5b5f1851434607d0de044012ebe Merge: 31e49ac c833d1e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 11 23:20:07 2015 +0000 Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging # gpg: Signature made Wed 11 Nov 2015 17:59:33 GMT using RSA key ID C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@xxxxxxxxxx>" # gpg: aka "Jeffrey Cody <jeff@xxxxxxxxxxxxx>" # gpg: aka "Jeffrey Cody <codyprime@xxxxxxxxx>" * remotes/cody/tags/block-pull-request: gluster: allocate GlusterAIOCBs on the stack Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 31e49ac192f782d594bbd04070fe79e800b7813f Merge: 2869653 3c4c694 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 11 18:23:08 2015 +0000 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20151111' into staging Hopefully last big batch of s390x patches, including: - bugfixes for LE host and for pci translation - MAINTAINERS update - hugetlbfs enablement (kernel patches pending) - boot from El Torito iso images on virtio-blk (boot from scsi pending) - cleanup in the ipl device code There's also a helper function for resetting busless devices in the qdev core in there. # gpg: Signature made Wed 11 Nov 2015 17:49:58 GMT using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20151111: s390: deprecate the non-ccw machine in 2.5 s390x/ipl: switch error reporting to error_setg s390x/ipl: clean up qom definitions and turn into TYPE_DEVICE qdev: provide qdev_reset_all_fn() pc-bios/s390-ccw: rebuild image pc-bios/s390-ccw: El Torito 16-bit boot image size field workaround pc-bios/s390-ccw: El Torito s390x boot entry check pc-bios/s390-ccw: ISO-9660 El Torito boot implementation pc-bios/s390-ccw: Always adjust virtio sector count s390x/kvm: don't enable CMMA when hugetlbfs will be used s390x: switch to memory_region_allocate_system_memory MAINTAINERS: update virtio-ccw/s390 git tree MAINTAINERS: update s390 file patterns s390x/pci : fix up s390 pci iommu translation function s390x/css: sense data endianness Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 455b0fde8c38a0794743e2e7c1a40018b7bee9f6 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Nov 10 23:51:20 2015 -0700 error: More error_setg() usage A few uses of error_set(ERROR_CLASS_GENERIC_ERROR) were missed in c6bd8c706, or have snuck in since. Nuke them. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1447224690-9743-19-git-send-email-eblake@xxxxxxxxxx> Acked-by: Andreas Färber <afaerber@xxxxxxx> [Indentation tidied up, commit message tweaked] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 2869653f23c63c400d3791513b507e9feddbc751 Merge: 3c07587 4d07c72 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 11 16:43:19 2015 +0000 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches # gpg: Signature made Wed 11 Nov 2015 16:03:19 GMT using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: (41 commits) iotests: Check for quorum support in test 139 qcow2: Fix qcow2_get_cluster_offset() for zero clusters iotests: Add tests for the x-blockdev-del command block: Add 'x-blockdev-del' QMP command block: Add blk_get_refcnt() mirror: block all operations on the target image during the job qemu-iotests: fix -valgrind option for check qemu-iotests: fix cleanup of background processes qemu-io: Correct error messages qemu-io: Check for trailing chars qemu-io: fix cvtnum lval types block: test 'blockdev-snapshot' using a file BDS as the overlay block: Remove inner quotation marks in iotest 085 block: Disallow snapshots if the overlay doesn't support backing files throttle: Use bs->throttle_state instead of bs->io_limits_enabled throttle: Check for pending requests in throttle_group_unregister_bs() qemu-img: add check for zero-length job len qcow2: avoid misaligned 64bit bswap qemu-iotests: Test the reopening of overlay_bs in 'block-commit' commit: reopen overlay_bs before base ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3c4c694c7ce2d21c0cf17a27cc60c91b6725ce48 Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Fri Nov 6 13:07:25 2015 +0100 s390: deprecate the non-ccw machine in 2.5 The non-ccw machine for s390 (s390-virtio) is not very well maintained and caused several issues in the past: - aliases like virtio-blk did not work for s390 - virtio refactoring failed due to long standing bugs (e.g.see commit cb927b8a "s390-virtio: Accommodate guests using virtqueues too early") - some features like memory hotplug will cause trouble due to virtio storage being above guest memory - the boot loader bios no longer seems to work. the source code of that loader is also no longer maintained 2.4 changed the default to the ccw machine, let's deprecate the old machine for 2.5. Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Acked-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Message-Id: <1446811645-25565-1-git-send-email-borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 8f04e88e2cd792e348eb54983ce1a485d5db4f27 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Thu Oct 8 12:33:28 2015 +0200 s390x/ipl: switch error reporting to error_setg Now that we can report errors in the realize function, let's replace the fprintf's and hw_error's with error_setg. Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 04fccf106e22c4b861398cf2146f5a5b5f18d01e Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Thu Oct 8 12:32:13 2015 +0200 s390x/ipl: clean up qom definitions and turn into TYPE_DEVICE Let's move the qom definitions of the ipl device into ipl.h, replace "s390-ipl" by a proper type define, turn it into a TYPE_DEVICE and remove the unneeded class definition. Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit ff8de0757fc13407c81f002e936031ddc13057e4 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 21 08:32:07 2015 +0200 qdev: provide qdev_reset_all_fn() For TYPE_DEVICE, the dc->reset() function is not called on system resets yet. Until that is changed, we have to manually register a reset handler. Let's provide qdev_reset_all_fn(), that can directly be used - just like the reset handler that is already available for qbus. Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 81a93ee64d78a1933998ff1b95f06b6d67db46fd Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Nov 5 13:47:38 2015 +0100 pc-bios/s390-ccw: rebuild image Contains: pc-bios/s390-ccw: Always adjust virtio sector count pc-bios/s390-ccw: ISO-9660 El Torito boot implementation pc-bios/s390-ccw: El Torito s390x boot entry check pc-bios/s390-ccw: El Torito 16-bit boot image size field workaround Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 869648e87eeb998cc0ede230f3b7aabfdf0eb2dd Author: Maxim Samoylov <max7255@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 12 17:50:20 2015 +0200 pc-bios/s390-ccw: El Torito 16-bit boot image size field workaround Because of El Torito spec flaw boot image size needs to be verified. Boot catalog entry size field has 16-bit width, and specifies size in 512-byte units. Thus, boot image size cannot exceed 32M. We actually search for the file to get the file size. This is done by scanning the ISO directory tree for the ISO block number and reading the file size from the directory entry. Signed-off-by: Maxim Samoylov <max7255@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit ba21f0cca8165c5b284274edd12dc955cf4fb248 Author: Maxim Samoylov <max7255@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 12 17:50:20 2015 +0200 pc-bios/s390-ccw: El Torito s390x boot entry check Boot entry is considered compatible if boot image is Linux kernel with matching S390 Linux magic string. Empty boot images with sector_count == 0 are considered broken. Signed-off-by: Maxim Samoylov <max7255@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 866cac91e06219f473a2900eefef0d1cf242b136 Author: Maxim Samoylov <max7255@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 12 17:50:20 2015 +0200 pc-bios/s390-ccw: ISO-9660 El Torito boot implementation This patch enables boot from media formatted according to ISO-9660 and El Torito bootable CD specification. We try to boot from device as ISO-9660 media when SCSI IPL failed. The first boot catalog entry with bootable flag is used. ISO-9660 media with default 2048-bytes sector size only is supported. Signed-off-by: Maxim Samoylov <max7255@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 38150be860434de9d9c76cef71ff5c6b6112ee8f Author: Maxim Samoylov <max7255@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 12 17:50:20 2015 +0200 pc-bios/s390-ccw: Always adjust virtio sector count Let's always adjust the sector number to be read using the current virtio block size value. This prepares for the implementation of IPL from ISO-9660 media. Signed-off-by: Maxim Samoylov <max7255@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 4c292a009700755a1e6b234063ef3f2db235aaae Author: Dominik Dingel <dingel@xxxxxxxxxxxxxxxxxx> Date: Tue Aug 11 11:12:12 2015 +0200 s390x/kvm: don't enable CMMA when hugetlbfs will be used On hugetlbfs CMMA will not be useful as every ESSA instruction will trap. So don't offer CMMA to guests with a hugepages backing. Signed-off-by: Dominik Dingel <dingel@xxxxxxxxxxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit ae23a33591056d6349753766047ebc511158da9c Author: Dominik Dingel <dingel@xxxxxxxxxxxxxxxxxx> Date: Tue May 12 13:21:30 2015 +0200 s390x: switch to memory_region_allocate_system_memory By replacing memory_region_init_ram with memory_region_allocate_system_memory we gain goodies like mem-path backends. This will allow us to use hugetlbfs once the kernel supports it. Signed-off-by: Dominik Dingel <dingel@xxxxxxxxxxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 3e9ed24b84c4acdd077904a74eaec6d95cfef928 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Wed Nov 4 16:08:20 2015 +0100 MAINTAINERS: update virtio-ccw/s390 git tree Let's reference the git branch I actually use, and add Christian's git tree. Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit c5bfb202bb3bcdc1a368e85fef336e89d6254f8c Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Wed Nov 4 15:59:55 2015 +0100 MAINTAINERS: update s390 file patterns We were missing some files, and some files should get an additional entry to add the people actually looking after the code. Reported-by: Thomas Huth <thuth@xxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit dce1b089249f52c053cf74dc3da98aea16656961 Author: Yi Min Zhao <zyimin@xxxxxxxxxxxxxxxxxx> Date: Wed Oct 28 11:30:23 2015 +0800 s390x/pci : fix up s390 pci iommu translation function On s390x, each pci device has its own iommu, which is only properly setup in qemu once the mpcifc instruction used to register the translation table has been intercepted. Therefore, for a pci device that is not configured or has not been initialized, proper translation is neither required nor possible. Moreover, we may not have a host bridge device ready yet. This was exposed by a recent vfio change that triggers iommu translation during the initialization of the vfio pci device. Let's do an early exit in that case. Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Yi Min Zhao <zyimin@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit b498484ed49ab9d1fcada3468f95dda1a5f59366 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Wed Nov 4 18:40:54 2015 +0100 s390x/css: sense data endianness We keep the device's sense data in a byte array (following the architecture), but the ecws are an array of 32 bit values. If we just blindly copy the values, the sense data will change from de-facto BE data to de-facto cpu-endian data, which means we end up doing an incorrect conversion on LE hosts. Let's just explicitly convert to cpu-endianness while assembling the irb. Reported-by: Andy Lutomirski <luto@xxxxxxxxxx> Tested-by: Andy Lutomirski <luto@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 52074d0f662fc51293d4cde8077631f754784405 Author: Kirk Allan <kallan@xxxxxxxx> Date: Tue Nov 10 16:19:11 2015 -0700 qga: fix append file open modes for win32 For append file open modes, use FILE_APPEND_DATA for the desired access for writing at the end of the file. Version 2: For "a+", "ab+", and "a+b" modes use FILE_APPEND_DATA|GENERIC_READ. ORing in GENERIC_READ starts a read at the begining of the file. All writes will append to the end fo the file. Added white space to maintain the alignment of the guest_file_open_modes[]. Signed-off-by: Kirk Allan <kallan@xxxxxxxx> Cc: qemu-stable@xxxxxxxxxx * use FILE_GENERIC_APPEND macro, which provides same semantics as FILE_APPEND_DATA, but retains other flags from GENERIC_WRITE Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 4d07c720f44beafd10907cecfd5b8a57622243c1 Merge: a9ecfa0 92e6898 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Nov 11 17:02:02 2015 +0100 Merge remote-tracking branch 'mreitz/tags/pull-block-for-kevin-2015-11-11' into queue-block Block patches from 2015-10-26 until 2015-11-11. # gpg: Signature made Wed Nov 11 17:00:50 2015 CET using RSA key ID E838ACAD # gpg: Good signature from "Max Reitz <mreitz@xxxxxxxxxx>" * mreitz/tags/pull-block-for-kevin-2015-11-11: iotests: Check for quorum support in test 139 qcow2: Fix qcow2_get_cluster_offset() for zero clusters iotests: Add tests for the x-blockdev-del command block: Add 'x-blockdev-del' QMP command block: Add blk_get_refcnt() mirror: block all operations on the target image during the job qemu-iotests: fix -valgrind option for check qemu-iotests: fix cleanup of background processes Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 92e68987745b0f89f04d29fe1d0c821010d58ea6 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Nov 10 18:28:11 2015 +0200 iotests: Check for quorum support in test 139 The quorum driver is always built in, but it is disabled during run-time if there's no SHA256 support available (see commit e94867e). This patch skips the quorum test in iotest 139 in that case. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1447172891-20410-1-git-send-email-berto@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit a99dfb45f26bface6830ee5465e57bcdbc53c6c8 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Nov 4 18:16:24 2015 +0100 qcow2: Fix qcow2_get_cluster_offset() for zero clusters When searching for contiguous zero clusters, we only need to check the cluster type. Before this patch, an increasing offset (L2E_OFFSET_MASK) was expected, so that the function never returned more than a single zero cluster in practice. This patch fixes it to actually return as many contiguous zero clusters as it can. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1446657384-5907-1-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 342075fd0ec9dce87139d71a81e1dbbe5ab5d021 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Nov 2 16:51:56 2015 +0200 iotests: Add tests for the x-blockdev-del command Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 57c3b0d4d0c73ddadd19e5bded9492c359cc4568.1446475331.git.berto@xxxxxxxxxx Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 81b936ae70e635557af9ca80922ee69146cb5f4c Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Nov 2 16:51:55 2015 +0200 block: Add 'x-blockdev-del' QMP command This command is still experimental, hence the name. This is the companion to 'blockdev-add'. It allows deleting a BlockBackend with its associated BlockDriverState tree, or a BlockDriverState that is not attached to any backend. In either case, the command fails if the reference count is greater than 1 or the BlockDriverState has any parents. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: 6cfc148c77aca1da942b094d811bfa3fcf7ac7bb.1446475331.git.berto@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit f636ae85f3db8ffb987c79715869dba1b8217e8a Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Nov 2 16:51:54 2015 +0200 block: Add blk_get_refcnt() This function returns the reference count of a given BlockBackend. For convenience, it returns 0 if the BlockBackend pointer is NULL. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: dfdd8a17dbe3288842840636d2cfe5bb895abcb0.1446475331.git.berto@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 10f3cd15dd9913f8d959fbd061e6e00c45432093 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Nov 2 16:51:53 2015 +0200 mirror: block all operations on the target image during the job There's nothing preventing the target image from being used by other operations during the 'drive-mirror' job, so we should block them all until the job is done. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: 82b88fd04cde918a08a6f9a4ab85626d7fd7b502.1446475331.git.berto@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit e6c17669eb0868013d9a17050d8eb2d598f06067 Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Fri Oct 30 15:25:18 2015 -0400 qemu-iotests: fix -valgrind option for check Commit 934659c switched the iotests to run qemu-io from a bash subshell, in order to catch segfaults. This method is incompatible with the current valgrind_qemu_io() bash function. Move the valgrind usage into the exec subshell in _qemu_io_wrapper(), while making sure the original return value is passed back to the caller. Update test output for tests 039, 061, and 137 as it looks for the specific subshell command when the process is terminated. Reported-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> Message-id: 0066fd85d26ca641a1c25135ff2479b7985701cf.1446232490.git.jcody@xxxxxxxxxx Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit f6c8c2e055f88e8ed74ac0c185fc9fbca1e1b775 Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Fri Oct 30 15:25:17 2015 -0400 qemu-iotests: fix cleanup of background processes Commit 934659c switched the iotests to run qemu and qemu-nbd from a bash subshell, in order to catch segfaults. Unfortunately, this means the process PID cannot be captured via '$!'. We stopped killing qemu and qemu-nbd processes, leaving a lot of orphaned, running qemu processes after executing iotests. Since the process is using exec in the subshell, the PID is the same as the subshell PID. Track these PIDs for cleanup using pidfiles in the $TEST_DIR. Only track the qemu PID, however, if requested - not all usage requires killing the process. Reported-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> Message-id: 9e4f958b3895b7259b98d845bb46f000ba362869.1446232490.git.jcody@xxxxxxxxxx [mreitz@xxxxxxxxxx: Replaced '! -z "..."' by '-n "..."'] Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit c833d1e8f5e95762336a823a35ade65a2d0fe587 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Oct 1 13:04:38 2015 +0200 gluster: allocate GlusterAIOCBs on the stack This is simpler now that the driver has been converted to coroutines. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a9ecfa004f2dd83df612daac4a87dfc3a0feba28 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:53:04 2015 -0500 qemu-io: Correct error messages Reported-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ef5a788527b2038d742b057a415ab4d0e735e98f Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:53:03 2015 -0500 qemu-io: Check for trailing chars Make sure there's not trailing garbage, e.g. "64k-whatever-i-want-here" Reported-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9b0beaf3de1396a23d5c287283e6f36c4b5d4385 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:53:02 2015 -0500 qemu-io: fix cvtnum lval types cvtnum() returns int64_t: we should not be storing this result inside of an int. In a few cases, we need an extra sprinkling of error handling where we expect to pass this number on towards a function that expects something smaller than int64_t. Reported-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 3fa123d05964b07f9d4d972f131cce847091926d Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Nov 3 12:32:37 2015 +0200 block: test 'blockdev-snapshot' using a file BDS as the overlay This test checks that it is not possible to create a snapshot if the requested overlay node is a BDS which does not support backing images. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit f2d7f16f948b2ecfbb039c6bd62d6c7e2d61fac4 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Nov 3 12:32:36 2015 +0200 block: Remove inner quotation marks in iotest 085 This patch removes the inner quotation marks in all cases like this: cmd=" ... "${variable}" ... " Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 08b24cfe3765f4b739700778814048e7d9a045fe Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Nov 3 12:32:35 2015 +0200 block: Disallow snapshots if the overlay doesn't support backing files This addresses scenarios like this one: { 'execute': 'blockdev-add', 'arguments': { 'options': { 'driver': 'qcow2', 'node-name': 'new0', 'file': { 'driver': 'file', 'filename': 'new.qcow2', 'node-name': 'file0' } } } } { 'execute': 'blockdev-snapshot', 'arguments': { 'node': 'virtio0', 'overlay': 'file0' } } Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a0d64a61db602696f4f1895a890c65eda5b3b618 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Nov 4 15:15:36 2015 +0200 throttle: Use bs->throttle_state instead of bs->io_limits_enabled There are two ways to check for I/O limits in a BlockDriverState: - bs->throttle_state: if this pointer is not NULL, it means that this BDS is member of a throttling group, its ThrottleTimers structure has been initialized and its I/O limits are ready to be applied. - bs->io_limits_enabled: if true it means that the throttle_state pointer is valid _and_ the limits are currently enabled. The latter is used in several places to check whether a BDS has I/O limits configured, but what it really checks is whether requests are being throttled or not. For example, io_limits_enabled can be temporarily set to false in cases like bdrv_read_unthrottled() without otherwise touching the throtting configuration of that BDS. This patch replaces bs->io_limits_enabled with bs->throttle_state in all cases where what we really want to check is the existence of I/O limits, not whether they are currently enabled or not. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5ac724184c286b367525035eabf4b8bb4a386c54 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Nov 4 15:15:35 2015 +0200 throttle: Check for pending requests in throttle_group_unregister_bs() throttle_group_unregister_bs() removes a BlockDriverState from its throttling group and destroys the timers. This means that there must be no pending throttled requests at that point (because it would be impossible to complete them), so the caller has to drain them first. At the moment throttle_group_unregister_bs() is only called from bdrv_io_limits_disable(), which already takes care of draining the requests, so there's nothing to worry about, but this patch makes this invariant explicit in the documentation and adds the relevant assertions. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 62547b8a1c04daf30f50e3db362ade53e22bf222 Author: John Snow <jsnow@xxxxxxxxxx> Date: Mon Nov 2 18:28:20 2015 -0500 qemu-img: add check for zero-length job len The mirror job doesn't update its total length until it has already started running, so we should translate a zero-length job-len as meaning 0%. Otherwise, we may get divide-by-zero faults. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 95334230637cef9fbd199bb79a56271ec73d4732 Author: John Snow <jsnow@xxxxxxxxxx> Date: Mon Nov 2 18:32:06 2015 -0500 qcow2: avoid misaligned 64bit bswap If we create a buffer directly on the stack by using 12 bytes, there's no guarantee the 64bit value we want to swap will be aligned, which could cause errors with undefined behavior. Spotted with clang -fsanitize=undefined and observed in iotests 15, 26, 44, 115 and 121. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit bcdce5a73cb28f32b3ca3a51e8fa89879685e015 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 15:43:50 2015 +0200 qemu-iotests: Test the reopening of overlay_bs in 'block-commit' The 'block-commit' command needs the overlay image of 'top' to be opened in read-write mode in order to update the backing file string. If 'top' is not the active layer or its backing file then its overlay needs to be reopened during the block job. This is a test case for that scenario. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 3db2bd5508c86a1605258bc77c9672d93b5c350e Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 15:43:49 2015 +0200 commit: reopen overlay_bs before base 'block-commit' needs write access to two different nodes of the chain: - 'base', because that's where the data is written to. - the overlay of 'top', because it needs to update the backing file string to point to 'base' after the operation. Both images have to be opened in read-write mode, and commit_start() takes care of reopening them if necessary. With the current implementation, however, when overlay_bs is reopened in read-write mode it has the side effect of making 'base' read-only again, eventually making 'block-commit' fail. This needs to be fixed in bdrv_reopen(), but until we get to that it can be worked around simply by swapping the order of base and overlay_bs in the reopen queue. In order to reproduce this bug, overlay_bs needs to be initially in read-only mode. That is: the 'top' parameter of 'block-commit' cannot be the active layer nor its immediate backing chain. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 89e3a2d86d31212d09ca688193ccecb92c0c77b5 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Oct 26 14:27:17 2015 +0200 block: add tests for the 'blockdev-snapshot' command Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 43de7e2de07093e47c7f25386aff280875dc3c62 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Oct 26 14:27:16 2015 +0200 block: add a 'blockdev-snapshot' QMP command One of the limitations of the 'blockdev-snapshot-sync' command is that it does not allow passing BlockdevOptions to the newly created snapshots, so they are always opened using the default values. Extending the command to allow passing options is not a practical solution because there is overlap between those options and some of the existing parameters of the command. This patch introduces a new 'blockdev-snapshot' command with a simpler interface: it just takes two references to existing block devices that will be used as the source and target for the snapshot. Since the main difference between the two commands is that one of them creates and opens the target image, while the other uses an already opened one, the bulk of the implementation is shared. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 3e8c2e57056614933fc5eb022e1d6d0f28071b44 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Oct 26 14:27:15 2015 +0200 block: support passing 'backing': '' to 'blockdev-add' Passing an empty string allows opening an image but not its backing file. This was already described in the API documentation, only the implementation was missing. This is useful for creating snapshots using images opened with blockdev-add, since they are not supposed to have a backing image before the operation. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a911e6ae7ce47d51b519d462c1d99d53b37b0f8c Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Oct 26 14:27:14 2015 +0200 block: rename BlockdevSnapshot to BlockdevSnapshotSync We will introduce the 'blockdev-snapshot' command that will require its own struct for the parameters, so we need to rename this one in order to avoid name clashes. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a39a24fbb05055d00026eb569ff3f7b868ca8785 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Oct 26 14:27:13 2015 +0200 block: check for existing device IDs in external_snapshot_prepare() The 'snapshot-node-name' parameter of blockdev-snapshot-sync allows setting the node name of the image that is going to be created. Before creating the image, external_snapshot_prepare() checks that the name is not already being used. The check is however incomplete since it only considers existing node names, but node names must not clash with device IDs either because they share the same namespace. If the user attempts to create a snapshot using the name of an existing device for the 'snapshot-node-name' parameter the operation will eventually fail, but only after the new image has been created. This patch replaces bdrv_find_node() with bdrv_lookup_bs() to extend the check to existing device IDs, and thus detect possible name clashes before the new image is created. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit adfe20303f2a897ce64b77fe579a0c7dc1e81771 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:19 2015 +0100 iotests: Add test for change-related QMP commands Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit baead0abefa8e95b18e53281ac182c96b24ba0cb Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:18 2015 +0100 hmp: Add read-only-mode option to change command Expose the new read-only-mode option of 'blockdev-change-medium' for the 'change' HMP command. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 39ff43d9e1f42b1d829a955e546cddab87ac0626 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Nov 11 04:49:44 2015 +0100 blockdev: read-only-mode for blockdev-change-medium Add an option to qmp_blockdev_change_medium() which allows changing the read-only status of the block device whose medium is changed. Some drives do not have a inherently fixed read-only status; for instance, floppy disks can be set read-only or writable independently of the drive. Some users may find it useful to be able to therefore change the read-only status of a block device when changing the medium. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 1068674927a08cb9f535946abe2f91529b13160c Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:16 2015 +0100 hmp: Use blockdev-change-medium for change command Use separate code paths for the two overloaded functions of the 'change' HMP command, and invoke the 'blockdev-change-medium' QMP command if used on a block device (by calling qmp_blockdev_change_medium()). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 24fb4133001e1f54a526f0927837f30c1507169a Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Fri Nov 6 16:27:06 2015 +0100 qmp: Introduce blockdev-change-medium Introduce a new QMP command 'blockdev-change-medium' which is intended to replace the 'change' command for block devices. The existing function qmp_change_blockdev() is accordingly renamed to qmp_blockdev_change_medium(). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit f1f57066573e832438cd87600310589fa9cee202 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:14 2015 +0100 block: Inquire tray state before tray-moved events blk_dev_change_media_cb() is called for all potential tray movements; however, it is possible to request closing the tray but nothing actually happening (on a floppy disk drive without a medium). Thus, the actual tray status should be inquired before sending a tray-moved event (and an event should be sent whenever the status changed). Checking @load is now superfluous; it was necessary because it was possible to change a medium without having explicitly opened the tray and closed it again (or it might have been possible, at least). This is no longer possible, though. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit de2c6c0536c5c5ebb6e0ce7dcfd8fa9476edab52 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:13 2015 +0100 blockdev: Implement change with basic operations Implement 'change' on block devices by calling blockdev-open-tray, blockdev-remove-medium, blockdev-insert-medium (a variation of that which does not need a node-name) and blockdev-close-tray. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 38f54bd1ee0ed0f13b7326eb79403e320c3a28d3 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:12 2015 +0100 blockdev: Implement eject with basic operations Implement 'eject' by calling blockdev-open-tray and blockdev-remove-medium. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d129988289a885e57aa8790097e2d814764571bd Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:11 2015 +0100 blockdev: Add blockdev-insert-medium And a helper function for that, which directly takes a pointer to the BDS to be inserted instead of its node-name (which will be used for implementing 'change' using blockdev-insert-medium). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 2814f67271bce537f29c6a7832f89fd4f1cdaa1a Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:10 2015 +0100 blockdev: Add blockdev-remove-medium Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit abaaf59d245b6984644497b6745f88912c715c39 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:09 2015 +0100 blockdev: Add blockdev-close-tray Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7d8a9f71b9ec9fa295265392218efaf0771d96e0 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:08 2015 +0100 blockdev: Add blockdev-open-tray Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 38cb18f5b71428fb8a3e3759ac8fa21ac70cb1b5 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:07 2015 +0100 block: Add functions for inheriting a BBRS In order to open a BDS which inherits a BB's root state, blk_get_open_flags_from_root_state() is used to inquire the flags to be passed to bdrv_open(), and blk_apply_root_state() is used to apply the remaining state after the BDS has been opened. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit c69a4dd89989b483b06d765b13e41594c78d32b9 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:06 2015 +0100 block: Make bdrv_states public When inserting a BDS tree into a BB, we will need to add the root BDS to this list. Since we will want to do that in the blockdev-insert-medium implementation in blockdev.c, we will need access to it there. This patch is not exactly elegant, but bdrv_states will be removed in the future anyway because we no longer need it since we have BBs. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 1c95f7e1aff8417ff6e6cc23bc2d04fbcf79d37e Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:05 2015 +0100 block: Add blk_remove_bs() This function removes the BlockDriverState associated with the given BlockBackend from that BB and sets the BDS pointer in the BB to NULL. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9f4ed6fbd264a7c097590d830dcfd93996a80acb Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Oct 26 16:46:49 2015 +0200 block: Don't call blk_bs() twice in bdrv_lookup_bs() Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 3c07587d49458341510360557c849e93e9afaf59 Merge: d93ae5b b41d320 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 11 09:34:18 2015 +0000 Merge remote-tracking branch 'remotes/dgibson/tags/ppc-next-20151111' into staging ppc patch queue - 2015-11-11 Highlights: - Updated SLOF version for "pseries machine - Bugfix / cleanup for KVM hash page table allocation # gpg: Signature made Wed 11 Nov 2015 02:30:51 GMT using RSA key ID 20D9B392 # gpg: Good signature from "David Gibson <david@xxxxxxxxxxxxxxxxxxxxx>" # gpg: aka "David Gibson (Red Hat) <dgibson@xxxxxxxxxx>" # gpg: aka "David Gibson (ozlabs.org) <dgibson@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392 * remotes/dgibson/tags/ppc-next-20151111: spapr: Handle failure of KVM_PPC_ALLOCATE_HTAB ioctl ppc: Let kvmppc_reset_htab() return 0 for !CONFIG_KVM pseries: Update SLOF firmware image to qemu-slof-20151103 ppc: Add/Re-introduce MMU model definitions needed by PR KVM Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b41d320fef705289d2b73f4949731eb2e189161d Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Tue Nov 10 10:54:54 2015 +0530 spapr: Handle failure of KVM_PPC_ALLOCATE_HTAB ioctl KVM_PPC_ALLOCATE_HTAB ioctl can return -ENOMEM for KVM guests and QEMU never handled this correctly. But this didn't cause any problems till now as KVM_PPC_ALLOCATE_HTAB ioctl returned with smaller than requested HTAB when enough contiguous memory wasn't available in the host. After the proposed kernel change: https://patchwork.ozlabs.org/patch/530501/, KVM_PPC_ALLOCATE_HTAB ioctl will not fallback to lower sized HTAB allocation and will fail if requested HTAB size can't be met. Check for such failures in QEMU and abort appropriately. This will prevent guest kernel from hanging/freezing during early boot by doing graceful exit when host is unable to allocate requested HTAB. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit a3166f8f6e9d3928d0b863c7f0dac1cf24b6c004 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Tue Nov 10 10:54:53 2015 +0530 ppc: Let kvmppc_reset_htab() return 0 for !CONFIG_KVM The !CONFIG_KVM implementation of kvmppc_reset_htab() returns -1 by default. Change this to return 0 so that we fall back to user space HTAB allocation for emulated guests. This fixes the make check failures for ppc64 emulated target. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 121048195860f0320a7e1cd5a4b86356082eb9c7 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Tue Nov 3 13:20:34 2015 +1100 pseries: Update SLOF firmware image to qemu-slof-20151103 The changes are: 1. supports recent binutils; 2. 64bit BARs behind PCI bridges supported; 3. Many fixes for USB keyboard support - keys, XHCI; 4. virtio-vga support. This image was built with: gcc version 4.8.3 20140911 (Red Hat 4.8.3-7) (GCC) GNU ld version 2.23.2 The full changelog is: > version: update to 20151103 > documentation: Add a clause about signing off > qemu/js2x/client: Support binutils >= 2.25.1 > Fix special keys on USB > Fix function keys on USB > pci-scan: program 64-bit mem bar range in pci-bridge bar > Allow to build SLOF on Little Endian host > usb-xhci: add keyboard support > usb-xhci: ready the link trb early > usb-xhci: scan usb high speed ports > usb-xhci: bulk improve event handling loop > usb-xhci: return on allocation failure > usb-xhci: add delay in shutdown path > usb-xhci: event trbs does not need link trb > usb-hid: refactor usb key reading > takeover: Fix header includes > board-js2x: Add missing file dma-function.fs > vga: Add support for virtio-vga > qemu-vga: Use MMIO BAR instead of legacy IO ports > slof: Change call_c() function to a proper assembler function Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit ba3ecda05e933acf6fff618716b6f6d2ed6a5a07 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Fri Nov 6 13:12:59 2015 +0530 ppc: Add/Re-introduce MMU model definitions needed by PR KVM Commit aa4bb5875231 (ppc: Add mmu_model defines for arch 2.03 and 2.07) removed the mmu_model definition POWERPC_MMU_2_06a which is needed by PR KVM. Reintroduce it and also add POWERPC_MMU_2_07a. This fixes QEMU crash (qemu: fatal: Unknown MMU model) during booting of PR KVM guest. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Cc: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit d93ae5b69621b7ec6ecfa405ec656d5b5f5e4770 Merge: a77067f bdd81ad Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 10 22:21:42 2015 +0000 Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20151110.0' into staging VFIO updates 2015-11-10 - Make Windows happy with vfio-pci devices exposed on conventional PCI buses on q35 by hiding PCIe capability (Alex Williamson) - Convert to g_new() where appropriate (Markus Armbruster) # gpg: Signature made Tue 10 Nov 2015 19:46:41 GMT using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex@xxxxxxxxxxx>" # gpg: aka "Alex Williamson <alwillia@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex.l.williamson@xxxxxxxxx>" * remotes/awilliam/tags/vfio-update-20151110.0: vfio: Use g_new() & friends where that makes obvious sense vfio/pci: Hide device PCIe capability on non-express buses for PCIe VMs Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bdd81addf4033ce26e6cd180b060f63095f3ded9 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Nov 10 12:11:08 2015 -0700 vfio: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 0282abf078c3353a178ab77a115828ce333181dd Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Tue Nov 10 12:11:08 2015 -0700 vfio/pci: Hide device PCIe capability on non-express buses for PCIe VMs When we have a PCIe VM, such as Q35, guests start to care more about valid configurations of devices relative to the VM view of the PCI topology. Windows will error with a Code 10 for an assigned device if a PCIe capability is found for a device on a conventional bus. We also have the possibility of IOMMUs, like VT-d, where the where the guest may be acutely aware of valid express capabilities on physical hardware. Some devices, like tg3 are adversely affected by this due to driver dependencies on the PCIe capability. The only solution for such devices is to attach them to an express capable bus in the VM. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit a77067f6ac9b17beefea506ce5f514072fe3fcf4 Merge: a1a8858 15b3b8e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 10 17:49:39 2015 +0000 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20151110' into staging migration/next for 20151110 # gpg: Signature made Tue 10 Nov 2015 14:23:26 GMT using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20151110: (57 commits) migration: qemu_savevm_state_cleanup becomes mandatory operation Inhibit ballooning during postcopy Disable mlock around incoming postcopy End of migration for postcopy Postcopy: Mark nohugepage before discard postcopy: Wire up loadvm_postcopy_handle_ commands Start up a postcopy/listener thread ready for incoming page data Postcopy; Handle userfault requests Round up RAMBlock sizes to host page sizes Host page!=target page: Cleanup bitmaps Don't iterate on precopy-only devices during postcopy Don't sync dirty bitmaps in postcopy postcopy: Check order of received target pages Postcopy: Use helpers to map pages during migration postcopy_ram.c: place_page and helpers Page request: Consume pages off the post-copy queue Page request: Process incoming page request Page request: Add MIG_RP_MSG_REQ_PAGES reverse command Postcopy: End of iteration Postcopy: Postcopy startup in migration thread ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 15b3b8eaae8dbcc903bb164311ea0066c77536a7 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Mon Nov 9 10:24:04 2015 +0300 migration: qemu_savevm_state_cleanup becomes mandatory operation since commit commit 94f5a43704129ca4995aa3385303c5ae225bde42 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Nov 2 15:37:00 2015 +0800 migration: defer migration_end & blk_mig_cleanup when actual .cleanup callbacks calling was removed from complete operations. The patch fixes regression introduced by the commit above results in 100% reliable assert for virtio-scsi VM with iothreads enabled during 'virsh create-snapshot' operation: assert(i != mr->ioeventfd_nb); memory_region_del_eventfd virtio_pci_set_host_notifier_internal virtio_pci_set_host_notifier virtio_scsi_dataplane_start virtio_scsi_handle_cmd virtio_queue_notify_vq virtio_queue_host_notifier_read aio_dispatch Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Liang Li <liang.z.li@xxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Juan Quintela <quintela@xxxxxxxxxx> CC: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 371ff5a3f04cd7d05bab49ac6e80da319026d95b Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:23 2015 +0000 Inhibit ballooning during postcopy Postcopy detects accesses to pages that haven't been transferred yet using userfaultfd, and it causes exceptions on pages that are 'not present'. Ballooning also causes pages to be marked as 'not present' when the guest inflates the balloon. Potentially a balloon could be inflated to discard pages that are currently inflight during postcopy and that may be arriving at about the same time. To avoid this confusion, disable ballooning during postcopy. When disabled we drop balloon requests from the guest. Since ballooning is generally initiated by the host, the management system should avoid initiating any balloon instructions to the guest during migration, although it's not possible to know how long it would take a guest to process a request made prior to the start of migration. Guest initiated ballooning will not know if it's really freed a page of host memory or not. Queueing the requests until after migration would be nice, but is non-trivial, since the set of inflate/deflate requests have to be compared with the state of the page to know what the final outcome is allowed to be. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 58b7c17e226aa4d3b943ea22c1d1309126de146b Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:22 2015 +0000 Disable mlock around incoming postcopy Userfault doesn't work with mlock; mlock is designed to nail down pages so they don't move, userfault is designed to tell you when they're not there. munlock the pages we userfault protect before postcopy. mlock everything again at the end if mlock is enabled. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit e9bef235d91bff87517770c93d74eb98e5a33278 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:21 2015 +0000 End of migration for postcopy Tweak the end of migration cleanup; we don't want to close stuff down at the end of the main stream, since the postcopy is still sending pages on the other thread. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit f9527107570853b6a4a0903e4b0733747d02e74a Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:20 2015 +0000 Postcopy: Mark nohugepage before discard Prior to servicing userfault requests we must ensure we've not got huge pages in the area that might include non-transferred memory, since a hugepage could incorrectly mark the whole huge page as present. We mark the area as non-huge page (nhp) just before we perform discards; the discard code now tells us to discard any areas that haven't been sent (as well as any that are redirtied); any already formed transparent-huge-pages get fragmented by this discard process if they cotnain any discards. Transparent huge pages that have been entirely transferred and don't contain any discards are not broken by this mechanism; they stay as huge pages. By starting postcopy after a full precopy pass, many of the pages then stay as huge pages; this is important for maintaining performance after the end of the migration. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 27c6825bd3749758fb9fcad44f3759f593be8506 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:19 2015 +0000 postcopy: Wire up loadvm_postcopy_handle_ commands Wire up more of the handlers for the commands on the destination side, in particular loadvm_postcopy_handle_run now has enough to start the guest running. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit c76201ab52b1dd53823cd81449d17b72224f1623 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:18 2015 +0000 Start up a postcopy/listener thread ready for incoming page data The loading of a device state (during postcopy) may access guest memory that's still on the source machine and thus might need a page fill; split off a separate thread that handles the incoming page data so that the original incoming migration code can finish off the device data. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit c4faeed2313e2bf9aa3694544bd211c15e28c164 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:17 2015 +0000 Postcopy; Handle userfault requests userfaultfd is a Linux syscall that gives an fd that receives a stream of notifications of accesses to pages registered with it and allows the program to acknowledge those stalls and tell the accessing thread to carry on. We convert the requests from the kernel into messages back to the source asking for the pages. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 4ed023ce2a39ab5812d33cf4d819def168965a7f Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:16 2015 +0000 Round up RAMBlock sizes to host page sizes RAMBlocks that are not a multiple of host pages in length cause problems for postcopy (I've seen an ACPI table on aarch64 be 5k in length - i.e. 5x target-page), so round RAMBlock sizes up to a host-page. This potentially breaks migration compatibility due to changes in RAMBlock sizes; however: 1) x86 and s390 I think always have host=target page size 2) When I've tried on Power the block sizes already seem aligned. 3) I don't think there's anything else that maintains per-version machine-types for compatibility. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 99e314ebca8c7b3450e4beaa95117c63d8f2f393 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:15 2015 +0000 Host page!=target page: Cleanup bitmaps Prior to the start of postcopy, ensure that everything that will be transferred later is a whole host-page in size. This is accomplished by discarding partially transferred host pages and marking any that are partially dirty as fully dirty. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 35ecd943e7ea8a29b6cc6872ad8ba620e91b4407 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:14 2015 +0000 Don't iterate on precopy-only devices during postcopy During the postcopy phase we must not call the iterate method on precopy-only devices, since they may have done some cleanup during the _complete call at the end of the precopy phase. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 663e6c1df8721960c0a3bb6cd5dd047b610c3bad Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:13 2015 +0000 Don't sync dirty bitmaps in postcopy Once we're in postcopy the source processors are stopped and memory shouldn't change any more, so there's no need to look at the dirty map. There are two notes to this: 1) If we do resync and a page had changed then the page would get sent again, which the destination wouldn't allow (since it might have also modified the page) 2) Before disabling this I'd seen very rare cases where a page had been marked dirtied although the memory contents are apparently identical Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit c53b7ddc61198c4af8290d6310592e48e3507c47 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:12 2015 +0000 postcopy: Check order of received target pages Ensure that target pages received within a host page are in order. This shouldn't trigger, but in the cases where the sender goes wrong and sends stuff out of order it produces a corruption that's really nasty to debug. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a71808772acbea54df8ebf3680f01884f7383198 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:11 2015 +0000 Postcopy: Use helpers to map pages during migration In postcopy, the destination guest is running at the same time as it's receiving pages; as we receive new pages we must put them into the guests address space atomically to avoid a running CPU accessing a partially written page. Use the helpers in postcopy-ram.c to map these pages. qemu_get_buffer_in_place is used to avoid a copy out of qemu_file in the case that postcopy is going to do a copy anyway. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 696ed9a9b3fee2d033d7b049ba2e6568860a25d1 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:10 2015 +0000 postcopy_ram.c: place_page and helpers postcopy_place_page (etc) provide a way for postcopy to place a page into guests memory atomically (using the copy ioctl on the ufd). Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a82d593b61054b3dea431ef829977000d772a252 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:09 2015 +0000 Page request: Consume pages off the post-copy queue When transmitting RAM pages, consume pages that have been queued by MIG_RPCOMM_REQPAGE commands and send them ahead of normal page scanning. Note: a) After a queued page the linear walk carries on from after the unqueued page; there is a reasonable chance that the destination was about to ask for other closeby pages anyway. b) We have to be careful of any assumptions that the page walking code makes, in particular it does some short cuts on its first linear walk that break as soon as we do a queued page. c) We have to be careful to not break up host-page size chunks, since this makes it harder to place the pages on the destination. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 6c595cdee116dc46b0d4d7d632a426681ae66ad9 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:08 2015 +0000 Page request: Process incoming page request On receiving MIG_RPCOMM_REQ_PAGES look up the address and queue the page. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 1e2d90ebc54531c416a6765849308c8476d98f2d Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:07 2015 +0000 Page request: Add MIG_RP_MSG_REQ_PAGES reverse command Add MIG_RP_MSG_REQ_PAGES command on Return path for the postcopy destination to request a page from the source. Two versions exist: MIG_RP_MSG_REQ_PAGES_ID that includes a RAMBlock name and start/len MIG_RP_MSG_REQ_PAGES that just has start/len for use with the same RAMBlock as a previous MIG_RP_MSG_REQ_PAGES_ID Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit b10ac0c42cef8829cd1461ce20f1869231b5f41f Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:06 2015 +0000 Postcopy: End of iteration The end of migration in postcopy is a bit different since some of the things normally done at the end of migration have already been done on the transition to postcopy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 1d34e4bf6a34f12b9ca387301b863b59f14d38ed Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:05 2015 +0000 Postcopy: Postcopy startup in migration thread Rework the migration thread to setup and start postcopy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit f0a227ade4b0331c9e12fc01f8b74e2531fd496d Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:04 2015 +0000 postcopy: ram_enable_notify to switch on userfault Mark the area of RAM as 'userfault' Start up a fault-thread to handle any userfaults we might receive from it (to be filled in later) Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 1caddf8a819d83027d897997c0af10c426f88633 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:03 2015 +0000 postcopy: Incoming initialisation Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit e0b266f01dd21748c12f35e18e6f300035f2f336 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:02 2015 +0000 migration_completion: Take current state Soon we'll be in either ACTIVE or POSTCOPY_ACTIVE when we complete migration, and we need to know which we expect to be in to change state safely. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit f3f491fcd6dd594ba695b7da5ecbdacb4e84b364 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:01 2015 +0000 Postcopy: Maintain unsentmap Maintain an 'unsentmap' of pages that have yet to be sent. This is used in the following patches to discard some set of the pages already sent as we enter postcopy mode. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 763c906b0ee964e4b5c529a4ee171723339644cc Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:00 2015 +0000 Add qemu_savevm_state_complete_postcopy Add qemu_savevm_state_complete_postcopy to complement qemu_savevm_state_complete_precopy together with a new save_live_complete_postcopy method on devices. The save_live_complete_precopy method is called on all devices during a precopy migration, and all non-postcopy devices during a postcopy migration at the transition. The save_live_complete_postcopy method is called at the end of postcopy for all postcopiable devices. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 8421b205ddb70314c0de2aa3222aed755f310f87 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:59 2015 +0000 Avoid sending vmdescription during postcopy VMDescription is normally sent at the end, after all of the devices; however that's not the end for postcopy, so just don't send it when in postcopy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 9ec055ae29df5132f61757519ab57b6b4209baa4 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:58 2015 +0000 MIGRATION_STATUS_POSTCOPY_ACTIVE: Add new migration state 'MIGRATION_STATUS_POSTCOPY_ACTIVE' is entered after migrate_start_postcopy 'migration_in_postcopy' is provided for other sections to know if they're in postcopy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 36f48567b82e3160bc0df87b8b4f239d55ca73e9 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:57 2015 +0000 migration_completion: Take current state Soon we'll be in either ACTIVE or POSTCOPY_ACTIVE when we complete migration, and we need to know which we expect to be in to change state safely. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 4886a1bcb7d7a88da02eefb0f33327c613ac52a3 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:56 2015 +0000 migrate_start_postcopy: Command to trigger transition to postcopy Once postcopy is enabled (with migrate_set_capability), the migration will still start on precopy mode. To cause a transition into postcopy the: migrate_start_postcopy command must be issued. Postcopy will start sometime after this (when it's next checked in the migration loop). Issuing the command before migration has started will error, and issuing after it has finished is ignored. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit eb59db53a4f23420f127ec7aad2a672f787df697 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:55 2015 +0000 postcopy: OS support test Provide a check to see if the OS we're running on has all the bits needed for postcopy. Creates postcopy-ram.c which will get most of the other helpers we need. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit c31b098f64c5bbbc26350b9b5cf98ae2d2888de7 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:54 2015 +0000 Modify save_live_pending for postcopy Modify save_live_pending to return separate postcopiable and non-postcopiable counts. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 11cf1d984b86b294972cd25df6286e5b2e98735d Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:53 2015 +0000 MIG_CMD_PACKAGED: Send a packaged chunk of migration stream MIG_CMD_PACKAGED is a migration command that wraps a chunk of migration stream inside a package whose length can be determined purely by reading its header. The destination guarantees that the whole MIG_CMD_PACKAGED is read off the stream prior to parsing the contents. This is used by postcopy to load device state (from the package) while leaving the main stream free to receive memory pages. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 093e3c429693f87fb917424c637ad8f599bd9e67 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:52 2015 +0000 Add wrappers and handlers for sending/receiving the postcopy-ram migration messages. The state of the postcopy process is managed via a series of messages; * Add wrappers and handlers for sending/receiving these messages * Add state variable that track the current state of postcopy Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 53dd370ced9b61a8113fc1c19ac8d61ca572a29c Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:51 2015 +0000 Add migration-capability boolean for postcopy-ram. The 'postcopy ram' capability allows postcopy migration of RAM; note that the migration starts off in precopy mode until postcopy mode is triggered (see the migrate_start_postcopy patch later in the series). Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 7b89bf279f16c093ed46845b8e6e0fb61b7ef639 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:50 2015 +0000 Rework loadvm path for subloops Postcopy needs to have two migration streams loading concurrently; one from memory (with the device state) and the other from the fd with the memory transactions. Split the core of qemu_loadvm_state out so we can use it for both. Allow the inner loadvm loop to quit and cause the parent loops to exit as well. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 70b2047774231ba2cb672eb936e12f603fa644aa Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:49 2015 +0000 Return path: Source handling of return path Open a return path, and handle messages that are received upon it. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit f6844b99ce08e836d509ec4be2fbfc5ab13ac18f Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:48 2015 +0000 migration_is_setup_or_active Add 'migration_is_setup_or_active' utility function to check state. (It gets postcopy added to it's list later on in the series) Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 6decec931149ae50d84e2b264bf93f3676d5b3f9 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:47 2015 +0000 Return path: Send responses from destination to source Add migrate_send_rp_message to send a message from destination to source along the return path. (It uses a mutex to let it be called from multiple threads) Add migrate_send_rp_shut to send a 'shut' message to indicate the destination is finished with the RP. Add migrate_send_rp_ack to send a 'PONG' message in response to a PING Use it in the MSG_RP_PING handler Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 2e37701efdba7bb89f7159eff055bb71dbb9f02f Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:46 2015 +0000 Return path: Control commands Add two src->dest commands: * OPEN_RETURN_PATH - To request that the destination open the return path * PING - Request an acknowledge from the destination Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit c76ca1888f49b4155a9de5a915dc9f814800c817 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:45 2015 +0000 Migration commands Create QEMU_VM_COMMAND section type for sending commands from source to destination. These commands are not intended to convey guest state but to control the migration process. For use in postcopy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 3e4097b564386b1fd1b62f2cd20e056d4b3403da Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:44 2015 +0000 Return path: socket_writev_buffer: Block even on non-blocking fd's The destination sets the fd to non-blocking on incoming migrations; this also affects the return path from the destination, and thus we need to make sure we can safely write to the return path. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a1a88589dc982f9f8b6c717c2ac98dd71dd4353d Merge: a8b4f95 577bf80 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 10 13:55:07 2015 +0000 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151110' into staging target-arm queue: * fix bugs in gdb singlestep handling and breakpoints * minor code cleanup in arm_gic * clean up error messages in hw/arm/virt * fix highbank kernel booting by adding a board-setup blob # gpg: Signature made Tue 10 Nov 2015 13:43:52 GMT using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20151110: target-arm: Clean up DISAS_UPDATE usage in AArch32 translation code hw/arm/virt: error_report cleanups arm: highbank: Implement PSCI and dummy monitor arm: highbank: Defeature CPU override arm: boot: Add secure_board_setup flag hw/intc/arm_gic: Remove the definition of NUM_CPU target-arm: Fix gdb singlestep handling in arm_debug_excp_handler() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit adc468e9b9ad866cd95b1e567291f9dcc1f49f1c Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:43 2015 +0000 Return path: Open a return path on QEMUFile for sockets Postcopy needs a method to send messages from the destination back to the source, this is the 'return path'. Wire it up for 'socket' QEMUFile's. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit c1fcf220c95b17f1a05adb799824d2c352ff9281 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:42 2015 +0000 Add Linux userfaultfd.h header Postcopy uses the userfaultfd.h feature in the Linux kernel; include the header. (In early versions of the patch series we had this, and then we dropped this by only including it if the kernel headers defined the syscall number; however 1842bdfd added the syscall definition to our headers, which means we can't tell if the kernel has it or not) Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a3e06c3d13b77a2534894dcebbc6ac08568dbe73 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:41 2015 +0000 Rename save_live_complete to save_live_complete_precopy In postcopy we're going to need to perform the complete phase for postcopiable devices at a different point, start out by renaming all of the 'complete's to make the difference obvious. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit aefeb18bde45fa629e3055a7bb6637a7dcad8c36 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:40 2015 +0000 migrate_init: Call from savevm Suspend to file is very much like a migrate, and it makes life easier if we have the Migration state available, so initialise it in the savevm.c code for suspending. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewd-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a776aa15a7e3e08964c6c537314b9590dde27b4d Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:39 2015 +0000 ram_load: Factor out host_from_stream_offset call and check The main RAM load loop has a call to host_from_stream_offset for each page type that actually loads data with the same test; factor it out before the switch. The host = NULL is to silence a bogus gcc warning of an unitialised in the RAM_SAVE_COMPRESS_PAGE case, it doesn't seem to realise that host is always initialised by the if at the top in the cases the switch takes. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 4f2e425267327719ee71ba6f191f7d66507a6c02 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:38 2015 +0000 ram_debug_dump_bitmap: Dump a migration bitmap as text Useful for debugging the migration bitmap and other bitmaps of the same format (including the sentmap in postcopy). The bitmap is printed to stderr. Lines that are all the expected value are excluded so the output can be quite compact for many bitmaps. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit ebf811500bc8dffa906ebd4c52b96f7620d7bf8e Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:37 2015 +0000 Add QEMU_MADV_NOHUGEPAGE Add QEMU_MADV_NOHUGEPAGE as an OS-independent version of MADV_NOHUGEPAGE. We include sys/mman.h before making the test to ensure that we pick up the system defines. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a800cd5c38ba4ac20fe9ca68a6dee408f2d5b11f Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:36 2015 +0000 Add wrapper for setting blocking status on a QEMUFile Add a wrapper to change the blocking status on a QEMUFile rather than having to use qemu_set_block(qemu_get_fd(f)); it seems best to avoid exposing the fd since not all QEMUFile's really have one. With this wrapper we could move the implementation down to be different on different transports. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 9504fb510c87c3dd6fe2e9a25e84c1426672f226 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:35 2015 +0000 Add qemu_get_buffer_in_place to avoid copies some of the time qemu_get_buffer always copies the data it reads to a users buffer, however in many cases the file buffer inside qemu_file could be given back to the caller, avoiding the copy. This isn't always possible depending on the size and alignment of the data. Thus 'qemu_get_buffer_in_place' either copies the data to a supplied buffer or updates a pointer to the internal buffer if convenient. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 42e2aa56372291d35345fcec85d5da2004c8b57c Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:34 2015 +0000 Rename mis->file to from_src_file 'file' becomes confusing when you have flows in each direction; rename to make it clear. This leaves just the main forward direction ms->file, which is used in a lot of places and is probably not worth renaming given the churn. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit e3dd74934f2d2c8c67083995928ff68e8c1d0030 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:33 2015 +0000 qemu_ram_block_by_name Add a function to find a RAMBlock by name; use it in two of the places that already open code that loop; we've got another use later in postcopy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 422148d3e56c3c9a07c0cf36c1e0a0b76f09c357 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:32 2015 +0000 qemu_ram_block_from_host Postcopy sends RAMBlock names and offsets over the wire (since it can't rely on the order of ramaddr being the same), and it starts out with HVA fault addresses from the kernel. qemu_ram_block_from_host translates a HVA into a RAMBlock, an offset in the RAMBlock and the global ram_addr_t value. Rewrite qemu_ram_addr_from_host to use qemu_ram_block_from_host. Provide qemu_ram_get_idstr since its the actual name text sent on the wire. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 87f50caa30ae7449c5875ff3171cff4d8648569a Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:31 2015 +0000 Move page_size_init earlier The HOST_PAGE_ALIGN macros don't work until the page size variables have been set up; later in postcopy I use those macros in the RAM code, and it can be triggered using -object. Fix this by initialising page_size_init() earlier - it's currently initialised inside the accelerators, move it up into vl.c. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 172dfd4faf2b64720db8a2dad7048056f2b81d75 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:30 2015 +0000 Move configuration section writing The vmstate_configuration is currently written in 'qemu_savevm_state_begin', move it to 'qemu_savevm_state_header' since it's got a hard requirement that it must be the 1st thing after the header. (In postcopy some 'command' sections get sent early before the saving of the main sections and hence before qemu_savevm_state_begin). Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 038629a699240326928665ea97e6e11059bbc007 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:29 2015 +0000 Provide runtime Target page information The migration code generally is built target-independent, however there are a few places where knowing the target page size would avoid artificially moving stuff into migration/ram.c. Provide 'qemu_target_page_bits()' that returns TARGET_PAGE_BITS to other bits of code so that they can stay target-independent. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 2bfdd1c8a6ac22ee1f9209c247509ff0cadd2a52 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:28 2015 +0000 Add postcopy documentation Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 577bf808958d06497928c639efaa473bf8c5e099 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Tue Nov 10 13:37:33 2015 +0000 target-arm: Clean up DISAS_UPDATE usage in AArch32 translation code AArch32 translation code does not distinguish between DISAS_UPDATE and DISAS_JUMP. Thus, we cannot use any of them without first updating PC in CPU state. Furthermore, it is too complicated to update PC in CPU state before PC gets updated in disas context. So it is hardly possible to correctly end TB early if is is not likely to be executed before calling disas_*_insn(), e.g. just after calling breakpoint check helper. Modify DISAS_UPDATE and DISAS_JUMP usage in AArch32 translation and apply to them the same semantic as AArch64 translation does: - DISAS_UPDATE: update PC in CPU state when finishing translation - DISAS_JUMP: preserve current PC value in CPU state when finishing translation This patch fixes a bug in AArch32 breakpoint handling: when check_breakpoints helper does not generate an exception, ending the TB early with DISAS_UPDATE couldn't update PC in CPU state and execution hangs. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1447097859-586-1-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit faa811f6de44d58180f5d235787678dcdd4b2e9d Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Tue Nov 10 13:37:33 2015 +0000 hw/arm/virt: error_report cleanups Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-id: 1446909925-12201-1-git-send-email-drjones@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 40340e5f221935723bffbca305f3090e8866c818 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Nov 10 13:37:33 2015 +0000 arm: highbank: Implement PSCI and dummy monitor Firstly, enable monitor mode and PSCI, both of which are features of this board. In addition to PSCI, this board also uses SMC for cache maintenance ops. This means we need a secure monitor to catch these and nop them. Use the ARM boot board-setup feature to implement this. The SMC trap implements the needed nop while all other traps will pen the CPU. As a KVM CPU cannot run in secure mode, do not do the board-setup if not running TCG. Report a warning explaining the limitation in this case. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 0fd0d12f0fa666c86616c89447861a70dbe27312.1447007690.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dca6eeed8c2a1c131d161139428dd18a35e58b03 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Nov 10 13:37:33 2015 +0000 arm: highbank: Defeature CPU override This board should not support CPU model override. This allows for easier patching of the board with being able to rely on the CPU type being correct. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 471a61e049c7ca6e82f5ef6668889a1d518c7e00.1447007690.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit baf6b6815ba9ae8255eefd1ddf15216d53da34b5 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Nov 10 13:37:33 2015 +0000 arm: boot: Add secure_board_setup flag Add a flag that when set, will cause the primary CPU to start in secure mode, even if the overall boot is non-secure. This is useful for when there is a board-setup blob that needs to run from secure mode, but device and secondary CPU init should still be done as-normal for a non- secure boot. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: d1170774d5446d715fced7739edfc61a5be931f9.1447007690.git.crosthwaite.peter@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b95690c9beaffd95edf91eb67829dc1e0a81e666 Author: Wei Huang <wei@xxxxxxxxxx> Date: Tue Nov 10 13:37:33 2015 +0000 hw/intc/arm_gic: Remove the definition of NUM_CPU arm_gic.c retrieves CPU number using either NUM_CPU(s) or s->num_cpu. Such mixed-uses make source code inconsistent. This patch removes NUM_CPU(s), which was defined for MPCore tweak long ago, and instead favors s->num_cpu. The source is more consistent after this small tweak. Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Wei Huang <wei@xxxxxxxxxx> Reviewed-by: Michael Tokarev <mjt@xxxxxxxxxx> Message-id: 1446744293-32365-1-git-send-email-wei@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5c629f4ff4dc9ae79cc732f59a8df15ede796ff7 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Tue Nov 10 13:37:32 2015 +0000 target-arm: Fix gdb singlestep handling in arm_debug_excp_handler() Do not raise a CPU exception if no CPU breakpoint has fired, since singlestep is also done by generating a debug internal exception. This fixes a bug with singlestepping in gdbstub. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1446726361-18328-1-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a8b4f9585a0bf5186fca793ce2c5d754cd8ec49a Merge: ce27861 f545504 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 10 09:39:24 2015 +0000 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-11-10' into staging QAPI patches # gpg: Signature made Tue 10 Nov 2015 07:12:25 GMT using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-11-10: qapi-introspect: Document lack of sorting qapi: Provide nicer array names in introspection qapi: More tests of input arrays qapi: Test failure in middle of array parse qapi: More tests of alternate output qapi: Simplify error cleanup in test-qmp-* qapi: Simplify non-error testing in test-qmp-* qapi: Plug leaks in test-qmp-* qapi: Share test_init code in test-qmp-input* qobject: Protect against use-after-free in qobject_decref() qapi: Strengthen test of TestStructList qapi: Use generated TestStruct machinery in tests Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f5455044201747fd72531f5e8c1b1e9c56573d9c Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:36 2015 -0700 qapi-introspect: Document lack of sorting qapi-code-gen.txt already claims that types, commands, and events share a common namespace; set this in stone by further documenting that our introspection output will never have collisions with the same name tied to more than one meta-type. Our largest QMP enum currently has 125 values, our largest object type has 27 members, and the mean for each is less than 10. These sizes are small enough that the per-element overhead of O(log n) binary searching probably outweighs the speed possible with direct O(n) linear searching (a better algorithm with more overhead will only beat a leaner naive algorithm only as you scale to larger input sizes). Arguably, the overall SchemaInfo array could be sorted by name; there, we currently have 531 entities, large enough for a binary search to be faster than linear. However, remember that we have mutually-recursive types, which means there is no topological ordering that will allow clients to learn all information about that type in a single linear pass; thus clients will want to do random access over the data, and they will probably read the introspection output into a hashtable for O(1) lookup rather than O(log n) binary searching, at which point, pre-sorting our introspection output doesn't help the client. It doesn't help that sorting can be subjective if you introduce locales into the mix (I'm not experienced enough with Python to know for sure, but at least it looks like it defaults to sorting in the C locale even when run under a different locale). And while our current introspection output is deterministic (because we visit entities in a sorted order), we may want to change that order in the future (such as using OrderedDict to stick to .json declaration order). For these reasons, we simply document that clients should not rely on any particular order of items in introspection output. And since it is now a documented part of the contract, we have the freedom to later rearrange output if needed, without worrying about breaking well-written clients. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-13-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ce5fcb472d512455a8d13fae4c04ecf8eb00573b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:35 2015 -0700 qapi: Provide nicer array names in introspection For the sake of humans reading introspection output, it is nice to have the name of implicit array types be recognizable as arrays of the underlying type. However, while this patch allows humans to skip from a command with return type "[123]" straight to the definition of type "123" without having to first inspect type "[123]", document that this shortcut should not be taken by client apps. This makes the resulting introspection string slightly larger by default (just over 200 bytes), but it's in the noise (less than 0.3% of the overall 70k size of 'query-qmp-capabilities'). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-12-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 2533377c7b0c686d1510ed6499cedf938607e805 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:34 2015 -0700 qapi: More tests of input arrays Our testsuite had no coverage of empty arrays, nor of what happens when the input does not match the expected type. Useful to have, especially if we start changing the visitor contracts. I did not think it worth duplicating these additions to test-qmp-input-strict; since all strict mode does is add the ability to reject JSON input that has more keys than what the visitor expects, yet the additions in this patch error out earlier than that point regardless of whether strict mode was requested. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-11-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit dd5ee2c2d3e3a17647ddd9bfa97935b8cb5dfa40 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:33 2015 -0700 qapi: Test failure in middle of array parse Our generated list visitors have the same problem as has been mentioned elsewhere (see commit 2f52e20): they allocate data even on failure. An upcoming patch will correct things to provide saner guarantees, but first we need to expose the behavior in the testsuite to ensure we aren't introducing any memory usage bugs. There are more test cases throughout the test-qmp-input-* tests that already deal with partial allocation; a later commit will clean up all visit_type_FOO(), without marking all of the tests with FIXME at this time. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-10-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 12fafd7cedad51854c468ea0496a6542b3222b29 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:32 2015 -0700 qapi: More tests of alternate output The testsuite was only covering that we could output the 'int' branch of an alternate (no additional allocation/cleanup required). Add a test of the 'str' branch, to make sure that things still work even when a branch involves allocation. Update to modern style of g_new0() over g_malloc0() while touching it. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-9-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit a12a5a1a0132527afe87c079e4aae4aad372bd94 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:31 2015 -0700 qapi: Simplify error cleanup in test-qmp-* We have several tests that perform multiple sub-actions that are expected to fail. Asserting that an error occurred, then clearing it up to prepare for the next action, turned into enough boilerplate that it was sometimes forgotten (for example, a number of tests added to test-qmp-input-visitor.c in d88f5fd leaked err). Worse, if an error is not reset to NULL, we risk invalidating later use of that error (passing a non-NULL err into a function is generally a bad idea). Encapsulate the boilerplate into a single helper function error_free_or_abort(), and consistently use it. The new function is added into error.c for use everywhere, although it is anticipated that testsuites will be the main client. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ce278618b088afd10b91a05311eaeb6401bb5004 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Nov 9 15:14:09 2015 +0000 configure: Don't disable optimization for non-fortify builds Commit b553a0428014636bc inadvertently disabled optimization for all non-fortify builds. Fix this bug so we only do an unoptimized build if we want debug. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1447082049-25099-1-git-send-email-peter.maydell@xxxxxxxxxx commit d17008bc2914d62fd0af6a8f313604ae9f9a102c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Nov 9 14:56:31 2015 +0000 hw/timer/hpet.c: Avoid signed integer overflow which results in bugs on OSX Signed integer overflow in C is undefined behaviour, and the compiler is at liberty to assume it can never happen and optimize accordingly. In particular, the subtractions in hpet_time_after() and hpet_time_after64() were causing OSX clang to optimize the code such that it was prone to hangs and complaints about the main loop stalling (presumably because we were spending all our time trying to service very high frequency HPET timer callbacks). The clang sanitizer confirms the UB: hw/timer/hpet.c:119:26: runtime error: signed integer overflow: -2146967296 - 2147003978 cannot be represented in type 'int' Fix this by doing the subtraction as an unsigned operation and then converting to signed for the comparison. Reported-by: Aaron Elkins <threcius@xxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1447080991-24995-1-git-send-email-peter.maydell@xxxxxxxxxx commit 3f66f764ee25f10d3e1144ebc057a949421b7728 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:30 2015 -0700 qapi: Simplify non-error testing in test-qmp-* By using &error_abort, we can avoid a local err variable in situations where we expect success. It also has the nice effect that if the test breaks, the error message from error_abort tends to be nicer than that of g_assert(). This patch has an additional bonus of fixing several call sites that were passing &err to two different functions without checking it in between. In general that is unsafe practice; because if the first function sets an error, the second function could abort() if it tries to set a different error. We got away with it because we were asserting that err was NULL through the entire chain, but switching to &error_abort avoids the questionable practice up front. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-7-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit b18f1141d0afa00de11a8e079f4f5305c9e36893 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:29 2015 -0700 qapi: Plug leaks in test-qmp-* Make valgrind happy with the current state of the tests, so that it is easier to see if future patches introduce new memory problems without being drowned in noise. Many of the leaks were due to calling a second init without tearing down the data from an earlier visit. But since teardown is already idempotent, and we already register teardown as part of input_visitor_test_add(), it is nicer to just make init() safe to call multiple times than it is to have to make all tests call teardown. Another common leak was forgetting to clean up an error object, after testing that an error was raised. Another leak was in test_visitor_in_struct_nested(), failing to clean the base member of UserDefTwo. Cleaning that up left check_and_free_str() as dead code (since using the qapi_free_* takes care of recursion, and we don't want double frees). A final leak was in test_visitor_out_any(), which was reassigning the qobj local variable to a subset of the overall structure needing freeing; it did not result in a use-after-free, but was not cleaning up all the qdict. test-qmp-event and test-qmp-commands were already clean. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-6-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 0920a17199d23b3def3a60fa1fbbdeadcdda452d Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:28 2015 -0700 qapi: Share test_init code in test-qmp-input* Rather than duplicate the body of two functions just to decide between qobject_from_jsonv() and qobject_from_json(), exploit the fact that qobject_from_jsonv() intentionally takes 'va_list *' instead of the more common 'va_list', and that qobject_from_json() just calls qobject_from_jsonv(,NULL). For each file, our two existing init functions then become thin wrappers around a new internal function, and future updates to initialization don't have to be duplicated. Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-5-git-send-email-eblake@xxxxxxxxxx> [Two old comment typos fixed] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit cc9f60d4a2a4bf2578a9309a18f1c4602c9f5ce7 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:27 2015 -0700 qobject: Protect against use-after-free in qobject_decref() Adding an assertion to qobject_decref() will ensure that a programming error causing use-after-free will result in immediate failure (provided no other thread has started using the memory) instead of silently attempting to wrap refcnt around and leaving the problem to potentially bite later at a harder point to diagnose. Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-4-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit bd20588d19e9ff0e94b2d4ca3b5d6b3b3d6a1274 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:26 2015 -0700 qapi: Strengthen test of TestStructList Make each list element different, to ensure that order is preserved, and use the generated free function instead of hand-rolling our own to ensure (under valgrind) that the list is properly cleaned. Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-3-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 748053c97b11039f657525fd7d57a39806d8083e Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:25 2015 -0700 qapi: Use generated TestStruct machinery in tests Commit d88f5fd and friends first introduced the various test-qmp-* tests in 2011, with duplicated hand-rolled TestStruct machinery, to make sure the qapi visitor interface was tested. Later, commit 4f193e3 in 2013 added a .json file for further testing use by the files, but without consolidating any of the existing hand-rolled visitors. And with four copies, subtle differences have crept in, between the tests themselves (mainly whitespace differences, but also a question of whether to use NULL or "TestStruct" when calling visit_start_struct()) and from what the generator produces (the hand-rolled versions did not cater to partially-allocated objects, because they did not have a deallocation usage). Of course, just because the visitor interface is tested does not mean it is a sane interface; and future patches will be changing some of the visitor contracts. Rather than having to duplicate the cleanup work in each copy of the TestStruct visitor, and keep each hand-rolled copy in sync with what the generator supplies, we might as well just test what the generator should give us in the first place. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-2-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 9d5c1dc117d1ad881bbc76f6990ee1f9e9f8ef7f Merge: b3a9e57 84aa014 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Nov 9 11:20:51 2015 +0000 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Mon 09 Nov 2015 10:08:17 GMT using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: blockdev: acquire AioContext in hmp_commit() monitor: add missed aio_context_acquire into vm_completion call aio: Introduce aio-epoll.c aio: Introduce aio_context_setup aio: Introduce aio_external_disabled dataplane: support non-contigious s/g dataplane: simplify indirect descriptor read Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 84aa0140dd4f04f5d993f0db14c40da8d3de2706 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Nov 4 20:27:23 2015 +0300 blockdev: acquire AioContext in hmp_commit() This one slipped through. Although we acquire AioContext when committing all devices we don't for just a single device. AioContext must be acquired before calling bdrv_*() functions to synchronize access with other threads that may be using the AioContext. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6bf1faa84877514971a20bb180b0ae5270bee571 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Wed Nov 4 20:19:42 2015 +0300 monitor: add missed aio_context_acquire into vm_completion call Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Luiz Capitulino <lcapitulino@xxxxxxxxxx> CC: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit fbe3fc5cb3cd9f9064e98c549684e821c353fe41 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 30 12:06:29 2015 +0800 aio: Introduce aio-epoll.c To minimize code duplication, epoll is hooked into aio-posix's aio_poll() instead of rolling its own. This approach also has both compile-time and run-time switchability. 1) When QEMU starts with a small number of fds in the event loop, ppoll is used. 2) When QEMU starts with a big number of fds, or when more devices are hot plugged, epoll kicks in when the number of fds hits the threshold. 3) Some fds may not support epoll, such as tty based stdio. In this case, it falls back to ppoll. A rough benchmark with scsi-disk on virtio-scsi dataplane (epoll gets enabled from 64 onward). Numbers are in MB/s. =============================================== | master | epoll | | scsi disks # | read randrw | read randrw -------------|----------------|---------------- 1 | 86 36 | 92 45 8 | 87 43 | 86 41 64 | 71 32 | 70 38 128 | 48 24 | 58 31 256 | 37 19 | 57 28 =============================================== To comply with aio_{disable,enable}_external, we always use ppoll when aio_external_disabled() is true. [Removed #ifdef CONFIG_EPOLL around AioContext epollfd field declaration since the field is also referenced outside CONFIG_EPOLL code. --Stefan] Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1446177989-6702-4-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 37fcee5d1154b7a03c13582e128bcc31ad43e954 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 30 12:06:28 2015 +0800 aio: Introduce aio_context_setup This is the place to initialize platform specific bits of AioContext. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1446177989-6702-3-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5ceb9e39284b69d2e1b01da3cb1894ad4b2b4606 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 30 12:06:27 2015 +0800 aio: Introduce aio_external_disabled This allows AioContext users to check the enable/disable state of external clients. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1446177989-6702-2-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 8347c53243b58ad5e4d623d2403853404e9043a1 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Oct 28 17:48:04 2015 +0200 dataplane: support non-contigious s/g bring_map currently fails if one of the entries it's mapping is contigious in GPA but not HVA address space. Introduce a mapped_len parameter so it can handle this, returning the actual mapped length. This will still fail if there's no space left in the sg, but luckily max queue size in use is currently 256, while max sg size is 1024, so we should be OK even is all entries happen to cross a single DIMM boundary. Won't work well with very small DIMM sizes, unfortunately: e.g. this will fail with 4K DIMMs where a single request might span a large number of DIMMs. Let's hope these are uncommon - at least we are not breaking things. Reported-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reported-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Igor Mammedov <imammedo@xxxxxxxxxx> Message-id: 1446047243-3221-2-git-send-email-mst@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 572ec519ed6fe68f10ec65963527536c2322eab0 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Oct 28 17:48:02 2015 +0200 dataplane: simplify indirect descriptor read Use address_space_read to make sure we handle the case of an indirect descriptor crossing DIMM boundary correctly. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Tested-by: Igor Mammedov <imammedo@xxxxxxxxxx> Message-id: 1446047243-3221-1-git-send-email-mst@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b3a9e57d92dff7dd5822f322e4eb49af9e1b70b8 Merge: c4a7bf5 0c47242 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sat Nov 7 21:41:33 2015 +0000 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging target-i386: tcg: Handle clflushopt/clwb/pcommit instructions A small update to TCG code so it can handle the new clflushopt/clwb/pcommit instructions. # gpg: Signature made Sat 07 Nov 2015 14:50:54 GMT using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" * remotes/ehabkost/tags/x86-pull-request: target-i386: Add clflushopt/clwb/pcommit to TCG_7_0_EBX_FEATURES target-i386: tcg: Check right CPUID bits for clflushopt/pcommit target-i386: tcg: Accept clwb instruction Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c4a7bf54e588ff2de9fba0898b686156251b2063 Merge: 4b59f39 dca6257 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sat Nov 7 19:55:15 2015 +0000 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Fri 06 Nov 2015 20:01:44 GMT using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" * remotes/jnsnow/tags/ide-pull-request: arm: allwinner-a10: Add SATA ahci: Add allwinner AHCI ahci: split realize and init ahci: Add some MMIO debug printfs ide: remove hardcoded 2GiB transactional limit Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dca625768a7da9377cd5886cc03854229c1e18a1 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Fri Nov 6 14:09:01 2015 -0500 arm: allwinner-a10: Add SATA Add the Allwinner A10 AHCI controller module to the SoC. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 69d6962f2d14a218bd07e9ac4ccd1947737cc30f.1445917756.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 377e2145392e5787d35e58d643bd3de4838006b4 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Fri Nov 6 14:09:01 2015 -0500 ahci: Add allwinner AHCI Add a Sysbus AHCI subclass for the Allwinner AHCI. It has a few extra vendor specific registers which are used for phy and power init. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 833b5b05ed5ade38bf69656679b0a7575e79492b.1445917756.git.crosthwaite.peter@xxxxxxxxx [resolved patch context on pull --js] Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 0487eea48ecc6e525d6e626d94da54e203089a95 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Fri Nov 6 14:09:00 2015 -0500 ahci: split realize and init Do the init level tasks asap and the realize later (mainly when num_ports is available). This allows sub-class realize routines to work with the device post-init. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1a7c7b2b32e5ccf49373a5065da5ece89730d3ac.1445917756.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 802742670df73773c0dbaa251c63e4561cc794a1 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Fri Nov 6 14:09:00 2015 -0500 ahci: Add some MMIO debug printfs These are useful for bringup of AHCI. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 517ba413dce7deb4ab17c0cc1e8bbdaaace2a0db.1445917756.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 9fbf0fa81fca8f527669dd4fa72662d66e7d6329 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Nov 6 14:09:00 2015 -0500 ide: remove hardcoded 2GiB transactional limit Not that you can request a >2GiB transaction, but that's why checking for it makes no sense anymore. With the newer 'limit' parameter to prepare_buf, we no longer need a static limit. The maximum limit is still 2GiB, but the limit parameter is set to the current transaction size, which cannot surpass 32MiB (512 * 65536). If the PRDT surpasses the transactional size, then, we'll just carry out the normative underflow handling pathways instead of needing an extra, strange pathway that worries about hitting some logistical cap for the largest sglist we can support -- we'll never even attempt to build one that big anymore. Reported-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Acked-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1445902682-20051-1-git-send-email-jsnow@xxxxxxxxxx commit 0c47242b519a224279f13c685aa6e79347f97b85 Author: Xiao Guangrong <guangrong.xiao@xxxxxxxxxxxxxxx> Date: Thu Oct 29 15:31:39 2015 +0800 target-i386: Add clflushopt/clwb/pcommit to TCG_7_0_EBX_FEATURES Now these instructions are handled by TCG and can be added to the TCG_7_0_EBX_FEATURES macro. Signed-off-by: Xiao Guangrong <guangrong.xiao@xxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 891bc821a3ee462b09b1ec436f2891f00ab1f85b Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Nov 4 19:24:46 2015 -0200 target-i386: tcg: Check right CPUID bits for clflushopt/pcommit Detect the clflushopt and pcommit instructions and check their corresponding feature flags, instead of checking CPUID_SSE and CPUID_CLFLUSH. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 5e1fac2dba7780e0cb2c022d4b39586af70bea0d Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Nov 4 19:24:45 2015 -0200 target-i386: tcg: Accept clwb instruction Accept the clwb instruction (66 0F AE /6) if its corresponding feature flag is enabled on CPUID[7]. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 4b59f39bc9a03afcc74b2fa28da7c3189fca507c Merge: 9319738 bd54a9f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Nov 6 12:50:24 2015 +0000 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-11-06' into staging trivial patches for 2015-11-06 # gpg: Signature made Fri 06 Nov 2015 12:42:43 GMT using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-11-06: (24 commits) tap-bsd: use user-specified tap device if it already exists qemu-sockets: do not test path with access() before unlinking taget-ppc: Fix read access to IBAT registers higher than IBAT3 exec: avoid unnecessary cacheline bounce on ram_list.mru_block target-alpha: fix uninitialized variable ivshmem-server: fix possible OVERRUN pci-assign: do not test path with access() before opening qom/object: fix 2 comment typos configure: remove help string for 'vnc-tls' option usb: Use g_new() & friends where that makes obvious sense qxl: Use g_new() & friends where that makes obvious sense ui: Use g_new() & friends where that makes obvious sense bt: fix use of uninitialized variable seqlen hw/dma/pxa2xx: Remove superfluous memset linux-user/syscall: Replace g_malloc0 + memcpy with g_memdup tests/i44fx-test: No need for zeroing memory before memset hw/input/tsc210x: Remove superfluous memset xen: fix invalid assertion tests: ignore test-qga fix bad indentation in pcie_cap_slot_write_config() ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bd54a9f9435c85de190a82019faef16c5ecf8e46 Author: Ed Maste <emaste@xxxxxxxxxxx> Date: Fri Oct 23 11:53:55 2015 -0400 tap-bsd: use user-specified tap device if it already exists Acked-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> Signed-off-by: Ed Maste <emaste@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a2f31f180499593b5edb8ac5ab8ac1b92f0abcd4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Nov 4 14:48:47 2015 +0100 qemu-sockets: do not test path with access() before unlinking Using access() is a time-of-check/time-of-use race condition. It is okay to use them to provide better error messages, but that is pretty much it. This is not one such case; on the other hand, access() *will* skip unlink() for a non-existent path, so ignore ENOENT return values from the unlink() system call. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 3ede8f699645f4ca7cdbc40d8139e5a0275b4805 Author: Julio Guerra <julio@xxxxxxxxxx> Date: Wed Oct 14 19:43:19 2015 +0200 taget-ppc: Fix read access to IBAT registers higher than IBAT3 Fix the index used to read the IBAT's vector which results in IBAT0..3 instead of IBAT4..N. The bug appeared by saving/restoring contexts including IBATs values. Signed-off-by: Julio Guerra <julio@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 68851b98e5bf6d397498b74f1776801274ab8d48 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Oct 22 13:51:30 2015 +0200 exec: avoid unnecessary cacheline bounce on ram_list.mru_block Whenever the MRU cache hits for the list of RAM blocks, qemu_get_ram_block does an unnecessary write that causes a processor cache line to bounce from one core to another. This causes a performance hit. Reported-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 74de807f794ac5201b2b3c38ddadeef84a676a97 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 19 16:08:38 2015 +0200 target-alpha: fix uninitialized variable I am not sure why the compiler does not catch it. There is no semantic change since gen_excp returns EXIT_NORETURN, but the old code is wrong. Reported by Coverity. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 258133bda9a6f22ba436ef9b63b7c086cc80190b Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Mon Nov 2 09:13:48 2015 +0800 ivshmem-server: fix possible OVERRUN >>> CID 1337991: Memory - illegal accesses (OVERRUN) >>> Decrementing "i". The value of "i" is now 65534. 218 while (i--) { 219 event_notifier_cleanup(&peer->vectors[i]); 220 } Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 6268520d7df9b3f183bb4397218c9287441bc04f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Nov 2 15:17:37 2015 +0100 pci-assign: do not test path with access() before opening Using access() is a time-of-check/time-of-use race condition. It is okay to use them to provide better error messages, but that is pretty much it. In this case we can get the same error from fopen(), so just use strerror and errno there---which actually improves the error message most of the time. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b30d80546421c6ea919096b596887f496c80af0a Author: Cao jin <caoj.fnst@xxxxxxxxxxxxxx> Date: Tue Nov 3 10:36:42 2015 +0800 qom/object: fix 2 comment typos Also change the misleading definition of macro OBJECT_CLASS_CHECK Signed-off-by: Cao jin <caoj.fnst@xxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 9f503153c78a23bcd44409cea64442c4ecd82ea5 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Nov 3 11:34:31 2015 +0000 configure: remove help string for 'vnc-tls' option The '--enable-vnc-tls' option to configure was removed in commit 3e305e4a4752f70c0b5c3cf5b43ec957881714f7 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Thu Aug 6 14:39:32 2015 +0100 ui: convert VNC server to use QCryptoTLSSession This removes the corresponding help string. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 98f343395e937fa1db3a28dfb4f303f97cfddd6c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 29 16:55:22 2015 +0100 usb: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 9de68637dff05a18d0eafcff2737e551b70bc490 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 29 16:55:21 2015 +0100 qxl: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit fedf0d35aafc4f1f1e5f6dbc80cb23ae1ae49f0b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Nov 3 17:12:03 2015 +0100 ui: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 374ec0669a1aa3affac7850a16c6cad18221c439 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 19 16:08:40 2015 +0200 bt: fix use of uninitialized variable seqlen sdp_svc_match, sdp_attr_match and sdp_svc_attr_match read the last argument. The only sensible way to change the code is to make that last argument "len" instead of "seqlen" which is the length of a subsequence in the previous "if" branch. To make the structure of the code clearer, use "else" instead of "else if". Reported by Coverity. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 1a13b27273cdc4f6fd18bc1e83950d47c6b5928b Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Fri Oct 9 17:56:35 2015 +0200 hw/dma/pxa2xx: Remove superfluous memset g_malloc0 already clears the memory, so no need for the additional memset here. And while we're at it, also convert the g_malloc0 to the preferred g_new0. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit e9d49d518d5d2b0411ee2625e46662a6065a909c Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Fri Oct 9 17:56:38 2015 +0200 linux-user/syscall: Replace g_malloc0 + memcpy with g_memdup No need to use g_malloc0 to zero the memory if we memcpy to the whole buffer afterwards anyway. Actually, there is even a function which combines both steps, g_memdup, so let's use this function here instead. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 112317867d573bb053d431f098060cf996d9b2e8 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Fri Oct 9 17:56:37 2015 +0200 tests/i44fx-test: No need for zeroing memory before memset Change a g_malloc0 into g_malloc since the following memset fills the whole buffer anyway. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a6c6d827605e416f0e127a325ee1efc9cf16afa5 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Fri Oct 9 17:56:36 2015 +0200 hw/input/tsc210x: Remove superfluous memset g_malloc0 already clears the memory, so no need for additional memsets here. And while we're at it, let's also remove the superfluous typecasts for the return values of g_malloc0 and use the type-safe g_new0 instead. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 2c21ec3d1818cb0395b5a9b73128e6920d44def7 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 19 16:08:39 2015 +0200 xen: fix invalid assertion Asserting "true" is not that useful. Reported by Coverity. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 3cd01b6ed8a1ae472f09cbcc47b7cba4d732f94c Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Oct 20 13:41:33 2015 -0600 tests: ignore test-qga Commit 62c39b30 added a new test, but did not mark it for exclusion in .gitignore. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 6ba9fe86957c3c8febf74c2495d901ac4061a673 Author: Cao jin <caoj.fnst@xxxxxxxxxxxxxx> Date: Sun Oct 25 16:23:28 2015 +0800 fix bad indentation in pcie_cap_slot_write_config() bad indentation conflicts with CODING_STYLE doc Signed-off-by: Cao jin <caoj.fnst@xxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 53d47be25a0c8bde5aa5b53625bc810f91c6271f Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 14:27:31 2015 -0600 maint: Ignore ivshmem binaries Commit a75eb03b added ivshmem-client and ivshmem-server binaries, but did not mark them for exclusion in .gitignore. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b21de19992cefdfef68217e50a8365ee5e535e10 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu Oct 15 10:54:15 2015 +0200 hw/display/tcx: Remove superfluous OBJECT() typecasts The tcx_initfn() function is already supplied with an Object *obj pointer, so there is no need to cast the state pointer back to an Object pointer all over the place. And while we're at it, also remove the superfluous "return;" statement in this function. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Acked-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 5accecb3a6b49d8ca79684179610583e9c7c1bf5 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Oct 13 09:38:50 2015 +0200 gdbstub: Fix buffer overflows in gdb_handle_packet() Some places in gdb_handle_packet() can get an arbitrary length (most times directly from the client) and either didn't check it at all or checked against the wrong value, potentially causing buffer overflows. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 3c15d3a45045de82c744c49ff471d4c7ba405187 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Mon Oct 12 12:54:57 2015 +0200 hw/acpi/aml-build: remove useless glib version check 2.22 is the minimum version required Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 9319738080faeb09876ce2017fcaea4937c475ee Merge: 3aa88b3 ee31299 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Nov 6 11:31:40 2015 +0000 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream-replay' into staging So here it is, let's see what happens. # gpg: Signature made Fri 06 Nov 2015 09:30:34 GMT using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" * remotes/bonzini/tags/for-upstream-replay: replay: recording of the user input replay: command line options replay: replay blockers for devices replay: initialization and deinitialization replay: ptimer bottom halves: introduce bh call function replay: checkpoints icount: improve counting for record/replay replay: shutdown event replay: recording and replaying clock ticks replay: asynchronous events infrastructure replay: interrupts and exceptions cpu: replay instructions sequence cpu-exec: allow temporary disabling icount replay: introduce icount event replay: introduce mutex to protect the replay log replay: internal functions for replay log replay: global variables and function stubs Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3aa88b31290c7cbbbae344efdece659194b95c70 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Nov 2 14:06:23 2015 +0000 configure: add missing --disable-modules option According to ./configure all options should have both --enable-foo and --disable-foo: # Always add --enable-foo and --disable-foo command line args. # Distributions want to ensure that several features are compiled in, and it # is impossible without a --enable-foo that exits if a feature is not found. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1446473183-24250-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 574418132355bae50e829eb7890c8ea5dcb53fd8 Merge: 496c1b1 f7fda28 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Nov 6 10:10:15 2015 +0000 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 queue, 2015-11-05 # gpg: Signature made Thu 05 Nov 2015 19:35:31 GMT using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" * remotes/ehabkost/tags/x86-pull-request: target-i386: Enable clflushopt/clwb/pcommit instructions target-i386: Remove POPCNT from qemu64 and qemu32 CPU models target-i386: Remove ABM from qemu64 CPU model target-i386: Remove SSE4a from qemu64 CPU model target-i386: Set "check=off" by default on pc-*-2.4 and older Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ee312992a323530ea2cda8680f3a34746c72db8f Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:25:24 2015 +0300 replay: recording of the user input This records user input (keyboard and mouse events) in record mode and replays these input events in replay mode. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162524.8676.11696.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit 4c27b859722089e0270fd4f41b4b3c63b6647439 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:25:18 2015 +0300 replay: command line options This patch introduces command line options for enabling recording or replaying virtual machine behavior. These options are added to icount command line parameter. They include 'rr' which switches between record and replay and 'rrfile' for specifying the filename for replay log. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162518.8676.70792.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit 0194749ac4131e1bed8e166c5d5cf541678ef204 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:25:13 2015 +0300 replay: replay blockers for devices Some devices are not supported by record/replay subsystem. This patch introduces replay blocker which denies starting record/replay if such devices are included into the configuration. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162512.8676.11367.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit 7615936ebf4e60c4565268a30df2356c841526f8 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:25:07 2015 +0300 replay: initialization and deinitialization This patch introduces the functions for enabling the record/replay and for freeing the resources when simulator closes. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162507.8676.90232.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit 8a354bd935a800dd2d98ac8f30707e2912c80ae6 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:56 2015 +0300 replay: ptimer This patch adds deterministic replay for hardware periodic countdown timers. ptimer uses bottom halves layer to execute such an asynchronous callback. We put this callback into the replay queue instead of bottom halves one. When checkpoint is met by main loop thread, the replay queue is processed and callback is executed. Binding callback moment to one of the checkpoints makes it deterministic. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162456.8676.83366.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit df281b80b9ecba65d85795aa738c29e5b94d5ef1 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:50 2015 +0300 bottom halves: introduce bh call function This patch introduces aio_bh_call function. It is used to execute bottom halves as callbacks without adding them to the queue. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162450.8676.56980.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit 8bd7f71d794b93ce027b856f5b79a98f4f82e44c Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:44 2015 +0300 replay: checkpoints This patch introduces checkpoints that synchronize cpu thread and iothread. When checkpoint is met in the code all asynchronous events from the queue are executed. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162444.8676.52916.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit efab87cf79077a9624f675fc5fc8f034eaedfe4d Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:39 2015 +0300 icount: improve counting for record/replay icount_warp_rt function is called by qemu_clock_warp and as callback of icount_warp timer. This patch adds call to qemu_clock_warp into main_loop_wait function, because icount warp may be missed in record/replay mode, when CPU is sleeping. This patch also disables of calling this function by timer, because it is not needed after making modifications of main_loop_wait. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162439.8676.38290.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit b60c48a7019614902f2debe4d4181ec8cfa60e0d Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:33 2015 +0300 replay: shutdown event This patch records and replays simulator shutdown event. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162433.8676.32262.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit 8eda206e09089914006bfbdd71467d5246c06e4a Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:28 2015 +0300 replay: recording and replaying clock ticks Clock ticks are considered as the sources of non-deterministic data for virtual machine. This patch implements saving the clock values when they are acquired (virtual, host clock). When replaying the execution corresponding values are read from log and transfered to the module, which wants to read the values. Such a design required the clock polling to be synchronized. Sometimes it is not true - e.g. when timeouts for timer lists are checked. In this case we use a cached value of the clock, passing it to the client code. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162427.8676.36558.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit c0c071d05279ec1429352200affc5c70bb4e5980 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:22 2015 +0300 replay: asynchronous events infrastructure This patch adds module for saving and replaying asynchronous events. These events include network packets, keyboard and mouse input, USB packets, thread pool and bottom halves callbacks. All events are stored in the queue to be processed at synchronization points such as beginning of TB execution, or checkpoint in the iothread. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162422.8676.88696.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit 6f0609697f3670bf755a91477487507a8ffee471 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:16 2015 +0300 replay: interrupts and exceptions This patch includes modifications of common cpu files. All interrupts and exceptions occured during recording are written into the replay log. These events allow correct replaying the execution by kicking cpu thread when one of these events is found in the log. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162416.8676.57647.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f7fda280948a5e74aeb076ef346b991ecb173c56 Author: Xiao Guangrong <guangrong.xiao@xxxxxxxxxxxxxxx> Date: Thu Oct 29 15:31:39 2015 +0800 target-i386: Enable clflushopt/clwb/pcommit instructions These instructions are used by NVDIMM drivers and the specification is located at: https://software.intel.com/sites/default/files/managed/0d/53/319433-022.pdf There instructions are available on Skylake Server. Signed-off-by: Xiao Guangrong <guangrong.xiao@xxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 6aa91e4a0237ddcebb85e3a95e166f3b3cfa42ae Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Tue Nov 3 17:24:18 2015 -0200 target-i386: Remove POPCNT from qemu64 and qemu32 CPU models POPCNT is not available on Penryn and older and on Opteron_G2 and older, and we want to make the default CPU runnable in most hosts, so it won't be enabled by default in KVM mode. We should eventually have all features supported by TCG enabled by default in TCG mode, but as we don't have a good mechanism today to ensure we have different defaults in KVM and TCG mode, disable POPCNT in the qemu64 and qemu32 CPU models entirely. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 711956722c6764336f8b78a2106e57c55f02f36d Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Tue Nov 3 17:24:18 2015 -0200 target-i386: Remove ABM from qemu64 CPU model ABM is not available on Sandy Bridge and older, and we want to make the default CPU runnable in most hosts, so it won't be enabled by default in KVM mode. We should eventually have all features supported by TCG enabled by default in TCG mode, but as we don't have a good mechanism today to ensure we have different defaults in KVM and TCG mode, disable ABM in the qemu64 CPU model entirely. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 0909ad24b2769368716c85f79fbb995dbb7041a9 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Tue Nov 3 17:17:33 2015 -0200 target-i386: Remove SSE4a from qemu64 CPU model SSE4a is not available in any Intel CPU, and we want to make the default CPU runnable in most hosts, so it doesn't make sense to enable it by default in KVM mode. We should eventually have all features supported by TCG enabled by default in TCG mode, but as we don't have a good mechanism today to ensure we have different defaults in KVM and TCG mode, disable SSE4a in the qemu64 CPU model entirely. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 3e68482224129c3ddc061af7c9d438b882ecfdd1 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Tue Nov 3 17:18:50 2015 -0200 target-i386: Set "check=off" by default on pc-*-2.4 and older The default CPU model (qemu64) have some issues today: it enables some features (ABM and SSE4a) that are not present in many host CPUs. That means many hosts (but not all of them) had those features silently disabled in the default configuration in QEMU 2.4 and older. With the new "check=on" default, this causes warnings to be printed in the default configuration, because of the lack of SSE4A on all Intel hosts, and the lack of ABM on Sandy Bridge and older hosts: $ qemu-system-x86_64 -machine pc,accel=kvm warning: host doesn't support requested feature: CPUID.80000001H:ECX.abm [bit 5] warning: host doesn't support requested feature: CPUID.80000001H:ECX.sse4a [bit 6] Those issues will be fixed in pc-*-2.5 and newer. But as we can't change the guest ABI in pc-*-2.4, disable "check" mode by default in pc-*-2.4 and older so we don't print spurious warnings. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 382e1737d3467b76e8ade34b96afaae91509002e Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Nov 5 10:12:18 2015 +0100 vnc: fix mismerge Commit "4d77b1f vnc: fix bug: vnc server can't start when 'to' is specified" was rebased incorrectly, fix it. Reported-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Yang Hongyang <hongyang.yang@xxxxxxxxxxxx> Message-id: 1446714738-22400-1-git-send-email-kraxel@xxxxxxxxxx commit 496c1b19facc7b850fa0c09899fcc07a0702fbfd Merge: 8835b9d e01dd3d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 5 14:31:24 2015 +0000 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * Guest ABI fixes for PC machines (hw_version) * Fixes for recent Perl * John Snow's configure fixes * file-backed RAM improvements (Igor, Pavel) * -Werror=clobbered fixes (Stefan) * Kill -d ioport * Fix qemu-system-s390x * Performance improvement for kvmclock migration # gpg: Signature made Thu 05 Nov 2015 13:42:27 GMT using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" * remotes/bonzini/tags/for-upstream: iscsi: Translate scsi sense into error code Revert "Introduce cpu_clean_all_dirty" kvmclock: add a new function to update env->tsc. configure: disable FORTIFY_SOURCE under clang backends/hostmem-file: Allow to specify full pathname for backing file configure: disallow ccache during compile tests cpu-exec: Fix compiler warning (-Werror=clobbered) memory: call begin, log_start and commit when registering a new listener megasas: Use qemu_hw_version() instead of QEMU_VERSION osdep: Rename qemu_{get, set}_version() to qemu_{, set_}hw_version() pc: Set hw_version on all machine classes qemu-log: remove -d ioport ioport: do not use CPU_LOG_IOPORT target-i386: fix pcmpxstrx equal-ordered (strstr) mode scripts/text2pod.pl: Escape left brace file_ram_alloc: propagate error to caller instead of terminating QEMU Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e01dd3da5cf9aa90ae844d3b86c2c2762066edac Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Nov 5 13:00:09 2015 +0800 iscsi: Translate scsi sense into error code Previously we return -EIO blindly when anything goes wrong. Add a helper function to parse sense fields and try to make the return code more meaningful. This also fixes the default werror configuration (enospc) when we're using qcow2 on an iscsi lun. The old -EIO not being treated as out of space error failed to trigger vm stop. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1446699609-11376-1-git-send-email-famz@xxxxxxxxxx> [libiscsi 1.9 compatibility - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8b42704441865611a5ee241ac9fc5cabc47a079b Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:05 2015 +0300 cpu: replay instructions sequence This patch adds calls to replay functions into the icount setup block. In record mode number of executed instructions is written to the log. In replay mode number of istructions to execute is taken from the replay log. When replayed instructions counter is expired qemu_notify_event() function is called to wake up the iothread. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162405.8676.31890.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 56c0269a9ec105d3848d9f900b5e38e6b35e2478 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:23:59 2015 +0300 cpu-exec: allow temporary disabling icount This patch is required for deterministic replay to generate an exception by trying executing an instruction without changing icount. It adds new flag to TB for disabling icount while translating it. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162359.8676.77011.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 26bc60ac82f88d14e65be5387eb4a136edf94f1b Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:23:54 2015 +0300 replay: introduce icount event This patch adds icount event to the replay subsystem. This event corresponds to execution of several instructions and used to synchronize input events in the replay phase. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162354.8676.31351.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c16861ef1b7b27803b4c068ef778ba0f80fba1c2 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:23:48 2015 +0300 replay: introduce mutex to protect the replay log This mutex will protect read/write operations for replay log. Using mutex is necessary because most of the events consist of several fields stored in the log. The mutex will help to avoid races. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162348.8676.8628.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c92079f45fec0bc6a2757aa3783dd9b0604089ba Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:23:43 2015 +0300 replay: internal functions for replay log This patch adds functions to perform read and write operations with replay log. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162342.8676.29445.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d73abd6dcc105fb5cacc34716046fca63132a264 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:23:37 2015 +0300 replay: global variables and function stubs This patch adds global variables, defines, function declarations, and function stubs for deterministic VM replay used by external modules. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162337.8676.41538.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8835b9df3bddf332c883c861d6a1defc12c4ebe9 Merge: 6c5f30c fb68777 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 5 10:52:35 2015 +0000 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-11-04-tag' into staging qemu-ga patch queue * fix file handle cleanup on w32 * use non-blocking mode for file handles on w32 to avoid hangs on guest-file-read/guest-file-write to pipes # gpg: Signature made Wed 04 Nov 2015 19:36:16 GMT using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" * remotes/mdroth/tags/qga-pull-2015-11-04-tag: qga: set file descriptor in qmp_guest_file_open non-blocking on Win32 qga: fixed CloseHandle in qmp_guest_file_open qga: drop hand-made guest_file_toggle_flags helper Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6388acc853b7862761d3c2864be99033e8b62dcc Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Thu Nov 5 11:51:04 2015 +0800 Revert "Introduce cpu_clean_all_dirty" This reverts commit de9d61e83d43be9069e6646fa9d57a3f47779d28. Now 'cpu_clean_all_dirty' is useless, we can revert the related code. Conflicts: include/sysemu/kvm.h Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Message-Id: <1446695464-27116-3-git-send-email-liang.z.li@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0fd7e098db30e302d27920487f0afec33be8982a Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Thu Nov 5 11:51:03 2015 +0800 kvmclock: add a new function to update env->tsc. The commit 317b0a6d8 fixed an issue which caused by the outdated env->tsc value, but the fix lead to 'cpu_synchronize_all_states()' called twice during live migration. The 'cpu_synchronize_all_states()' takes about 130us for a VM which has 4 vcpus, it's a bit expensive. Synchronize the whole CPU context just for updating env->tsc is too wasting, this patch use a new function to update the env->tsc. Comparing to 'cpu_synchronize_all_states()', it only takes about 20us. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Message-Id: <1446695464-27116-2-git-send-email-liang.z.li@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b553a0428014636bce4951098e97c60dc18a83ed Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Nov 3 15:43:42 2015 -0500 configure: disable FORTIFY_SOURCE under clang Some versions of clang may have difficulty compiling glibc headers when -D_FORTIFY_SOURCE is used. For example, Clang++ 3.5.0-9.fc22 cannot compile glibc's stdio headers when -D_FORTIFY_SOURCE=2 is used. This manifests currently as build failures with clang and any arm target. According to LLVM dev Richard Smith, clang does not target or support FORTIFY_SOURCE + glibc, and it should not be relied on. "It's still an unsupported combination, and while it might compile, some of the checks are unlikely to work because they require a frontend inliner to be useful" See: http://lists.llvm.org/pipermail/cfe-dev/2015-November/045846.html Conclusion: disable fortify-source if we appear to be using clang instead of testing for compile success or failure, which may be incidental or not indicative of proper support of the feature. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-Id: <1446583422-10153-1-git-send-email-jsnow@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6c5f30cad290c745f910481d0e890b3f4fad1f00 Merge: 2b5a79f 96e5c9b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 5 10:10:57 2015 +0000 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20151104' into staging migration/next for 20151104 # gpg: Signature made Wed 04 Nov 2015 12:45:19 GMT using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20151104: migration: fix analyze-migration.py script migration: code clean up migration: rename cancel to cleanup in SaveVMHandles migration: rename qemu_savevm_state_cancel migration: defer migration_end & blk_mig_cleanup Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f14c3d85b003d8614144ae67a26157667c1e1245 Author: Peter Lieven <pl@xxxxxxx> Date: Fri Oct 30 12:10:14 2015 +0100 buffer: allow a buffer to shrink gracefully the idea behind this patch is to allow the buffer to shrink, but make this a seldom operation. The buffers average size is measured exponentionally smoothed with am alpha of 1/128. Signed-off-by: Peter Lieven <pl@xxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-20-git-send-email-kraxel@xxxxxxxxxx commit 4ec5ba151ff3f2ac8dc44dabd058eca5846654a6 Author: Peter Lieven <pl@xxxxxxx> Date: Fri Oct 30 12:10:13 2015 +0100 buffer: factor out buffer_adj_size Signed-off-by: Peter Lieven <pl@xxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-19-git-send-email-kraxel@xxxxxxxxxx commit fd95243372f7657c2d24aed269e3be01bed1b87c Author: Peter Lieven <pl@xxxxxxx> Date: Fri Oct 30 12:10:12 2015 +0100 buffer: factor out buffer_req_size Signed-off-by: Peter Lieven <pl@xxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-18-git-send-email-kraxel@xxxxxxxxxx commit c3d6899c5e67dfd7ff195eccc10541f3b7e141a7 Author: Peter Lieven <pl@xxxxxxx> Date: Fri Oct 30 12:10:11 2015 +0100 vnc: recycle empty vs->output buffer If the vs->output buffer is empty it will be dropped by the next qio_buffer_move_empty in vnc_jobs_consume_buffer anyway. So reuse the allocated buffer from this buffer in the worker thread where we otherwise would start with an empty (unallocated buffer). Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-17-git-send-email-kraxel@xxxxxxxxxx [ added a comment describing the non-obvious optimization ] Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2e0c90af0a33451498d333d72c06e5429c7cd168 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:10 2015 +0100 vnc: fix local state init Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-16-git-send-email-kraxel@xxxxxxxxxx commit c7628bff4138ce906a3620d12e0820c1cf6c140d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:09 2015 +0100 vnc: only alloc server surface with clients connected Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-15-git-send-email-kraxel@xxxxxxxxxx commit f7b3d68c95bc4f8915a3d084360aa07c7f4e4717 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:08 2015 +0100 vnc: use vnc_{width,height} in vnc_set_area_dirty Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-14-git-send-email-kraxel@xxxxxxxxxx commit 453f842bc4cab49f10c267cff9ad3cf657265d49 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:07 2015 +0100 vnc: factor out vnc_update_server_surface Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-13-git-send-email-kraxel@xxxxxxxxxx commit d05959c2e111858bb83c40ae5d8b8c10964b7bb0 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:06 2015 +0100 vnc: add vnc_width+vnc_height helpers Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-12-git-send-email-kraxel@xxxxxxxxxx commit e081aae5ae01f5ff695ba9fee4e622053d8e4bfe Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:05 2015 +0100 vnc: zap dead code Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-11-git-send-email-kraxel@xxxxxxxxxx commit d90340115a3569caa72063775ff927f4dc353551 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:04 2015 +0100 vnc-jobs: move buffer reset, use new buffer move Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-10-git-send-email-kraxel@xxxxxxxxxx commit 8305f917c1bc86b1ead0fa9197b5443a4bd611f3 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:03 2015 +0100 vnc: kill jobs queue buffer Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-9-git-send-email-kraxel@xxxxxxxxxx commit 543b95801f98ab2cb7413c39779fd5b7f363ce3d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:02 2015 +0100 vnc: attach names to buffers Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-8-git-send-email-kraxel@xxxxxxxxxx commit d2b90718d25ed6dc8a2bb7f06504e6500dcc7bae Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:01 2015 +0100 buffer: add tracing Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-7-git-send-email-kraxel@xxxxxxxxxx commit 1ff36b5d4d00a4e3633eb960bf2be562f5e47dbf Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:00 2015 +0100 buffer: add buffer_shrink Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-6-git-send-email-kraxel@xxxxxxxxxx commit 830a9583206a051c240b74c3f688a015dc5d2967 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:09:59 2015 +0100 buffer: add buffer_move Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-5-git-send-email-kraxel@xxxxxxxxxx commit 4d1eb5fdb141c9100eb82e1dc7d4547fb1decd8b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:09:58 2015 +0100 buffer: add buffer_move_empty Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-4-git-send-email-kraxel@xxxxxxxxxx commit 810082d15c244b8b29470d3bb1c6b11fc9a40c25 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:09:57 2015 +0100 buffer: add buffer_init Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-3-git-send-email-kraxel@xxxxxxxxxx commit 5c10dbb7b577370e86ff459973b06d530c3777cf Author: Peter Lieven <pl@xxxxxxx> Date: Fri Oct 30 12:09:56 2015 +0100 buffer: make the Buffer capacity increase in powers of two This makes sure the number of reallocs is in O(log N). Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Message-id: 1446203414-4013-2-git-send-email-kraxel@xxxxxxxxxx [ rebased to util/buffer.c ] Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2b5a79f1d961f07332cf77f38cdf9dc2fc7e2b64 Merge: 79cf9fa 5dfdae8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 4 18:20:31 2015 +0000 Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2015-11-03' into staging vl.c: Error message rework # gpg: Signature made Tue 03 Nov 2015 08:40:50 GMT using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-error-2015-11-03: vl.c: Use "%s support is disabled" error messages consistently vl.c: Improve warnings on use of deprecated options vl.c: Touch up error messages vl.c: Remove unnecessary uppercase in error messages vl.c: Use "warning:" prefix consistently on warnings vl.c: Remove periods and exclamation points from error messages vl.c: Replace fprintf(stderr) with error_report() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8d31d6b65a7448582c7bd320fd1b8cfc6cca2720 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Wed Oct 28 12:54:07 2015 +0300 backends/hostmem-file: Allow to specify full pathname for backing file This allows to explicitly specify file name to use with the backend. This is important when using it together with ivshmem in order to make it backed by hugetlbfs. By default filename is autogenerated using mkstemp(), and the file is unlink()ed after creation, effectively making it anonymous. This is not very useful with ivshmem because it ends up in a memory which cannot be accessed by something else. Distinction between directory and file name is done by stat() check. If an existing directory is given, the code keeps old behavior. Otherwise it creates or opens a file with the given pathname. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Tested-by: Igor Skalkin <i.skalkin@xxxxxxxxxxx> Message-Id: <004301d11166$9672fe30$c358fa90$@samsung.com> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5e4dfd3d4e87e0464d599ecef06aa8fe78420a9b Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Oct 28 13:56:40 2015 -0400 configure: disallow ccache during compile tests If the user is using ccache during the configuration step, it may interfere with some of the configuration tests, particularly the "Is ccache interfering with macro analysis" step, which is a bit of a poetic problem. 1) Disallow ccache from reading from the cache during configure, but don't disable it entirely to allow us to see if it causes other problems. 2) Force off CCACHE_CPP2 during the ccache test to get a deterministic answer over whether or not we need to enable that feature later. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-Id: <1446055000-29150-1-git-send-email-jsnow@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0448f5f8b816923b198ab6c32286fd1f3b2f3e45 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Sat Sep 26 13:23:26 2015 +0200 cpu-exec: Fix compiler warning (-Werror=clobbered) Reloading of local variables after sigsetjmp is only needed for some buggy compilers. The code which should reload these variables causes compiler warnings with gcc 4.7 when compiler optimizations are enabled: cpu-exec.c:204:15: error: variable â??cpuâ?? might be clobbered by â??longjmpâ?? or â??vforkâ?? [-Werror=clobbered] cpu-exec.c:207:15: error: variable â??ccâ?? might be clobbered by â??longjmpâ?? or â??vforkâ?? [-Werror=clobbered] cpu-exec.c:202:28: error: argument â??envâ?? might be clobbered by â??longjmpâ?? or â??vforkâ?? [-Werror=clobbered] Now this code is only used for compilers which need it (and gcc 4.5.x, x > 0 which does not need it but won't give warnings). There were bug reports for clang and gcc 4.5.0, while gcc 4.5.1 was reported to work fine without the reload code. For clang it is not clear which versions are affected, so simply keep the status quo for all clang compilations. This can be improved later. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Message-Id: <1443266606-21400-1-git-send-email-sw@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 680a4783dc13f1059c03d11da58193d76c19ead6 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Nov 2 09:23:52 2015 +0100 memory: call begin, log_start and commit when registering a new listener This ensures that cpu_reload_memory_map() is called as soon as tcg_cpu_address_space_init() is called, and before cpu->memory_dispatch is used. qemu-system-s390x never changes the address spaces after tcg_cpu_address_space_init() is called, and thus tcg_commit() is never called. This causes a SIGSEGV. Because memory_map_init() will now call mem_commit(), we have to initialize io_mem_* before address_space_memory and friends. Reported-by: Philipp Kern <pkern@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Fixes: 0a1c71cec63e95f9b8d0dc96d049d2daa00c5210 Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 69fbd0ea25d1f45ab2c8b0d3f431e83063f977f2 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 17:36:09 2015 -0200 megasas: Use qemu_hw_version() instead of QEMU_VERSION Guest visible data shouldn't change with a simple QEMU upgrade, so use qemu_hw_version() to ensure it won't change (as long as the machine class being used has hw_version set). Cc: Hannes Reinecke <hare@xxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: qemu-block@xxxxxxxxxx Reviewed-by: Hannes Reinecke <hare@xxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446233769-7892-4-git-send-email-ehabkost@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 35c2c8dc8c0899882a8e0d349d93bd657772f1e7 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 17:36:08 2015 -0200 osdep: Rename qemu_{get, set}_version() to qemu_{, set_}hw_version() This makes the purpose of the function clearer: it is not about the version of QEMU that's running, but the version string exposed in the emulated hardware. Cc: Andrzej Zaborowski <balrogg@xxxxxxxxx> Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446233769-7892-3-git-send-email-ehabkost@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit de796d93f59d363409dfd9e186ccd64a21f92204 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 17:36:07 2015 -0200 pc: Set hw_version on all machine classes In 2012, QEMU had a bug where it exposed QEMU version information to the guest, meaning a QEMU upgrade would expose different hardware to the guest OS even if the same machine-type is being used. The bug was fixed by commit 93bfef4c6e4b23caea9d51e1099d06433d8835a4, on all machines up to pc-1.0. But we kept introducing the same bug on all newer machines since then. That means we are breaking guest ABI every time QEMU was upgraded. Fix this by setting the hw_version on all PC machines, making sure the hardware won't change when upgrading QEMU. Note that QEMU_VERSION was "1.0" in QEMU 1.0, but starting on QEMU 1.1.0, it started following the "x.y.0" pattern. We have to follow it, to make sure we use the right QEMU_VERSION string from each QEMU release. The 2.5 machine classes could have hw_version unset, because the default value for qemu_get_version() is QEMU_VERSION. But I decided to set it explicitly to QEMU_VERSION so we don't forget to update it to "2.5.0" after we release 2.5.0 and create a 2.6 machine class. Reported-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446233769-7892-2-git-send-email-ehabkost@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ddcc8e9d51c415a7b7b2983c3552408d9a50be6e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Oct 16 15:09:01 2015 +0200 qemu-log: remove -d ioport It was disabled at compile-time, and is now replaced by tracepoints. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6f94b7d97f7e0e486a70fb06b703442e2c04a29a Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Oct 16 15:08:34 2015 +0200 ioport: do not use CPU_LOG_IOPORT These messages are disabled by default; a perfect usecase for tracepoints, which in fact already exist. Add the missing information to them and stop using qemu_log_mask. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 54c54f8b56047d3c2420e1ae06a6a8890c220ac4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 11:50:27 2015 +0200 target-i386: fix pcmpxstrx equal-ordered (strstr) mode In this mode, referring an invalid element of the source forces the result to false (table 4-7, last column) but referring an invalid element of the destination forces the result to true, so the outer loop should still be run even if some elements of the destination will be invalid. They will be avoided in the inner loop, which correctly bounds "i" to validd, but they will still contribute to a positive outcome of the search. This fixes tst_strstr in glibc 2.17. Reported-by: Florian Weimer <fweimer@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fb68777312887000cd0367d72621fdd67cc4a0a0 Author: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Date: Wed Oct 28 18:13:57 2015 +0300 qga: set file descriptor in qmp_guest_file_open non-blocking on Win32 Set fd non-blocking to avoid common use cases (like reading from a named pipe) from hanging the agent. This was missed in the original code. The patch introduces qemu_set_handle_nonoblocking, the local analog of qemu_set_nonblock for HANDLES. The usage of handles in qemu_set_non/block is impossible, because for win32 there is a difference between file discriptors and file handles, and all file ops are made via Win32 api. Signed-off-by: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> CC: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit c87d0964ef7534d50a4c729a6ae20045b3a0cd34 Author: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Date: Wed Oct 28 18:13:56 2015 +0300 qga: fixed CloseHandle in qmp_guest_file_open CloseHandle use HANDLE as an argument, but not *HANDLE Signed-off-by: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Weil <sw@xxxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 125053965b05b31427ff5c75dc3b87acaa8d0505 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Wed Oct 28 18:13:55 2015 +0300 qga: drop hand-made guest_file_toggle_flags helper We'd better use generic qemu_set_nonblock directly. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 96e5c9bc77acef8b7b56cbe23a8a2611feff9e34 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Sat Sep 5 20:51:48 2015 +0100 migration: fix analyze-migration.py script Commit 61964 "Add configuration section" broke the analyze-migration.py script which terminates due to the unrecognised section. Fix the script by parsing the contents of the configuration section directly into a new ConfigurationSection object (although nothing is done with it yet). Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx>al3 Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx>al3 commit 6ad2a215e7170350430adfda02eb8ef47c1acd8e Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Nov 2 15:37:03 2015 +0800 migration: code clean up Just clean up code, no behavior change. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx>al3 Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx>al3 Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx>al3 commit d1a8548c10bf6d24160ec2aafa4881a3f50a8373 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Nov 2 15:37:02 2015 +0800 migration: rename cancel to cleanup in SaveVMHandles 'cleanup' seems more appropriate than 'cancel'. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx>al3 Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx>al3 Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx>al3 commit ea7415fac677c5c1599214ee226ab4a3a438fdd6 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Nov 2 15:37:01 2015 +0800 migration: rename qemu_savevm_state_cancel The function qemu_savevm_state_cancel is called after the migration in migration_thread, it seems strange to 'cancel' it after completion, rename it to qemu_savevm_state_cleanup looks better. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx>al3 Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx>al3 Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx>al3 commit 94f5a43704129ca4995aa3385303c5ae225bde42 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Nov 2 15:37:00 2015 +0800 migration: defer migration_end & blk_mig_cleanup Because of the patch 3ea3b7fa9af067982f34b of kvm, which introduces a lazy collapsing of small sptes into large sptes mechanism, now migration_end() is a time consuming operation because it calls memroy_global_dirty_log_stop(), which will trigger the dropping of small sptes operation and takes about dozens of milliseconds, so call migration_end() before all the vmsate data has already been transferred to the destination will prolong VM downtime. This operation should be deferred after all the data has been transferred to the destination. blk_mig_cleanup() can be deferred too. For a VM with 8G RAM, this patch can reduce the VM downtime about 30 ms. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx>al3 Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx>al3 Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx>al3 commit 79cf9fad341e6e7bd6b55395b71d5c5727d7f5b0 Merge: 19bb546 5d9c175 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 3 14:54:40 2015 +0000 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151103' into staging target-arm queue: * code cleanup to use symbolic constants for register bank numbers * fix direct booting of modern Linux kernels on xilinx_zynq by setting SCLR values to what the kernel expects firmware to have done * implement SYSRESETREQ for ARMv7M CPU (stellaris boards) * update MAINTAINERS to mention new qemu-arm mailing list * clean up display of PSTATE in AArch64 debug logs * report Secure/Nonsecure status in CPU debug logs * fix a missing _CCA attribute in ACPI tables * add support for GICv3 to ACPI tables # gpg: Signature made Tue 03 Nov 2015 13:58:46 GMT using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20151103: ARM: ACPI: Fix MPIDR value in ACPI table hw/arm/virt-acpi-build: Add GICC ACPI subtable for GICv3 hw/arm/virt-acpi-build: _CCA attribute is compulsory target-arm: Report S/NS status in the CPU debug logs target-arm: Bring AArch64 debug CPU display of PSTATE into line with AArch32 MAINTAINERS: Add new qemu-arm mailing list to ARM related entries arm: stellaris: exit on external reset request armv7-m: Implement SYSRESETREQ armv7-m: Return DeviceState* from armv7m_init() arm: xilinx_zynq: Add linux pre-boot arm: boot: Add board specific setup code API arm: boot: Adjust indentation of FIXUP comments target-arm: Add and use symbolic names for register banks Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 19bb5467135df4b234af2c93bf6c50284158d6ca Merge: 130d0bc a9be4e7 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 3 14:09:59 2015 +0000 Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20151103-1' into staging usb: two bugfixes for ehci & usb-host. # gpg: Signature made Tue 03 Nov 2015 10:57:28 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-usb-20151103-1: usb-host: fix usb3ep0quirk test ehci: clear suspend bit on detach Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5d9c1756140d680e66e5b45005a1fb7078b74ee1 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue Nov 3 13:49:42 2015 +0000 ARM: ACPI: Fix MPIDR value in ACPI table Use mp_affinity of ARMCPU as the CPU MPIDR instead of the CPU index. Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Message-id: 1446285001-7316-1-git-send-email-zhaoshenglong@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f2fbfacec024d1e78c10fc8498f3126557c21ed8 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue Nov 3 13:49:42 2015 +0000 hw/arm/virt-acpi-build: Add GICC ACPI subtable for GICv3 When booting VM with GICv3, the kernel needs GICC ACPI subtable to initialize the CPUs, e.g. MPIDR information. This adds GICC ACPI subtable for GICv3, but set GICC base address only when gic_version == 2 since it donesn't need GICC base address for GICv3. Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Message-id: 1446131773-5018-1-git-send-email-shannon.zhao@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bc64b96c984abfe84f43562ca7480bb4f2af0613 Author: Graeme Gregory <graeme.gregory@xxxxxxxxxx> Date: Tue Nov 3 13:49:42 2015 +0000 hw/arm/virt-acpi-build: _CCA attribute is compulsory According to ACPI specification 6.2.17 _CCA (Cache Coherency Attribute) this attribute is compulsory on ARM systems. Add this attribute to the PCI host bridges as required. Without this the kernel will produce the error [Firmware Bug]: PCI device 0000:00:00.0 fail to setup DMA. Signed-off-by: Graeme Gregory <graeme.gregory@xxxxxxxxxx> Message-id: 1446460786-13663-1-git-send-email-graeme.gregory@xxxxxxxxxx Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 06e5cf7acd1f94ab7c1cd6945974a1f039672940 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 3 13:49:42 2015 +0000 target-arm: Report S/NS status in the CPU debug logs If this CPU supports EL3, enhance the printing of the current CPU mode in debug logging to distinguish S from NS modes as appropriate. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1445883178-576-3-git-send-email-peter.maydell@xxxxxxxxxx commit 08b8e0f527930208a548b424d2ab3103bf3c8c02 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 3 13:49:42 2015 +0000 target-arm: Bring AArch64 debug CPU display of PSTATE into line with AArch32 The AArch64 debug CPU display of PSTATE as "PSTATE=200003c5 (flags --C-)" on the end of the same line as the last of the general purpose registers is unnecessarily different from the AArch32 display of PSR as "PSR=200001d3 --C- A svc32" on its own line. Update the AArch64 code to put PSTATE in its own line and in the same format, including printing the exception level (mode). Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1445883178-576-2-git-send-email-peter.maydell@xxxxxxxxxx commit b4f2bd1ce89f3a324fd047c65573897b39d5aaf8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 3 13:49:42 2015 +0000 MAINTAINERS: Add new qemu-arm mailing list to ARM related entries We now have a qemu-arm mailing list for ARM patches and discussion, so add an L: entry for it to the various ARM related entries in MAINTAINERS. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 1446129661-5239-1-git-send-email-peter.maydell@xxxxxxxxxx commit d69ffb5b48701d8f33cdfa2570a4ea1d5eb9de4d Author: Michael Davidsaver <mdavidsaver@xxxxxxxxx> Date: Tue Nov 3 13:49:41 2015 +0000 arm: stellaris: exit on external reset request Add GPIO in for the stellaris board which calls qemu_system_reset_request() on reset request. Signed-off-by: Michael Davidsaver <mdavidsaver@xxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e192becdc7b05276a41ebef9fe11e6c30ddb91e3 Author: Michael Davidsaver <mdavidsaver@xxxxxxxxx> Date: Tue Nov 3 13:49:41 2015 +0000 armv7-m: Implement SYSRESETREQ Implement the SYSRESETREQ bit of the AIRCR register for armv7-m (ie. cortex-m3) to trigger a GPIO out. Signed-off-by: Michael Davidsaver <mdavidsaver@xxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 20c59c38927902a8e2c67da7d9a24b5222a31cb7 Author: Michael Davidsaver <mdavidsaver@xxxxxxxxx> Date: Tue Nov 3 13:49:41 2015 +0000 armv7-m: Return DeviceState* from armv7m_init() Change armv7m_init to return the DeviceState* for the NVIC. This allows access to all GPIO blocks, not just the IRQ inputs. Move qdev_get_gpio_in() calls out of armv7m_init() into board code for stellaris and stm32f205 boards. Signed-off-by: Michael Davidsaver <mdavidsaver@xxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c3a9a689c6ff07ba2e00bafc68626fad84587794 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Nov 3 13:49:41 2015 +0000 arm: xilinx_zynq: Add linux pre-boot Add a Linux-specific pre-boot routine that matches the device- specific bootloaders behaviour. This is needed for modern Linux that expects the ARM PLL in SLCR to be a more even value (not 26). Cc: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 9a9025ea65572586b50dca4e5819032e3c436d64.1446182614.git.crosthwaite.peter@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 10b8ec73e610e017ac2fbaf486fce21eec7061b2 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Nov 3 13:49:41 2015 +0000 arm: boot: Add board specific setup code API Add an API for boards to inject their own preboot software (or firmware) sequence. The software then returns to the bootloader via the link register. This allows boards to do their own little bits of firmware setup without needed to replace the bootloader completely (which is the requirement for existing firmware support). The blob is loaded by a callback if and only if doing a linux boot (similar to the existing write_secondary support). Rewrite the comment for the primary boot blob. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 070295644c6ac84696d743913296e8cfefb48c15.1446182614.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 84e59397797ff2040439058b689adbfef608b879 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Nov 3 13:49:41 2015 +0000 arm: boot: Adjust indentation of FIXUP comments These comments start immediately after the current longest name in the list. Tab them out to the next tab stop to give a little breathing room and prepare for FIXUP_BOARD_SETUP which will require more indent. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: b9b9bb8f1c307c1ef8a3f26ff1f34fabb34b332e.1446182614.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 99a99c1fc8e9bfec1656ac5916c53977a93d3581 Author: Soren Brinkmann <soren.brinkmann@xxxxxxxxxx> Date: Tue Nov 3 13:49:41 2015 +0000 target-arm: Add and use symbolic names for register banks Add BANK_<cpumode> #defines to index banked registers. Suggested-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Soren Brinkmann <soren.brinkmann@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a9be4e7c48c4892c836bda1be4d550bb1a6732bd Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 23 14:27:10 2015 +0200 usb-host: fix usb3ep0quirk test usb->speed is the usb speed the device is actually running on in the qemu emulation (i.e. from the guests point of view). So when plugging usb3 devices into ehci hostadapter this is HIGH not SUPER. To figure whenever the host talks to the device with superspeed we have to check speedmask instead and see whenever the superspeed bit is set there. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Message-id: 1445603230-11840-1-git-send-email-kraxel@xxxxxxxxxx commit cbf82fa01e6fd4ecb234b235b10ffce548154a95 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Oct 21 09:44:22 2015 +0200 ehci: clear suspend bit on detach When a device is detached, clear the suspend bit (PORTSC_SUSPEND) in the port status register. The specs are not *that* clear what is supposed to happen in case a suspended device is unplugged. But the enable bit (PORTSC_PED) is cleared, and the specs mention setting suspend with enable being unset is undefined behavior. So clearing them both looks reasonable, and it actually fixes the reported bug. https://bugzilla.redhat.com/show_bug.cgi?id=1268879 Cc: Hans de Goede <hdegoede@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Hans de Goede <hdegoede@xxxxxxxxxx> Message-id: 1445413462-18004-1-git-send-email-kraxel@xxxxxxxxxx commit 130d0bc6594d0cc6591d00312841891b3c187b07 Merge: 3d861a0 4d77b1f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 3 10:20:04 2015 +0000 Merge remote-tracking branch 'remotes/kraxel/tags/pull-ui-20151103-1' into staging ui: fixes for vnc, opengl and curses. # gpg: Signature made Tue 03 Nov 2015 09:53:24 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-ui-20151103-1: vnc: fix bug: vnc server can't start when 'to' is specified vnc: allow fall back to RAW encoding ui/opengl: Reduce build required libraries for opengl ui/curses: Fix pageup/pagedown on -curses ui/curses: Support line graphics chars on -curses mode ui/curses: Fix monitor color with -curses when 256 colors Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4d77b1f23877b579b94421d0cab2bebc79f4e171 Author: Yang Hongyang <hongyang.yang@xxxxxxxxxxxx> Date: Tue Oct 27 14:10:52 2015 +0800 vnc: fix bug: vnc server can't start when 'to' is specified commit e0d03b8ceb52 converted VNC startup to use SocketAddress, the interface socket_listen don't have a port_offset param, so we need to add the port offset (5900) to both 'port' and 'to' opts. currently only 'port' is added by offset. This patch add the port offset to 'to' opts. Signed-off-by: Yang Hongyang <hongyang.yang@xxxxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1445926252-14830-1-git-send-email-hongyang.yang@xxxxxxxxxxxx Cc: Daniel P. Berrange <berrange@xxxxxxxxxx> Cc: Eric Blake <eblake@xxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit de3f7de7f4e257ce44cdabb90f5f17ee99624557 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Aug 27 14:46:25 2015 +0200 vnc: allow fall back to RAW encoding I have observed that depending on the contents and the encoding it happens that sending data as RAW sometimes would take less space than the encoded data. This is especially the case for small updates or areas with high color images. If sending RAW encoded data is beneficial allow a fall back to RAW encoding for the framebuffer update. Signed-off-by: Peter Lieven <pl@xxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit fb719563676f8958141a5c984e876a9a1b18f48b Author: OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx> Date: Tue Oct 27 02:45:48 2015 +0900 ui/opengl: Reduce build required libraries for opengl We now use epoxy to load opengl libraries. This means we don't need to link opengl libraries directly if interfaces handled by epoxy. With this, we just need epoxy headers and epoxy's *.so to build. Tested with epoxy-1.3.1. - sdl2/gtk/console egl stuff doesn't require other than epoxy - milkymist-tmu2 glx stuff doesn't require other than epoxy (lm32 test is limited, because can't find mmone-bios.bin, so just test to load libGL with "./lm32-softmmu/qemu-system-lm32 -M milkymist,accel=qtest") Signed-off-by: OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx> [ lm32 tested by kraxel ] Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e72df72a558cc189bb8681df8059b3a8cff281fc Author: OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 19 21:24:07 2015 +0900 ui/curses: Fix pageup/pagedown on -curses Current KEY_NPAGE/KEY_PPAGE handling is broken on -curses. Those uses "GREY", but "KEY_MASK" masked out "GREY". To fix, we have to use correct mask value - SCANCODE_KEYMASK. Then, this adds support of "shift + pageup/pagedown". With this, -curses mode can use scroll-up/down as usual like other display modes. Signed-off-by: OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e2368dc9684ae5cec2f0558be4803901a0b58b7b Author: OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 19 21:23:46 2015 +0900 ui/curses: Support line graphics chars on -curses mode This converts vga code to curses code in console_write_bh(). With this changes, we can see line graphics (for example, dialog uses) correctly. Signed-off-by: OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 615220ddaf23db4c5686053257c568b46967e4b5 Author: OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 19 21:23:10 2015 +0900 ui/curses: Fix monitor color with -curses when 256 colors If TERM=xterm-256color, COLOR_PAIRS==256 and monitor passes chtype like 0x74xx. Then, the code uses uninitialized color pair. As result, monitor uses black for both of fg and bg color, i.e. terminal is filled by black. To fix, this initialize above than 64 with default color (fg=white,bg=black). FIXME: on 256 color, curses may be possible better vga color emulation. Signed-off-by: OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 5dfdae814307f7580d56ab4505288224751e0801 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 13:08:02 2015 -0200 vl.c: Use "%s support is disabled" error messages consistently Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446217682-24421-12-git-send-email-ehabkost@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 515cb8ef27874822c64bc81ccde9bd7227383137 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 13:08:00 2015 -0200 vl.c: Improve warnings on use of deprecated options Simplify warnings about deprecated options by rewriting them as "warning: ignoring deprecated option". Reword -no-kvm-pit-reinjection deprecation warning. Suggested-by: Andrew Jones <drjones@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446217682-24421-10-git-send-email-ehabkost@xxxxxxxxxx> [Squashed in Message-Id: <1446217682-24421-11-git-send-email-ehabkost@xxxxxxxxxx> and updated commit message] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 4cd70f34afa817cfc891f6c64fd7e277ba561784 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 13:07:56 2015 -0200 vl.c: Touch up error messages Several small improvements: * Use "cannot" instead of "can not" * Use 'quotes' instead of `quotes' * Change "fail to parse" error message to "failed to parse" Suggested-by: Eric Blake <eblake@xxxxxxxxxx> Suggested-by: Andrew Jones <drjones@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446217682-24421-6-git-send-email-ehabkost@xxxxxxxxxx> [Squashed in Message-Id: <1446217682-24421-7-git-send-email-ehabkost@xxxxxxxxxx> Message-Id: <1446217682-24421-9-git-send-email-ehabkost@xxxxxxxxxx> and updated commit message] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 3e5153732e96d870b3272e662234d664c15e3815 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 13:07:58 2015 -0200 vl.c: Remove unnecessary uppercase in error messages Suggested-by: Andrew Jones <drjones@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446217682-24421-8-git-send-email-ehabkost@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit eb177ec1843476f278a63d936b0f73f456a86024 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 13:07:55 2015 -0200 vl.c: Use "warning:" prefix consistently on warnings Suggested-by: Andrew Jones <drjones@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446217682-24421-5-git-send-email-ehabkost@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 8afb900030b93122a40ef4a636d02ba888bdce12 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 13:07:54 2015 -0200 vl.c: Remove periods and exclamation points from error messages Except for removing periods and exclamation points, no other changes were made to the error messages (yet). Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446217682-24421-4-git-send-email-ehabkost@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit f61eddcb2bb5cbbdd1d911b7e937db9affc29028 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 13:07:52 2015 -0200 vl.c: Replace fprintf(stderr) with error_report() Straightforward replacement, except for qemu_kill_report(), which printed a common part of its error message first, then the applicable special part. Print each complete message with a single error_report() instead. Multi-line messages were replaced by error_report() followed by error_printf(). The following changes were made to the error messages: * The "invalid date format" message was reworded to better fit the new error_report()+error_printf() pattern. * On the remaining messages, only the trailing newlines, "qemu:" and "error:" message prefixes were removed. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446217682-24421-2-git-send-email-ehabkost@xxxxxxxxxx> [Squashed in Message-Id: <1446217682-24421-3-git-send-email-ehabkost@xxxxxxxxxx> and updated commit message] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit aa5ccadcca3e6018ebd9d2e8b0a0604f7cb0cd59 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Tue Oct 20 15:38:46 2015 +0800 scripts/text2pod.pl: Escape left brace Latest perl now deprecates "{" literal in regex and print warnings like "unescaped left brace in regex is deprecated". Add escapes to keep it happy. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1445326726-16031-1-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit cc57501dee37376d0a2fbc5921e0f3a9ed4b117d Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Mon Oct 19 19:11:11 2015 +0200 file_ram_alloc: propagate error to caller instead of terminating QEMU QEMU shouldn't exits from file_ram_alloc() if -mem-prealloc option is specified and "object_add memory-backend-file,..." fails allocation during memory hotplug. Propagate error to a caller and let it decide what to do with allocation failure. That leaves QEMU alive if it can't create backend during hotplug time and kills QEMU at startup time if backends or initial memory were misconfigured/ too large. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Message-Id: <1445274671-17704-1-git-send-email-imammedo@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3d861a01093f8eedfac9889746ccafcfd32039b7 Merge: 24f4a0f 32bc687 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Nov 2 11:11:39 2015 +0000 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-11-02' into staging QAPI patches # gpg: Signature made Mon 02 Nov 2015 09:07:23 GMT using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-11-02: (25 commits) qapi: Simplify gen_struct_field() qapi: Reserve 'u' member name qapi: Finish converting to new qapi union layout tpm: Convert to new qapi union layout memory: Convert to new qapi union layout input: Convert to new qapi union layout char: Convert to new qapi union layout net: Convert to new qapi union layout sockets: Convert to new qapi union layout block: Convert to new qapi union layout tests: Convert to new qapi union layout qapi-visit: Convert to new qapi union layout qapi: Start converting to new qapi union layout qapi-visit: Remove redundant functions for flat union base qapi: Unbox base members qapi: Prefer typesafe upcasts to qapi base classes qapi-types: Refactor base fields output qapi-visit: Split off visit_type_FOO_fields forward decl vnc: Hoist allocation of VncBasicInfo to callers qapi: Reserve 'q_*' and 'has_*' member names ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 32bc6879beea0b0cac6196cb15a71d206401e96d Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:35:03 2015 -0600 qapi: Simplify gen_struct_field() Rather than having all callers pass a name, type, and optional flag, have them instead pass a QAPISchemaObjectTypeMember which already has all that information. No change to generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-25-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 5e59baf90a72cd25d38a3134edc029f4f022da74 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:35:02 2015 -0600 qapi: Reserve 'u' member name Now that we have separated union tag values from colliding with non-variant C names, by naming the union 'u', we should reserve this name for our use. Note that we want to forbid 'u' even in a struct with no variants, because it is possible for a future qemu release to extend QMP in a backwards-compatible manner while converting from a struct to a flat union. Fortunately, no existing clients were using this member name. If we ever find the need for QMP to have a member 'u', we could at that time relax things, perhaps by having c_name() munge the QMP member to 'q_u'. Note that we cannot forbid 'u' everywhere (by adding the rejection code to check_name()), because the existing QKeyCode enum already uses it; therefore we only reserve it as a struct type member name. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-24-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit e4ba22b31943ab02373359555bd7bcd66442632f Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:35:01 2015 -0600 qapi: Finish converting to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. This patch is the back end for a series that converts to a saner qapi union layout. Now that all clients have been converted to use 'type' and 'obj->u.value', we can drop the temporary parallel support for 'kind' and 'obj->value'. Given a simple union qapi type: { 'union':'Foo', 'data': { 'a':'int', 'b':'bool' } } this is the overall effect, when compared to the state before this series of patches: | struct Foo { |- FooKind kind; |- union { /* union tag is @kind */ |+ FooKind type; |+ union { /* union tag is @type */ | void *data; | int64_t a; | bool b; |- }; |+ } u; | }; The testsuite still contains some examples of artificial restrictions (see flat-union-clash-type.json, for example) that are no longer technically necessary, now that there is no longer a collision between enum tag values and non-variant member names; but fixing this will be done in later patches, in part because some further changes are required to keep QAPISchema*.check() from asserting. Also, a later patch will add a reservation for the member name 'u' to avoid a collision between a user's non-variant names and our internal choice of C union name. Note, however, that we do not rename the generated enum, which is still 'FooKind'. A further patch could generate implicit enums as 'FooType', but while the generator already reserved the '*Kind' namespace (commit 4dc2e69), there are already QMP constructs with '*Type' naming, which means changing our reservation namespace would have lots of churn to C code to deal with a forced name change. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-23-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ce21131a0b9e556bb73bf65eacdc07ccb21f78a9 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:35:00 2015 -0600 tpm: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for TPM-related code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-22-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 1fd5d4fea4ba686705fd377c7cffc0f0c9f83f93 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:59 2015 -0600 memory: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for memory-related code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-21-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 568c73a4783cd981e9aa6de4f15dcda7829643ad Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:58 2015 -0600 input: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for input-related code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-20-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 130257dc443574a9da91dc293665be2cfc40245a Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:57 2015 -0600 char: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for character-related code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-19-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 8d0bcba8370a4e8606dee602393a14d0c48e8bfc Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:56 2015 -0600 net: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for net-related code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-18-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 2d32addae70987521578d8bb27c6b3f52cdcbdcb Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:55 2015 -0600 sockets: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for socket-related code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-17-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 6a8f9661dc3c088ed0d2f5b41d940190407cbdc5 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:54 2015 -0600 block: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for block-related code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-16-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit c363acef772647f66becdbf46dd54e70e67f3cc9 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:53 2015 -0600 tests: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for testsuite code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-15-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 150d0564a4c626642897c748f7906260a13c14e1 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:52 2015 -0600 qapi-visit: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for qapi-visit.py. Generated code changes look like: |@@ -4912,16 +4912,16 @@ void visit_type_MemoryDeviceInfo(Visitor | if (!*obj) { | goto out_obj; | } |- visit_type_MemoryDeviceInfoKind(v, &(*obj)->kind, "type", &err); |+ visit_type_MemoryDeviceInfoKind(v, &(*obj)->type, "type", &err); | if (err) { | goto out_obj; | } |- if (!visit_start_union(v, !!(*obj)->data, &err) || err) { |+ if (!visit_start_union(v, !!(*obj)->u.data, &err) || err) { | goto out_obj; | } |- switch ((*obj)->kind) { |+ switch ((*obj)->type) { | case MEMORY_DEVICE_INFO_KIND_DIMM: |- visit_type_PCDIMMDeviceInfo(v, &(*obj)->dimm, "data", &err); |+ visit_type_PCDIMMDeviceInfo(v, &(*obj)->u.dimm, "data", &err); | break; | default: | abort(); |@@ -4930,7 +4930,7 @@ out_obj: | error_propagate(errp, err); | err = NULL; | if (*obj) { |- visit_end_union(v, !!(*obj)->data, &err); |+ visit_end_union(v, !!(*obj)->u.data, &err); | } | error_propagate(errp, err); | err = NULL; Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-14-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit f51d8fab44b231aa299d8de24cfdf9ba41ef4a21 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:51 2015 -0600 qapi: Start converting to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. This patch is the front end for a series that converts to a saner qapi union layout. By the end of the series, we will no longer have the type/kind mismatch, and all tag values will be under a named union, which requires clients to access 'obj->u.value' instead of 'obj->value'. But since the conversion touches a number of files, it is easiest if we temporarily support BOTH layouts simultaneously. Given a simple union qapi type: { 'union':'Foo', 'data': { 'a':'int', 'b':'bool' } } make the following changes in generated qapi-types.h: | struct Foo { |- FooKind kind; |- union { /* union tag is @kind */ |+ union { |+ FooKind kind; |+ FooKind type; |+ }; |+ union { /* union tag is @type */ | void *data; | int64_t a; | bool b; |+ union { /* union tag is @type */ |+ void *data; |+ int64_t a; |+ bool b; |+ } u; | }; | }; Flat unions do not need the anonymous union for the tag member, as we already fixed that to use the member name instead of 'kind' back in commit 0f61af3e. One additional change is needed in qapi.py: check_union() now needs to check for collisions with 'type' in addition to those with 'kind'. Later, when the conversions are complete, we will remove the duplication hacks, and also drop the check_union() restrictions. Note, however, that we do not rename the generated enum, which is still 'FooKind'. A further patch could generate implicit enums as 'FooType', but while the generator already reserved the '*Kind' namespace (commit 4dc2e69), there are already QMP constructs with '*Type' naming, which means changing our reservation namespace would have lots of churn to C code to deal with a forced name change. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-13-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 5c5e51a05b567fd48fb155d94ca6f7679dd0d478 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:50 2015 -0600 qapi-visit: Remove redundant functions for flat union base The code for visiting the base class of a child struct created visit_type_Base_fields() which covers all fields of Base; while the code for visiting the base class of a flat union created visit_type_Union_fields() covering all fields of the base except the discriminator. But since the base class includes the discriminator of a flat union, we can just visit the entire base, without needing a separate visit of the discriminator. Not only is consistently visiting all fields easier to understand, it lets us share code. The generated code in qapi-visit.c loses several now-unused visit_type_UNION_fields(), along with changes like: |@@ -1654,11 +1557,7 @@ void visit_type_BlockdevOptions(Visitor | if (!*obj) { | goto out_obj; | } |- visit_type_BlockdevOptions_fields(v, obj, &err); |- if (err) { |- goto out_obj; |- } |- visit_type_BlockdevDriver(v, &(*obj)->driver, "driver", &err); |+ visit_type_BlockdevOptionsBase_fields(v, (BlockdevOptionsBase **)obj, &err); | if (err) { | goto out_obj; | } and forward declarations where needed. Note that the cast of obj to BASE ** is necessary to call visit_type_BASE_fields() (and we can't use our upcast wrappers, because those work on pointers while we have a pointer-to-pointer). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-12-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ddf21908961073199f3d186204da4810f2ea150b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:49 2015 -0600 qapi: Unbox base members Rather than storing a base class as a pointer to a box, just store the fields of that base class in the same order, so that a child struct can be directly cast to its parent. This gives less malloc overhead, less pointer dereferencing, and even less generated code. Compare to the earlier commit 1e6c1616a "qapi: Generate a nicer struct for flat unions" (although that patch had fewer places to change, as less of qemu was directly using qapi structs for flat unions). It also allows us to turn on automatic type-safe wrappers for upcasting to the base class of a struct. Changes to the generated code look like this in qapi-types.h: | struct SpiceChannel { |- SpiceBasicInfo *base; |+ /* Members inherited from SpiceBasicInfo: */ |+ char *host; |+ char *port; |+ NetworkAddressFamily family; |+ /* Own members: */ | int64_t connection_id; as well as additional upcast functions like qapi_SpiceChannel_base(). Meanwhile, changes to qapi-visit.c look like: | static void visit_type_SpiceChannel_fields(Visitor *v, SpiceChannel **obj, Error **errp) | { | Error *err = NULL; | |- visit_type_implicit_SpiceBasicInfo(v, &(*obj)->base, &err); |+ visit_type_SpiceBasicInfo_fields(v, (SpiceBasicInfo **)obj, &err); | if (err) { (the cast is necessary, since our upcast wrappers only deal with a single pointer, not pointer-to-pointer); plus the wholesale elimination of some now-unused visit_type_implicit_FOO() functions. Without boxing, the corner case of one empty struct having another empty struct as its base type now requires inserting a dummy member (previously, the 'Base *base' member sufficed). And now that we no longer consume a 'base' member in the generated C struct, we can delete the former negative struct-base-clash-base test. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-11-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 30594fe1cd4355626e73b80645428105d0df3cf6 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:48 2015 -0600 qapi: Prefer typesafe upcasts to qapi base classes A previous patch (commit 1e6c1616) made it possible to directly cast from a qapi flat union type to its base type. However, it requires the use of a C cast, which turns off compiler type-safety checks. Fortunately, no such casts exist, just yet. Regardless, add inline type-safe wrappers named qapi_FOO_base() for any union type FOO that has a base, which can be used for a safer upcast, and enhance the testsuite to cover the new functionality. A future patch will extend the upcast support to structs, where such conversions do exist already. Note that C makes const-correct upcasts annoying because it lacks overloads; these functions cast away const so that they can accept user pointers whether const or not, and the result in turn can be assigned to normal or const pointers. Alternatively, this could have been done with macros, but type-safe macros are hairy, and not worthwhile here. This patch just adds upcasts. None of our code needed to downcast from a base qapi class to a child. Also, in the case of grandchildren (such as BlockdevOptionsQcow2), the caller will need to call two functions to get to the inner base (although it wouldn't be too hard to generate a qapi_FOO_base_base() if desired). If a user changes qapi to alter the base class hierarchy, such as going from 'A -> C' to 'A -> B -> C', it will change the type of 'qapi_C_base()', and the compiler will point out the places that are affected by the new base. One alternative was proposed, but was deemed too ugly to use in practice: the generators could output redundant information using anonymous types: | struct Child { | union { | struct { | Type1 parent_member1; | Type2 parent_member2; | }; | Parent base; | }; | }; With that ugly proposal, for a given qapi type, obj->member and obj->base.member would refer to the same storage; allowing convenience in working with members without needing 'base.' allowing typesafe upcast without needing a C cast by accessing '&obj->base', and allowing downcasts from the parent back to the child possible through container_of(obj, Child, base). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-10-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit f87ab7f9bd956250c48b5c6e9b607b537fd21543 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:47 2015 -0600 qapi-types: Refactor base fields output Move code from gen_union() into gen_struct_fields() in order for a later patch to share code when enumerating inherited fields for struct types. No change to generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-9-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit d02cf37766ba3cf918d7085aa7848c9dc05fd11a Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:46 2015 -0600 qapi-visit: Split off visit_type_FOO_fields forward decl We generate a static visit_type_FOO_fields() for every type FOO. However, sometimes we need a forward declaration. Split the code to generate the forward declaration out of gen_visit_implicit_struct() into a new gen_visit_fields_decl(), and also prepare for a forward declaration to be emitted during gen_visit_struct(), so that a future patch can switch from using visit_type_FOO_implicit() to the simpler visit_type_FOO_fields() as part of unboxing the base class of a struct. No change to generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-8-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 98481bfcd661daa3c160cc87a297b0e60a307788 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:45 2015 -0600 vnc: Hoist allocation of VncBasicInfo to callers A future qapi patch will rework generated structs with a base class to be unboxed. In preparation for that, change the code that allocates then populates an info struct to instead merely populate the fields of an info field passed in as a parameter (renaming vnc_basic_info_get* to vnc_init_basic_info*). Add rudimentary Error handling at the lowest levels for cases where the old code returned NULL; but rather than plumb Error all the way through the stack, the callers drop the error and return NULL as before. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-7-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 9fb081e0b98409556d023c7193eeb68947cd1211 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:44 2015 -0600 qapi: Reserve 'q_*' and 'has_*' member names c_name() produces names starting with 'q_' when protecting a dictionary member name that would fail to directly compile, but in doing so can cause clashes with any member name already beginning with 'q-' or 'q_'. Likewise, we create a C name 'has_' for any optional member that can clash with any member name beginning with 'has-' or 'has_'. Technically, rather than blindly reserving the namespace, we could try to complain about user names only when an actual collision occurs, or even teach c_name() how to munge names to avoid collisions. But it is not trivial, especially when collisions can occur across multiple types (such as via inheritance or flat unions). Besides, no existing .json files are trying to use these names. So it's easier to just outright forbid the potential for collision. We can always relax things in the future if a real need arises for QMP to express member names that have been forbidden here. 'has_' only has to be reserved for struct/union member names, while 'q_' is reserved everywhere (matching the fact that only members can be optional, while we use c_name() for munging both members and entities). Note that we could relax 'q_' restrictions on entities independently from member names; for example, c_name('qmp_' + 'unix') would result in a different function name than our current 'qmp_' + c_name('unix'). Update and add tests to cover the new error messages. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-6-git-send-email-eblake@xxxxxxxxxx> [Consistently pass protect=False to c_name(); commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 255960dd374d4497d6ea537305f1b0d8a3433789 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:43 2015 -0600 qapi: Reserve '*List' type names for list types Type names ending in 'List' can clash with qapi list types in generated C. We don't currently use such names. It is easier to outlaw them now than to worry about how to resolve such a clash in the future. For precedence, see commit 4dc2e69, which did the same for names ending in 'Kind' versus implicit enum types for qapi unions. Update the testsuite to match. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-5-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit f9e6102b48f21e464a847a858a456c521e7a83e5 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:42 2015 -0600 qapi: More robust conditions for when labels are needed We were using regular expressions to see if ret included any earlier text that emitted a 'goto out;' line, to decide whether we needed to output an 'out:' label. But this is fragile, if the ret text can possibly combine more than one generated function body, where the first function used a goto but the second does not. Change the code to just check for the known conditions which cause an error check to be needed. Besides, it's slightly more efficient to use plain checks than regular expression searching. No change to generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-4-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 8712fa5333ad348da20034b717dd814219d1ec11 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:41 2015 -0600 qapi: More idiomatic string operations Rather than slicing the end of a string, we can use python's endswith(). And rather than creating a set of characters, we can search for a character within a string. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-3-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 1976708321f21ed51d0a374db6b28a6cd1bd5d66 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:40 2015 -0600 tests/qapi-schema: Test for reserved names, empty struct Add some testsuite coverage to ensure future patches are on the right track: Our current C representation of qapi arrays is done by appending 'List' to the element name; but we are not preventing the creation of an object type with the same name. Add reserved-type-list.json to test this. Then rename enum-union-clash.json to reserved-type-kind.json to cover the reservation that we DO detect, and shorten it to match the fact that the name is reserved even if there is no clash. We are failing to detect a collision between a dictionary member and the implicit 'has_*' flag for another optional member. The easiest fix would be for a future patch to reserve the entire "has[-_]" namespace for member names (the collision is also possible for branch names within flat unions, but only as long as branch names can collide with (non-variant) members; however, since future patches are about to remove that, it is not worth testing here). Add reserved-member-has.json to test this. A similar collision exists between a dictionary member where c_name() munges what might otherwise be a reserved name to start with 'q_', and another member explicitly starts with "q[-_]". Again, the easiest solution for a future patch will be reserving the entire namespace, but here for commands as well as members. Add reserved-member-q.json and reserved-command-q.json to test this; separate tests since arguably our munging of command 'unix' to 'qmp_q_unix()' could be done without a q_, which is different than the munging of a member 'unix' to 'foo.q_unix'. Finally, our testsuite does not have any compilation coverage of struct inheritance with empty qapi structs. Update qapi-schema-test.json to test this. Note that there is currently no technical reason to forbid type name patterns from member names, or member name patterns from types, since the two are not in the same namespace in C and won't collide; but it's not worth adding positive tests of these corner cases at this time, especially while there is other churn pending in patches that rearrange which collisions actually happen. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-2-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 2ea1793bd90f04c34fbb75a1b84d71cb5b1f9c08 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Thu Oct 22 11:25:43 2015 +0100 qapi-schema: mark InetSocketAddress as mandatory again Revert the qapi-schema.json change done in: commit 0983f5e6af76d5df8c6346cbdfff9d8305fb6da0 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Sep 1 14:46:50 2015 +0100 sockets: allow port to be NULL when listening on IP address Switching "port" from mandatory to optional causes the QAPI code generator to add a 'has_port' field to the InetSocketAddress struct. No code that created InetSocketAddress objects was updated to set 'has_port = true', which caused the non-NULL port strings to be silently dropped when copying InetSocketAddress objects. Reported-by: Knut Omang <knuto@xxxxxxxxxx> Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1445509543-30679-1-git-send-email-berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 24f4a0f5c969e9077e341402881c1d929d37150b Merge: 3a958f5 2a080ce Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 30 21:59:48 2015 +0000 Merge remote-tracking branch 'remotes/rth/tags/pull-tile-20151030' into staging Prefetch in y2 pipe # gpg: Signature made Fri 30 Oct 2015 20:40:02 GMT using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tile-20151030: target-tilegx: Implement prefetch instructions in pipe y2 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3a958f559ecd0511583d27b10011fa7f3cf79b63 Merge: e79ea9e 37a639a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 30 19:47:47 2015 +0000 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Thu 29 Oct 2015 18:09:16 GMT using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: block: Consider all child nodes in bdrv_requests_pending() target-arm: xlnx-zynqmp: Add sdhci support. sdhci: Split sdhci.h for public and internal device usage sd.h: Move sd.h to include/hw/sd/ virtio: sync the dataplane vring state to the virtqueue before virtio_save gdb command: qemu handlers virtio-blk: switch off scsi-passthrough by default ppc/spapr: add 2.4 compat props s390x: include HW_COMPAT_* props qemu-gdb: add $qemu_coroutine_sp and $qemu_coroutine_pc qemu-gdb: extract parts of "qemu coroutine" implementation qemu-gdb: allow using glibc_pointer_guard() on core dumps Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e79ea9e4240971b43494184d68a7f5a67d07e74b Merge: fdf9276 60270f8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 30 16:30:25 2015 +0000 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20151030' into staging MIPS patches 2015-10-30 Changes: * R6 CPU can be woken up by non-enabled interrupts * PC fix in KVM * Coprocessor 0 XContext calculation fix * various MIPS R6 updates # gpg: Signature made Fri 30 Oct 2015 14:51:56 GMT using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" * remotes/lalrae/tags/mips-20151030: target-mips: fix updating XContext on mmu exception target-mips: add SIGRIE instruction target-mips: Set Config5.XNP for R6 cores target-mips: add PC, XNP reg numbers to RDHWR hw/mips_malta: Fix KVM PC initialisation target-mips: Add enum for BREAK32 target-mips: update writing to CP0.Status.KX/SX/UX in MIPS Release R6 target-mips: implement the CPU wake-up on non-enabled interrupts in R6 target-mips: move the test for enabled interrupts to a separate function Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 60270f85cc93d2d34e45b7679c374b1d771f0eeb Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Oct 29 17:17:52 2015 +0000 target-mips: fix updating XContext on mmu exception Correct updating XContext.Region field on mmu exceptions. If Config3.CTXTC = 0 then the R field of XContext has to be updated with the value of bits 63..62 of the virtual address upon a TLB exception. Also fixed the below line which overs 80 characters. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: James Hogan <james.hogan@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit bb238210bb096534b68dab15a87c6ff0bef43672 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Oct 29 15:18:38 2015 +0000 target-mips: add SIGRIE instruction Add SIGRIE (Signal Reserved Instruction Exception) for both MIPS and microMIPS. The instruction allows to use the 16-bit code field for software use. This instruction is introduced by and required as of Release 6. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 35ac9e342e008e3d47ef18d33a6977fdb99de9cd Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Mon Oct 5 14:45:45 2015 +0100 target-mips: Set Config5.XNP for R6 cores Set Config5.XNP for R6 cores to indicate the extended LL/SC family of instructions NOT present. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit b00c72180c36510bf9b124e190bd520e3b7e1358 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Oct 29 15:18:39 2015 +0000 target-mips: add PC, XNP reg numbers to RDHWR Add Performance Counter (4) and XNP (5) register numbers to RDHWR. Add check_hwrena() to simplify access control checkings. Add RDHWR support to microMIPS R6. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit ca2f6bbbce32b7e1ba4fdaf54165ab0dee47a3a5 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Mon Oct 12 17:54:39 2015 +0100 hw/mips_malta: Fix KVM PC initialisation Commit 71c199c81d29 ("mips_malta: provide ememsize env variable to kernels") changed the meaning of loaderparams.ram_size to be the whole of RAM rather than just the low part below where the boot code is placed for KVM, but it didn't update the PC initialisation for KVM to use ram_low_size. Fix that now. Fixes: 71c199c81d29 ("mips_malta: provide ememsize env variable to kernels") Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Cc: Paul Burton <paul.burton@xxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit fdf927621a99711bf1a81712bce054794f2d44c3 Merge: 7bc8e0c 7f1e7b2 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 30 09:41:14 2015 +0000 Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-10-30' into staging QMP and QObject patches # gpg: Signature made Fri 30 Oct 2015 08:06:26 GMT using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-monitor-2015-10-30: docs: Document QMP event rate limiting monitor: Throttle event VSERPORT_CHANGE separately by "id" monitor: Turn monitor_qapi_event_state[] into a hash table glib: add compatibility interface for g_hash_table_add() monitor: Split MonitorQAPIEventConf off MonitorQAPIEventState monitor: Switch from timer_new() to timer_new_ns() monitor: Simplify event throttling monitor: Reduce casting of QAPI event QDict qstring: Make conversion from QObject * accept null qlist: Make conversion from QObject * accept null qfloat qint: Make conversion from QObject * accept null qdict: Make conversion from QObject * accept null qbool: Make conversion from QObject * accept null qobject: Drop QObject_HEAD Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7f1e7b23d57408c86d350b3544673fdcd6be55c0 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 17:08:36 2015 +0200 docs: Document QMP event rate limiting Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444921716-9511-8-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 7de0be6573afc9dcfb6aa0ded167ad6a8730f727 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 17:08:35 2015 +0200 monitor: Throttle event VSERPORT_CHANGE separately by "id" VSERPORT_CHANGE is emitted when the guest opens or closes a virtio-serial port. The event's member "id" identifies the port. When several events arrive quickly, throttling drops all but the last of them. Because of that, a QMP client must assume that *any* port may have changed state when it receives a VSERPORT_CHANGE event and throttling may have happened. Make the event more useful by throttling it for each port separately. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444921716-9511-7-git-send-email-armbru@xxxxxxxxxx> commit a24712af54259dd744a49447658521325f10a721 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 17:08:34 2015 +0200 monitor: Turn monitor_qapi_event_state[] into a hash table In preparation of finer grained throttling. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444921716-9511-6-git-send-email-armbru@xxxxxxxxxx> commit 8681dffa91a0d5767b7c1eb3d5c2acbf7f7dd7ba Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Oct 27 15:44:00 2015 +0100 glib: add compatibility interface for g_hash_table_add() The next commit will use it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 37a639a7fbc5c6b065c80e7e2de78d22af735496 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Oct 28 11:46:51 2015 +0100 block: Consider all child nodes in bdrv_requests_pending() The function manually recursed into bs->file and bs->backing to check whether there were any requests pending, but it ignored other children. There's no need to special case file and backing here, so just replace these two explicit recursions by a loop recursing for all child nodes. Reported-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Message-id: 1446029211-27148-1-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 33108e9f3388b07b7daa4e46d476ff89ce7dbec5 Author: Sai Pavan Boddu <sai.pavan.boddu@xxxxxxxxxx> Date: Thu Oct 8 18:51:03 2015 +0530 target-arm: xlnx-zynqmp: Add sdhci support. Add two SYSBUS_SDHCI devices for xlnx-zynqmp Signed-off-by: Sai Pavan Boddu <saipava@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 637d23beb607765033067c5cb08e0d66afaf8f4c Author: Sai Pavan Boddu <sai.pavan.boddu@xxxxxxxxxx> Date: Thu Oct 8 18:51:02 2015 +0530 sdhci: Split sdhci.h for public and internal device usage Split sdhci.h into pubilc version (i.e include/hw/sd/sdhci.h) and internal version (i.e hw/sd/sdhci-interna.h) based on register declarations and object declaration. Signed-off-by: Sai Pavan Boddu <saipava@xxxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e3382ef0ea2724f5f09271a608e8f68ede5d844d Author: Sai Pavan Boddu <sai.pavan.boddu@xxxxxxxxxx> Date: Thu Oct 8 18:51:01 2015 +0530 sd.h: Move sd.h to include/hw/sd/ Create a sd directory under include/hw/ and move sd.h to include/hw/sd/ Signed-off-by: Sai Pavan Boddu <saipava@xxxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 10a06fd65f667a972848ebbbcac11bdba931b544 Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Mon Oct 26 14:42:57 2015 +0300 virtio: sync the dataplane vring state to the virtqueue before virtio_save When creating snapshot with the dataplane enabled, the snapshot file gets not the actual state of virtqueue, because the current state is stored in VirtIOBlockDataPlane. Therefore, before saving snapshot need to sync the dataplane vring state to the virtqueue. The dataplane will resume its work at the next notify virtqueue. When snapshot loads with loadvm we get a message: VQ 0 size 0x80 Guest index 0x15f5 inconsistent with Host index 0x0: delta 0x15f5 error while loading state for instance 0x0 of device '0000:00:08.0/virtio-blk' Error -1 while loading VM state to reproduce the error I used the following hmp commands: savevm snap1 loadvm snap1 qemu parameters: --enable-kvm -smp 4 -m 1024 -drive file=/var/lib/libvirt/images/centos6.4.qcow2,if=none,id=drive-virtio-disk0,format=qcow2,cache=none,aio=native -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x8,drive=drive-virtio-disk0,id=virtio-disk0 -set device.virtio-disk0.x-data-plane=on Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Message-id: 1445859777-2982-1-git-send-email-den@xxxxxxxxxx CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> CC: "Michael S. Tsirkin" <mst@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c900ef86c5e30e1adec0f79350edc3f30ebee285 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Tue Oct 27 13:09:45 2015 +0000 gdb command: qemu handlers A new gdb commands are added: qemu handlers That dumps an AioContext list (by default qemu_aio_context) possibly including a backtrace for cases it knows about (with the verbose option). Intended to help find why something is hanging waiting for IO. Use 'qemu handlers --verbose iohandler_ctx' to find out why your incoming migration is stuck. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-id: 1445951385-11924-1-git-send-email-dgilbert@xxxxxxxxxx V2: Merge into one command with optional handlers arg, and only do backtrace in verbose mode (gdb) qemu handlers ---- {pfd = {fd = 6, events = 25, revents = 0}, io_read = 0x55869656ffd0 <event_notifier_dummy_cb>, io_write = 0x0, deleted = 0, opaque = 0x558698c4ce08, node = {le_next = 0x0, le_prev = 0x558698c4cdc0}} (gdb) qemu handlers iohandler_ctx ---- {pfd = {fd = 9, events = 25, revents = 0}, io_read = 0x558696581380 <fd_coroutine_enter>, io_write = 0x0, deleted = 0, opaque = 0x558698dc99d0, node = {le_next = 0x558698c4cca0, le_prev = 0x558698c4c1d0}} ---- {pfd = {fd = 4, events = 25, revents = 0}, io_read = 0x55869657b330 <sigfd_handler>, io_write = 0x0, deleted = 0, opaque = 0x4, node = {le_next = 0x558698c4c260, le_prev = 0x558699f72508}} ---- {pfd = {fd = 5, events = 25, revents = 0}, io_read = 0x55869656ffd0 <event_notifier_dummy_cb>, io_write = 0x0, deleted = 0, opaque = 0x558698c4c218, node = {le_next = 0x0, le_prev = 0x558698c4ccc8}} ---- (gdb) qemu handlers --verbose iohandler_ctx ---- {pfd = {fd = 9, events = 25, revents = 0}, io_read = 0x558696581380 <fd_coroutine_enter>, io_write = 0x0, deleted = 0, opaque = 0x558698dc99d0, node = {le_next = 0x558698c4cca0, le_prev = 0x558698c4c1d0}} #0 0x0000558696581820 in qemu_coroutine_switch (from_=from_@entry=0x558698cb3cf0, to_=to_@entry=0x7f421c37eac8, action=action@entry=COROUTINE_YIELD) at /home/dgilbert/git/qemu/coroutine-ucontext.c:177 #1 0x0000558696580c00 in qemu_coroutine_yield () at /home/dgilbert/git/qemu/qemu-coroutine.c:145 #2 0x00005586965814f5 in yield_until_fd_readable (fd=9) at /home/dgilbert/git/qemu/qemu-coroutine-io.c:90 #3 0x0000558696523937 in socket_get_buffer (opaque=0x55869a3dc620, buf=0x558698c505a0 "", pos=<optimized out>, size=32768) at /home/dgilbert/git/qemu/migration/qemu-file-unix.c:101 #4 0x0000558696521fac in qemu_fill_buffer (f=0x558698c50570) at /home/dgilbert/git/qemu/migration/qemu-file.c:227 #5 0x0000558696522989 in qemu_peek_byte (f=0x558698c50570, offset=0) at /home/dgilbert/git/qemu/migration/qemu-file.c:507 #6 0x0000558696522bf4 in qemu_get_be32 (f=0x558698c50570) at /home/dgilbert/git/qemu/migration/qemu-file.c:520 #7 0x0000558696522bf4 in qemu_get_be32 (f=f@entry=0x558698c50570) at /home/dgilbert/git/qemu/migration/qemu-file.c:604 #8 0x0000558696347e5c in qemu_loadvm_state (f=f@entry=0x558698c50570) at /home/dgilbert/git/qemu/migration/savevm.c:1821 #9 0x000055869651de8c in process_incoming_migration_co (opaque=0x558698c50570) at /home/dgilbert/git/qemu/migration/migration.c:336 #10 0x000055869658188a in coroutine_trampoline (i0=<optimized out>, i1=<optimized out>) at /home/dgilbert/git/qemu/coroutine-ucontext.c:80 #11 0x00007f420f05df10 in __start_context () at /lib64/libc.so.6 #12 0x00007ffc40815f50 in () #13 0x0000000000000000 in () ---- Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit ed65fd1a2750d24290354cc7ea49caec7c13e30b Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Oct 16 12:25:54 2015 +0200 virtio-blk: switch off scsi-passthrough by default Devices that are compliant with virtio-1 do not support scsi passthrough any more (and it has not been a recommended setup anyway for quite some time). To avoid having to switch it off explicitly in newer qemus that turn on virtio-1 by default, let's switch the default to scsi=false for 2.5. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Message-id: 1444991154-79217-4-git-send-email-cornelia.huck@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 80fd50f96b8dc46e185f61d9b6438a6414507076 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Oct 16 12:25:53 2015 +0200 ppc/spapr: add 2.4 compat props HW_COMPAT_2_4 will become non-empty: prepare for it. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Message-id: 1444991154-79217-3-git-send-email-cornelia.huck@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 54d8ec84fa444ed7c05e03f96895ba69a2b2e5bc Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Oct 16 12:25:52 2015 +0200 s390x: include HW_COMPAT_* props We want to inherit generic hw compat as well. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Message-id: 1444991154-79217-2-git-send-email-cornelia.huck@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a201b0ff28d9fa0f965450c1ba7191eca69f9fd5 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 10:02:54 2015 +0200 qemu-gdb: add $qemu_coroutine_sp and $qemu_coroutine_pc These can be useful to manually get a stack trace of a coroutine inside a core dump. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1444636974-19950-4-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 80ab31b257ba3aaa98ce6f1e36592aa20c5366c1 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 10:02:53 2015 +0200 qemu-gdb: extract parts of "qemu coroutine" implementation Provide useful Python functions to reach and decipher a jmpbuf. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1444636974-19950-3-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1138f24645e9e1e2d55d280caab4e2539dfcdb49 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 10:02:52 2015 +0200 qemu-gdb: allow using glibc_pointer_guard() on core dumps get_fs_base() cannot be run on a core dump, because it uses the arch_prctl system call. The fs base is the value that is returned by pthread_self(), and it would be nice to just glean it from the "info threads" output: * 1 Thread 0x7f16a3fff700 (LWP 33642) pthread_cond_wait@@GLIBC_2.3.2 () ^^^^^^^^^^^^^^ but unfortunately the gdb API does not provide that. Instead, we can look for the "arg" argument of the start_thread function if glibc debug information are available. If not, fall back to the old mechanism. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1444636974-19950-2-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit dbd8af9824d0ddc4400f859c2af77543461cba0d Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Fri Oct 2 17:50:50 2015 +0100 target-mips: Add enum for BREAK32 Add enum for BREAK32 Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 2dcf7908d9e0274c08911400beb7ed14276bb170 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Mon Sep 14 13:51:31 2015 +0100 target-mips: update writing to CP0.Status.KX/SX/UX in MIPS Release R6 Implement the relationship between CP0.Status.KX, SX and UX. It should not be possible to set UX bit if SX is 0, the same applies for setting SX if KX is 0. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 7540a43a1d9de71fa7a53ccd2bb24a04e2aace41 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Mon Sep 14 13:58:24 2015 +0100 target-mips: implement the CPU wake-up on non-enabled interrupts in R6 In Release 6, the behaviour of WAIT has been modified to make it a requirement that a processor that has disabled operation as a result of executing a WAIT will resume operation on arrival of an interrupt even if interrupts are not enabled. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 71ca034a0dee69f77c8ac6ea7d21e5b6a0b0d836 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Mon Sep 14 13:58:23 2015 +0100 target-mips: move the test for enabled interrupts to a separate function Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit b9b03ab0d47e8cfc0015255c531db41d0b1a1f91 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 17:08:33 2015 +0200 monitor: Split MonitorQAPIEventConf off MonitorQAPIEventState In preparation of turning monitor_qapi_event_state[] into a hash table for finer grained throttling. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444921716-9511-5-git-send-email-armbru@xxxxxxxxxx> commit 1824c41a62c1bbb79d32f97037ca579212b8c134 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 17:08:32 2015 +0200 monitor: Switch from timer_new() to timer_new_ns() We don't actually care for the scale, so we can just as well use the simpler interface. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444921716-9511-4-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 93f8f982fedfc9ee9cf5fc8983c3b25efe828967 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 17:08:31 2015 +0200 monitor: Simplify event throttling The event throttling state machine is hard to understand. I'm not sure it's entirely correct. Rewrite it in a more straightforward manner: State 1: No event sent recently (less than evconf->rate ns ago) Invariant: evstate->timer is not pending, evstate->qdict is null On event: send event, arm timer, goto state 2 State 2: Event sent recently, no additional event being delayed Invariant: evstate->timer is pending, evstate->qdict is null On event: store it in evstate->qdict, goto state 3 On timer: goto state 1 State 3: Event sent recently, additional event being delayed Invariant: evstate->timer is pending, evstate->qdict is non-null On event: store it in evstate->qdict, goto state 3 On timer: send evstate->qdict, clear evstate->qdict, arm timer, goto state 2 Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444921716-9511-3-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 688b4b7de755f4dd01ec516975ae01590cf9f438 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 17:08:30 2015 +0200 monitor: Reduce casting of QAPI event QDict Make the variables holding the event QDict instead of QObject. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444921716-9511-2-git-send-email-armbru@xxxxxxxxxx> commit 7f0278435df1fa845b3bd9556942f89296d4246b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 16:15:37 2015 +0200 qstring: Make conversion from QObject * accept null qobject_to_qstring() crashes on null, which is a trap for the unwary. Return null instead, and simplify a few callers. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444918537-18107-7-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 2d6421a90047a83f6722832405fe09571040ea5b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 16:15:36 2015 +0200 qlist: Make conversion from QObject * accept null qobject_to_qlist() crashes on null, which is a trap for the unwary. Return null instead. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444918537-18107-6-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit fcf73f66a67f5e58c18216f8c8651e38cf4d90af Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 16:15:35 2015 +0200 qfloat qint: Make conversion from QObject * accept null qobject_to_qfloat() and qobject_to_qint() crash on null, which is a trap for the unwary. Return null instead, and simplify a few callers. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444918537-18107-5-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 89cad9f3ec6b30d7550fb5704475fc9c3393a066 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 16:15:34 2015 +0200 qdict: Make conversion from QObject * accept null qobject_to_qdict() crashes on null, which is a trap for the unwary. Return null instead, and simplify a few callers. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444918537-18107-4-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 14b6160099f0caf5dc9d62e637b007bc5d719a96 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 16:15:33 2015 +0200 qbool: Make conversion from QObject * accept null qobject_to_qbool() crashes on null, which is a trap for the unwary. Return null instead, and simplify a few callers. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444918537-18107-3-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit c7c462123cfc3b62d325fd75be9c595b055797db Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 16:15:32 2015 +0200 qobject: Drop QObject_HEAD QObject_HEAD is a macro expanding into the common part of structs that are sub-types of QObject. It's always been just QObject base, and unlikely to change. Drop the macro, because the code is clearer with out it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444918537-18107-2-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 7bc8e0c967a4ef77657174d28af775691e18b4ce Merge: 331c5e2 3f1e147 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 29 09:49:52 2015 +0000 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio, pc, memory: fixes+features for 2.5 New features: This enables hotplug for multifunction devices. Patches are very small, so I think it's OK to merge at this stage. There's also some new infrastructure for vhost-user testing not enabled yet so it's harmless to merge. I've reverted the "gap between DIMMs" workaround, as it seems too risky, and applied my own patch in virtio, but not in dataplane code. This means that dataplane is broken for some complex DIMM configurations for now. Waiting for Stefan to review the dataplane fix. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu 29 Oct 2015 09:36:16 GMT using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: enable multi-function hot-add remove function during multi-function hot-add tests/vhost-user-bridge: add vhost-user bridge application Revert "memhp: extend address auto assignment to support gaps" Revert "pc: memhp: force gaps between DIMM's GPA" virtio: drop virtqueue_map_sg virtio-scsi: convert to virtqueue_map virtio-serial: convert to virtio_map virtio-blk: convert to virtqueue_map virtio: switch to virtio_map virtio: introduce virtio_map mmap-alloc: fix error handling pc: memhp: do not emit inserting event for coldplugged DIMMs vhost-user-test: fix up rhel6 build vhost-user: cleanup msg size math vhost-user: cleanup struct size math Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3f1e1478db2d67098d98f2c3acf5a4946b7fb643 Author: Cao jin <caoj.fnst@xxxxxxxxxxxxxx> Date: Wed Oct 28 14:20:31 2015 +0800 enable multi-function hot-add Enable PCIe device multi-function hot-add, just ensure function 0 is added last, then driver will get the notification to scan the slot. Signed-off-by: Cao jin <caoj.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 0d1c7d88ad909c5b2bd86211a9fe8abf5c74993b Author: Cao jin <caoj.fnst@xxxxxxxxxxxxxx> Date: Wed Oct 28 14:20:30 2015 +0800 remove function during multi-function hot-add In case user want to cancel the hot-add operation, should roll back, device_del the added function that still don`t work. Signed-off-by: Cao jin <caoj.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 3595e2eb0a233a881789fcc71f5b1072e5aaf669 Author: Victor Kaplansky <victork@xxxxxxxxxx> Date: Wed Oct 28 14:53:07 2015 +0200 tests/vhost-user-bridge: add vhost-user bridge application The test existing in QEMU for vhost-user feature is good for testing the management protocol, but does not allow actual traffic. This patch proposes Vhost-User Bridge application, which can serve the QEMU community as a comprehensive test by running real internet traffic by means of vhost-user interface. Essentially the Vhost-User Bridge is a very basic vhost-user backend for QEMU. It runs as a standalone user-level process. For packet processing Vhost-User Bridge uses an additional QEMU instance with a backend configured by "-net socket" as a shared VLAN. This way another QEMU virtual machine can effectively serve as a shared bus by means of UDP communication. For a more simple setup, the another QEMU instance running the SLiRP backend can be the same QEMU instance running vhost-user client. This Vhost-User Bridge implementation is very preliminary. It is missing many features. I has been studying vhost-user protocol internals, so I've written vhost-user-bridge bit by bit as I progressed through the protocol. Most probably its internal architecture will change significantly. To run Vhost-User Bridge application: 1. Build vhost-user-bridge with a regular procedure. This will create a vhost-user-bridge executable under tests directory: $ configure; make tests/vhost-user-bridge 2. Ensure the machine has hugepages enabled in kernel with command line like: default_hugepagesz=2M hugepagesz=2M hugepages=2048 3. Run Vhost-User Bridge with: $ tests/vhost-user-bridge The above will run vhost-user server listening for connections on UNIX domain socket /tmp/vubr.sock, and will try to connect by UDP to VLAN bridge to localhost:5555, while listening on localhost:4444 Run qemu with a virtio-net backed by vhost-user: $ qemu \ -enable-kvm -m 512 -smp 2 \ -object memory-backend-file,id=mem,size=512M,mem-path=/dev/hugepages,share=on \ -numa node,memdev=mem -mem-prealloc \ -chardev socket,id=char0,path=/tmp/vubr.sock \ -netdev type=vhost-user,id=mynet1,chardev=char0,vhostforce \ -device virtio-net-pci,netdev=mynet1 \ -net none \ -net socket,vlan=0,udp=localhost:4444,localaddr=localhost:5555 \ -net user,vlan=0 \ disk.img vhost-user-bridge was tested very lightly: it's able to bringup a linux on client VM with the virtio-net driver, and execute transmits and receives to the internet. I tested with "wget redhat.com", "dig redhat.com". PS. I've consulted DPDK's code for vhost-user during Vhost-User Bridge implementation. Signed-off-by: Victor Kaplansky <victork@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d6a9b0b89d27e0a688f37c1732d4dec40613669e Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Oct 28 18:55:06 2015 +0200 Revert "memhp: extend address auto assignment to support gaps" This reverts commit df0acded19ec4b826aa095cfc19d341bd66fafd3. There's no point to it now that the only user has been reverted. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 340065e5a11a515382c8b1112424c97e86ad2a3f Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Oct 28 18:54:05 2015 +0200 Revert "pc: memhp: force gaps between DIMM's GPA" This reverts commit aa8580cddf011e8cedcf87f7a0fdea7549fc4704. As described in http://article.gmane.org/gmane.comp.emulators.qemu/371432 that commit causes linux guests to crash on memory hot-unplug. The original problem it's trying to solve has now been addressed within virtio. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 3945ecf1ec4f6e6aa28d0c396a7f5d983c6810d8 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Oct 27 10:22:59 2015 +0200 virtio: drop virtqueue_map_sg Deprecated in favor of virtqueue_map. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit 4ada5331895551570846e12e7eb00e06616f9152 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Oct 27 10:22:13 2015 +0200 virtio-scsi: convert to virtqueue_map Note: virtqueue_map already validates input so virtio-scsi does not have to. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit bff712dc223f685c684f9caf960e6460e84a96f0 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Oct 27 10:19:43 2015 +0200 virtio-serial: convert to virtio_map This also fixes a minor bug: - virtqueue_map_sg(port->elem.out_sg, port->elem.out_addr, - port->elem.out_num, 1); is wrong: out_sg is not written so should not be marked dirty. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit 3d8db153b4b4e12b6d11590ccd318fff0eafd688 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Oct 27 10:18:24 2015 +0200 virtio-blk: convert to virtqueue_map Drop deprecated use of virtqueue_map_sg. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit 13972ac5e263a7319609253edac5754129489132 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Oct 27 10:09:16 2015 +0200 virtio: switch to virtio_map Drop use of the deprecated virtio_map_sg in virtio core. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit 8059feee004111534c4c0652e2f0715e9b4e0754 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Oct 27 10:01:44 2015 +0200 virtio: introduce virtio_map virtio_map_sg currently fails if one of the entries it's mapping is contigious in GPA but not HVA address space. Introduce virtio_map which handles this by splitting sg entries. This new API generally turns out to be a good idea since it's harder to misuse: at least in one case the existing one was used incorrectly. This will still fail if there's no space left in the sg, but luckily max queue size in use is currently 256, while max sg size is 1024, so we should be OK even is all entries happen to cross a single DIMM boundary. Won't work well with very small DIMM sizes, unfortunately: e.g. this will fail with 4K DIMMs where a single request might span a large number of DIMMs. Let's hope these are uncommon - at least we are not breaking things. Note: virtio-scsi calls virtio_map_sg on data loaded from network, and validates input, asserting on failure. Copy the validating code here - it will be dropped from virtio-scsi in a follow-up patch. Reported-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit 9d4ec9370a36f8a564e1ba05519328c0bd60da13 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Sun Oct 25 17:07:45 2015 +0200 mmap-alloc: fix error handling Existing callers are checking for MAP_FAILED, so we should return that on error. Reported-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4828b10bda6a74a22a7695303e0648157d0e3ea4 Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Fri Oct 23 14:55:26 2015 +0200 pc: memhp: do not emit inserting event for coldplugged DIMMs currently acpi_memory_plug_cb() sets is_inserting for cold- and hot-plugged DIMMs as result ASL MHPD.MSCN() method issues device check even for every coldplugged DIMM. There isn't much harm in it but if we try to unplug such DIMM, OSPM will issue device check intstead of device eject event. So OSPM won't eject memory module as expected and it will try to eject it only when another memory device is hot-(un)plugged. As a fix do not set 'is_inserting' event and do not issue SCI for cold-plugged DIMMs as they are enumerated and activated by OSPM during guest's boot. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 12ebf6908333a86775ef18f12ea283601fd1d2df Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Oct 22 22:28:37 2015 +0300 vhost-user-test: fix up rhel6 build Build on RHEL6 fails: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=42875 Apparently unnamed unions couldn't use C99 named field initializers. Let's just name the payload union field. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 7fc0246c0792767b732c0989e8eba24bea185feb Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Oct 22 22:33:39 2015 +0300 vhost-user: cleanup msg size math We are sending msg fields, use sizeof on these and not on local variables which happen to have a matching type. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 86abad0fedc44554adde5e189cf7edfa5b1c948e Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Oct 22 22:31:28 2015 +0300 vhost-user: cleanup struct size math We are using local msg structures everywhere, use them for sizeof as well. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 331c5e2091009f170554fed4ef884aeea871e4bb Merge: 496fedd 522a0d4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Oct 28 20:10:22 2015 +0000 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20151028' into staging Breakpoint fixes # gpg: Signature made Wed 28 Oct 2015 17:58:52 GMT using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20151028: target-*: Advance pc after recognizing a breakpoint Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 522a0d4e3c0d397ffb45ec400d8cbd426dad9d17 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Oct 13 22:07:49 2015 +0000 target-*: Advance pc after recognizing a breakpoint Some targets already had this within their logic, but make sure it's present for all targets. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 496fedddce9a575111df4f912fb9e361037531ed Merge: 739680d 15e4134 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Oct 28 15:08:36 2015 +0000 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging target-i386: finally enable "check" mode by default # gpg: Signature made Wed 28 Oct 2015 14:13:10 GMT using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" * remotes/ehabkost/tags/x86-pull-request: target-i386: Enable "check" mode by default target-i386: Don't left shift negative constant Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 739680da59de8531a280e9360aae756b6134a3ec Merge: c012e1b 637016c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Oct 28 14:02:27 2015 +0000 Merge remote-tracking branch 'remotes/mcayland/tags/qemu-openbios-signed' into staging Update OpenBIOS images # gpg: Signature made Wed 28 Oct 2015 00:02:46 GMT using RSA key ID AE0F321F # gpg: Good signature from "Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx>" * remotes/mcayland/tags/qemu-openbios-signed: Update OpenBIOS images Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 637016c2603d15d01957eb57f64387262e3ba830 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Oct 28 00:01:28 2015 +0000 Update OpenBIOS images Update OpenBIOS images to SVN r1353 built from submodule. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> commit 15e41345906d29a319cc9cdf566347bf79134d24 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Aug 26 13:25:44 2015 -0300 target-i386: Enable "check" mode by default Current default behavior of QEMU is to silently disable features that are not supported by the host when a CPU model is requested in the command-line. This means that in addition to risking breaking guest ABI by default, we are silent about it. I would like to enable "enforce" by default, but this can easily break existing production systems because of the way libvirt makes assumptions about CPU models today (this will change in the future, once QEMU provide a proper interface for checking if a CPU model is runnable). But there's no reason we should be silent about it. So, change target-i386 to enable "check" mode by default so at least we have some warning printed to stderr (and hopefully logged somewhere) when QEMU disables a feature that is not supported by the host system. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 712b4243c761cb6ab6a4367a160fd2a42e2d4b76 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Tue Sep 29 17:34:23 2015 -0300 target-i386: Don't left shift negative constant Left shift of negative values is undefined behavior. Detected by clang: qemu/target-i386/translate.c:2423:26: runtime error: left shift of negative value -8 This changes the code to reverse the sign after the left shift. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit c012e1b7ad066f462ba1c3322fcb43cd8295eaff Merge: 7e038b9 9b53926 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 27 16:17:55 2015 +0000 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151027-1' into staging target-arm queue: * more EL2 preparation: handling for stage 2 translations * standardize debug macros in i.MX devices * improve error message in a corner case for virt board * disable live migration of KVM GIC if the kernel can't handle it * add SPSR_(ABT|UND|IRQ|FIQ) registers * handle non-executable page-straddling Thumb instructions * fix a "no 64-bit EL2" assumption in arm_excp_unmasked() # gpg: Signature made Tue 27 Oct 2015 16:03:31 GMT using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20151027-1: (27 commits) target-arm: Add support for S1 + S2 MMU translations target-arm: Route S2 MMU faults to EL2 target-arm: Add S2 translation to 32bit S1 PTWs target-arm: Add S2 translation to 64bit S1 PTWs target-arm: Add ARMMMUFaultInfo target-arm: Avoid inline for get_phys_addr target-arm: Add support for S2 page-table protection bits target-arm: Add computation of starting level for S2 PTW target-arm: lpae: Rename granule_sz to stride target-arm: lpae: Replace tsz with computed inputsize target-arm: Add support for AArch32 S2 negative t0sz target-arm: lpae: Move declaration of t0sz and t1sz target-arm: lpae: Make t0sz and t1sz signed integers target-arm: Add HPFAR_EL2 i.MX: Standardize i.MX GPT debug i.MX: Standardize i.MX EPIT debug i.MX: Standardize i.MX FEC debug i.MX: Standardize i.MX CCM debug i.MX: Standardize i.MX AVIC debug i.MX: Standardize i.MX I2C debug ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9b539263faa5c1b7fce2551092b5c7b6eea92081 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:02:07 2015 +0100 target-arm: Add support for S1 + S2 MMU translations Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-15-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d759a457a144844bff259aafda093b24e92c116d Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:02:06 2015 +0100 target-arm: Route S2 MMU faults to EL2 Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-14-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a614e69854a2e601716ee44dfe15c09b8b88f620 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:02:05 2015 +0100 target-arm: Add S2 translation to 32bit S1 PTWs Add support for applying S2 translation to 32bit S1 page-table walks. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-13-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 37785977627295162bff58b1f8777d94e20f4c5b Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:02:04 2015 +0100 target-arm: Add S2 translation to 64bit S1 PTWs Add support for applying S2 translation to 64bit S1 page-table walks. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-12-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e14b5a23d8c83304559f31397f95d22ada60a19a Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:02:03 2015 +0100 target-arm: Add ARMMMUFaultInfo Introduce ARMMMUFaultInfo to propagate MMU Fault information across the MMU translation code path. This is in preparation for adding Stage-2 translation. No functional changes. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-11-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit af51f566ec7106d5e834476e78681a7b354f3c7c Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:02:02 2015 +0100 target-arm: Avoid inline for get_phys_addr Avoid inline for get_phys_addr() to prepare for future recursive use. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-10-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6ab1a5ee1c9d328cacf78805439ed4d3d132decd Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:02:01 2015 +0100 target-arm: Add support for S2 page-table protection bits Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-9-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1853d5a9dcac910322c6cc5b2fddec45fd052d25 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:02:00 2015 +0100 target-arm: Add computation of starting level for S2 PTW The starting level for S2 pagetable walks is computed differently from the S1 starting level. Implement the S2 variant. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-8-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 973a5434825c076995218868b5b3047e5de400c6 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:01:59 2015 +0100 target-arm: lpae: Rename granule_sz to stride Rename granule_sz to stride to better match the reference manuals. No functional change. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-7-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4ca6a051758edf625a17dfc4ce4ab72edabac170 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:01:58 2015 +0100 target-arm: lpae: Replace tsz with computed inputsize Remove the tsz variable and introduce inputsize. This simplifies the code a little and makes it easier to compare with the reference manuals. No functional change. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-6-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4ee38098010240e0b390061fdd0151ff62d80279 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:01:57 2015 +0100 target-arm: Add support for AArch32 S2 negative t0sz Add support for AArch32 S2 negative t0sz. In preparation for using 40bit IPAs on AArch32. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-5-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1f4c8c18a5b6f4fad13e13b7e3828124c6c8f34d Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:01:56 2015 +0100 target-arm: lpae: Move declaration of t0sz and t1sz Move declaration of t0sz and t1sz to the top of the function avoiding a mix of code and variable declarations. No functional change. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-4-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5c31a10d16c595d6a59e3e7fc1808c3b1d03e02f Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:01:55 2015 +0100 target-arm: lpae: Make t0sz and t1sz signed integers Make t0sz and t1sz signed integers to match tsz and to make it easier to implement support for AArch32 negative t0sz. t1sz is changed for consistensy. No functional change. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-3-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 59e055307392fdf99b86c8cbcd33a7e261dcbdb1 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:01:54 2015 +0100 target-arm: Add HPFAR_EL2 Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-2-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 054535262fce994b942039b0a7c4c484c8026c5e Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Sun Oct 25 15:16:26 2015 +0100 i.MX: Standardize i.MX GPT debug The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Message-id: b7ce7e98a051479453744aded122789531d80a44.1445781957.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4929f6563c704dbd057524b38ee519b3a7c8dfe1 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Sun Oct 25 15:16:24 2015 +0100 i.MX: Standardize i.MX EPIT debug The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Message-id: 5bbad71517ca728d8865f7b9f998baa0df022794.1445781957.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b72d8d257c187532194f2fca504afb568cd2a3bf Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Sun Oct 25 15:16:21 2015 +0100 i.MX: Standardize i.MX FEC debug The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Message-id: 57e565982db94fb433c32dfa17608888464d21de.1445781957.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4a6aa0af8593ee135ef37867ae00109650b95638 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Sun Oct 25 15:16:19 2015 +0100 i.MX: Standardize i.MX CCM debug The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message The qemu_log_mask() output is following the same format as the above debug. Adding some missing qemu_log_mask call for bad registers. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Message-id: 293e08f31cbb4df84d58f693243e61e770c73b3a.1445781957.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f50ed7853ad658407382dfe1da29f3c88d604592 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Sun Oct 25 15:16:17 2015 +0100 i.MX: Standardize i.MX AVIC debug The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Message-id: 29885ffea2577eaf2288c1d17fd87ee951748b49.1445781957.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3afcbb01bc1227bc3a3bade1804c449daf74b262 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Sun Oct 25 15:16:14 2015 +0100 i.MX: Standardize i.MX I2C debug The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Message-id: 328acfe6fc09a5afdbfbfd5220e0869fd5082660.1445781957.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 564111257468bb772ad0b374dbbb0c969a554cfd Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Sun Oct 25 15:16:11 2015 +0100 i.MX: Standardize i.MX GPIO debug The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message The qemu_log_mask() outputis following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Message-id: 4f2007adcf0f579864bb4dd8a825824e0e9098b8.1445781957.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8ccce77c04a23a1451b6e149930e66b6eef75926 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Sun Oct 25 15:16:06 2015 +0100 i.MX: Standardize i.MX serial debug. The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Message-id: 47b8759b251d356c633faf7ea34f897f340aea4e.1445781957.git.jcd@xxxxxxxxxxxxxxx [PMM: Drop attempt to print the ram_addr of a memory region in one DPRINTF, which (a) was using the wrong format string so didn't build on 32-bit and (b) was incorrectly looking at a private field of a MemoryRegion struct] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4b280b726a329a97db03323d8d03ed554f7872b8 Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Tue Oct 27 12:00:50 2015 +0000 hw/arm/virt: don't use a15memmap directly We should always go through VirtBoardInfo when we need the memmap. To avoid using a15memmap directly, in this case, we need to defer the max-cpus check from class init time to instance init time. In class init we now use MAX_CPUMASK_BITS for max_cpus initialization, which is the maximum QEMU supports, and also, incidentally, the maximum KVM/gicv3 currently supports. Also, a nice side-effect of delaying the max-cpus check is that we now get more appropriate error messages for gicv2 machines that try to configure more than 123 cpus. Before this patch it would complain that the requested number of cpus was greater than 123, but for gicv2 configs, it should complain that the number is greater than 8. Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> Message-id: 1445189728-860-3-git-send-email-drjones@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 24182fbc19cbc7c387bb350a72e6b55f63ea1747 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Tue Oct 27 12:00:50 2015 +0000 arm_gic_kvm: Disable live migration if not supported Currently, if the kernel does not have live migration API, the migration will still be attempted, but vGIC save/restore functions will just not do anything. This will result in a broken machine state. This patch fixes the problem by adding migration blocker if kernel API is not supported. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b876452507d0b719cff0b478efafb34ac41db683 Author: Soren Brinkmann <soren.brinkmann@xxxxxxxxxx> Date: Tue Oct 27 12:00:50 2015 +0000 target-arm: Add support for SPSR_(ABT|UND|IRQ|FIQ) Signed-off-by: Soren Brinkmann <soren.brinkmann@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 541ebcd401ee47f3c1a3ce503ef5466b75e9d20a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 27 12:00:50 2015 +0000 target-arm/translate.c: Handle non-executable page-straddling Thumb insns When the memory we're trying to translate code from is not executable we have to turn this into a guest fault. In order to report the correct PC for this fault, and to make sure it is not reported until after any other possible faults for instructions earlier in execution, we must terminate TBs at the end of a page, in case the next instruction is in a non-executable page. This is simple for T16, A32 and A64 instructions, which are always aligned to their size. However T32 instructions may be 32-bits but only 16-aligned, so they can straddle a page boundary. Correct the condition that checks whether the next instruction will touch the following page, to ensure that if we're 2 bytes before the boundary and this insn is T32 then we end the TB. Reported-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Reviewed-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7cd6de3bb1ca55dfa8f53fb9894803eb33f497b3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 27 12:00:50 2015 +0000 target-arm: Fix "no 64-bit EL2" assumption in arm_excp_unmasked() The code in arm_excp_unmasked() suppresses the ability of PSTATE.AIF to mask exceptions from a lower EL targeting EL2 or EL3 if the CPU is 64-bit. This is correct for a target of EL3, but not correct for targeting EL2. Further, we go to some effort to calculate scr and hcr values which are not used at all for the 64-bit CPU case. Rearrange the code to correctly implement the 64-bit CPU logic and keep the hcr/scr calculations in the 32-bit CPU codepath. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1444327729-4120-1-git-send-email-peter.maydell@xxxxxxxxxx Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 7e038b94e74e1c2d1b3598e2e4b0b5c8b79a7278 Merge: 9666248 a3e8a3f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 27 10:10:46 2015 +0000 Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging # gpg: Signature made Tue 27 Oct 2015 05:47:28 GMT using RSA key ID 398D6211 # gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211 * remotes/jasowang/tags/net-pull-request: net: free the string returned by object_get_canonical_path_component net: make iov_to_buf take right size argument in nc_sendv_compat() net: Remove duplicate data from query-rx-filter on multiqueue net devices vmxnet3: Do not fill stats if device is inactive options: Add documentation for filter-dump net/dump: Provide the dumping facility as a net-filter net/dump: Separate the NetClientState from the DumpState net/dump: Rework net-dump init functions net/dump: Add support for receive_iov function net: cadence_gem: Set initial MAC address Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a3e8a3f382363d5fd452cfc15f90a688d70023d9 Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Tue Oct 20 09:51:26 2015 +0800 net: free the string returned by object_get_canonical_path_component The value returned from object_get_canonical_path_component must be freed. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Cc: Jason Wang <jasowang@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit edc981443d5bd23e01639c2fbba4fbc2dc30204f Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Tue Oct 20 09:51:25 2015 +0800 net: make iov_to_buf take right size argument in nc_sendv_compat() We want "buf, sizeof(buf)" here. sizeof(buffer) is the size of a pointer, which is wrong. Thanks to Paolo for pointing it out. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Cc: Jason Wang <jasowang@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 5320c2caf43cc76748a1ffa0fdcaa9eb501d3fcd Author: Vladislav Yasevich <vyasevic@xxxxxxxxxx> Date: Mon Oct 19 09:04:38 2015 -0400 net: Remove duplicate data from query-rx-filter on multiqueue net devices When responding to a query-rx-filter command on a multiqueue netdev, qemu reports the data for each queue. The data, however, is not per-queue, but per device and the same data is reported multiple times. This causes confusion and may also cause extra unnecessary processing when looking at the data. Commit 638fb14169 (net: Make qmp_query_rx_filter() with name argument more obvious) partially addresses this issue, by limiting the output when the name is specified. However, when the name is not specified, the issue still persists. Signed-off-by: Vladislav Yasevich <vyasevic@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit eedeeeffd419ab149e0b0ad5fc4b7cf5e1db6274 Author: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Date: Thu Oct 15 13:54:30 2015 +0300 vmxnet3: Do not fill stats if device is inactive Guest OS may issue VMXNET3_CMD_GET_STATS even before device was activated (for example in linux, after insmod but prior net-dev open). Accessing shared descriptors prior device activation is illegal as the VMXNET3State structures have not been fully initialized. As a result, guest memory gets corrupted and may lead to guest OS crashes. Fix, by not filling the stats descriptors if device is inactive. Reported-by: Leonid Shatz <leonid.shatz@xxxxxxxxxxxxxxxxxx> Acked-by: Dmitry Fleytman <dmitry@xxxxxxxxxx> Signed-off-by: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> Signed-off-by: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit d3e0c032f52f4fb855f9bd2892ebd175a9d975a1 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Tue Oct 13 12:40:02 2015 +0200 options: Add documentation for filter-dump Add a short description for the filter-dump command line options. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 9d3e12e881bc97bc32ac75d146b5347136f29ca1 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Tue Oct 13 12:40:01 2015 +0200 net/dump: Provide the dumping facility as a net-filter Use the net-filter infrastructure to provide the dumping functions for netdev devices, too. Reviewed-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 75310e3486ab205d870560b75bbcaba72acb26d7 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Tue Oct 13 12:40:00 2015 +0200 net/dump: Separate the NetClientState from the DumpState With the upcoming dumping-via-netfilter patch, the DumpState should not be related to NetClientState anymore, so move the related information to a new struct called DumpNetClient. Reviewed-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 7bc3074c27bb1eae7c8ccacd920ba55454381786 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Tue Oct 13 12:39:59 2015 +0200 net/dump: Rework net-dump init functions Move the creation of the dump client from net_dump_init() into net_init_dump(), so we can later use the former function for dump via netfilter, too. Also rename net_dump_init() to net_dump_state_init() to make it easier distinguishable from net_init_dump(). Reviewed-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 43192fcc1ac0a61cf9e20a9034eae8d1e91f35c8 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Tue Oct 13 12:39:58 2015 +0200 net/dump: Add support for receive_iov function Adding a proper receive_iov function to the net dump module. This will make it easier to support the dump filter feature for the -netdev option in later patches. Reviewed-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit afb4c51fad8cf86104803fc17457b96e86172b98 Author: Sebastian Huber <sebastian.huber@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 12 10:25:01 2015 +0200 net: cadence_gem: Set initial MAC address Set initial MAC address to the one specified by the command line. Signed-off-by: Sebastian Huber <sebastian.huber@xxxxxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 9666248a85fd889bfb6118f769e9c73039b998ed Merge: 251d7e6 b1ecd51 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Oct 26 13:13:38 2015 +0000 Merge remote-tracking branch 'remotes/sstabellini/tags/xen-2015-10-26' into staging Xen 2015-10-26 # gpg: Signature made Mon 26 Oct 2015 11:32:50 GMT using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>" * remotes/sstabellini/tags/xen-2015-10-26: xen-platform: Replace assert() with appropriate error reporting xen_platform: switch to realize Qemu/Xen: Fix early freeing MSIX MMIO memory region Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b1ecd51bdbb0fc0a7026662b03e7e7df9d129ca0 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Oct 21 13:46:50 2015 -0200 xen-platform: Replace assert() with appropriate error reporting Commit dbb7405d8caad0814ceddd568cb49f163a847561 made it possible to trigger an assert using "-device xen-platform". Replace it with appropriate error reporting. Before: $ qemu-system-x86_64 -device xen-platform qemu-system-x86_64: hw/i386/xen/xen_platform.c:391: xen_platform_initfn: Assertion `xen_enabled()' failed. Aborted (core dumped) $ After: $ qemu-system-x86_64 -device xen-platform qemu-system-x86_64: -device xen-platform: xen-platform device requires the Xen accelerator $ Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 4098d49db549e20a2d87ca3cced28ace6e5864bf Author: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Date: Wed Oct 21 13:46:49 2015 -0200 xen_platform: switch to realize Use realize to initialize the xen_platform device Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 251d7e60148599be685c6f9f3921aee38dccef5c Merge: af25e72 7d4f4bd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Oct 26 11:32:20 2015 +0000 Merge remote-tracking branch 'remotes/elmarco/tags/ivshmem-pull-request' into staging ivshmem series # gpg: Signature made Mon 26 Oct 2015 09:27:46 GMT using RSA key ID 75969CE5 # gpg: Good signature from "Marc-André Lureau <marcandre.lureau@xxxxxxxxxx>" # gpg: aka "Marc-André Lureau <marcandre.lureau@xxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 87A9 BD93 3F87 C606 D276 F62D DAE8 E109 7596 9CE5 * remotes/elmarco/tags/ivshmem-pull-request: (51 commits) doc: document ivshmem & hugepages ivshmem: use little-endian int64_t for the protocol ivshmem: use kvm irqfd for msi notifications ivshmem: rename MSI eventfd_table ivshmem: remove EventfdEntry.vector ivshmem: add hostmem backend ivshmem: use qemu_strtosz() ivshmem: do not keep shm_fd open tests: add ivshmem qtest qtest: add qtest_add_abrt_handler() msix: implement pba write (but read-only) contrib: remove unnecessary strdup() ivshmem: add check on protocol version in QEMU docs: update ivshmem device spec ivshmem-server: fix hugetlbfs support ivshmem-server: use a uint16 for client ID ivshmem-client: check the number of vectors contrib: add ivshmem client and server util: const event_notifier_get_fd() argument ivshmem: reset mask on device reset ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4e494de66800747446e73b5ec0189ad7f4690908 Author: Lan Tianyu <tianyu.lan@xxxxxxxxx> Date: Sun Oct 11 23:19:24 2015 +0800 Qemu/Xen: Fix early freeing MSIX MMIO memory region msix->mmio is added to XenPCIPassthroughState's object as property. object_finalize_child_property is called for XenPCIPassthroughState's object, which calls object_property_del_all, which is going to try to delete msix->mmio. object_finalize_child_property() will access msix->mmio's obj. But the whole msix struct has already been freed by xen_pt_msix_delete. This will cause segment fault when msix->mmio has been overwritten. This patch is to fix the issue. Signed-off-by: Lan Tianyu <tianyu.lan@xxxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 7d4f4bdaf785dfe9fc41b06f85cc9aaf1b1474ee Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Wed Oct 7 16:31:47 2015 +0200 doc: document ivshmem & hugepages Document and give some examples of hugepages support with ivshmem device and server. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit f7a199b2b4486242271f769bb4bc2638c0413274 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Sep 24 12:55:01 2015 +0200 ivshmem: use little-endian int64_t for the protocol The current ivshmem protocol uses 'long' for integers. But the sizeof(long) depends on the host and the endianess is not defined, which may cause portability troubles. Instead, switch to using little-endian int64_t. This breaks the protocol, except on x64 little-endian host where this change should be compatible. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 660c97eef6f8f416c5dc24d3798e29f9f9f698fb Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jul 9 15:50:13 2015 +0200 ivshmem: use kvm irqfd for msi notifications Use irqfd for improving context switch when notifying the guest. If the host doesn't support kvm irqfd, regular msi notifications are still supported. Note: the ivshmem implementation doesn't allow switching between MSI and IO interrupts, this patch doesn't either. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0f57350e5c2ee0c6fe979f4d4b6d4e1de0c26e46 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Mon Jul 27 12:59:19 2015 +0200 ivshmem: rename MSI eventfd_table The array is used to have vector specific data, so use a more descriptive name. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit d160f3f7911bb1f99235ae211269c8f4422f2079 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Jul 24 18:52:19 2015 +0200 ivshmem: remove EventfdEntry.vector No need to store an extra int for the vector number when it can be computed easily by looking at the position in the array. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit d9453c93fea0c9c67f9c63bfa79a87631317d746 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 30 00:10:16 2015 +0200 ivshmem: add hostmem backend Instead of handling allocation, teach ivshmem to use a memory backend. This allows to use hugetlbfs backed memory now. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 2c04752cc8e37b15be4643570b49abb3128a8a46 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 30 00:06:03 2015 +0200 ivshmem: use qemu_strtosz() Use the common qemu utility function to parse the memory size. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit f689d2811a36894618087e1e2cc3ade78e758e94 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 30 00:04:19 2015 +0200 ivshmem: do not keep shm_fd open Remove shm_fd from device state, closing it as early as possible to avoid leaks. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit ddef6a0d68f641ca89466c697d191d07b7e6718c Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Wed Apr 2 16:57:48 2014 +0200 tests: add ivshmem qtest Adds 4 ivshmemtests: - single qemu instance and basic IO - pair of instances, check memory sharing - pair of instances with server, and MSIX - hot plug/unplug A temporary shm is created as well as a directory to place server socket, both should be clear on exit and abort. Cc: Cam Macdonell <cam@xxxxxxxxxxxxxx> Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 063c23d909a8d6c9f251347514e34835e0510294 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Jun 19 18:45:14 2015 +0200 qtest: add qtest_add_abrt_handler() Allow a test to add abort handlers, use GHook for all handlers. There is currently no way to remove a handler, but it could be later added if needed. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 43b11a91dd861a946b231b89b7542856ade23d1b Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Jun 26 14:25:29 2015 +0200 msix: implement pba write (but read-only) qpci_msix_pending() writes on pba region, causing qemu to SEGV: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7ffff7fba8c0 (LWP 25882)] 0x0000000000000000 in ?? () (gdb) bt #0 0x0000000000000000 in () #1 0x00005555556556c5 in memory_region_oldmmio_write_accessor (mr=0x5555579f3f80, addr=0, value=0x7fffffffbf68, size=4, shift=0, mask=4294967295, attrs=...) at /home/elmarco/src/qemu/memory.c:434 #2 0x00005555556558e1 in access_with_adjusted_size (addr=0, value=0x7fffffffbf68, size=4, access_size_min=1, access_size_max=4, access=0x55555565563e <memory_region_oldmmio_write_accessor>, mr=0x5555579f3f80, attrs=...) at /home/elmarco/src/qemu/memory.c:506 #3 0x00005555556581eb in memory_region_dispatch_write (mr=0x5555579f3f80, addr=0, data=0, size=4, attrs=...) at /home/elmarco/src/qemu/memory.c:1176 #4 0x000055555560b6f9 in address_space_rw (as=0x555555eff4e0 <address_space_memory>, addr=3759147008, attrs=..., buf=0x7fffffffc1b0 "", len=4, is_write=true) at /home/elmarco/src/qemu/exec.c:2439 #5 0x000055555560baa2 in cpu_physical_memory_rw (addr=3759147008, buf=0x7fffffffc1b0 "", len=4, is_write=1) at /home/elmarco/src/qemu/exec.c:2534 #6 0x000055555564c005 in cpu_physical_memory_write (addr=3759147008, buf=0x7fffffffc1b0, len=4) at /home/elmarco/src/qemu/include/exec/cpu-common.h:80 #7 0x000055555564cd9c in qtest_process_command (chr=0x55555642b890, words=0x5555578de4b0) at /home/elmarco/src/qemu/qtest.c:378 #8 0x000055555564db77 in qtest_process_inbuf (chr=0x55555642b890, inbuf=0x55555641b340) at /home/elmarco/src/qemu/qtest.c:569 #9 0x000055555564dc07 in qtest_read (opaque=0x55555642b890, buf=0x7fffffffc2e0 "writel 0xe0100800 0x0\n", size=22) at /home/elmarco/src/qemu/qtest.c:581 #10 0x000055555574ce3e in qemu_chr_be_write (s=0x55555642b890, buf=0x7fffffffc2e0 "writel 0xe0100800 0x0\n", len=22) at qemu-char.c:306 #11 0x0000555555751263 in tcp_chr_read (chan=0x55555642bcf0, cond=G_IO_IN, opaque=0x55555642b890) at qemu-char.c:2876 #12 0x00007ffff64c9a8a in g_main_context_dispatch (context=0x55555641c400) at gmain.c:3122 (without this patch, this can be reproduced with the ivshmem qtest) Implement an empty mmio write to avoid the crash. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 45b00c44ceffeac8143fb8857a12677234114f2b Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Wed Jun 24 13:33:32 2015 +0200 contrib: remove unnecessary strdup() getopt() optarg points to argv memory, no need to dup those values, fixes small leaks detected by clang-analyzer. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@xxxxxxxxxxxxx> commit 5105b1d8c2d1ad4a25b8806e86c0f012936b2eed Author: David Marchand <david.marchand@xxxxxxxxx> Date: Tue Jun 16 17:43:34 2015 +0200 ivshmem: add check on protocol version in QEMU Send a protocol version as the first message from server, clients must close communication if they don't support this protocol version. Older QEMUs should be fine with this change in the protocol since they overrides their own vm_id on reception of an id associated to no eventfd. Signed-off-by: David Marchand <david.marchand@xxxxxxxxx> Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> [use fifo_update_and_get()] Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 8c4ef202b901d25b88efc55398d4a76dfb2594de Author: David Marchand <david.marchand@xxxxxxxxx> Date: Mon Sep 8 11:17:49 2014 +0200 docs: update ivshmem device spec Add some notes on the parts needed to use ivshmem devices: more specifically, explain the purpose of an ivshmem server and the basic concept to use the ivshmem devices in guests. Move some parts of the documentation and re-organise it. Signed-off-by: David Marchand <david.marchand@xxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 1e21feb6280222a230fda1d87318ab58adde188f Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Mon Jun 29 19:53:15 2015 +0200 ivshmem-server: fix hugetlbfs support As pointed out on the ML by Andrew Jones, glibc no longer permits creating POSIX shm on hugetlbfs directly. When given a hugetlbfs path, create a shareable file there. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@xxxxxxxxxxxxx> commit 022cffe31360750b405d368e343f3ca5febc0d0a Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 17:09:59 2015 +0200 ivshmem-server: use a uint16 for client ID In practice, the number of VM is limited to MAXUINT16 in ivshmem, so use the same limit on the server (removes a theorical infinite loop) Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 95204aa951ceb28eb6d4ce43bce09a58cbad83d8 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 16:41:58 2015 +0200 ivshmem-client: check the number of vectors Check the number of vectors received from the server, to avoid out of bound array access. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit a75eb03b9fca3af291ec2c433ddda06121ae927d Author: David Marchand <david.marchand@xxxxxxxxx> Date: Mon Sep 8 11:17:48 2014 +0200 contrib: add ivshmem client and server When using ivshmem devices, notifications between guests can be sent as interrupts using a ivshmem-server (typical use described in documentation). The client is provided as a debug tool. Signed-off-by: Olivier Matz <olivier.matz@xxxxxxxxx> Signed-off-by: David Marchand <david.marchand@xxxxxxxxx> [fix a valgrind warning, option and server_close() segvs, extra server headers includes, getopt() return type, out-of-tree build, use qemu event_notifier instead of eventfd, fix x86/osx warnings - Marc-André] Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 12f0b68c82356e4dd24f2f0d370b21eb17f1f42e Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Oct 13 12:12:16 2015 +0200 util: const event_notifier_get_fd() argument Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 972ad21553fd46738eea91f0085c7bc32cf68d86 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 14:13:08 2015 +0200 ivshmem: reset mask on device reset The interrupt mask is a state value, it should be reset, like the interrupt status. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 1ee57de444ac7dd0cdb091fec318ba056ed173fd Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 14:07:11 2015 +0200 ivshmem: error on too many eventfd received The number of eventfd that can be handled per peer is limited by the number of vectors. Return an error when receiving too many of them. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit f456179fae249a420dce38a02ad7e2efc6be37cf Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 13:38:46 2015 +0200 ivshmem: replace 'guest' for 'peer' appropriately The terms 'guest' and 'peer' are used sometime interchangeably which may be confusing. Instead, use 'peer' for the remote instances of ivshmem clients, and 'guest' for the local VM. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit f64a078d45a4c1d1da074d1c306a5a4994dcda89 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 12:57:16 2015 +0200 ivshmem: fix pci_ivshmem_exit() Free all objects owned by the device, making sure the device is free, fixing hot-unplug. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit d383537d01c1f23d783955963e234d11fce8ec02 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 13:01:40 2015 +0200 ivshmem: add device description Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 945001a1af36eafd093b6b1582f5282932cd3d87 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 12:55:41 2015 +0200 ivshmem: check shm isn't already initialized The server should not change the shm, and this isn't handled by qemu and we should should verify this in qemu. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 86d471bfa4262fa983c0214ace7336843e2181a2 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 12:53:42 2015 +0200 ivshmem: shmfd can be 0 0 is a valid fd value, so change conditions and set -1 value early Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 1f8552df2c7935a4cf883bda22acbe2adbf7d579 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 14:05:46 2015 +0200 ivshmem: migrate with VMStateDescription load_state_old() is used to keep compatibility with version 0. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit e309366337d636689730f6484e388e46db7b5654 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 16:10:33 2015 +0200 ivshmem: use common is_power_of_2() The common version correctly checks for 0 value case. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 6f8a16d55daac5657ccbcf953140685048e15ace Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Jun 19 12:21:46 2015 +0200 ivshmem: use common return Both if branches return, move this out to common end. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 9a2f0e64aeb4c7891244785e88b2b0cfa1d61742 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Jun 19 12:19:55 2015 +0200 ivshmem: simplify a bit the code Use some more explicit variables to simplify the code. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit ffa99afd6e4d354cdfae44cc43a2ca7ef056eb35 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 13:34:09 2015 +0200 ivshmem: print error on invalid peer id The server shouldn't send invalid peer id, so print an error if it's the case. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 36617792b45b5d46d574af4f6ebb3f35c77d1e69 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 14:39:49 2015 +0200 ivshmem: improve error handling The test whether the chardev is an AF_UNIX socket rejects "-chardev socket,id=chr0,path=/tmp/foo,server,nowait -device ivshmem,chardev=chr0", but fails to explain why. Use an explicit error on why a chardev may be rejected. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit f59bb37898d6ff44cdf68bfbadaf3bd260ae465e Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 15:04:13 2015 +0200 ivshmem: improve debug messages Some misc improvements to ivshmem debug. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 95c8425cc3a316c998a7e306799ec6d29811bc32 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Jun 19 12:17:26 2015 +0200 ivshmem: remove max_peer field max_peer isn't really useful, it tracks the maximum received VM id, but that quickly matches nb_peers, the size of the peers array. Since VM come and go, there might be sparse peers so it doesn't help much in general to have this value around. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 95e7c8a0f690f9a0c8b70fd1a4de60bd944371b8 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 25 13:49:09 2015 +0200 ivshmem: initialize max_peer to -1 There is no peer when device is initialized, do not let doorbell for inexisting peer 0. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit d8a5da075a919f7b42f2182cc55f5d3e7e60b264 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 15:00:52 2015 +0200 ivshmem: remove useless ivshmem_update_irq() val argument val isn't used in ivshmem_update_irq() function. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 81e507f0bc584f417cb671e88da3f049cb4defb1 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Sep 15 17:23:07 2015 +0200 ivshmem: allocate eventfds in resize_peers() It simplifies a bit the code to allocate the array when setting the number of peers instead of lazily when receiving the first vector. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 1300b2733a297f9a59deb4eebbd437a5833f3f41 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Sep 15 17:21:37 2015 +0200 ivshmem: simplify around increase_dynamic_storage() Set the number of peers and array allocation in a single place. Rename to better reflect the function content. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 61ea2d8648d32b8e84da62f142dc08fa9ee5b7b9 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Sep 15 16:55:10 2015 +0200 ivshmem: limit maximum number of peers to G_MAXUINT16 Limit the maximum number of peers to MAXUINT16. This is more realistic and better matches the limit of the doorbell register. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 03977ad552874f6598a8f0ef3089e6846ba01a2b Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Mon Jun 22 12:55:16 2015 +0200 ivshmem: remove last exit(1) Failing to create a chardev shouldn't be fatal. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit d58d7e848ec6d5bcd19634212d58dec5f1efbdb8 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 14:59:28 2015 +0200 ivshmem: more qdev conversion Use the latest qemu device modeling API, in particular, convert to realize to fix the error handling; right now a botched device_add ivhsmem command kills the VM. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 49b2951f8416b356001d7b32625da0c555f0d1ce Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 16:17:48 2015 +0200 ivshmem: remove useless doorbell field Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 9113e3f394e0a8569713b7aa9ece3e37cb9b61e8 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 16:24:33 2015 +0200 ivshmem: remove superflous ivshmem_attr field Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit dee2151e7260a65c27495e9cbfc1931d9c9083d9 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Mon Jun 22 12:38:34 2015 +0200 ivshmem: remove unnecessary dup() qemu_chr_fe_get_msgfd() transfers ownership, there is no need to dup the fd. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 0f14fd71c170278b35b46d8ae214473680905606 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 17:56:37 2015 +0200 ivshmem: factor out the incoming fifo handling Make a new function fifo_update_and_get() that can be reused by other functions (in next commits). Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 951dada665041e8199e8c572d2981773fa2f0d8c Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 17:53:46 2015 +0200 ivshmem: fix number of bytes to push to fifo If the fifo has 0 bytes, and the read is of size 1, the call to fifo8_push_all() will copy off boundary data. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit b8ab854b27e9b88d9b85b4c572049b29cb96de43 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Jun 19 13:00:32 2015 +0200 ivhsmem: read do not accept more than sizeof(long) ivshmem_read() only reads sizeof(long) from the input buffer. Accepting more could lead to fifo8 abort() on 32bit systems if fifo is not empty. A following patch will change the protocol to 64-bit little-endian instead. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit c246a62f26e5afa8285b21e641b33456f1e69c99 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 14:05:13 2015 +0200 msix: add VMSTATE_MSIX_TEST ivshmem is going to use MSIX state conditionally. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 1ad78ea51aad7978638299a27004049935c2d913 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Mon Jun 22 18:20:18 2015 +0200 char: add qemu_chr_free() If a chardev is allowed to be created outside of QMP, then it must be also possible to free it. This is useful for ivshmem that creates chardev anonymously and must be able to free them. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit bbfc2efefe9779f85dfe2713aec1568b1ba871ad Author: Andreas Färber <afaerber@xxxxxxx> Date: Sun Oct 11 00:18:32 2015 +0200 tests: Add ivshmem qtest Note that it launches two instances, as sharing memory is the purpose of ivshmem. Cc: Cam Macdonell <cam@xxxxxxxxxxxxxx> Cc: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> [ Remove Nahanni codename, add test to pci set - Marc-André ] Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit dd054be35fa355a6ebeab58618d7ff662247a9f6 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Mon Oct 12 15:25:55 2015 +0200 config: enable ivshmem on POSIX ivshmem doesn't actually require kvm, so enable it when POSIX is enabled. (it is required however when ioeventfd is enabled) Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit af25e7277d3e95a3ea31023f31d8097ab5e2ac84 Merge: bc79082 c07bc2c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 23 18:14:42 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches # gpg: Signature made Fri 23 Oct 2015 17:59:56 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: (37 commits) tests: Add test case for aio_disable_external block: Add "drained begin/end" for internal snapshot block: Add "drained begin/end" for transactional blockdev-backup block: Add "drained begin/end" for transactional backup block: Add "drained begin/end" for transactional external snapshot block: Introduce "drained begin/end" API aio: introduce aio_{disable,enable}_external dataplane: Mark host notifiers' client type as "external" nbd: Mark fd handlers client type as "external" aio: Add "is_external" flag for event handlers throttle: Remove throttle_group_lock/unlock() blockdev: Allow more options for BB-less BDS tree blockdev: Pull out blockdev option extraction blockdev: Do not create BDS for empty drive block: Prepare for NULL BDS block: Add blk_insert_bs() block: Prepare remaining BB functions for NULL BDS block: Fail requests to empty BlockBackend block: Make some BB functions fall back to BBRS block: Add BlockBackendRootState ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c07bc2c1658fffeee08eb46402b2f66d55b07586 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:14 2015 +0800 tests: Add test case for aio_disable_external Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 507306cc8ee7981894a96c380f42d80e2674cb04 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:13 2015 +0800 block: Add "drained begin/end" for internal snapshot This ensures the atomicity of the transaction by avoiding processing of external requests such as those from ioeventfd. state->bs is assigned right after bdrv_drained_begin. Because it was used as the flag for deletion or not in abort, now we need a separate flag - InternalSnapshotState.created. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ff52bf36a3a6c63b7528fbe64e9ed9976b221e68 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:12 2015 +0800 block: Add "drained begin/end" for transactional blockdev-backup Similar to the previous patch, make sure that external events are not dispatched during transaction operations. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 1fdd4b7be3655d39c3594bc215eb1df5ce225c7d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:11 2015 +0800 block: Add "drained begin/end" for transactional backup This ensures the atomicity of the transaction by avoiding processing of external requests such as those from ioeventfd. Move the assignment to state->bs up right after bdrv_drained_begin, so that we can use it in the clean callback. The abort callback will still check bs->job and state->job, so it's OK. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit da763e83012c066ebe3effbaa8e7e7c8f78b0fbf Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:10 2015 +0800 block: Add "drained begin/end" for transactional external snapshot This ensures the atomicity of the transaction by avoiding processing of external requests such as those from ioeventfd. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 51288d7917e5c5b088985aaa7ff3592561fbc2ba Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:09 2015 +0800 block: Introduce "drained begin/end" API The semantics is that after bdrv_drained_begin(bs), bs will not get new external requests until the matching bdrv_drained_end(bs). Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit c1e1e5fa8f25f9061b076a05045a6d4950d1a891 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:08 2015 +0800 aio: introduce aio_{disable,enable}_external Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 3a1e8074d74ad2acbcedf28d35aebedc3573f19e Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:07 2015 +0800 dataplane: Mark host notifiers' client type as "external" They will be excluded by type in the nested event loops in block layer, so that unwanted events won't be processed there. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 172cc129a5ae58d36feb51f97fd67e2161ae5cc6 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:06 2015 +0800 nbd: Mark fd handlers client type as "external" So we could distinguish it from internal used fds, thus avoid handling unwanted events in nested aio polls. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit dca21ef23ba48f6f1428c59f295a857e5dc203c8 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:05 2015 +0800 aio: Add "is_external" flag for event handlers All callers pass in false, and the real external ones will switch to true in coming patches. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d87d01e16a0e59a6af9634162cf0ded142b43e0d Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 21 21:36:05 2015 +0300 throttle: Remove throttle_group_lock/unlock() The group throttling code was always meant to handle its locking internally. However, bdrv_swap() was touching the ThrottleGroup structure directly and therefore needed an API for that. Now that bdrv_swap() no longer exists there's no need for the throttle_group_lock() API anymore. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit bd745e238bb9432f40c875b6b4ad96a3d90e16a0 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:32 2015 +0200 blockdev: Allow more options for BB-less BDS tree Most of the options which blockdev_init() parses for both the BlockBackend and the root BDS are valid for just the root BDS as well (e.g. read-only). This patch allows specifying these options even if not creating a BlockBackend. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit fbf8175eac92cca541efb1ac4a202fba941b78df Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:31 2015 +0200 blockdev: Pull out blockdev option extraction Extract some of the blockdev option extraction code from blockdev_init() into its own function. This simplifies blockdev_init() and will allow reusing the code in a different function added in a follow-up patch. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5ec18f8c83583b7e22ed4dd360cd937da801ca40 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:30 2015 +0200 blockdev: Do not create BDS for empty drive Do not use "rudimentary" BDSs for empty drives any longer (for freshly created drives). After a follow-up patch, empty drives will generally use a NULL BDS, not only the freshly created drives. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5433c24f0f9306c82ad9bcc2b2b586e5f0ed8fa5 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:29 2015 +0200 block: Prepare for NULL BDS blk_bs() will not necessarily return a non-NULL value any more (unless blk_is_available() is true or it can be assumed to otherwise, e.g. because it is called immediately after a successful blk_new_with_bs() or blk_new_open()). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 0c3c36d651922ebe9244e68e6d9ed14cdfcac9fd Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:28 2015 +0200 block: Add blk_insert_bs() This function associates the given BlockDriverState with the given BlockBackend. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a46fc9c95012f3d7ed2b29b59f042246d62a08d7 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:27 2015 +0200 block: Prepare remaining BB functions for NULL BDS There are several BlockBackend functions which, in theory, cannot fail. This patch makes them cope with the BlockDriverState pointer being NULL by making them fall back to some default action like ignoring the value in setters and returning the default in getters. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit c09ba36c9ab62e3043041e429205f57ffbe3ba8b Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:26 2015 +0200 block: Fail requests to empty BlockBackend If there is no BlockDriverState in a BlockBackend or if the tray of the guest device is open, fail all requests (where that is possible) with -ENOMEDIUM. The reason the status of the guest device is taken into account is because once the guest device's tray is opened, any request on the same BlockBackend as the guest uses should fail. If the BDS tree is supposed to be usable even after ejecting it from the guest, a different BlockBackend must be used. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 061959e8da5af59343e2c75d55c40f366d0164f9 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:25 2015 +0200 block: Make some BB functions fall back to BBRS If there is no BDS tree attached to a BlockBackend, functions that can do so should fall back to the BlockBackendRootState structure. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 281d22d86ca26bf356284719e44c4bc66b716415 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:24 2015 +0200 block: Add BlockBackendRootState This structure will store some of the state of the root BDS if the BDS tree is removed, so that state can be restored once a new BDS tree is inserted. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 973f2ddf7b48c27aa8642047796cca3bec0b48d8 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:23 2015 +0200 block/throttle-groups: Make incref/decref public Throttle groups are not necessarily referenced by BDSs alone; a later patch will essentially allow BBs to reference them, too. Make the ref/unref functions public so that reference can be properly accounted for. Their interface is slightly adjusted in that they return and take a ThrottleState pointer, respectively, instead of a ThrottleGroup pointer. Functionally, they are equivalent, but since ThrottleGroup is not meant to be used outside of block/throttle-groups.c, ThrottleState is easier to handle. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 373340b26caa1572cf0f155131569dfc527aa133 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:22 2015 +0200 block: Move I/O status and error actions into BB These options are only relevant for the user of a whole BDS tree (like a guest device or a block job) and should thus be moved into the BlockBackend. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7f0e9da6f134c5303be51333696e1ff54697f3e0 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:21 2015 +0200 block: Move BlockAcctStats into BlockBackend As the comment above bdrv_get_stats() says, BlockAcctStats is something which belongs to the device instead of each BlockDriverState. This patch therefore moves it into the BlockBackend. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 53d8f9d8fbf85f04d423958248f8c2fbe1ece192 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:20 2015 +0200 block: Remove wr_highest_sector from BlockAcctStats BlockAcctStats contains statistics about the data transferred from and to the device; wr_highest_sector does not fit in with the rest. Furthermore, those statistics are supposed to be specific for a certain device and not necessarily for a BDS (see the comment above bdrv_get_stats()); on the other hand, wr_highest_sector may be a rather important information to know for each BDS. When BlockAcctStats is finally removed from the BDS, we will want to keep wr_highest_sector in the BDS. Finally, wr_highest_sector is renamed to wr_highest_offset and given the appropriate meaning. Externally, it is represented as an offset so there is no point in doing something different internally. Its definition is changed to match that in qapi/block-core.json which is "the offset after the greatest byte written to". Doing so should not cause any harm since if external programs tried to calculate the volume usage by (wr_highest_offset + 512) / volume_size, after this patch they will just assume the volume to be full slightly earlier than before. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 68e9ec017bb00b96633d48b5bf039a37daa3bc21 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:19 2015 +0200 block: Move guest_block_size into BlockBackend guest_block_size is a guest device property so it should be moved into the interface between block layer and guest devices, which is the BlockBackend. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4981bdec0d9b3ddd3e1474de5aa9918f120b54f7 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:18 2015 +0200 block: Fix BB AIOCB AioContext without BDS Fix the BlockBackend's AIOCB AioContext for aborting AIO in case there is no BDS. If there is no implementation of AIOCBInfo::get_aio_context() the AioContext is derived from the BDS the AIOCB belongs to. If that BDS is NULL (because it has been removed from the BB) this will not work. This patch makes blk_get_aio_context() fall back to the main loop context if the BDS pointer is NULL and implements AIOCBInfo::get_aio_context() (blk_aiocb_get_aio_context()) which invokes blk_get_aio_context(). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7d3467d903c0fa663fbe3f1002e7c624a210b634 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:17 2015 +0200 hw/usb-storage: Check whether BB is inserted Only call bdrv_add_key() on the BlockDriverState if it is not NULL. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 2e1280e8ff95b3145bc6262accc9d447718e5318 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:16 2015 +0200 hw/block/fdc: Implement tray status The tray of an FDD is open iff there is no medium inserted (there are only two states for an FDD: "medium inserted" or "no medium inserted"). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b4d02820d95e025e57d82144f7b2ccd677ac2418 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:15 2015 +0200 block: Invoke change media CB before NULLing drv In order to handle host device passthrough, some guest device models may call blk_is_inserted() to check whether the medium is inserted on the host, when checking the guest tray status. This tray status is inquired by blk_dev_change_media_cb(); because bdrv_is_inserted() (invoked by blk_is_inserted()) always returns false for BDS with drv set to NULL, blk_dev_change_media_cb() should therefore be called before drv is set to NULL. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 1354c473789a91ba603d40bdf2521e3221c0a69f Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:14 2015 +0200 block/raw_bsd: Drop raw_is_inserted() With the new automatically-recursive implementation of bdrv_is_inserted() checking by default whether all the children of a BDS are inserted, we can drop raw's own implementation. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 28d7a78996ae73e681d0e061a4be446ed2240c97 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:13 2015 +0200 block: Make bdrv_is_inserted() recursive If bdrv_is_inserted() is called on the top level BDS, it should make sure all nodes in the BDS tree are actually inserted. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit db0284f86a31ec66d138f0f7794321c306af969e Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:12 2015 +0200 block: Add blk_is_available() blk_is_available() returns true iff the BDS is inserted (which means blk_bs() is not NULL and bdrv_is_inserted() returns true) and if the tray of the guest device is closed. blk_is_inserted() is changed to return true only if blk_bs() is not NULL. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e031f750483377a5e5de4c92af68dfa68e4d0aae Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:11 2015 +0200 block: Make bdrv_is_inserted() return a bool Make bdrv_is_inserted(), blk_is_inserted(), and the callback BlockDriver.bdrv_is_inserted() return a bool. Suggested-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8e9e653038db97bfd343c3fb217b7bf4da765a89 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:10 2015 +0200 iotests: Only create BB if necessary Tests 071 and 081 test giving references in blockdev-add. It is not necessary to create a BlockBackend here, so omit it. While at it, fix up some blockdev-add invocations in the vicinity (s/raw/$IMGFMT/ in 081, drop the format BDS for blkverify's raw child in 071). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit be4b67bc7d99da26b7878f7f45370f50a3bd4af5 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:09 2015 +0200 blockdev: Allow creation of BDS trees without BB If the "id" field is missing from the options given to blockdev-add, just omit the BlockBackend and create the BlockDriverState tree alone. However, if "id" is missing, "node-name" must be specified; otherwise, the BDS tree would no longer be accessible. Many BDS options which are not parsed by bdrv_open() (like caching) cannot be specified for these BB-less BDS trees yet. A future patch will remove this limitation. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d44f928a54497188c25357840a3224925d1b527b Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:08 2015 +0200 block: Set BDRV_O_INCOMING in bdrv_fill_options() This flag should not be set for the root BDS only, but for any BDS that is being created while incoming migration is pending, so setting it is moved from blockdev_init() to bdrv_fill_options(). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit f709623b3d30096c629f6a368670c9cf668da83f Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:07 2015 +0200 block: Remove host floppy support It has been deprecated as of 2.3, so we can now remove it. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit bc79082e4cd12c1241fa03b0abceacf45f537740 Merge: 1e700f4 31bfa2a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 23 16:35:43 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 queue, 2015-10-23 # gpg: Signature made Fri 23 Oct 2015 16:30:58 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" * remotes/ehabkost/tags/x86-pull-request: vl: trivial: minor tweaks to a max-cpu error msg target-i386: Use 1UL for bit shift target-i386: Add DE to TCG_FEATURES target-i386: Ensure always-1 bits on DR6 can't be cleared target-i386: Check CR4[DE] for processing DR4/DR5 target-i386: Handle I/O breakpoints target-i386: Optimize setting dr[0-3] target-i386: Move hw_*breakpoint_* functions target-i386: Ensure bit 10 on DR7 is never cleared target-i386: Re-introduce optimal breakpoint removal target-i386: Introduce cpu_x86_update_dr7 target-i386: Disable cache info passthrough by default target-i386: allow any alignment for SMBASE Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 31bfa2a40004204aee503c6417fbafb5d17e0a51 Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Sun Oct 18 19:35:27 2015 +0200 vl: trivial: minor tweaks to a max-cpu error msg Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> commit 72370dc1149d7c90d2c2218e0d0658bee23a5bf7 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Tue Sep 29 17:34:22 2015 -0300 target-i386: Use 1UL for bit shift Fix undefined behavior detected by clang runtime check: qemu/target-i386/cpu.c:1494:15: runtime error: left shift of 1 by 31 places cannot be represented in type 'int' While doing that, add extra parenthesis for clarity. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit b6c5a6f021f485fc36bca678b2c867e9b6783924 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Oct 7 16:39:43 2015 -0300 target-i386: Add DE to TCG_FEATURES Now DE is supported by TCG so it can be enabled in CPUID bits. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 462f8ed1f1eac189ef50d9586eae8af90dbe426f Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Oct 7 17:19:18 2015 -0300 target-i386: Ensure always-1 bits on DR6 can't be cleared Bits 4-11 and 16-31 on DR6 are documented as always 1, so ensure they can't be cleared by software. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit d0052339236072bbf08c1d600c0906126b1ab258 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 15 11:45:13 2015 -0700 target-i386: Check CR4[DE] for processing DR4/DR5 Introduce helper_get_dr so that we don't have to put CR4[DE] into the scarce HFLAGS resource. At the same time, rename helper_movl_drN_T0 to helper_set_dr and set the helper flags. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 5223a9423c5fb9e32b0c3eaaa2c0bf8c5cfd6866 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Oct 19 15:14:35 2015 -0200 target-i386: Handle I/O breakpoints Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 7525b55051277717329cf64a9e1d5cff840d6f38 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 15 11:45:11 2015 -0700 target-i386: Optimize setting dr[0-3] If the debug register is not enabled, we need do nothing besides update the register. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 696ad9e4b27a49a9706010d00b31b17fe1f0d569 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 15 11:45:10 2015 -0700 target-i386: Move hw_*breakpoint_* functions They're only used from bpt_helper.c now. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 9055330ffbf5ca85f024c29874799d9c8bd17aa9 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Oct 8 17:10:27 2015 -0300 target-i386: Ensure bit 10 on DR7 is never cleared Bit 10 of DR7 is documented as always set to 1, so ensure that's always the case. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 36eb6e096729f9aade3a6af7dbe4d0a990335d7e Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 15 11:45:09 2015 -0700 target-i386: Re-introduce optimal breakpoint removal Before the last patch, we had an efficient loop that disabled local breakpoints on task switch. Re-add that, but in a more general way that handles changes to the global enable bits too. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 93d00d0fbe4711061834730fb70525d167b6f908 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 15 11:45:08 2015 -0700 target-i386: Introduce cpu_x86_update_dr7 This moves the last of the iteration over breakpoints into the bpt_helper.c file. This also allows us to make several breakpoint functions static. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit e265e3e48049fbece9eaf536aa00ca41aa3c54d0 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Sep 2 11:19:11 2015 -0300 target-i386: Disable cache info passthrough by default The host cache information may not make sense for the guest if the VM CPU topology doesn't match the host CPU topology. To make sure we won't expose broken cache information to the guest, disable cache info passthrough by default, and add a new "host-cache-info" property that can be used to enable the old behavior for users that really need it. Cc: Benoît Canet <benoit@xxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit dd75d4fcb4a82c34d4f466e7fc166162b71ff740 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 18:25:40 2015 +0200 target-i386: allow any alignment for SMBASE Processors up to the Pentium (says Bochs---I do not have old enough manuals) require a 32KiB alignment for the SMBASE, but newer processors do not need that, and Tiano Core will use non-aligned SMBASE values. Reported-by: Michael D Kinney <michael.d.kinney@xxxxxxxxx> Cc: Laszlo Ersek <lersek@xxxxxxxxxx> Cc: Jordan Justen <jordan.l.justen@xxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 1e700f4c6cddaf29ce1d205f0f8e8b9255481930 Merge: 147482a b3e9e58 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 23 15:55:50 2015 +0100 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-10-23-tag' into staging qemu-ga patch queue * unbreak qga-test unit test on travis-ci systems by not assuming a disk-based filesystem must be present # gpg: Signature made Fri 23 Oct 2015 15:01:47 BST using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" * remotes/mdroth/tags/qga-pull-2015-10-23-tag: tests: test-qga, loosen assumptions about host filesystems Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b3e9e584fcef49be8ca0c355d11030f0bf6231b0 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Tue Oct 20 11:17:36 2015 -0500 tests: test-qga, loosen assumptions about host filesystems QGA skips pseudo-filesystems when querying filesystems via guest-get-fsinfo. On some hosts, such as travis-ci which uses containers with simfs filesystems, QGA might not report *any* filesystems. Our test case assumes there would be at least one, leading to false error messages in these situations. Instead, sanity-check values iff we get at least one filesystem. Cc: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 147482ae35b896808af68c0051ad86d3aae12979 Merge: 431429a 659f7f6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 23 13:09:09 2015 +0100 Merge remote-tracking branch 'remotes/dgibson/tags/ppc-next-20151023' into staging ppc patch queue - 2015-10-23 sPAPR highlights: * Allow VFIO devices on the spapr-pci-host-bridge * Allow virtio VGA * Safer handling of HTAB allocation * ibm,pa-features device tree property non-sPAPR highlights: * Categorization of many ppc specific devices in help output * Tweaks to MMU type constants # gpg: Signature made Fri 23 Oct 2015 07:27:56 BST using RSA key ID 20D9B392 # gpg: Good signature from "David Gibson <david@xxxxxxxxxxxxxxxxxxxxx>" # gpg: aka "David Gibson (Red Hat) <dgibson@xxxxxxxxxx>" # gpg: aka "David Gibson (ozlabs.org) <dgibson@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392 * remotes/dgibson/tags/ppc-next-20151023: (21 commits) prep: do not use CPU_LOG_IOPORT, convert to tracepoints openpic: add to misc category macio-nvram: add to misc category macio: add to bridge category uninorth: add to bridge category macio-ide: add to storage category cuda: add to bridge category grackle: add to bridge category escc: add to input category cmd646: add to storage category adb: add to input category ppc/spapr: Add "ibm,pa-features" property to the device-tree ppc: Add mmu_model defines for arch 2.03 and 2.07 hw/scsi/spapr_vscsi: Remove superfluous memset spapr_pci: Allow VFIO devices to work on the normal PCI host bridge spapr_iommu: Provide a function to switch a TCE table to allowing VFIO spapr_iommu: Rename vfio_accel parameter spapr_pci: Allow PCI host bridge DMA window to be configured spapr: Add "slb-size" property to CPU device tree nodes spapr: Abort when HTAB of requested size isn't allocated ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 431429a5b802fccf2701c37f580307c6979f4c3e Merge: dfbe064 9024603 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 23 12:09:02 2015 +0100 Merge remote-tracking branch 'remotes/berrange/tags/qcrypto-fixes-pull-20151022-2' into staging Merge qcrypto-fixes 2015/10/22 # gpg: Signature made Thu 22 Oct 2015 19:03:45 BST using RSA key ID 15104FDF # gpg: Good signature from "Daniel P. Berrange <dan@xxxxxxxxxxxx>" # gpg: aka "Daniel P. Berrange <berrange@xxxxxxxxxx>" * remotes/berrange/tags/qcrypto-fixes-pull-20151022-2: configure: avoid polluting global CFLAGS with tasn1 flags crypto: add sanity checking of plaintext/ciphertext length crypto: don't let builtin aes crash if no IV is provided crypto: allow use of nettle/gcrypt to be selected explicitly Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dfbe0642ef8e643e7e41956c8ca97f1acc9464a9 Merge: 6a6739d 7f4a930 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 23 10:24:08 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging vhost: build fix Fix build breakages when using older gcc. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu 22 Oct 2015 20:36:07 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: vhost-user: fix up rhel6 build Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 659f7f65561e78d720986d61f3112c54a97b2b96 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Oct 16 15:16:11 2015 +0200 prep: do not use CPU_LOG_IOPORT, convert to tracepoints These messages are disabled by default; a perfect usecase for tracepoints. Convert them over. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 29f8dd66e89d59f66105af9065c10e21f85cc653 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:12 2015 +0200 openpic: add to misc category openpic is a programmable interrupt controller, so add it to the misc category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 175fe9e7c886263258602262c341c472bc64be42 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:11 2015 +0200 macio-nvram: add to misc category The macio nvram is a non volatile RAM, so add it the misc category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit f9f2a9f26f74b4572c51e74be7fd97fa34c920d3 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:10 2015 +0200 macio: add to bridge category macio is a bridge between the PCI bus and the Mac nvram, IDE controller and PIC, so add it to the bridge category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 1d16f86a433a323691dcfd0f71acdc7592c114fc Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:09 2015 +0200 uninorth: add to bridge category Uninorth is the mac99 PCI host controller, so add it to the bridge category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 3469d9bce86d2e387777addb25ed8b80b7e9d2a1 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:08 2015 +0200 macio-ide: add to storage category macio-ide is an IDE controller, so add it to the storage category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 599d7326c35d323c0a2cf18ebf65c613979e7f65 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:07 2015 +0200 cuda: add to bridge category Cuda is a bridge between PowerMac system bus and the ADB controller, real-time clock, pram and the power management unit. So add it to the bridge category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit e16244355f8d5efc94df965b1f6a5a0b6c50a2f2 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:06 2015 +0200 grackle: add to bridge category Grackle is the PCI host controller of oldworld powermac, so add it to the bridge category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit f8d4c07c7807d0f7be02f42d2ee849d2eea4141e Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:05 2015 +0200 escc: add to input category ESCC is a serial port controller, so add it to the input category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 74623e7369b175fa324421f4c0047d06da3baafc Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:04 2015 +0200 cmd646: add to storage category cmd646 is an IDE controller, so add it to the storage category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 32f3a8992ea28a194678832eec1e1ffc09cbb7b1 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:03 2015 +0200 adb: add to input category The Apple Desktop Bus is used to connect a keyboard and a mouse, so add it to the input category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 90da0d5a703839c8db9f37355107955df043b654 Author: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Date: Thu Oct 22 18:30:59 2015 +1100 ppc/spapr: Add "ibm,pa-features" property to the device-tree LoPAPR defines a "ibm,pa-features" per-CPU device tree property which describes extended features of the Processor Architecture. This adds the property to the device tree. At the moment this is the copy of what pHyp advertises except "I=1 (cache inhibited) Large Pages" which is enabled for TCG and disabled when running under HV KVM host with 4K system page size. Signed-off-by: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> [aik: rebased, changed commit log, moved ci_large_pages initialization, renamed pa_features arrays] Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit aa4bb58752310e7906683a2ac99566222c1e7228 Author: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Date: Thu Oct 22 18:30:58 2015 +1100 ppc: Add mmu_model defines for arch 2.03 and 2.07 This removes unused POWERPC_MMU_2_06a/POWERPC_MMU_2_06d. This replaces POWERPC_MMU_64B with POWERPC_MMU_2_03 for POWER5+ to be more explicit about the version of the PowerISA supported. This defines POWERPC_MMU_2_07 and uses it for the POWER8 CPU family. This will not have an immediate effect now but it will in the following patch. This should cause no behavioural change. Signed-off-by: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> [aik: rebased, changed commit log] Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit a23dec105c0faed7b9cba5d07d92df63a04dbb2e Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu Oct 8 21:35:13 2015 +0200 hw/scsi/spapr_vscsi: Remove superfluous memset g_malloc0 already clears the memory, so no need for the additional memset here. Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 185181f8835b1b68409ac4381688eafdca0172cc Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Sep 24 10:34:23 2015 +1000 spapr_pci: Allow VFIO devices to work on the normal PCI host bridge The core VFIO infrastructure more or less allows VFIO devices to work on any normal guest PCI host bridge (PHB) without extra logic. However, the "spapr-pci-host-bridge" device (as opposed to the special "spapr-pci-vfio-host-bridge" device) breaks this by using a partially KVM accelerated implementation of the guest kernel IOMMU which won't work with VFIO devices, without additional kernel support. This patch allows VFIO devices to work on the spapr-pci-host-bridge, by having it switch off KVM TCE acceleration when a VFIO device is added to the PHB (either on startup, or by hotplug). Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> commit c10325d6f9af84444120d8a6d1d59f41a282ae1b Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Oct 1 10:46:10 2015 +1000 spapr_iommu: Provide a function to switch a TCE table to allowing VFIO Because of the way non-VFIO guest IOMMU operations are KVM accelerated, not all TCE tables (guest IOMMU contexts) can support VFIO devices. Currently, this is decided at creation time. To support hotplug of VFIO devices, we need to allow a TCE table which previously didn't allow VFIO devices to be switched so that it can. This patch adds an spapr_tce_set_need_vfio() function to do this, by reallocating the table in userspace if necessary. Currently this doesn't allow the KVM acceleration to be re-enabled if all the VFIO devices are removed. That's an optimization for another time. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> commit 6a81dd172cd5d03fce593741629cb4c78fff10cb Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 30 13:42:55 2015 +1000 spapr_iommu: Rename vfio_accel parameter The vfio_accel parameter used when creating a new TCE table (guest IOMMU context) has a confusing name. What it really means is whether we need the TCE table created to be able to support VFIO devices. VFIO is relevant, because when available we use in-kernel acceleration of the TCE table, but that may not work with VFIO devices because updates to the table are handled in kernel, bypass qemu and so don't hit qemu's infrastructure for keeping the VFIO host IOMMU state in sync with the guest IOMMU state. Rename the parameter to "need_vfio" throughout. This is a cosmetic change, with no impact on the logic. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> commit f93caaac36ec3b030184055596cb56f64d0de988 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Sep 24 09:56:44 2015 +1000 spapr_pci: Allow PCI host bridge DMA window to be configured At present the PCI host bridge (PHB) for the pseries machine type has a fixed DMA window from 0..1GB (in PCI address space) which is mapped to real memory via the PAPR paravirtualized IOMMU. For better support of VFIO devices, we're going to want to allow for different configurations of the DMA window. Eventually we'll want to allow the guest itself to reconfigure the window via the PAPR dynamic DMA window interface, but as a preliminary this patch allows the user to reconfigure the window with new properties on the PHB device. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> commit fd5da5c47264a57c7d01507eaf50bf3d288ba8a4 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu Oct 1 15:30:07 2015 +0200 spapr: Add "slb-size" property to CPU device tree nodes According to a commit message in the Linux kernel (see here https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b60c31d85a2a for example), the name of the property that carries the information about the number of SLB entries should be called "slb-size", and not "ibm,slb-size". The Linux kernel can deal with both names, but to be on the safe side we should support the official name, too. [Now that LoPAPR is public, the relevant requirement can be found in section C.6.1.8 --dwg] Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 7735fedaf490cf9213cd8d487272b69a4987c851 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Sep 24 13:52:48 2015 +0530 spapr: Abort when HTAB of requested size isn't allocated Terminate the guest when HTAB of requested size isn't allocated by the host. When memory hotplug is attempted on a guest that has booted with less than requested HTAB size, the guest kernel will not be able to gracefully fail the hotplug request. This patch will ensure that we never end up in a situation where memory hotplug fails due to less than requested HTAB size. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit b817772a2521defba513b64b1d08238f24c50657 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Sep 24 13:52:47 2015 +0530 spapr: Allocate HTAB from machine init Allocate HTAB from ppc_spapr_init() so that we can abort the guest if requested HTAB size is't allocated by the host. However retain the htab reset call in spapr_reset_htab() so that HTAB gets reset (and not allocated) during machine reset. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 7f4a930e64b9e69cd340395a7e4f0494aef4fcdd Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Oct 22 22:28:37 2015 +0300 vhost-user: fix up rhel6 build Build on RHEL6 fails: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=42875 Apparently unnamed unions couldn't use C99 named field initializers. Let's just name the payload union field. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 90246037760a2a1d64da67782200b690de24cc49 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Mon Sep 21 17:25:34 2015 +0100 configure: avoid polluting global CFLAGS with tasn1 flags The previous commit commit 9a2fd4347c40321f5cbb4ab4220e759fcbf87d03 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Mon Apr 13 14:01:39 2015 +0100 crypto: add sanity checking of TLS x509 credentials defined new variables $TEST_LIBS and $TEST_CFLAGS and used them in tests/Makefile to augment $LIBS and $CFLAGS. Unfortunately this overlooks the fact that tests/Makefile is not executed via recursive-make, it is just pulled into the top level Makefile via an include statement. So rather than just augmenting the compiler/linker flags for tests it polluted the global flags. This is thought to be behind a reported failure when building the pixman module as a sub-module, since global $CFLAGS are passed down to configure in pixman. This change removes the $TEST_LIBS and $TEST_CFLAGS replacing them with $TASN1_LIBS and $TASN1_CFLAGS, setting only against specific objects/executables that need them. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 3a661f1eabf7e8db66e28489884d9b54aacb94ea Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Oct 16 16:35:06 2015 +0100 crypto: add sanity checking of plaintext/ciphertext length When encrypting/decrypting data, the plaintext/ciphertext buffers are required to be a multiple of the cipher block size. If this is not done, nettle will abort and gcrypt will report an error. To get consistent behaviour add explicit checks upfront for the buffer sizes. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit eb2a770b178b9040c3fc04ee31dc38d1775db09a Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Oct 16 13:23:13 2015 +0100 crypto: don't let builtin aes crash if no IV is provided If no IV is provided, then use a default IV of all-zeros instead of crashing. This gives parity with gcrypt and nettle backends. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 91bfcdb01d4869aa8f4cb67007827de63b8c2217 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Oct 16 16:36:53 2015 +0100 crypto: allow use of nettle/gcrypt to be selected explicitly Currently the choice of whether to use nettle or gcrypt is made based on what gnutls is linked to. There are times when it is desirable to be able to force build against a specific library. For example, if testing changes to QEMU's crypto code all 3 possible backends need to be checked regardless of what the local gnutls uses. It is also desirable to be able to enable nettle/gcrypt for cipher/hash algorithms, without enabling gnutls for TLS support. This gives two new configure flags, which allow the following possibilities Automatically determine nettle vs gcrypt from what gnutls links to (recommended to minimize number of crypto libraries linked to) ./configure Automatically determine nettle vs gcrypt based on which is installed ./configure --disable-gnutls Force use of nettle ./configure --enable-nettle Force use of gcrypt ./configure --enable-gcrypt Force use of built-in AES & crippled-DES ./configure --disable-nettle --disable-gcrypt Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 2a080ce26682f35517b0e20f4ad10559e9270b5d Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Tue Oct 20 23:19:02 2015 +0800 target-tilegx: Implement prefetch instructions in pipe y2 Originally, tilegx qemu only implement prefetch instructions in pipe x1, did not implement them in pipe y2. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 6a6739de510706e1d337180d12be74ebbd0c7666 Merge: b803894 89a82cd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 22 18:01:53 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20151021' into staging Collected tcg backend patches # gpg: Signature made Wed 21 Oct 2015 22:34:28 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20151021: cpu-exec: Add "nochain" debug flag tcg/mips: Support r6 SEL{NE, EQ}Z instead of MOVN/MOVZ tcg/mips: Support r6 multiply/divide encodings tcg/mips: Support r6 JR encoding tcg/mips: Add use_mips32r6_instructions definition disas/mips: Add R6 jr/jr.hb to disassembler tcg-opc.h: Simplify insn_start def tcg/ppc: Prefer mask over andi. tcg/ppc: Revise goto_tb implementation tcg/ppc: Adjust exit_tb for change in prologue placement Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b803894e2c4d744ccc113ca6cbe6654ec80c1dc6 Merge: ca3e40e 0960be7 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 22 17:33:54 2015 +0100 Merge remote-tracking branch 'remotes/afaerber/tags/qom-cpu-for-peter' into staging QOM CPUState and X86CPU * Adoption of CPUClass::disas_set_info() hook # gpg: Signature made Thu 22 Oct 2015 17:11:24 BST using RSA key ID 3E7E013F # gpg: Good signature from "Andreas Färber <afaerber@xxxxxxx>" # gpg: aka "Andreas Färber <afaerber@xxxxxxxx>" * remotes/afaerber/tags/qom-cpu-for-peter: disas: QOMify alpha specific disas setup disas: QOMify mips specific disas setup disas: QOMify sh4 specific disas setup disas: QOMify lm32 specific disas setup disas: QOMify sparc specific disas setup disas: QOMify m68k specific disas setup disas: QOMify moxie specific disas setup disas: QOMify s390x specific disas setup Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0960be7cffa7b30189f2f0f76b1ac3c8115660f3 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Jul 11 19:00:05 2015 -0700 disas: QOMify alpha specific disas setup Move the target_disas() alpha specifics to the CPUClass::disas_set_info() hook and delete the #ifdef specific code in disas.c. This also makes monitor_disas() consistent with target_disas(), as monitor_disas() was missing a set of the BFD (This was an omission from commit b9bec751c8c8b08d8055da32306eb105db03031b). Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 63a946c7e3b081d56e617bf264fcb2881a982848 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Jul 11 19:00:04 2015 -0700 disas: QOMify mips specific disas setup Move the target_disas() mips specifics to the CPUClass::disas_set_info() hook and delete the #ifdef specific code in disas.c. Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit d49dd523e459a4c001a0c87a438fd2fa1f5b4bae Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Jul 11 19:00:03 2015 -0700 disas: QOMify sh4 specific disas setup Move the target_disas() sh4 specifics to the CPUClass::disas_set_info() hook and delete the #ifdef specific code in disas.c. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 20984673e68ebd069222512c876b846ff2425cc0 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Jul 11 19:00:02 2015 -0700 disas: QOMify lm32 specific disas setup Move the target_disas() lm32 specifics to the CPUClass::disas_set_info() hook and delete the #ifdef specific code in disas.c. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Michael Walle <michael@xxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit df0900eb89a0672a3f924b7e8d20163dee2383db Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Jul 11 19:00:01 2015 -0700 disas: QOMify sparc specific disas setup Move the target_disas() sparc specifics to the QOM disas_set_info hook and delete the #ifdef specific code in disas.c. Cc: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 4f669905d95bbb6296338f9e86ffcdd8eae453d2 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Jul 11 19:00:00 2015 -0700 disas: QOMify m68k specific disas setup Move the target_disas() m68k specifics to the CPUClass::disas_set_info() hook and delete the #ifdef specific code in disas.c. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Greg Ungerer <gerg@xxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 9f87a4cacd397e82e80c9512627ce5e190dfa971 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Jul 11 18:59:59 2015 -0700 disas: QOMify moxie specific disas setup Move the target_disas() moxie specifics to the CPUClass::disas_set_info() hook and delete the #ifdef specific code in disas.c. Cc: Anthony Green <green@xxxxxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit dbad6b74b3de6ce839bd870657b6bcc192e3b74a Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Jul 11 18:59:58 2015 -0700 disas: QOMify s390x specific disas setup Move the target_disas() s390 specifics to the CPUClass::disas_set_info() hook and delete the #ifdef specific code in disas.c. Cc: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit ca3e40e233e87f7b29442311736a82da01c0df7b Merge: c1bd899 3c23402 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 22 12:41:44 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging vhost, pc, virtio features, fixes, cleanups New features: VT-d support for devices behind a bridge vhost-user migration support Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu 22 Oct 2015 12:39:19 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: (37 commits) hw/isa/lpc_ich9: inject the SMI on the VCPU that is writing to APM_CNT i386: keep cpu_model field in MachineState uptodate vhost: set the correct queue index in case of migration with multiqueue piix: fix resource leak reported by Coverity seccomp: add memfd_create to whitelist vhost-user-test: check ownership during migration vhost-user-test: add live-migration test vhost-user-test: learn to tweak various qemu arguments vhost-user-test: wrap server in TestServer struct vhost-user-test: remove useless static check vhost-user-test: move wait_for_fds() out vhost: add migration block if memfd failed vhost-user: use an enum helper for features mask vhost user: add rarp sending after live migration for legacy guest vhost user: add support of live migration net: add trace_vhost_user_event vhost-user: document migration log vhost: use a function for each call vhost-user: add a migration blocker vhost-user: send log shm fd along with log_base ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3c23402d4032f69af44a87fdb8019ad3229a4f31 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Tue Oct 20 20:14:00 2015 +0200 hw/isa/lpc_ich9: inject the SMI on the VCPU that is writing to APM_CNT Commit 4d00636e97b7 ("ich9: Add the lpc chip", Nov 14 2012) added the ich9_apm_ctrl_changed() ioport write callback function such that it would inject the SMI, in response to a write to the APM_CNT register, on the first CPU, invariably. Since this register is used by guest code to trigger an SMI synchronously, the interrupt should be injected on the VCPU that is performing the write. apm_ioport_writeb() is the .write callback of the "apm_ops" MemoryRegionOps [hw/isa/apm.c]; it is parametrized to call ich9_apm_ctrl_changed() by ich9_lpc_init() [hw/isa/lpc_ich9.c], via apm_init(). Therefore this change affects no other board. ich9_generate_smi() is an unrelated function that is called by the TCO watchdog; a watchdog is likely in its right to (asynchronously) inject interrupts on the first CPU only. This patch allows the combined edk2/OVMF SMM driver stack to work with multiple VCPUs on TCG, using both qemu-system-i386 and qemu-system-x86_64. Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Cc: Jordan Justen <jordan.l.justen@xxxxxxxxx> Cc: Michael Kinney <michael.d.kinney@xxxxxxxxx> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 4884b7bfe962e659c0e20c1d0de6f307d58f09be Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Thu Oct 15 11:12:12 2015 +0800 i386: keep cpu_model field in MachineState uptodate Update cpu_model in MachineState for i386, so that the field can be used for cpu hotplug, instead of using a static variable. This patch is rebased on the latest master. Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Acked-by: Andreas Färber <afaerber@xxxxxxx> commit 25a2a920dddcf72896d94b37b6048a8147bc3198 Author: Thibaut Collet <thibaut.collet@xxxxxxxxx> Date: Mon Oct 19 14:59:27 2015 +0200 vhost: set the correct queue index in case of migration with multiqueue When a live migration is started the log address to mark dirty pages is provided to the vhost backend through the vhost_dev_set_log function. This function is called for each queue pairs but the queue index is wrongly set: always set to the first queue pair. Then vhost backend lost descriptor addresses of the queue pairs greater than 1 and behaviour of the vhost backend is unpredictable. The queue index is computed by taking account of the vq_index (to retrieve the queue pair index) and calling the vhost_get_vq_index method of the backend. Signed-off-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit e3fce97cf500c61f23df8e0245e08625fc375295 Author: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Date: Mon Sep 14 18:40:10 2015 +0800 piix: fix resource leak reported by Coverity config_fd should be closed before return, or there will be a resource leak error. Signed-off-by: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit f8d82b8eb81d3ea29325b4046fafa8ed41e32449 Author: Eduardo Otubo <eduardo.otubo@xxxxxxxxxxxxxxxx> Date: Fri Oct 9 17:17:41 2015 +0200 seccomp: add memfd_create to whitelist This is used by memfd code. Signed-off-by: Eduardo Otubo <eduardo.otubo@xxxxxxxxxxxxxxxx> Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 1d9edff78fa0b294d6084df76da89e20ee93fdab Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:40 2015 +0200 vhost-user-test: check ownership during migration Check that backend source and destination do not have simultaneous ownership during migration. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit b181974724e106c62e4d0ecbe085df09b8a482bb Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:39 2015 +0200 vhost-user-test: add live-migration test This test checks that the log fd is given to the migration source, and mark dirty pages during migration. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 704b216887ef4a6c0fe981206bd6d43f3b6863cd Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:38 2015 +0200 vhost-user-test: learn to tweak various qemu arguments Add a new macro to make the qemu command line with other values of memory size, and specific chardev id. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit ae31fb5491493c82fface26f7902da7130b70575 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:37 2015 +0200 vhost-user-test: wrap server in TestServer struct In the coming patches, a test will use several servers simultaneously. Wrap the server in a struct, out of the global scope. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 82755ff202e96ad9bc74c1268481f96e50907ae1 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:36 2015 +0200 vhost-user-test: remove useless static check Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit cf72b57f894dd47c32750cf51de1d195a19c5e48 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:35 2015 +0200 vhost-user-test: move wait_for_fds() out This function is a precondition for most vhost-user tests. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 31190ed781a81d2de65cea405e4cb3441ab929fc Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:34 2015 +0200 vhost: add migration block if memfd failed Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit de1372d466fb4a7bed13f64f50bff14aaa4a5931 Author: Thibaut Collet <thibaut.collet@xxxxxxxxx> Date: Fri Oct 9 17:17:33 2015 +0200 vhost-user: use an enum helper for features mask The VHOST_USER_PROTOCOL_FEATURE_MASK will be automatically updated when adding new features to the enum. Signed-off-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> [Adapted from mailing list discussion - Marc-André] Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 3e866365e1eb6bcfa2d01c21debb05b9e47a47f7 Author: Thibaut Collet <thibaut.collet@xxxxxxxxx> Date: Fri Oct 9 17:17:32 2015 +0200 vhost user: add rarp sending after live migration for legacy guest A new vhost user message is added to allow QEMU to ask to vhost user backend to broadcast a fake RARP after live migration for guest without GUEST_ANNOUNCE capability. This new message is sent only if the backend supports the new VHOST_USER_PROTOCOL_F_RARP protocol feature. The payload of this new message is the MAC address of the guest (not known by the backend). The MAC address is copied in the first 6 bytes of a u64 to avoid to create a new payload message type. This new message has no equivalent ioctl so a new callback is added in the userOps structure to send the request. Upon reception of this new message the vhost user backend must generate and broadcast a fake RARP request to notify the migration is terminated. Signed-off-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> [Rebased and fixed checkpatch errors - Marc-André] Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit f6f56291de879827766d17b172465d4377ad2c11 Author: Thibaut Collet <thibaut.collet@xxxxxxxxx> Date: Fri Oct 9 17:17:31 2015 +0200 vhost user: add support of live migration Some vhost user backends are able to support live migration. To provide this service the following features must be added: 1. Add the VIRTIO_NET_F_GUEST_ANNOUNCE capability to vhost-net when netdev backend is vhost-user. 2. Provide a nop receive callback to vhost-user. This callback is called by: * qemu_announce_self after a migration to send fake RARP to avoid network outage for peers talking to the migrated guest. - For guest with GUEST_ANNOUNCE capabilities, guest already sends GARP when the bit VIRTIO_NET_S_ANNOUNCE is set. => These packets must be discarded. - For guest without GUEST_ANNOUNCE capabilities, migration termination is notified when the guest sends packets. => These packets can be discarded. * virtio_net_tx_bh with a dummy boot to send fake bootp/dhcp request. BIOS guest manages virtio driver to send 4 bootp/dhcp request in case of dummy boot. => These packets must be discarded. Signed-off-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 69b32a6ce4e1a6096a496996fcda833eb54e81b9 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:30 2015 +0200 net: add trace_vhost_user_event Replace error_report() and use tracing instead. It's not an error to get a connection or a disconnection, so silence this and trace it instead. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit c62b91e5804e7d2b1e8e253fc4031b4ea67a11f7 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:29 2015 +0200 vhost-user: document migration log Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 21e704256dea24baf93b169f5d7b0e7fe684bd15 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:28 2015 +0200 vhost: use a function for each call Replace the generic vhost_call() by specific functions for each function call to help with type safety and changing arguments. While doing this, I found that "unsigned long long" and "uint64_t" were used interchangeably and causing compilation warnings, using uint64_t instead, as the vhost & protocol specifies. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> [Fix enum usage and MQ - Thibaut Collet] Signed-off-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit d2fc4402cb152d3e526f736d7d53dbd050ef8794 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:27 2015 +0200 vhost-user: add a migration blocker If VHOST_USER_PROTOCOL_F_LOG_SHMFD is not announced, block vhost-user migration. The blocker is removed in vhost_dev_cleanup(). Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 9a78a5dd272a190d262b5ba5d4721ab93d48c564 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:26 2015 +0200 vhost-user: send log shm fd along with log_base Send the shm for the dirty pages logging if the backend supports VHOST_USER_PROTOCOL_F_LOG_SHMFD. Wait for a reply to make sure the old log is no longer used. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 15324404f68cde561d0eeee3d18a7b203f57f095 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:25 2015 +0200 vhost: alloc shareable log If the backend is requires it, allocate shareable memory. vhost_log_get() now uses 2 globals "vhost_log" and "vhost_log_shm", that way there is a common non-shareable log and a common shareable one. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 1be0ac2109fbaca6e730ac578f0564507d173e2d Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:24 2015 +0200 vhost-user: add vhost_user_requires_shm_log() Check if the backend has VHOST_USER_PROTOCOL_F_LOG_SHMFD feature and require a shared log. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit c2bea314f6a2870b847c79e2e11263c5f9334db7 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:23 2015 +0200 vhost: add vhost_set_log_base op Split VHOST_SET_LOG_BASE call in a seperate function callback, so that type safety works and more arguments can be added in the next patches. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 636f4dddfe48ccabaf5198bba440354d6a268d62 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:22 2015 +0200 vhost: document log resizing Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 35f9b6ef3acc9d0546c395a566b04e63ca84e302 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:21 2015 +0200 util: add fallback for qemu_memfd_alloc() Add an open/unlink/mmap fallback for system that do not support memfd (only available since 3.17, ~1y ago). This patch may require additional SELinux policies to work for enforced systems, but should fail gracefully in this case. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit d3592199ba3db504c6585115b9531b4cf7c50a0d Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:20 2015 +0200 util: add memfd helpers Add qemu_memfd_alloc/free() helpers. The function helps to allocate and seal shared memory. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit f04cf9239addd12d6be9e7ff137262755e3680d3 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:19 2015 +0200 util: add linux-only memfd fallback Implement memfd_create() fallback if not available in system libc. memfd_create() is still not included in glibc today, atlhough it's been available since Linux 3.17 in Oct 2014. memfd has numerous advantages over traditional shm/mmap for ipc memory sharing with fd handler, which we are going to make use of for vhost-user logging memory in following patches. The next patches are going to introduce helpers to use best practices of memfd usage and provide some compatibility fallback. memfd.c is thus temporarily useless and eventually empty if memfd_create() is provided by the system. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit e2792004580e42b86345d141493b1f12ba358fd8 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:18 2015 +0200 build-sys: split util-obj- on multi-lines Make it easier to add new unrelated units with shorter lines. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 1842bdfdbac2ec46f2934d8914c874db83dd1344 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:17 2015 +0200 linux-headers: add unistd.h New syscalls are not yet widely distributed. Add them to qemu linux-headers include directory. Update based on v4.3-rc3 kernel headers. Exclude mips for now, which is more problematic due to extra header inclusion and probably unnecessary here. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 751bcc3981d80594a3943166401af15b76781a5b Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:16 2015 +0200 configure: probe for memfd Check if memfd_create() is part of system libc. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 22de58fe152d68b248bc14efd7affe72286079e5 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Sep 17 18:42:57 2015 +0200 virtio: add some migration doc Try to cover the basics of virtio migration. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> commit aebf81680bf49c5953d7ae9ebb7b98c0f4dad8f3 Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Tue Oct 6 10:37:29 2015 +0200 vhost: fail backend intialization early Don't initialize vhost backend if memslots number exceeds the supported limit. This prevents failures down the road when backend is actually started. [MST: rewrite commit log] Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 3fad87881e55aaff659408dcf25fa204f89a7896 Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Tue Oct 6 10:37:28 2015 +0200 pc-dimm: add vhost slots limit check before commiting to hotplug it allows safely cancel memory hotplug if vhost backend doesn't support necessary amount of memory slots and prevents QEMU crashing in vhost due to hitting vhost limit on amount of supported memory ranges. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 2ce68e4cf5be9b5176a3c3c372948d6340724d2d Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Tue Oct 6 10:37:27 2015 +0200 vhost: add vhost_has_free_slot() interface it will allow for other parts of QEMU check if it's safe to map memory region during hotplug/runtime. That way hotplug path will have a chance to cancel hotplug operation instead of crashing in vhost_commit(). Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c1bd8997438f1b556acfeab1d52245ff7cc680c0 Merge: 8bfaa25 19b7bec Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Oct 21 21:21:29 2015 +0100 Merge remote-tracking branch 'remotes/xtensa/tags/20151021-xtensa' into staging Xtensa updates: - fix register window overflow with l32e/s32e instructions; - make MMU events logging dependent on CPU_LOG_MMU; - attach FLASH to system I/O region on XTFPGA boards; - implement depbits and l32nb instructions. # gpg: Signature made Wed 21 Oct 2015 19:34:02 BST using RSA key ID F83FA044 # gpg: Good signature from "Max Filippov <max.filippov@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Max Filippov <jcmvbkbc@xxxxxxxxx>" * remotes/xtensa/tags/20151021-xtensa: target-xtensa: implement S32NB target-xtensa: implement depbits instruction target-xtensa: xtfpga: attach FLASH to system IO target-xtensa: use CPU_LOG_MMU for MMU event logging target-xtensa: add window overflow check to L32E/S32E Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 19b7bec4a37b081ed326293148fd793f04896b59 Author: Max Filippov <jcmvbkbc@xxxxxxxxx> Date: Sun Jul 19 09:49:00 2015 +0300 target-xtensa: implement S32NB S32NB provides the same functionality as S32I with two exceptions. First, when its operation leaves the processor, the external transaction is marked Non-Bufferable. Second, it may not be used to write to Instruction RAM. In QEMU S32NB is equivalent to S32I. Signed-off-by: Max Filippov <jcmvbkbc@xxxxxxxxx> commit 5eeb40c5b1f00c4ee4fcf2f33087697d7ba6f5f6 Author: Max Filippov <jcmvbkbc@xxxxxxxxx> Date: Sun Jul 12 02:10:17 2015 +0300 target-xtensa: implement depbits instruction This option provides an instruction for depositing a bit field from the least significant position of one register to an arbitrary position in another register. Signed-off-by: Max Filippov <jcmvbkbc@xxxxxxxxx> commit 68931a4082812f56657b39168e815c48f0ab0a8c Author: Max Filippov <jcmvbkbc@xxxxxxxxx> Date: Sun Sep 27 18:21:19 2015 +0300 target-xtensa: xtfpga: attach FLASH to system IO XTFPGA FLASH is tied to XTFPGA system IO block. It's not very important for systems with MMU where system IO block is visible at single location, but it's important for noMMU systems, where system IO block is accessible through two separate physical address ranges. Map XTFPGA FLASH to system IO block and fix offsets used for mapping. Create and initialize FLASH device with series of qdev_prop_set_* as that's the preferred interface now. Keep initialization in a separate function. Signed-off-by: Max Filippov <jcmvbkbc@xxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> commit 5577e57b078a118595071241aba6dac8725a7640 Author: Max Filippov <jcmvbkbc@xxxxxxxxx> Date: Mon Sep 21 20:37:07 2015 +0300 target-xtensa: use CPU_LOG_MMU for MMU event logging Signed-off-by: Max Filippov <jcmvbkbc@xxxxxxxxx> commit f822b7e497fa6a662094b491f86441015f363362 Author: Max Filippov <jcmvbkbc@xxxxxxxxx> Date: Sun Jul 19 10:02:37 2015 +0300 target-xtensa: add window overflow check to L32E/S32E Despite L32E and S32E primary use is for window underflow and overflow exception handlers they are just normal instructions, and thus need to check for window overflow. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Max Filippov <jcmvbkbc@xxxxxxxxx> commit 8bfaa25fce2c22060a17501980943538801056de Merge: 426c0df 1cd4e0f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Oct 21 15:07:42 2015 +0100 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20151021-v2' into staging More s390x patches. The first ones are fixes: A regression, missed compat and a missed part of the SIMD support. The others contain optimizations and cleanup. # gpg: Signature made Wed 21 Oct 2015 11:24:48 BST using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20151021-v2: s390x/cmma: clean up cmma reset s390x: reset crypto only on clear reset and QEMU reset s390x: machine reset function with new ipl cpu handling s390x/ipl: we always have an ipl device s390x: unify device reset during subsystem_reset() s390x: flagify mcic values s390x/kvm: Fix vector validity bit in device machine checks s390x/virtio-ccw: fix 2.4 virtio compat util/qemu-config: fix missing machine command line options Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1cd4e0f6f0a6b1978a5868b41d4faae2071dc4ee Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 21 11:11:11 2015 +0200 s390x/cmma: clean up cmma reset The cmma reset is per VM, so we don't need a cpu object. We can directly make use of kvm_state, as it is already available when the reset is called. By moving the cmma reset in our machine reset function, we can avoid a manual reset handler. Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 4ab729207fe1464b19c6bec609cd545ab717174a Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Wed Sep 30 13:48:45 2015 +0200 s390x: reset crypto only on clear reset and QEMU reset Initializing VM crypto in initial cpu reset has multiple problems 1. We call the exact same function #VCPU times, although one time is enough 2. On SIGP initial cpu reset, we exchange the wrapping key while other VCPUs are running. Bad! 3. It is simply wrong. According to the Pop, a reset happens only during a clear reset. So, we have to reset the keys - on modified clear reset - on load clear (QEMU reset - via machine reset) - on qemu start (via machine reset) Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit db3b2566e0fb45e2901b6f9b842d91db6963915d Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 21 13:47:32 2015 +0200 s390x: machine reset function with new ipl cpu handling Current implementation depends on the order of resets getting triggered. If a cpu reset is triggered after the ipl device reset, the CPU is stopped and the VM will not run. In fact, that hinders us from converting the ipl device into a TYPE_DEVICE. Let's change that by manually configuring the ipl cpu during a system reset, so we have full control and can demangle that code. Also remove the superflous cpu parameter from s390_update_iplstate on the way. Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit feacc6c2c8fff037f67a89402b29923251833425 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Thu Jun 25 09:55:55 2015 +0200 s390x/ipl: we always have an ipl device Both s390 machines unconditionally create an ipl device, so no need to handle the missing case. Now we can also change s390_ipl_update_diag308() to return void. Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 09c7f58ca9613ccfb1ca13031d0ff3b1794bd782 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 21 10:58:38 2015 +0200 s390x: unify device reset during subsystem_reset() We have to manually reset several devices that are not on a bus: Let's collect them in an array. Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 052bd52fa978d3f04bc476137ad6e1b9a697f9bd Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Oct 14 12:11:27 2015 +0300 net: don't set native endianness commit 5be7d9f1b1452613b95c6ba70b8d7ad3d0797991 vhost-net: tell tap backend about the vnet endianness makes vhost net always try to set LE - even if that matches the native endian-ness. This makes it fail on older kernels on x86 without TUNSETVNETLE support. To fix, make qemu_set_vnet_le/qemu_set_vnet_be skip the ioctl if it matches the host endian-ness. Reported-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Cc: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> commit 794e8f301a17953efa78ab7538019ec43c59e82a Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Sep 24 14:41:17 2015 +0300 exec: factor out duplicate mmap code Anonymous and file-backed RAM allocation are now almost exactly the same. Reduce code duplication by moving RAM mmap code out of oslib-posix.c and exec.c. Reported-by: Marc-André Lureau <mlureau@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 426c0df9e3e6e64c7ea489092c57088ca4d227d0 Merge: ee9dfed 88c5f20 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 20 16:51:43 2015 +0100 Merge remote-tracking branch 'remotes/berrange/tags/io-channel-3-for-upstream' into staging Merge io-channels-3 partial branch # gpg: Signature made Tue 20 Oct 2015 16:36:10 BST using RSA key ID 15104FDF # gpg: Good signature from "Daniel P. Berrange <dan@xxxxxxxxxxxx>" # gpg: aka "Daniel P. Berrange <berrange@xxxxxxxxxx>" * remotes/berrange/tags/io-channel-3-for-upstream: util: pull Buffer code out of VNC module coroutine: move into libqemuutil.a library osdep: add qemu_fork() wrapper for safely handling signals ui: convert VNC startup code to use SocketAddress sockets: allow port to be NULL when listening on IP address sockets: move qapi_copy_SocketAddress into qemu-sockets.c sockets: add helpers for creating SocketAddress from a socket Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b080364aedfc294c53c4c4af255efcf007b35d9d Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Oct 8 15:05:46 2015 +0200 s390x: flagify mcic values Instead of using magic values when building the machine check interruption code, add some defines as by chapter 11-14 in the PoP. This should make it easier to catch problems like the missing vector register validity bit ("s390x/kvm: Fix vector validity bit in device machine checks"), and less hassle should we want to generate machine checks beyond the channel reports we currently support. Acked-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 2ab75df38e34fe9bc271b5115ab52114e6e63a89 Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Wed Oct 7 10:29:42 2015 +0200 s390x/kvm: Fix vector validity bit in device machine checks Device hotplugs trigger a crw machine check. All machine checks have validity bits for certain register types. With vector support we also have to claim that vector registers are valid. This is a band-aid suitable for stable. Long term we should create the full mcic value dynamically depending on the active features in the kernel interrupt handler. Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 085b0b055b189e8846ca3108e6774e3b9e60c1ce Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Oct 8 15:11:34 2015 +0200 s390x/virtio-ccw: fix 2.4 virtio compat Commit 542571d5 ("virtio-ccw: enable virtio-1") missed some virtio devices for the 2.4 compat handling. Add them. Fixes: 542571d5 ("virtio-ccw: enable virtio-1") Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 5bcfa0c543b42a560673cafd3b5225900ef617e1 Author: Tony Krowiak <akrowiak@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 12 11:36:21 2015 -0400 util/qemu-config: fix missing machine command line options Commit 0a7cf217 ("util/qemu-config: fix regression of qmp_query_command_line_options") aimed to restore parsing of global machine options, but missed two: "aes-key-wrap" and "dea-key-wrap" (which were present in the initial version of that patch). Let's add them to the machine_opts again. Fixes: 0a7cf217 ("util/qemu-config: fix regression of qmp_query_command_line_options") CC: Marcel Apfelbaum <marcel@xxxxxxxxxx> CC: qemu-stable@xxxxxxxxxx Signed-off-by: Tony Krowiak <akrowiak@xxxxxxxxxxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Tested-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Message-Id: <1444664181-28023-1-git-send-email-akrowiak@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 88c5f205fa4c095db4c50eb7ad72816140206819 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Mar 3 17:13:42 2015 +0000 util: pull Buffer code out of VNC module The Buffer code in the VNC server is useful for the IO channel code, so pull it out into a shared module, QIOBuffer. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 10817bf09d5f8cb22711fb0ee8d8da49f6f05f89 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Sep 1 14:48:02 2015 +0100 coroutine: move into libqemuutil.a library The coroutine files are currently referenced by the block-obj-y variable. The coroutine functionality though is already used by more than just the block code. eg migration code uses coroutine yield. In the future the I/O channel code will also use the coroutine yield functionality. Since the coroutine code is nicely self-contained it can be easily built as part of the libqemuutil.a library, making it widely available. The headers are also moved into include/qemu, instead of the include/block directory, since they are now part of the util codebase, and the impl was never in the block/ directory either. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 57cb38b3833c5215131b983f181b26d6ba9b8d35 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Aug 28 14:40:01 2015 +0100 osdep: add qemu_fork() wrapper for safely handling signals When using regular fork() the child process of course inherits all the parents' signal handlers. If the child then proceeds to close() any open file descriptors, it may break some of those registered signal handlers. The child generally does not want to ever run any of the signal handlers that the parent may have installed in the short time before it exec's. The parent may also have blocked various signals which the child process will want enabled. This introduces a wrapper qemu_fork() that takes care to sanitize signal handling across fork. Before forking it blocks all signals in the parent thread. After fork returns, the parent unblocks the signals and carries on as usual. The child, however, resets all the signal handlers back to their defaults before it unblocks signals. The child process can now exec the binary in a "clean" signal environment. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit e0d03b8ceb52e390b8b0a5db1762a8435dd8a44e Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Aug 14 18:56:44 2015 +0100 ui: convert VNC startup code to use SocketAddress The VNC code is currently using QemuOpts to configure the sockets connections / listeners it needs. Convert it to use SocketAddress to bring it in line with modern QAPI based code elsewhere in QEMU. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 0983f5e6af76d5df8c6346cbdfff9d8305fb6da0 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Sep 1 14:46:50 2015 +0100 sockets: allow port to be NULL when listening on IP address If the port in the SocketAddress struct is NULL, it can allow the kernel to automatically select a free port. This is useful in particular in unit tests to avoid a race trying to find a free port to run a test case on. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 2a8e21c7c8dcb7d235cfd256be36b7e8f9f3fcb3 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Aug 14 18:18:41 2015 +0100 sockets: move qapi_copy_SocketAddress into qemu-sockets.c The qapi_copy_SocketAddress method is going to be useful in more places than just qemu-char.c, so move it into the qemu-sockets.c file to allow its reuse. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 17c55decec2a516cf7f290ec8a5f4f207531e8b4 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri May 1 17:36:20 2015 +0100 sockets: add helpers for creating SocketAddress from a socket Add two helper methods that, given a socket file descriptor, can return a populated SocketAddress struct containing either the local or remote address information. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit ee9dfed242610ecb91418270fd46b875ed56e201 Merge: b38c049 d9460a7 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 20 12:56:45 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20151020-1' into staging virtio-input: ignore events until the guest driver is ready # gpg: Signature made Tue 20 Oct 2015 08:10:00 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-input-20151020-1: virtio-input: ignore events until the guest driver is ready Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b38c0494c141e2d7dabb3ecbf380305b74f9e330 Merge: df81978 5829b09 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 20 12:17:53 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20151020-1' into staging vga: enable virtio-vga for pseries, vmsvga cursor checks. # gpg: Signature made Tue 20 Oct 2015 08:27:44 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vga-20151020-1: vmsvga: more cursor checks ppc/spapr: Allow VIRTIO_VGA Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit df8197836844275ef805c9031008eb3b20a89b83 Merge: c14e42d 2cc06a8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 20 11:45:23 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-fw_cfg-20151020-1' into staging fw_cfg: add dma interface, add strings via cmdline. # gpg: Signature made Tue 20 Oct 2015 07:07:34 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-fw_cfg-20151020-1: fw_cfg: Define a static signature to be returned on DMA port reads Enable fw_cfg DMA interface for x86 Enable fw_cfg DMA interface for ARM Implement fw_cfg DMA interface fw_cfg DMA interface documentation fw_cfg: document fw_cfg_modify_iXX() update functions fw_cfg: insert string blobs via qemu cmdline Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c14e42d7a4495ecbad7bf8b3d603272e3a8992a1 Merge: f52dd72 37bc43f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 20 10:52:56 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20151020-1' into staging usb: misc small tweaks. # gpg: Signature made Tue 20 Oct 2015 08:24:09 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-usb-20151020-1: usb-audio: increate default buffer size usb: print device id in "info usb" monitor command usb-host: add wakeup call for iso xfers Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f52dd72dc1a679529e13e51a7b57e787455f92f0 Merge: 26c7be8 e853ea1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 20 09:04:20 2015 +0100 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-10-14-v4-tag' into staging qemu-ga patch queue * add unit tests for qemu-ga * add guest-exec support for posix/w32 guests * added 'qemu-ga' target for w32. this allows us to do full MSI build, without overloading 'qemu-ga.exe' target with uneeded dependencies. * number of s/g_new/g_malloc/ conversions for qga v2: * commit message and qapi documentation spelling fixes * rename 'inp-data' guest-exec param to 'input-data' v3: * fix OSX build errors for test-qga by using PRId64 format in place of glib's, and dropping use of G_SPAWN_DEFAULT macro for glib 2.22 compat * fix win32 build warnings for 32-bit builds by avoid int casts of process HANDLEs v4: * assert connect_qga() doesn't fail * only enable test-qga for linux hosts * allow get-memory-block-info* to fail if memory blocks aren't exposed in sysfs # gpg: Signature made Tue 20 Oct 2015 00:33:43 BST using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" * remotes/mdroth/tags/qga-pull-2015-10-14-v4-tag: qga: fix uninitialized value warning for win32 qga: guest-exec simple stdin/stdout/stderr redirection qga: handle G_IO_STATUS_AGAIN in ga_channel_write_all() qga: handle possible SIGPIPE in guest-file-write qga: guest exec functionality qga: drop guest_file_init helper and replace it with static initializers tests: add a local test for guest agent qga: guest-get-memory-blocks shouldn't fail for unexposed memory blocks glib-compat: add 2.38/2.40/2.46 asserts qtest: add a few fd-level qmp helpers qga: do not override configuration verbosity qga: add QGA_CONF environment variable qga: Use g_new() & friends where that makes obvious sense build: qemu-ga: add 'qemu-ga' build target for w32 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5829b097204189c56dd1fb62c7f827360394bb39 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Sep 29 09:58:05 2015 +0200 vmsvga: more cursor checks Check the cursor size more carefully. Also switch to unsigned while being at it, so they can't be negative. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit b798c1905705e6ab44279d8a9ae41e500756eb1c Author: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Date: Tue Sep 15 15:51:29 2015 +1000 ppc/spapr: Allow VIRTIO_VGA It works fine with the Linux driver out of the box Signed-off-by: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 37bc43f7fbfb38003550b327002e59d21b80a3e4 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Oct 6 15:31:56 2015 +0200 usb-audio: increate default buffer size Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 974826f0ab1efc96cd2f61337ee75bda5cde1c77 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Oct 6 15:31:21 2015 +0200 usb: print device id in "info usb" monitor command Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e206ddfb57e2595cc43ad3667b3becc6bd2ef62d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jul 17 09:12:57 2015 +0200 usb-host: add wakeup call for iso xfers Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit d9460a7557672af9c4d9d4f153200d1075ed5a78 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 16 13:33:07 2015 +0200 virtio-input: ignore events until the guest driver is ready Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e853ea1cc68716c3d9c22d04578020c6dd743306 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Sat Oct 17 10:31:16 2015 -0500 qga: fix uninitialized value warning for win32 Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit a1853dca74362551ec1434b2e15acfcdd53caa99 Author: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Date: Tue Oct 13 18:41:23 2015 +0300 qga: guest-exec simple stdin/stdout/stderr redirection Implemented with base64-encoded strings in qga json protocol. Glib portable GIOChannel is used for data I/O. Optinal stdin parameter of guest-exec command is now used as stdin content for spawned subprocess. If capture-output bool flag is specified, guest-exec redirects out/err file descriptiors internally to pipes and collects subprocess output. Guest-exe-status is modified to return this collected data to requestor in base64 encoding. Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> * switch from 'struct GuestIOExecData' to 'GuestIOExecData' * s/TRUE/true/g, s/FALSE/false/g for gboolean return values * s/inp_data/input_data/ Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit f74df9bfce6d133fc64d6b878327849ed2b89b4b Author: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Date: Tue Oct 13 18:41:22 2015 +0300 qga: handle G_IO_STATUS_AGAIN in ga_channel_write_all() glib may return G_IO_STATUS_AGAIN which is actually not an error. Also fixed a bug when on incomplete write buf pointer was not adjusted. Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 4005b4732e40d3d583510db89ee204b834022d20 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Oct 13 18:41:21 2015 +0300 qga: handle possible SIGPIPE in guest-file-write qemu-ga should not exit on guest-file-write to pipe without read end but proper error code should be returned. The behavior of the spawned process should be default thus SIGPIPE processing should be reset to default after fork() but before exec(). Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit d697e30cfff29a6a72e3197a218294ba52e7f0c6 Author: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Date: Tue Oct 13 18:41:20 2015 +0300 qga: guest exec functionality Guest-exec rewritten in platform-independent style with glib spawn. Child process is spawn asynchronously and exit status can later be picked up by guest-exec-status command. stdin/stdout/stderr of the child now is redirected to /dev/null Later we will add ability to specify stdin in guest-exec command and to get collected stdout/stderr with guest-exec-status. Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> * use g_new0 in place of g_malloc for GuestExec struct * commit msg spelling fixes * s/inp-data/input-data * document capture-input mode as false by default * use GetProcessId() for pids on w32 instead of casting HANDLE Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit b4fe97c8230c34ebd407a9f23894b9c614807540 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Oct 13 18:41:19 2015 +0300 qga: drop guest_file_init helper and replace it with static initializers This just makes code shorter and better. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 62c39b307b3a946f9df4f11396bfeced120c040f Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 2 14:58:18 2015 +0200 tests: add a local test for guest agent Add some local guest agent tests, as it is better than nothing, only when CONFIG_POSIX (using unix sockets). With the QGA_TEST_SIDE_EFFECTING environment variable, it will include tests with side effects, such as freezing/thawing the FS or changing the time. (a better test would involve a managed VM (or container), but it might be better to leave that off to autotest/avocado) Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> * use mkdtemp() in placeof g_mkdtemp() for glib 2.22 compat * drop redundant/conflicting compat defines for g_assert_{true,false}, since glib-compat has them now. * build fixes for OSX: use PRId64 instead of glib formats, drop g_spawn_default usage for glib compat * assert connect_qga() doesn't fail * only enable test-qga for linux hosts * allow get-memory-block-info* to fail Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit f693fe6ef402bdcf89b3979bf004c4c5bf646724 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 19 16:38:25 2015 -0500 qga: guest-get-memory-blocks shouldn't fail for unexposed memory blocks Some guests don't expose memory blocks via sysfs at all. This shouldn't be a failure, instead just return an empty list. For other access failures we still report an error. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 8a0b5421a09ab9b9567300c554d3e169f28fc09d Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 2 14:58:17 2015 +0200 glib-compat: add 2.38/2.40/2.46 asserts Those are mostly useful for writing tests. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit dc47995e525c386f893b6e023da6b819f9975ece Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 2 14:58:16 2015 +0200 qtest: add a few fd-level qmp helpers Add a few functions to interact with qmp via a simple fd. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 6eaeae37a5fdd0a1ef88ed9ab4b807669ffc0e2d Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 2 14:58:15 2015 +0200 qga: do not override configuration verbosity Move the default verbosity settings before loading the configuration file, or it will overwrite it. Found thanks to writing qga tests :) Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 8e34bf364ae518503642d28bdd43661090ae21bd Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 2 14:58:14 2015 +0200 qga: add QGA_CONF environment variable Having a environment variable allows to override default configuration path, useful for testing. Note that this can't easily be an argument, since loading config is done before parsing the arguments. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit f3a06403b82c7f036564e4caf18b52ce6885fcfb Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Sep 14 13:50:44 2015 +0200 qga: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit fafcaf1d7434bd3a44a5cd6a98594b3ec12d83de Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Mon Sep 7 18:47:05 2015 -0500 build: qemu-ga: add 'qemu-ga' build target for w32 Currently POSIX builds rely on 'qemu-ga' target to do qga-only distributable build. On w32, as with most standalone binary targets, we rely on 'qemu-ga.exe' target. Unlike with POSIX, qemu-ga for w32 has a number of related targets such as VSS DLL and MSI package. We can do the full distributable qga-only build on w32 with: make qemu-ga.exe or: make msi To make that work, we tie VSS dependencies onto qemu-ga.exe. However, in reality the DLL isn't part of the binary, so we use a filter to pull them out of the LINK recipe, which attempts to link against prereqs for binary targets. Additionally, it could be argued that VSS is a separate distributable, and shouldn't be implied by qemu-ga.exe binary target. To avoid this, we can tie the VSS dependencies only to the 'msi' target, but that would make it impossible to do a qga-only build of the w32 distributable without building the 'msi' package, which was supported in the past. An alternative approach is to add a new target to build the whole distributable. w32 allows us to use the same build target we use on POSIX, 'qemu-ga', since the current binary-only target on w32 is 'qemu-ga.exe'. To further simplify the build, we also make 'qemu-ga' build the MSI package if the appropriate ./configure options are set, making the full qga-only build the same on both POSIX and w32: `make qemu-ga` Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 89a82cd4b6a90fe117fa715e2abe51d5c607560c Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Sep 16 15:33:53 2015 -0700 cpu-exec: Add "nochain" debug flag Respect it to avoid linking TBs together. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 137d63902faf4960081856db9242cbaf234a23af Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Fri Oct 2 13:24:17 2015 +0100 tcg/mips: Support r6 SEL{NE, EQ}Z instead of MOVN/MOVZ Extend MIPS movcond implementation to support the SELNEZ/SELEQZ instructions introduced in MIPS r6 (where MOVN/MOVZ have been removed). Whereas the "MOVN/MOVZ rd, rs, rt" instructions have the following semantics: rd = [!]rt ? rs : rd The "SELNEZ/SELEQZ rd, rs, rt" instructions are slightly different: rd = [!]rt ? rs : 0 First we ensure that if one of the movcond input values is zero that it comes last (we can swap the input arguments if we invert the condition). This is so that it can exactly match one of the SELNEZ/SELEQZ instructions and avoid the need to emit the other one. Otherwise we emit the opposite instruction first into a temporary register, and OR that into the result: SELNEZ/SELEQZ TMP1, v2, c1 SELEQZ/SELNEZ ret, v1, c1 OR ret, ret, TMP1 Which does the following: ret = cond ? v1 : v2 Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-Id: <1443788657-14537-7-git-send-email-james.hogan@xxxxxxxxxx> commit bc6d0c22b09a72897d9db4482076f89e7de97400 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Fri Oct 2 13:24:16 2015 +0100 tcg/mips: Support r6 multiply/divide encodings MIPSr6 adds several new integer multiply, divide, and modulo instructions, and removes several pre-r6 encodings, along with the HI/LO registers which were the implicit operands of some of those instructions. Update TCG to use the new instructions when built for r6. The new instructions actually map much more directly to the TCG ops, as they only provide a single 32-bit half of the result and in a normal general purpose register instead of HI or LO. The mulu2_i32 and muls2_i32 operations are no longer appropriate for r6, so they are removed from the TCG opcode table. This is because they would need to emit two separate host instructions anyway (for the high and low half of the result), which TCG can arrange automatically for us in the absense of mulu2_i32/muls2_i32 by splitting it into mul_i32 and mul*h_i32 TCG ops. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-Id: <1443788657-14537-6-git-send-email-james.hogan@xxxxxxxxxx> commit 6e0d096989be52c2b945fc83a9bd15d887bbdb47 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Fri Oct 2 13:24:15 2015 +0100 tcg/mips: Support r6 JR encoding MIPSr6 encodes JR as JALR with zero as the link register, and the pre-r6 JR encoding is removed. Update TCG to use the new encoding when built for r6. We still use the old encoding for pre-r6, so as not to confuse return prediction stack hardware which may detect only particular encodings of the return instruction. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-Id: <1443788657-14537-5-git-send-email-james.hogan@xxxxxxxxxx> commit ce14bd4d469f3a14f6cbfceb6360aee066a60d72 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Fri Oct 2 13:24:14 2015 +0100 tcg/mips: Add use_mips32r6_instructions definition Add definition use_mips32r6_instructions to the MIPS TCG backend which is constant 1 when built for MIPS release 6. This will be used to decide between pre-R6 and R6 instruction encodings. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-Id: <1443788657-14537-4-git-send-email-james.hogan@xxxxxxxxxx> commit d76f36535099b5d3d880c5e3ac1d411420c8a086 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Fri Oct 2 13:24:13 2015 +0100 disas/mips: Add R6 jr/jr.hb to disassembler MIPS r6 encodes jr as jalr zero, and jr.hb as jalr.hb zero, so add these encodings to the MIPS disassembly table. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-Id: <1443788657-14537-3-git-send-email-james.hogan@xxxxxxxxxx> commit c0e40dbdcc291c85faa289a53be60b7b1b7c7598 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Fri Oct 2 13:24:12 2015 +0100 tcg-opc.h: Simplify insn_start def We already have a TLADDR_ARGS definition, so rearrange the order slightly and use it in the definition of insn_start, instead of having an #ifdef. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-Id: <1443788657-14537-2-git-send-email-james.hogan@xxxxxxxxxx> commit 1e1df962e325e18a5188c4814cd1a10215a48f79 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Oct 2 22:41:01 2015 +0000 tcg/ppc: Prefer mask over andi. Prefer the instruction that isn't required to modify cr0. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 5bfd75a35c11dd3aa61c73d0d2cd88137c31519c Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Oct 2 22:25:28 2015 +0000 tcg/ppc: Revise goto_tb implementation Restrict the size of code_gen_buffer to 2GB on ppc64, which lets us assert that everything is reachable with addis+addi from tb_ret_addr. This lets us use a max of 4 insns for goto_tb instead of 7. Emit the indirect branch portion of goto_tb up front, which means we only have to update two insns to update any link. With a 64-bit store, we can update the link atomically, which may be required in future. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 70f897bdc4ce4101ec008317d43090f532bfb07d Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Oct 2 21:09:54 2015 +0000 tcg/ppc: Adjust exit_tb for change in prologue placement Changing the prologue to the beginning of the code_gen_buffer changes the direction of the "return" branch. Need to change the logic to match. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2cc06a8843ace3d03464032eb3c74bc6e2b07579 Author: Kevin O'Connor <kevin@xxxxxxxxxxxx> Date: Thu Oct 8 17:02:58 2015 +0200 fw_cfg: Define a static signature to be returned on DMA port reads Return a static signature ("QEMU CFG") if the guest does a read to the DMA address io register. Signed-off-by: Kevin O'Connor <kevin@xxxxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit c886fc4c20ff8456b2f788a1404dd321b8b59243 Author: Marc Marà <markmb@xxxxxxxxxx> Date: Thu Oct 8 17:02:57 2015 +0200 Enable fw_cfg DMA interface for x86 Enable the fw_cfg DMA interface for all the x86 platforms. Based on Gerd Hoffman's initial implementation. Signed-off-by: Marc Marà <markmb@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 0b341a85ca873cfc4faddbf9012c4c5da1b675bc Author: Marc Marà <markmb@xxxxxxxxxx> Date: Thu Oct 8 17:02:56 2015 +0200 Enable fw_cfg DMA interface for ARM Enable the fw_cfg DMA interface for the ARM virt machine. Based on Gerd Hoffman's initial implementation. Signed-off-by: Marc Marà <markmb@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit a4c0d1deb785611c96a455f65ec032976b00b36f Author: Marc Marà <markmb@xxxxxxxxxx> Date: Thu Oct 8 17:02:55 2015 +0200 Implement fw_cfg DMA interface Based on the specifications on docs/specs/fw_cfg.txt This interface is an addon. The old interface can still be used as usual. Based on Gerd Hoffman's initial implementation. Signed-off-by: Marc Marà <markmb@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit c9eae1d4b93695d98fa5306a28b7fb7acc34ae67 Author: Marc Marà <markmb@xxxxxxxxxx> Date: Thu Oct 8 17:02:54 2015 +0200 fw_cfg DMA interface documentation Add fw_cfg DMA interface specification in the documentation. Based on Gerd Hoffman's initial implementation. Signed-off-by: Marc Marà <markmb@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 57c3d238a5ff7e7ad7aba098b5d55d8d89c2a6a1 Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Thu Oct 8 17:02:53 2015 +0200 fw_cfg: document fw_cfg_modify_iXX() update functions Document the behavior of fw_cfg_modify_iXX() for leak-less updating of integer-type blobs. Currently only fw_cfg_modify_i16() is coded, but 32- and 64-bit versions may be added later if necessary.. Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 6407d76eb4e5b5dd4af8613cef0162f31ff739ed Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Tue Sep 29 12:29:01 2015 -0400 fw_cfg: insert string blobs via qemu cmdline Allow users to provide custom fw_cfg blobs with ascii string payloads specified directly on the qemu command line. Suggested-by: Jordan Justen <jordan.l.justen@xxxxxxxxx> Suggested-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Message-id: 1443544141-26568-1-git-send-email-somlo@xxxxxxx Reviewd-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 26c7be842637ee65a79cd77f96a99c23ddcd90ad Merge: 526d580 dbb7405 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Oct 19 12:13:27 2015 +0100 Merge remote-tracking branch 'remotes/sstabellini/tags/2015-10-19-tag' into staging Xen 2015-10-19 # gpg: Signature made Mon 19 Oct 2015 11:24:05 BST using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>" * remotes/sstabellini/tags/2015-10-19-tag: xen-platform: Ensure xen is enabled when initializing pc: Require xen when initializing xenfv machine Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dbb7405d8caad0814ceddd568cb49f163a847561 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Sep 28 17:01:24 2015 -0300 xen-platform: Ensure xen is enabled when initializing The xen-platform code crashes on reset if the xen backend is not initialized, because it calls xc_hvm_set_mem_type(). Ensure xen-platform won't be created without initializing the xen backend. The assert can't be triggered by the user because the device is not hotpluggable, and the only code creating it (at pc_xen_hvm_init()) already checks xen_enabled(). Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit a88ae0d44b6b5830b752641b2198735272f13eaf Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Sep 28 17:01:23 2015 -0300 pc: Require xen when initializing xenfv machine Without this check, the xen-platform device will crash on reset if using the accel option with anything other than xen (e.g. "-machine xenfv,accel=kvm"). Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 526d5809a0714edc7f19196f14ec2e607dbd9753 Merge: aedc880 1c4a55d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Oct 19 10:52:39 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * KVM page size fix for PPC * Support for Linux 4.4's new Hyper-V features * Eliminate g_slice from areas I maintain * checkpatch fix * Peter's cpu_reload_memory_map() cleanups * More changes to MAINTAINERS * Require Python 2.6 * chardev creation fixes * PCI requester id for ARM KVM * cleanups and doc fixes * Allow customization of the Hyper-V vendor id # gpg: Signature made Mon 19 Oct 2015 09:13:10 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" * remotes/bonzini/tags/for-upstream: (49 commits) kvm: Allow the Hyper-V vendor ID to be specified kvm: Move x86-specific functions into target-i386/kvm.c kvm: Pass PCI device pointer to MSI routing functions hw/pci: Introduce pci_requester_id() kvm: Make KVM_CAP_SIGNAL_MSI globally available doc/rcu: fix g_free_rcu() usage example qemu-char: cleanup after completed conversion to cd->create qemu-char: convert ringbuf backend to data-driven creation qemu-char: convert vc backend to data-driven creation qemu-char: convert spice backend to data-driven creation qemu-char: convert console backend to data-driven creation qemu-char: convert stdio backend to data-driven creation qemu-char: convert testdev backend to data-driven creation qemu-char: convert braille backend to data-driven creation qemu-char: convert msmouse backend to data-driven creation qemu-char: convert mux backend to data-driven creation qemu-char: convert null backend to data-driven creation qemu-char: convert pty backend to data-driven creation qemu-char: convert UDP backend to data-driven creation qemu-char: convert socket backend to data-driven creation ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit aedc8806172dd1ae904f04169ee3b19fce1d7893 Merge: 40fe17b 8307c29 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Oct 19 10:06:56 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-audio-20151019-1' into staging Remove macros IO_READ_PROTO and IO_WRITE_PROTO # gpg: Signature made Mon 19 Oct 2015 09:19:21 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-audio-20151019-1: Remove macros IO_READ_PROTO and IO_WRITE_PROTO Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1c4a55dbed9a47fde9294f7de6c8bb060d874c88 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Fri Oct 16 09:38:22 2015 -0600 kvm: Allow the Hyper-V vendor ID to be specified According to Microsoft documentation, the signature in the standard hypervisor CPUID leaf at 0x40000000 identifies the Vendor ID and is for reporting and diagnostic purposes only. We can therefore allow the user to change it to whatever they want, within the 12 character limit. Add a new hv-vendor-id option to the -cpu flag to allow for this, ex: -cpu host,hv_time,hv-vendor-id=KeenlyKVM Link: http://msdn.microsoft.com/library/windows/hardware/hh975392 Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> Message-Id: <20151016153356.28104.48612.stgit@xxxxxxxxxx> [Adjust error message to match the property name, use error_report. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 28143b409f698210d85165ca518235ac7e7c5ac5 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu Oct 15 20:30:20 2015 +0200 kvm: Move x86-specific functions into target-i386/kvm.c The functions for checking xcrs, xsave and pit_state2 are only used on x86, so they should reside in target-i386/kvm.c. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Message-Id: <1444933820-6968-1-git-send-email-thuth@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit dc9f06ca81e6e16d062ec382701142a3a2ab3f7d Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Oct 15 16:44:52 2015 +0300 kvm: Pass PCI device pointer to MSI routing functions In-kernel ITS emulation on ARM64 will require to supply requester IDs. These IDs can now be retrieved from the device pointer using new pci_requester_id() function. This patch adds pci_dev pointer to KVM GSI routing functions and makes callers passing it. x86 architecture does not use requester IDs, but hw/i386/kvm/pci-assign.c also made passing PCI device pointer instead of NULL for consistency with the rest of the code. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Message-Id: <ce081423ba2394a4efc30f30708fca07656bc500.1444916432.git.p.fedin@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit a05f686ff39c373384772b01f1b7fc71e7eb2500 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Oct 15 16:44:51 2015 +0300 hw/pci: Introduce pci_requester_id() For GICv3 ITS implementation we are going to use requester IDs in KVM IRQ routing code. This patch introduces reusable convenient way to obtain this ID from the device pointer. The new function is now used in some places, where the same calculation was used. MemTxAttrs.stream_id also renamed to requester_id in order to better reflect semantics of the field. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-Id: <5814bcb03a297f198e796b13ed9c35059c52f89b.1444916432.git.p.fedin@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 50bf31b9379cf88c4fe92ec477fdc56f89d1af94 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Oct 15 16:44:50 2015 +0300 kvm: Make KVM_CAP_SIGNAL_MSI globally available This capability is useful to determine whether we can use KVM ITS emulation on ARM Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Message-Id: <ff4ccb09b837d37defd639b885526949a25276de.1444916432.git.p.fedin@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9bda456e419273199221625894003bf9307d8451 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Wed Oct 14 18:46:44 2015 +0300 doc/rcu: fix g_free_rcu() usage example The first argument of g_free_rcu() is a pointer to a structure. But foo_reclaim is used as a function name in the previous example along with &foo as a pointer to the structure being reclaimed. Make the example consistent with the previous one. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-Id: <1444837604-13712-1-git-send-email-serge.fdrv@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 1c3af0f4f04bd6e6729783a48bb51ca1eb5c3baf Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 09:51:41 2015 +0200 qemu-char: cleanup after completed conversion to cd->create All backends now return errors through Error*, so the "Failed to create chardev" placeholder error can only be reached if the backend is not available (and only from the chardev-add QMP command; instead, the -chardev command line option fails earlier). Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 479f09a130f774b0275134b5c44081ea71fe00b3 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:51:14 2015 +0200 qemu-char: convert ringbuf backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fa19d02539a56ac20d03b2eef775be7ffcdd695a Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:49:06 2015 +0200 qemu-char: convert vc backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 68145e178ac200a27b5f0ab342da80cf60ddd576 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:45:47 2015 +0200 qemu-char: convert spice backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 122e5ed4412cadce2d44a5f636e4d1bfc67c534b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:42:04 2015 +0200 qemu-char: convert console backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8c84b25d975870bbed2e089fe61e037c58a69854 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:40:28 2015 +0200 qemu-char: convert stdio backend to data-driven creation The backend now always returns errors via the Error* argument. This avoids a double error message. Before: qemu-system-x86_64: -chardev stdio,id=base: cannot use stdio with -daemonize qemu-system-x86_64: -chardev stdio,id=base: Failed to create chardev After: qemu-system-x86_64: -chardev stdio,id=base: cannot use stdio with -daemonize Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0498790173e462ac3a7e4e0f3608704b8382dd10 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:33:42 2015 +0200 qemu-char: convert testdev backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e47666b8d1f0a7043d53671587058b3ce539b09d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:31:26 2015 +0200 qemu-char: convert braille backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 96d885b93b47243d2fc6ee826abaa8c0017282c9 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:29:15 2015 +0200 qemu-char: convert msmouse backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3c0e5a4a845c9e2823c9060631eeefebabc2f093 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:27:24 2015 +0200 qemu-char: convert mux backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0d64992b5dfe099b170a0b19922833cc82745620 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:24:29 2015 +0200 qemu-char: convert null backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c2e75a432b907562cf93772b7d058d1ec8a8f8f1 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:23:42 2015 +0200 qemu-char: convert pty backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e79b80daa252ffb4bc5c84c836714eb45ab3bb68 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:17:20 2015 +0200 qemu-char: convert UDP backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit dbba8d1be3db5a52cfe200f219fbf8840d75cb14 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:15:53 2015 +0200 qemu-char: convert socket backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 20cbe7a27980ef7e2ecd307cd210fc23b3f0762e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:14:07 2015 +0200 qemu-char: convert pipe backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 38bfb1a63d05d000f128ea740442955070d9ff57 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 09:49:28 2015 +0200 qemu-char: convert parallel backend to data-driven creation Conversion to Error * brings better error messages; before: qemu-system-x86_64: -chardev id=serial,backend=parallel,path=vl.c: Failed to create chardev After: qemu-system-x86_64: -chardev id=serial,backend=parallel,path=vl.c: not a parallel port: Inappropriate ioctl for device Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8307c294a355bbf3c5352e00877365b0cda66d52 Author: Nutan Shinde <nutanshinde1992@xxxxxxxxx> Date: Wed Oct 7 22:02:54 2015 +0530 Remove macros IO_READ_PROTO and IO_WRITE_PROTO Signed-off-by: Nutan Shinde <nutanshinde1992@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 40fe17bea478793fc9106a630fa3610dad51f939 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 16 17:19:35 2015 +0100 hw/ide/ahci.c: Fix shift left into sign bit Avoid undefined behaviour from shifting left into the sign bit: hw/ide/ahci.c:551:36: runtime error: left shift of 255 by 24 places cannot be represented in type 'int' (Unfortunately C's promotion rules mean that in the expression "some_uint8_t_variable << 24" the LHS gets promoted to signed int before shifting.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> commit 7df953bd456da45f761064974820ab5c3fd7b2aa Author: Knut Omang <knut.omang@xxxxxxxxxx> Date: Sun Oct 4 15:48:50 2015 +0200 intel_iommu: Add support for translation for devices behind bridges - Use a hash table indexed on bus pointers to store information about buses instead of using the bus numbers. Bus pointers are stored in a new VTDBus struct together with the vector of device address space pointers indexed by devfn. - The bus number is still used for lookup for selective SID based invalidate, in which case the bus number is lazily resolved from the bus hash table and cached in a separate index. Signed-off-by: Knut Omang <knut.omang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c737c7a608f4cd2c06e6600303845c4b469822c5 Merge: 6d57410 6b826af Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sat Oct 17 22:14:52 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches # gpg: Signature made Fri 16 Oct 2015 14:36:50 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: (29 commits) blkdebug: Don't confuse image as backing file qcow2: Remove forward declaration of QCowAIOCB qemu-nbd: always compile in --aio=MODE option blockdev: always compile in -drive aio= parsing raw-posix: warn about BDRV_O_NATIVE_AIO if libaio is unavailable block: auto-generated node-names util - add automated ID generation utility blkverify: Fix BDS leak in .bdrv_open error path block: Allow bdrv_unref_child(bs, NULL) block: Remove bdrv_swap() block: Add and use bdrv_replace_in_backing_chain() blockjob: Store device name at job creation block: Implement bdrv_append() without bdrv_swap() block: Introduce parents list block-backend: Add blk_set_bs() block/io: Make bdrv_requests_pending() public block: Split bdrv_move_feature_fields() block: Manage backing file references in bdrv_set_backing_hd() block: Convert bs->backing_hd to BdrvChild block: Remove bdrv_open_image() ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6d57410a79d51d92673c54f26624b44f27fa6214 Merge: 9c1f5bb 5d98bf8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sat Oct 17 12:31:33 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151016' into staging target-arm queue: * break TBs after ISB instructions * more support code for future implementation of EL2 and 64-bit EL3 * tell guest if KVM is enabled in SMBIOS version string * implement OSLAR/OSLSR system registers * provide better help text for Sharp PDA machine names * rename imx25_pdk to imx25-pdk (since it has never been released with the underscore-version name) * fix MMIO writes in zynq_slcr * implement MDCR_EL2 * virt: allow the guest to configure PCI BARs with zero PCI addresses * fix breakpoint handling code # gpg: Signature made Fri 16 Oct 2015 14:56:15 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20151016: target-arm: Fix CPU breakpoint handling target-arm: Fix GDB breakpoint handling target-arm: implement arm_debug_target_el() hw/arm/virt: Allow zero address for PCI IO space target-arm: Add MDCR_EL2 misc: zynq_slcr: Fix MMIO writes arm: imx25-pdk: Fix machine name target-arm: Provide model numbers for Sharp PDAs target-arm: Implement AArch64 OSLAR/OSLSR_EL1 sysregs hw/arm/virt: smbios: inform guest of kvm target-arm: Avoid calling arm_el_is_aa64() function for unimplemented EL target-arm: Break the TB after ISB to execute self-modified code correctly target-arm: Add missing 'static' attribute Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9c1f5bbc739f3278353becf94839551afed0fdbd Merge: 61f7901 468a895 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 16 19:11:59 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20151016' into staging cocoa queue: * fixes for compiler warnings * fix mouse cursor flickering # gpg: Signature made Fri 16 Oct 2015 11:09:46 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-cocoa-20151016: ui/cocoa.m: blinky mouse cursor fix ui/cocoa.m: addRemovableDevicesMenuItems() warning fix ui/cocoa.m: eliminate normalWindow warning Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 61f7901bb8a7f2f2503b5b025c4c33dbeac9cf5b Merge: e95bdb4 99df528 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 16 17:13:05 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-10-15' into staging QAPI patches # gpg: Signature made Thu 15 Oct 2015 07:40:46 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-10-15: qapi: Track location that created an implicit type qapi: Create simple union type member earlier qapi: Lazy creation of array types qapi: Don't use info as witness of implicit object type qapi: Drop redundant args-member-array test qapi: Drop redundant flat-union-reverse-define test qapi: Drop redundant returns-int test qapi: Move empty-enum to compile-time test qapi: Drop redundant alternate-good test qapi: Prepare for errors during check() qapi: Use predicate callback to determine visit filtering qapi: Fix regression with '-netdev help' Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e95bdb4341c36ee158ff9dda4ade3f94405c69ce Merge: c49d341 60be634 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 16 15:47:59 2015 +0100 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20151015' into staging migration/next for 20151015 # gpg: Signature made Thu 15 Oct 2015 07:25:27 BST using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20151015: migration: fix deadlock migration: announce VM's new home just before VM is runnable Migration: Generate the completed event only when we complete Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5d98bf8f38c17a348ab6e8af196088cd4953acd0 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Tue Oct 13 12:56:28 2015 +0300 target-arm: Fix CPU breakpoint handling A QEMU breakpoint match is not definitely an architectural breakpoint match. If an exception is generated unconditionally during translation, it is hardly possible to ignore it in the debug exception handler. Generate a call to a helper to check CPU breakpoints and raise an exception only if any breakpoint matches architecturally. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e63a2d4d9ed73e33a0b7483085808048be8bbcb1 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Tue Oct 13 12:56:27 2015 +0300 target-arm: Fix GDB breakpoint handling GDB breakpoints have higher priority so they have to be checked first. Should GDB breakpoint match, just return from the debug exception handler. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6b826af7b010ed1963b1e7bfb5c389dcdbaff222 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 16 18:46:04 2015 +0800 blkdebug: Don't confuse image as backing file The word "backing file" nowadays refers to the backing_hd in the external snapshot sense (i.e. bs->backing_hd), instead of the file sense (bs->file). Correct the comment to use the right term. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e394621fbda0d9f69df2c9eab73ad5a5189805bb Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Fri Jul 10 22:19:23 2015 +0200 qcow2: Remove forward declaration of QCowAIOCB This struct doesn't exist any more since commit 3fc48d09 in August 2011, it's about time to remove its forward declaration. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit bb628e1af8b8b5ecf6420e50123cb696ee18b09f Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Jul 23 13:48:36 2015 +0100 qemu-nbd: always compile in --aio=MODE option The --aio=MODE option enables Linux AIO or Windows overlapped I/O. The #ifdef CONFIG_LINUX_AIO was a layering violation that also prevented Windows overlapped I/O from being used. Now that raw-posix.c prints an error when Linux AIO has not been compiled in, we can unconditionally compile the option into qemu-nbd. After this patch qemu-nbd --aio=native works on Windows. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 04d71322c1cf6f527f15397c76bc088ebda7c18b Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Jul 23 13:48:35 2015 +0100 blockdev: always compile in -drive aio= parsing CONFIG_LINUX_AIO is an implementation detail of raw-posix.c. Don't mention CONFIG_LINUX_AIO in blockdev.c. Let block drivers decide what to do with BDRV_O_NATIVE_AIO. They may print an error if it is unsupported. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 1501ecc1d89231164b4aecddd0219ed4395b693a Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Jul 23 13:48:34 2015 +0100 raw-posix: warn about BDRV_O_NATIVE_AIO if libaio is unavailable raw-posix.c silently ignores BDRV_O_NATIVE_AIO if libaio is unavailable. It is confusing when aio=native performance is identical to aio=threads because the binary was accidentally built without libaio. Print a deprecation warning if -drive aio=native is used with a binary that does not support libaio. There are probably users using aio=native who would be inconvenienced if QEMU suddenly refused to start their guests. In the future this will become an error. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 15489c769b9a4b3bec5b5848af2960689d7b4bd8 Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Mon Oct 12 19:36:50 2015 -0400 block: auto-generated node-names If a node-name is not specified, automatically generate the node-name. Generated node-names will use the "block" sub-system identifier. Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a0f1913637e6cd711aa721233b75eb2ec84d017b Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Mon Oct 12 19:36:49 2015 -0400 util - add automated ID generation utility Multiple sub-systems in QEMU may find it useful to generate IDs for objects that a user may reference via QMP or HMP. This patch presents a standardized way to do it, so that automatic ID generation follows the same rules. This patch enforces the following rules when generating an ID: 1.) Guarantee no collisions with a user-specified ID 2.) Identify the sub-system the ID belongs to 3.) Guarantee of uniqueness 4.) Spoiling predictability, to avoid creating an assumption of object ordering and parsing (i.e., we don't want users to think they can guess the next ID based on prior behavior). The scheme for this is as follows (no spaces): # subsys D RR Reserved char --| | | | Subsystem String ----| | | Unique number (64-bit) --| | Two-digit random number ---| For example, a generated node-name for the block sub-system may look like this: #block076 The caller of id_generate() is responsible for freeing the generated node name string with g_free(). Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7e39d3a2dd34a84900e10b4ea1567f3b352659af Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Oct 13 14:15:53 2015 +0200 blkverify: Fix BDS leak in .bdrv_open error path Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> commit 779020cbdc67011026c10fb620f701bfc6b85547 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Oct 13 14:09:44 2015 +0200 block: Allow bdrv_unref_child(bs, NULL) bdrv_unref() can be called with a NULL argument and doesn't do anything then. Make bdrv_unref_child() consistent with it. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> commit 8e419aefa07ca8e640f8db50b450378e84d60a11 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Sep 16 16:18:38 2015 +0200 block: Remove bdrv_swap() bdrv_swap() is unused now. Remove it and all functions that have no other users than bdrv_swap(). In particular, this removes the .bdrv_rebind callbacks from block drivers. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 3f09bfbc7bee812a44838f4c8b254007a9b86cab Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Sep 15 11:58:23 2015 +0200 block: Add and use bdrv_replace_in_backing_chain() This cleans up the mess we left behind in the mirror code after the previous patch. Instead of using bdrv_swap(), just change pointers. The interface change of the mirror job that callers must consider is that after job completion, their local BDS pointers still point to the same node now. qemu-img must change its code accordingly (which makes it easier to understand); the other callers stays unchanged because after completion they don't do anything with the BDS, but just with the job, and the job is still owned by the source BDS. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 8ccb9569a976056c9594bb720ba33d84827648d9 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Sep 16 13:34:54 2015 +0200 blockjob: Store device name at job creation Some block jobs change the block device graph on completion. This means that the device that owns the job and originally was addressed with its device name may no longer be what the corresponding BlockBackend points to. Previously, the effects of bdrv_swap() ensured that the job was (at least partially) transferred to the target image. Events that contain the device name could still use bdrv_get_device_name(job->bs) and get the same result. After removing bdrv_swap(), this won't work any more. Instead, save the device name at job creation and use that copy for QMP events and anything else identifying the job. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit dd62f1ca433ea60b06590884642ad2c8f8e539f2 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Jun 18 14:09:57 2015 +0200 block: Implement bdrv_append() without bdrv_swap() Remember all parent nodes and just change the pointers there instead of swapping the contents of the BlockDriverState. Handling of snapshot=on must be moved further down in bdrv_open() because *pbs (which is the bs pointer in the BlockBackend) must already be set before bdrv_append() is called. Otherwise bdrv_append() changes the BB's pointer to the temporary snapshot, but bdrv_open() overwrites it with the read-only original image. We also need to be careful to update callers as the interface changes (becomes less insane): Previously, the meaning of the two parameters was inverted when bdrv_append() returns. Now any BDS pointers keep pointing to the same node. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d42a8a935b8b2d567331fffa13a70918352668bb Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Sep 17 13:18:23 2015 +0200 block: Introduce parents list Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a2d6190048d01c7012ab4fd6a2558f435b7b2fe8 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Sep 17 13:01:50 2015 +0200 block-backend: Add blk_set_bs() It allows changing the BlockDriverState that a BlockBackend points to. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 439db28cf9d4c29c9a97040bc8e08f047ba7e0af Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Sep 16 16:08:17 2015 +0200 block/io: Make bdrv_requests_pending() public Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 063dd40e110eba7fffff09850ea9116b8dee2ae6 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Sep 17 12:33:26 2015 +0200 block: Split bdrv_move_feature_fields() After bdrv_swap(), some fields must be moved back to their original BDS to compensate for the effects that a swap of the contents of the objects has while keeping the old addresses. Other fields must be moved back because they should logically be moved and must stay on top When replacing bdrv_swap() with operations changing the pointers in the parents, we only need the latter and must avoid swapping the former. Split the function accordingly. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5db15a57697063b9062a015dbc6d5d38211f2df1 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Sep 14 15:33:33 2015 +0200 block: Manage backing file references in bdrv_set_backing_hd() This simplifies the code somewhat, especially when dropping whole backing file subchains. The exception is the mirroring code that does adventurous things with bdrv_swap() and in order to keep it working, I had to duplicate most of bdrv_set_backing_hd() locally. We'll get rid again of this ugliness shortly. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 760e006384ecd5b8b8b1b91b5c85ff8fdcb3a21f Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Jun 17 14:55:21 2015 +0200 block: Convert bs->backing_hd to BdrvChild This is the final step in converting all of the BlockDriverState pointers that block drivers use to BdrvChild. After this patch, bs->children contains the full list of child nodes that are referenced by a given BDS, and these children are only referenced through BdrvChild, so that updating the pointer in there is enough for changing edges in the graph. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b26e90f56ad3a494ee6337d2075f4dc55b62b3c6 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Jun 16 16:23:54 2015 +0200 block: Remove bdrv_open_image() It is unused now. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 9a4f4c31563b96a075f3deae83e72c726e0c84f8 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Jun 16 14:19:22 2015 +0200 block: Convert bs->file to BdrvChild This patch removes the temporary duplication between bs->file and bs->file_child by converting everything to BdrvChild. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 0bd6e91a7e00129764afb9bed83ae5519e18a111 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Jun 16 11:29:22 2015 +0200 quorum: Convert to BdrvChild Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 3e586be0b2b772394d6ed68c5b5a6da5cbbfe08b Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Jun 16 11:13:47 2015 +0200 blkverify: Convert s->test_file to BdrvChild Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 24bc15d1f6429dac0de47348b4b302855360c492 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Jun 15 13:50:20 2015 +0200 vmdk: Use BdrvChild instead of BDS for references to extents Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1fdd69330872ef91d92482472eef79350d2f379b Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Jun 15 14:11:51 2015 +0200 block: Introduce BDS.file_child Store the BdrvChild for bs->file. At this point, bs->file_child->bs just duplicates the bs->file pointer. Later, it will completely replace it. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 68e517a8d7d89298235913a514af70364e559b78 Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Mon Oct 12 20:18:07 2015 -0400 block: qemu-iotests - fix vmdk test 059.out In commit fe646693acc13ac48b98435d14149ab04dc597bc, the option printout format changed. This updates the VMDK test 059.out to the correct output. Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a910523a244c10d6c458e1415f35a92c3b11387f Author: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Date: Fri Oct 2 14:12:34 2015 +0200 qmp-commands.hx: Update the supported 'transaction' operations Although the canonical source of reference for QMP commands is qapi-schema.json, for consistency's sake, update qmp-commands.hx to state the list of supported transactionable operations, namely: drive-backup blockdev-backup blockdev-snapshot-internal-sync abort block-dirty-bitmap-add block-dirty-bitmap-clear Also update the possible values for the "type" action array. Signed-off-by: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 317438e6dba5d7bb44bd867c10993c54b927992b Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Thu Sep 17 17:33:06 2015 +0300 throttle: test that snapshots move the throttling configuration If a snapshot is performed on a device that has I/O limits they should be moved to the target image (the new active layer). Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit efd0fbbcf5d28b18fc629681e3bc8bee1bfadd9a Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Sep 28 17:23:00 2015 +0300 iotests: disable core dumps in test 061 Commit 934659c460 disabled the supression of segmentation faults in bash tests. The new output of test 061, however, assumes that a core dump will be produced if a program aborts. This is not necessarily the case because core dumps can be disabled using ulimit. Since we cannot guarantee that abort() will produce a core dump, we should use SIGKILL instead (that does not produce any) and update the test output accordingly. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 81669b8b81eb450d7b89ee5fdd57bdb73d87022d Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Mon Sep 14 13:53:48 2015 +0300 target-arm: implement arm_debug_target_el() Implement debug exception routing according to ARM ARM D2.3.1 Pseudocode description of routing debug exceptions. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 74de8c356844080fcabc3a44b08b9d22feda691f Author: Alexander Gordeev <agordeev@xxxxxxxxxx> Date: Fri Oct 16 11:14:54 2015 +0100 hw/arm/virt: Allow zero address for PCI IO space Currently PCI IO address 0 is not allowed even though the IO space starts from 0. This update makes PCI IO address 0 usable. CC: Peter Maydell <peter.maydell@xxxxxxxxxx> CC: Andrew Jones <drjones@xxxxxxxxxx> Signed-off-by: Alexander Gordeev <agordeev@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 14cc7b54372995a6ba72c7719372e4f710fc9b5a Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Fri Oct 16 11:14:54 2015 +0100 target-arm: Add MDCR_EL2 Add the MDCR_EL2 register. We don't implement any of the debug-related traps this register controls yet, so currently it simply reads back as written. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1444383794-16767-1-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> [PMM: tweaked commit message; moved non-dummy definition from debug_cp_reginfo to el2_cp_reginfo.] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c209b0537203c58a051e5d837320335cea23e494 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Fri Oct 16 11:14:53 2015 +0100 misc: zynq_slcr: Fix MMIO writes The /4 for offset calculation in MMIO writes was happening twice giving wrong write offsets. Fix. While touching the code, change the if-else to be a short returning if and convert the debug message to a GUEST_ERROR, which is more accurate for this condition. Cc: qemu-stable@xxxxxxxxxx Cc: Guenter Roeck <linux@xxxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b64d64de1a5b88de88146e3ad36e7b09b97837eb Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Fri Oct 16 11:14:53 2015 +0100 arm: imx25-pdk: Fix machine name ARM uses dashes instead of underscores for machine names. Fix imx25_pdk which has not seen a release yet (so there is no legacy yet). Cc: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 1444445785-3648-1-git-send-email-crosthwaite.peter@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> [PMM: Added change to tests/ds1338-test.c to use new machine name] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ad1e8db894fa055ffa9447a5d86520ef1cbac6e9 Author: Ryo ONODERA <ryo_on@xxxxxxxxxxxx> Date: Fri Oct 16 11:14:53 2015 +0100 target-arm: Provide model numbers for Sharp PDAs * For Collie, Akita, Spitz, Borzoi, Terrier and Tosa PDAs, provide model numbers and manufacturer (Sharp) information. Signed-off-by: Ryo ONODERA <ryo_on@xxxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1424ca8d4320427c3e93722b65e19077969808a2 Author: Davorin Mista <davorin.mista@xxxxxxxxxx> Date: Fri Oct 16 11:14:53 2015 +0100 target-arm: Implement AArch64 OSLAR/OSLSR_EL1 sysregs Added oslar_write function to OSLAR_EL1 sysreg, using a status variable in ARMCPUState.cp15 struct (oslsr_el1). This variable is also linked to the newly added read-only OSLSR_EL1 register. Linux reads from this register during its suspend/resume procedure. Signed-off-by: Davorin Mista <davorin.mista@xxxxxxxxxx> [PMM: folded a long line and tweaked a comment] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bab27ea2e3855b6495a743f19b9d28cb013443ea Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Fri Oct 16 11:14:53 2015 +0100 hw/arm/virt: smbios: inform guest of kvm ARM/AArch64 KVM guests don't have any way to identify themselves as KVM guests (x86 guests use a CPUID leaf). Now, we could discuss all sorts of reasons why guests shouldn't need to know that, but then there's always some case where it'd be nice... Anyway, now that we have SMBIOS tables in ARM guests, it's easy for the guest to know that it's a QEMU instance. This patch takes that one step further, also identifying KVM, when appropriate. Again, we could debate why generally nothing should care whether it's of type QEMU or QEMU/KVM, but again, sometimes it's nice to know... Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> Reviewed-by: Wei Huang <wei@xxxxxxxxxx> Message-id: 1443017892-15567-1-git-send-email-drjones@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2cde031f5a34996bab32571a26b1a6bcf3e5b5d9 Author: Sergey Sorokin <afarallax@xxxxxxxxx> Date: Fri Oct 16 11:14:52 2015 +0100 target-arm: Avoid calling arm_el_is_aa64() function for unimplemented EL It is incorrect to call arm_el_is_aa64() function for unimplemented EL. This patch fixes several attempts to do so. Signed-off-by: Sergey Sorokin <afarallax@xxxxxxxxx> [PMM: Reworked several of the comments to be more verbose.] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6df99dec9e81838423d723996e96236693fa31fe Author: Sergey Sorokin <afarallax@xxxxxxxxx> Date: Fri Oct 16 11:14:52 2015 +0100 target-arm: Break the TB after ISB to execute self-modified code correctly If any store instruction writes the code inside the same TB after this store insn, the execution of the TB must be stopped to execute new code correctly. As described in ARMv8 manual D3.4.6 self-modifying code must do an IC invalidation to be valid, and an ISB after it. So it's enough to end the TB after ISB instruction on the code translation. Also this TB break is necessary to take any pending interrupts immediately after an ISB (as required by ARMv8 ARM D1.14.4). Signed-off-by: Sergey Sorokin <afarallax@xxxxxxxxx> [PMM: tweaked commit message and comments slightly] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 82c39f6a8898b028515eddcdbc4ae50959d0af5d Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Fri Oct 16 11:14:52 2015 +0100 target-arm: Add missing 'static' attribute Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Message-id: 1443213733-9807-1-git-send-email-sw@xxxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 468a895bce1492cf83bb8be0d995ccdfcf4f2785 Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Tue Oct 13 21:51:18 2015 +0100 ui/cocoa.m: blinky mouse cursor fix The mouse cursor can become blinky when being moved a lot. This patch fixes that problem by issuing the redraw sooner. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Message-id: AAA87DD7-EC20-4F4B-B71E-C38461D9FCBA@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a7940ec0af4be5d35f65890fe0c722efc5489298 Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Tue Oct 13 21:51:18 2015 +0100 ui/cocoa.m: addRemovableDevicesMenuItems() warning fix Eliminate this warning associated with the addRemovableDevicesMenuItems() function: ui/cocoa.m:1344:13: warning: function declaration isn't a prototype [-Wstrict-prototypes] static void addRemovableDevicesMenuItems() ^ ui/cocoa.m: In function 'addRemovableDevicesMenuItems': ui/cocoa.m:1344:13: warning: old-style function definition [-Wold-style-definition] Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Message-id: 7B365FC2-072B-4E8D-A1D9-922C2D691A83@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 99df5289d8c7ebf373c3570d8fba3f3a73360281 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:32 2015 -0600 qapi: Track location that created an implicit type A future patch will move some error checking from the parser to the various QAPISchema*.check() methods, which run only after parsing completes. It will thus be possible to create a python instance representing an implicit QAPI type that parses fine but will fail validation during check(). Since all errors have to have an associated 'info' location, we need a location to be associated with those implicit types. The intuitive info to use is the location of the enclosing entity that caused the creation of the implicit type. Note that we do not anticipate builtin types being used in an error message (as they are not part of the user's QAPI input, the user can't cause a semantic error in their behavior), so we exempt those types from requiring info, by setting a flag to track the completion of _def_predefineds(), and tracking that flag in _def_entity(). No change to the generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-13-git-send-email-eblake@xxxxxxxxxx> [Missing QAPISchemaArrayType.is_implicit() supplied] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 46292ba75c515baf733df18644052b2ce9492728 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:29 2015 -0600 qapi: Create simple union type member earlier For simple unions, we were creating the implicit 'type' tag member during the QAPISchemaObjectTypeVariants constructor. This is different from every other implicit QAPISchemaEntity object, which get created by QAPISchema methods. Hoist the creation to the caller (renaming _make_tag_enum() to _make_implicit_tag()), and pass the entity rather than the string name, so that we have the nice property that no entities are created as a side effect within a different entity. A later patch will then have an easier time of associating location info with each entity creation. No change to generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-10-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 9f08c8ec73878122ad4b061ed334f0437afaaa32 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:28 2015 -0600 qapi: Lazy creation of array types Commit ac88219a had several TODO markers about whether we needed to automatically create the corresponding array type alongside any other type. It turns out that most of the time, we don't! There are a few exceptions: 1) We have a few situations where we use an array type in internal code but do not expose that type through QMP; fix it by declaring a dummy type that forces the generator to see that we want to use the array type. 2) The builtin arrays (such as intList for QAPI ['int']) must always be generated, because of the way our QAPI_TYPES_BUILTIN compile guard works: we have situations (at the very least tests/test-qmp-output-visitor.c) that include both top-level "qapi-types.h" (via "error.h") and a secondary "test-qapi-types.h". If we were to only emit the builtin types when used locally, then the first .h file would not include all types, but the second .h does not declare anything at all because the first .h set QAPI_TYPES_BUILTIN, and we would end up with compilation error due to things like unknown type 'int8List'. Actually, we may need to revisit how we do type guards, and change from a single QAPI_TYPES_BUILTIN over to a different usage pattern that does one #ifdef per qapi type - right now, the only types that are declared multiple times between two qapi .json files for inclusion by a single .c file happen to be the builtin arrays. But now that we have QAPI 'include' statements, it is logical to assume that we will soon reach a point where we want to reuse non-builtin types (yes, I'm thinking about what it will take to add introspection to QGA, where we will want to reuse the SchemaInfo type and friends). One #ifdef per type will help ensure that generating the same qapi type into more than one qapi-types.h won't cause collisions when both are included in the same .c file; but we also have to solve how to avoid creating duplicate qapi-types.c entry points. So that is a problem left for another day. Generated code for qapi-types and qapi-visit is drastically reduced; less than a third of the arrays that were blindly created were actually needed (a quick grep shows we dropped from 219 to 69 *List types), and the .o files lost more than 30% of their bulk. [For best results, diff the generated files with 'git diff --patience --no-index pre post'.] Interestingly, the introspection output is unchanged - this is because we already cull all types that are not indirectly reachable from a command or event, so introspection was already using only a subset of array types. The subset of types introspected is now a much larger percentage of the overall set of array types emitted in qapi-types.h (since the larger set shrunk), but still not 100% (evidence that the array types emitted for our new Dummy structs, and the new struct itself, don't affect QMP). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-9-git-send-email-eblake@xxxxxxxxxx> [Moved array info tracking to a later patch] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 49823c4b4304a3e4aa5d67e089946b12d6a52d64 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:27 2015 -0600 qapi: Don't use info as witness of implicit object type A future patch will enable error reporting from the various QAPISchema*.check() methods. But to report an error related to an implicit type, we'll need to associate a location with the type (the same location as the top-level entity that is causing the creation of the implicit type), and once we do that, keying off of whether foo.info exists is no longer a viable way to determine if foo is an implicit type. Instead, add an is_implicit() method to QAPISchemaEntity, and use it. It can be overridden later for ObjectType and EnumType, when implicit instances of those classes gain info. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-8-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 849ab13c1657b51b89693282ddd42ca1f6255354 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Oct 13 12:26:47 2015 -0600 qapi: Drop redundant args-member-array test qapi-schema-test already ensures that we can correctly compile an array of enums (__org.qemu_x-command), an array of builtins (UserDefNativeListUnion), and an array of structs (again __org.qemu_x-command). That means args-member-array is not adding any additional parse-only test coverage, so drop it. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444760807-11307-1-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 70478cef837e86b1cff08073153081ce480e0e6c Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:26 2015 -0600 qapi: Drop redundant flat-union-reverse-define test As of commit 8c3f8e77, we test compilation of forward references for a struct base type (UserDefOne), flat union base type (UserDefUnionBase), and flat union branch type (UserDefFlatUnion2). The only remaining forward reference being tested for parsing in flat-union-reverse-define was a forward enum declaration. Once we make sure that always compiles, the smaller parse-only test is redundant and can be deleted. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-7-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit cae95eae6270c1ea28a9ba8eee75c441b1015f68 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:25 2015 -0600 qapi: Drop redundant returns-int test qapi-schema-test was already testing that we could have a command returning int, but burned a command name in the whitelist. Merge the redundant positive test returns-int, and pick a name that reduces the whitelist size. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-6-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 625b251c69d983959efaeadeee12405b1a66d331 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:24 2015 -0600 qapi: Move empty-enum to compile-time test Rather than just asserting that we can parse an empty enum, let's also make sure we can compile it, by including it in qapi-schema-test. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-5-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit baabb84c5b27115b979d864cb2af4d63b823983f Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:23 2015 -0600 qapi: Drop redundant alternate-good test The alternate-good.json test was already covered by qapi-schema-test.json. As future commits will be tweaking how alternates are laid out, removing the duplicate test now reduces churn. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-4-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 7618b91ff80ec42b84b29be24d8ef53ddb377110 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:22 2015 -0600 qapi: Prepare for errors during check() The next few patches will start migrating error checking from ad hoc parse methods into the QAPISchema*.check() methods. But for an error message to display, we first have to fix the overall 'try' to catch those errors. We also want to enable a few more assertions, such as making sure every attempt to raise a semantic error is passed a valid location info, or that various preconditions hold. The general approach for moving error checking will then be to relax an assertion into an if that raises an exception if the condition does not hold, and removing the counterpart ad hoc check done during the parse phase. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-3-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 25a0d9c977c2f5db914b0a1619759fd77d97b016 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:21 2015 -0600 qapi: Use predicate callback to determine visit filtering Previously, qapi-types and qapi-visit filtered out implicit objects during visit_object_type() by using 'info' (works since implicit objects do not [yet] have associated info); meanwhile qapi-introspect filtered out all schema types on the first pass by returning a python type from visit_begin(), which was then used at a distance in QAPISchema.visit() to do the filtering. Rather than keeping these ad hoc approaches, add a new visitor callback visit_needed() which returns False to skip a given entity, and which defaults to True unless overridden. Use the new mechanism to simplify all three filtering visitors. No change to the generated code. Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-2-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit d08ac81a459258ce20b3184fa9325c6c1350ac9e Author: Eric Blake <eblake@xxxxxxxxxx> Date: Wed Oct 14 16:30:25 2015 -0600 qapi: Fix regression with '-netdev help' Commit e36c714e causes 'qemu -netdev help' to dump core, because the call to visit_end_union() is no longer conditional on whether *obj was allocated. Reported by Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444861825-19256-1-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked to say 'help' instead of '?'] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 60be6340796e66b5ac8aac2d98dde5c79336a89c Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Mon Sep 28 14:41:58 2015 +0300 migration: fix deadlock Release qemu global mutex before call synchronize_rcu(). synchronize_rcu() waiting for all readers to finish their critical sections. There is at least one critical section in which we try to get QGM (critical section is in address_space_rw() and prepare_mmio_access() is trying to aquire QGM). Both functions (migration_end() and migration_bitmap_extend()) are called from main thread which is holding QGM. Thus there is a race condition that ends up with deadlock: main thread working thread Lock QGA | | Call KVM_EXIT_IO handler | | | Open rcu reader's critical section Migration cleanup bh | | | synchronize_rcu() is | waiting for readers | | prepare_mmio_access() is waiting for QGM \ / deadlock The patch changes bitmap freeing from direct g_free after synchronize_rcu to free inside call_rcu. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reported-by: Igor Redko <redkoi@xxxxxxxxxxxxx> Tested-by: Igor Redko <redkoi@xxxxxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Anna Melekhova <annam@xxxxxxxxxxxxx> CC: Juan Quintela <quintela@xxxxxxxxxx> CC: Amit Shah <amit.shah@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Wen Congyang <wency@xxxxxxxxxxxxxx> commit 92e3762237475407fe03e1ccac6e30612ab96caf Author: Amit Shah <amit.shah@xxxxxxxxxx> Date: Wed Oct 14 17:37:19 2015 +0530 migration: announce VM's new home just before VM is runnable We were announcing the dest host's IP as our new IP a bit too soon -- if there were errors detected after this announcement was done, the migration is failed and the VM could continue running on the src host -- causing problems later. Move around the qemu_announce_self() call so it's done just before the VM is runnable. Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit ed1f3e0090069dcb9458aa9e450df12bf8eba0b0 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Tue Oct 13 12:21:27 2015 +0100 Migration: Generate the completed event only when we complete The current migration-completed event is generated a bit too early, which means that an eager libvirt that's ready to go as soon as it sees the event ends up racing with the actual end of migration. This corresponds to RH bug: https://bugzilla.redhat.com/show_bug.cgi?id=1271145 Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> xSigned-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 6511d39679f296162a90e71685651717a29e78e5 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:08:05 2015 +0200 qemu-char: convert serial backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fd5b036c5c6dc715bd06769a0023c6e1de2dadb4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:06:02 2015 +0200 qemu-char: convert file backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 4ca172817a8c6df0145c16d80abdf04d53a56d92 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 14:55:59 2015 +0200 qemu-char: add create to register_char_driver Having creation as a member of the CharDriver struct removes the need to export functions for qemu-char.c's usage. After the conversion, chardev backends implemented outside qemu-char.c will not need a stub creation function anymore. Ultimately all drivers will be converted. For now, support the case where cd->create == NULL. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d809ab9521ace32a806cdf86ee7df40e1bf88443 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 09:46:23 2015 +0200 qemu-char: cleanup HAVE_CHARDEV_* Move the #ifdef up into qmp_chardev_add, and avoid duplicating the code that reports unavailable backends. Split HAVE_CHARDEV_TTY into HAVE_CHARDEV_SERIAL and HAVE_CHARDEV_PTY. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit eaeba65304d9666309f246849adf1eff217b9868 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 14:54:05 2015 +0200 qemu-char: cleanup qmp_chardev_add Use the usual idioms for error propagation. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit a1dbc05a6f73e63ccfdd538c1825d44aa6347d8f Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Tue Oct 13 21:51:18 2015 +0100 ui/cocoa.m: eliminate normalWindow warning Eliminate this warning associated with the setting of the normalWindow's title: ui/cocoa.m: In function '-[QemuCocoaAppController init]': ui/cocoa.m:888:9: warning: format not a string literal and no format arguments [-Wformat-security] [normalWindow setTitle:[NSString stringWithFormat:@"QEMU"]]; Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Message-id: 57057D6E-C108-4AE1-8370-E7E6855B2F2C@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0a3c190098e1cb3daaa946cba6663467d1f4e857 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Mon Oct 12 18:41:19 2015 +0100 README: fill out some useful quickstart information The README file is usually the first thing consulted when a user or developer obtains a copy of the QEMU source. The current QEMU README is lacking immediately useful information and so not very friendly for first time encounters. It either redirects users to qemu-doc.html (which does not exist until they've actually compiled QEMU), or the website (which assumes the user has convenient internet access at time of reading). This fills out the README file as simple quick-start guide on the topics of building source, submitting patches, licensing and how to contact the QEMU community. It does not intend to be comprehensive, instead referring people to an appropriate web page to obtain more detailed information. The intent is to give users quick guidance to get them going in the right direction. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1444671679-17674-1-git-send-email-berrange@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c49d3411faae8ffaab8f7e5db47405a008411c10 Merge: 5451316 18bdbc3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 13 10:42:06 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-10-12' into staging QAPI patches # gpg: Signature made Mon 12 Oct 2015 18:56:35 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-10-12: qapi: Simplify gen_visit_fields() error handling qapi: Share gen_visit_fields() qapi: Share gen_err_check() qapi: Consistent generated code: minimize push_indent() usage qapi: Consistent generated code: prefer common indentation qapi: Consistent generated code: prefer common labels qapi: Consistent generated code: prefer visitor 'v' qapi: Consistent generated code: prefer error 'err' qapi: Reuse code for flat union base validation qapi: Test use of 'number' within alternates qapi: Add tests for empty unions qapi: Avoid assertion failure on union 'type' collision qapi: Test for various name collisions qapi: Clean up qapi.py per pep8 qapi: Invoke exception superclass initializer qapi: Improve 'include' error message qapi: Sort qapi-schema tests MAINTAINERS: Specify QAPI include and test files MAINTAINERS: Specify QObject include and test files docs: Move files from docs/qmp/ to docs/ Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 18bdbc3ac8b477e160d56aa6ecd6942495ce44d0 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:15 2015 -0600 qapi: Simplify gen_visit_fields() error handling Since we have consolidated all generated code to use 'err' as the name of the local variable for error detection, we can simplify the decision on whether to skip error detection (useful for deallocation paths) to be a boolean. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-18-git-send-email-eblake@xxxxxxxxxx> [Change to gen_visit_fields() simplified] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 82ca8e469666b169ccf818a0e36136aee97d7db0 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:14 2015 -0600 qapi: Share gen_visit_fields() Consolidate the code between visit, command marshalling, and event generation that iterates over the members of a struct. It reduces code duplication in the generator, so that a future patch can reduce the size of generated code while touching only one instead of three locations. There are no changes to the generated marshal code. The visitor code becomes slightly more verbose, but remains semantically equivalent, and is actually easier to read as it follows a more common idiom: | visit_optional(v, &(*obj)->has_device, "device", &err); |- if (!err && (*obj)->has_device) { |- visit_type_str(v, &(*obj)->device, "device", &err); |- } | if (err) { | goto out; | } |+ if ((*obj)->has_device) { |+ visit_type_str(v, &(*obj)->device, "device", &err); |+ if (err) { |+ goto out; |+ } |+ } The event code becomes slightly more verbose, but this is arguably a bug fix: although the visitors are not well documented, use of an optional member should not be attempted unless guarded by a prior call to visit_optional(). Works only because the output qmp visitor has a no-op visit_optional(): |+ visit_optional(v, &has_offset, "offset", &err); |+ if (err) { |+ goto out; |+ } | if (has_offset) { | visit_type_int(v, &offset, "offset", &err); Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-17-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 1f35334489a43800df4d20cd91362a87cee39a29 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:13 2015 -0600 qapi: Share gen_err_check() qapi-commands has a nice helper gen_err_check(), but did not use it everywhere. In fact, using it in more places makes it easier to reduce the lines of code used for generating error checks. This in turn will make it easier for later patches to consolidate another common pattern among the generators. The generated code has fewer blank lines in qapi-event.c functions, but has no semantic difference. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-16-git-send-email-eblake@xxxxxxxxxx> [Drop another blank line for symmetry] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 05372f708a8cb3556e4d67458de79417dadf241f Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:12 2015 -0600 qapi: Consistent generated code: minimize push_indent() usage We had some pointless differences in the generated code for visit, command marshalling, and events; unifying them makes it easier for future patches to consolidate to common helper functions. This is one patch of a series to clean up these differences. This patch reduces the number of push_indent()/pop_indent() pairs so that generated code is typically already at its natural output indentation in the python files. It is easier to reason about generated code if the reader does not have to track how much spacing will be inserted alongside the code, and moreso when all of the generators use the same patterns (qapi-type and qapi-event were already using in-place indentation). Arguably, the resulting python may be a bit harder to read with C code at the same indentation as python; on the other hand, not having to think about push_indent() is a win, and most decent editors provide syntax highlighting that makes it easier to visually distinguish python code from string literals that will become C code. There is no change to the generated output. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-15-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit e36c714e6aad7c9266132350833e2f263f6d8874 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:11 2015 -0600 qapi: Consistent generated code: prefer common indentation We had some pointless differences in the generated code for visit, command marshalling, and events; unifying them makes it easier for future patches to consolidate to common helper functions. This is one patch of a series to clean up these differences. This patch adjusts gen_visit_union() to use the same indentation as other functions, namely, by jumping early to the error label if the object was not set rather than placing the rest of the body inside an if for when it is set. No change in semantics to the generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-14-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit f782399cb4fa3fc4182cb046817f65a6db92ab07 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:10 2015 -0600 qapi: Consistent generated code: prefer common labels We had some pointless differences in the generated code for visit, command marshalling, and events; unifying them makes it easier for future patches to consolidate to common helper functions. This is one patch of a series to clean up these differences. This patch names the goto labels 'out' (not 'clean') and 'out_obj' (not 'out_end'). Additionally, the generator was inconsistent on whether labels had a leading space [our HACKING is silent; while emacs 'gnu' style adds the space to avoid littering column 1]. For minimal churn, prefer no leading space; this also matches the style that is more prevalent in current qemu.git. No change in semantics to the generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-13-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit f8b7f1a8eafa9f565ebecfe409e8741d38cd786b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:09 2015 -0600 qapi: Consistent generated code: prefer visitor 'v' We had some pointless differences in the generated code for visit, command marshalling, and events; unifying them makes it easier for future patches to consolidate to common helper functions. This is one patch of a series to clean up these differences. This patch names the local visitor variable 'v' rather than 'm'. Related objects, such as 'QapiDeallocVisitor', are also named by their initials instead of an unrelated leading m. No change in semantics to the generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-12-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 2a0f50e8d973b01eda4c63bac4a5c79ea0f584ef Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:08 2015 -0600 qapi: Consistent generated code: prefer error 'err' We had some pointless differences in the generated code for visit, command marshalling, and events; unifying them makes it easier for future patches to consolidate to common helper functions. This is one patch of a series to clean up these differences. This patch consistently names the local error variable 'err' rather than 'local_err'. No change in semantics to the generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-11-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 376863ef4895ae709aadb6f26365a5973310ef09 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:07 2015 -0600 qapi: Reuse code for flat union base validation Rather than open-code the check for a valid base type, we should reuse the common functionality. This allows for consistent error messages, and also makes it easier for a later patch to turn on support for inline anonymous base structures. Test flat-union-inline is updated to test only one feature (anonymous branch dictionaries), which can be implemented independently (test flat-union-bad-base already covers the idea of an anonymous base dictionary). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-10-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 9c51b4412959c5331a8a931d848c4b755b5bb36a Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:06 2015 -0600 qapi: Test use of 'number' within alternates Add some testsuite exposure for use of a 'number' as part of an alternate. The current state of the tree has a few bugs exposed by this: our input parser depends on the ordering of how the qapi schema declared the alternate, and the parser does not accept integers for a 'number' in an alternate even though it does for numbers outside of an alternate. Mixing 'int' and 'number' in the same alternate is unusual, since both are supplied by json-numbers, but there does not seem to be a technical reason to forbid it given that our json lexer distinguishes between json-numbers that can be represented as an int vs. those that cannot. Improve the existing test_visitor_in_alternate() to match the style of the new test_visitor_in_alternate_number(), and to ensure full coverage of all possible qtype parsing. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-9-git-send-email-eblake@xxxxxxxxxx> [Eric's follow-up fixes squashed in] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 8d25dd101f759425456b8005b3180062689d71e7 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:05 2015 -0600 qapi: Add tests for empty unions The documentation claims that alternates are useful for allowing two or more types, although nothing enforces this. Meanwhile, it is silent on whether empty unions are allowed. In practice, the generated code will compile, in part because we have a 'void *data' branch; but attempting to visit such a type will cause an abort(). While there's no technical reason that a degenerate union could not be made to work, it's harder to justify the time spent in chasing known (the current abort() during visit) and unknown corner cases, than it would be to just outlaw them. A future patch will probably take the approach of forbidding them; in the meantime, we can at least add testsuite coverage to make it obvious where things stand. In addition to adding tests to expose the problems, we also need to adjust existing tests that are meant to test something else, but which could fail for the wrong reason if we reject degenerate alternates/unions. Note that empty structs are explicitly supported (for example, right now they are the only way to specify that one branch of a flat union adds no additional members), and empty enums are covered by the testsuite as working (even if they do not seem to have much use). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-8-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 7b2a5c2f9a52c4a08630fa741052f03fe5d3cc8a Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:04 2015 -0600 qapi: Avoid assertion failure on union 'type' collision The previous commit added two tests that triggered an assertion failure. It's fairly straightforward to avoid the failure by just outright forbidding the collision between a union's tag values and its discriminator name (including the implicit name 'kind' supplied for simple unions [*]). Ultimately, we'd like to move the collision detection into QAPISchema*.check(), but for now it is easier just to enhance the existing checks. [*] Of course, down the road, we have plans to rename the simple union tag name to 'type' to match the QMP wire name, but the idea of the collision will still be present even then. Technically, we could avoid the collision by naming the C union members representing each enum value as '_case_value' rather than 'value'; but until we have an actual qapi client (and not just our testsuite) that has a legitimate reason to match a case label to the name of a QMP key and needs the name munging to satisfy the compiler, it's easier to just reject the qapi as invalid. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-7-git-send-email-eblake@xxxxxxxxxx> [Polished a few comments] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit d220fbcd1db2097de5ff3037e85317fcb5433e4e Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:03 2015 -0600 qapi: Test for various name collisions Expose some weaknesses in the generator: we don't always forbid the generation of structs that contain multiple members that map to the same C or QMP name. This has already been marked FIXME in qapi.py in commit d90675f, but having more tests will make sure future patches produce desired behavior; and updating existing patches to better document things doesn't hurt, either. Some of these collisions are already caught in the old-style parser checks, but ultimately we want all collisions to be caught in the new-style QAPISchema*.check() methods. This patch focuses on C struct members, and does not consider collisions between commands and events (affecting C function names), or even collisions between generated C type names with user type names (for things like automatic FOOList struct representing array types or FOOKind for an implicit enum). There are two types of struct collisions we want to catch: 1) Collision between two keys in a JSON object. qapi.py prevents that within a single struct (see test duplicate-key), but it is possible to have collisions between a type's members and its base type's members (existing tests struct-base-clash, struct-base-clash-deep), and its flat union variant members (renamed test flat-union-clash-member). 2) Collision between two members of the C struct that is generated for a given QAPI type: a) Multiple QAPI names map to the same C name (new test args-name-clash) b) A QAPI name maps to a C name that is used for another purpose (new tests flat-union-clash-branch, struct-base-clash-base, union-clash-data). We already fixed some such cases in commit 0f61af3e and 1e6c1616, but more remain. c) Two C names generated for other purposes clash (updated test alternate-clash, new test union-clash-branches, union-clash-type, flat-union-clash-type) Ultimately, if we need to have a flat union where a tag value clashes with a base member name, we could change the generator to name the union (using 'foo.u.value' rather than 'foo.value') or otherwise munge the C name corresponding to tag values. But unless such a need arises, it will probably be easier to just forbid these collisions. Some of these negative tests will be deleted later, and positive tests added to qapi-schema-test.json in their place, when the generator code is reworked to avoid particular code generation collisions in class 2). [Note that viewing this patch with git rename detection enabled may see some confusion due to renaming some tests while adding others, but where the content is similar enough that git picks the wrong pre- and post-patch files to associate] Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-6-git-send-email-eblake@xxxxxxxxxx> [Improve commit message and comments a bit, drop an unrelated test] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 437db2549be383e52acad6cd4bf2862e98fdfc93 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:02 2015 -0600 qapi: Clean up qapi.py per pep8 Silence pep8, and make pylint a bit happier. Just style cleanups, plus killing a useless comment in camel_to_upper(); no semantic changes. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-5-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 59b00542659c8947f9d4e8c28d2d528ab3ab61a5 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:01 2015 -0600 qapi: Invoke exception superclass initializer pylint recommends that every exception class should explicitly invoke the superclass __init__, even though things seem to work fine without it. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-4-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 7408fb67c0f9403f6e40aecf97cf798fc14e2cd8 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:00 2015 -0600 qapi: Improve 'include' error message Use of '"...%s" % include' to print non-strings can lead to ugly messages, such as this (if the .json change is applied without the qapi.py change): Expected a file name (string), got: OrderedDict() Better is to just omit the actual non-string value in the message. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-3-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 1ffe818a395cb883746f3baf8d9a0b6988375e8b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:20:59 2015 -0600 qapi: Sort qapi-schema tests Recent changes to qapi have provided quite a bit of churn in the makefile, because we are inconsistent on what order test names appear in, and on whether to re-wrap the list of tests or just add arbitrary line lengths. Writing the list in a sorted fashion, one test per line, will make future patches easier to see what tests are being added or removed by a patch. Although it is tempting to use $(wildcard qapi-schema/*.json) for a more compact listing, such an approach would risk picking up leftover garbage .json files in the directory; so keeping the list explicit is safer for ensuring reproducible tarballs and test results. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-2-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ac4abb9aeb734f36eb90b149b9eed0cc8fdb2872 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Sep 24 18:11:57 2015 +0200 MAINTAINERS: Specify QAPI include and test files Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1443111117-29831-4-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 7735d2b50477b171446b38efd2d8866d3c966162 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Sep 24 18:11:56 2015 +0200 MAINTAINERS: Specify QObject include and test files Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1443111117-29831-3-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 9b89b6a2872f1473ef82acdcb64c901982e0ef88 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Sep 24 18:11:55 2015 +0200 docs: Move files from docs/qmp/ to docs/ Giving QMP its own subdirectory in docs/ is hardly worthwhile when we have just four files, and one of them isn't even in the subdirectory. Move the files from docs/qmp/ to docs/, renaming docs/qmp/README to docs/qmp-intro. Update MAINTAINERS. The new pattern also captures the fourth file docs/writing-qmp-commands.txt. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1443111117-29831-2-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit b77e7c8e99f9ac726c4eaa2fc3461fd886017dc0 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 15:35:16 2015 +0200 qemu-sockets: fix conversion of ipv4/ipv6 JSON to QemuOpts The QemuOpts-based code treats "option not set" and "option set to false" the same way for the ipv4 and ipv6 options, because it is meant to handle only the ",ipv4" and ",ipv6" substrings in hand-crafted option parsers. When converting InetSocketAddress to QemuOpts, however, it is necessary to handle all three cases (not set, set to true, set to false). Currently we are not handling all cases correctly. The rules are: * if none or both options are absent, leave things as is * if the single present option is Y, the other should be N. This can be implemented by leaving things as is, or by setting the other option to N as done in this patch. * if the single present option is N, the other should be Y. This is handled by the "else if" branch of this patch. This ensures that the ipv4 option has an effect on Windows, where creating the socket with PF_UNSPEC makes an ipv6 socket. With this patch, ",ipv4" will result in a PF_INET socket instead. Reported-by: Sair, Umair <Umair_Sair@xxxxxxxxxx> Tested-by: Sair, Umair <Umair_Sair@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5ea530491fe9ac56f75bc1833cc3fd7722b24efd Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:49:41 2015 +0200 MAINTAINERS: Add more devices to realview board Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 062710000dbd9db81277156d9bdebd96b70cd1d2 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:45:00 2015 +0200 MAINTAINERS: Add maintainer for ARM PrimeCell and integrated devices Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9b31bff02153cf86d4413c6289794175662f7c5c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:42:50 2015 +0200 MAINTAINERS: Add more pxa2xx files and boards Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Cc: Andrzej Zaborowski <balrogg@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c92451c2af29784c76527cc5484c33b4ce069d38 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:36:48 2015 +0200 MAINTAINERS: Add more Xen files Cc: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx? Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 566dd236e1e0bfe9d9bce326547f883d677cf30a Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:38:02 2015 +0200 MAINTAINERS: add two devices to the e500 section Cc: Alexander Graf <agraf@xxxxxxx> Cc: Scott Wood <scottwood@xxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3e5385fcf536fc4238eb87de55af8dd99089cad4 Author: Andy Whitcroft <apw@xxxxxxxxxxxxx> Date: Thu Oct 8 10:05:24 2015 +0200 checkpatch: port fix from kernel "## is not a valid modifier" checkpatch currently loops on fpu/softfloat.c Turns out this is fixed in the Linux version of checkpatch. So this is a port of Andy Whitcrofts fix from Linux, Original commit was commit 89a883530fe7 ("checkpatch: ## is not a valid modifier") As suggested by Peter Maydell for the QEMU version we drop the last "|" as there seems to be no need for that. (FWIW, the kernel discusion about that dried out: http://www.spinics.net/lists/kernel/msg1944421.html ) Cc: Andy Whitcroft <apw@xxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Message-Id: <1444291524-66569-1-git-send-email-borntraeger@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b232c7857aa36d144205134c725114541630b1c2 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Tue Oct 6 14:30:57 2015 +1100 kvm-all: Align to qemu_real_host_page_size in kvm_set_phys_mem As the comment in kvm_set_phys_mem() says, KVM works in page size chunks. However it uses hardcoded TARGET_PAGE_SIZE which is 4K on most platforms while actual host may use different page size, for example, PPC64 hosts use 64K system pages. This replaces static TARGET_PAGE_SIZE with run-time calculated qemu_real_host_page_size. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Message-Id: <1444102257-17405-1-git-send-email-aik@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 88401cbc5b5730986fd5040425f5015a9cce9080 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 11 10:52:46 2015 +0200 exec: remove non-TCG stuff from exec-all.h header. The header is included from basically everywhere, thanks to cpu.h. It should be moved to the (TCG only) files that actually need it. As a start, remove non-TCG stuff. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 46eb8f98f2ce402e384d60ddd15020720994c7ca Author: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Date: Wed Sep 16 12:59:44 2015 +0300 target-i386/kvm: Hyper-V HV_X64_MSR_VP_RUNTIME support HV_X64_MSR_VP_RUNTIME msr used by guest to get "the time the virtual processor consumes running guest code, and the time the associated logical processor spends running hypervisor code on behalf of that guest." Calculation of that time is performed by task_cputime_adjusted() for vcpu task by KVM side. Signed-off-by: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Richard Henderson <rth@xxxxxxxxxxx> CC: Eduardo Habkost <ehabkost@xxxxxxxxxx> CC: "Andreas Färber" <afaerber@xxxxxxx> CC: Marcelo Tosatti <mtosatti@xxxxxxxxxx> Message-Id: <1442397584-16698-4-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8c145d7ca9b4267d2ec1eabe801c6b2aee636f1f Author: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Date: Wed Sep 16 12:59:43 2015 +0300 target-i386/kvm: set Hyper-V features cpuid bit HV_X64_MSR_VP_INDEX_AVAILABLE Hyper-V features bit HV_X64_MSR_VP_INDEX_AVAILABLE value is based on cpu option "hv-vpindex" and kernel support of HV_X64_MSR_VP_INDEX. Signed-off-by: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Richard Henderson <rth@xxxxxxxxxxx> CC: Eduardo Habkost <ehabkost@xxxxxxxxxx> CC: "Andreas Färber" <afaerber@xxxxxxx> CC: Marcelo Tosatti <mtosatti@xxxxxxxxxx> Message-Id: <1442397584-16698-3-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 744b8a9440fa2bd78ae64861667337439e25a6dc Author: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Date: Wed Sep 16 12:59:42 2015 +0300 target-i386/kvm: Hyper-V HV_X64_MSR_RESET support HV_X64_MSR_RESET msr is used by Hyper-V based Windows guest to reset guest VM by hypervisor. This msr is stateless so no migration/fetch/update is required. This code checks cpu option "hv-reset" and support by kernel. If both conditions are met appropriate Hyper-V features cpuid bit is set. Signed-off-by: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Richard Henderson <rth@xxxxxxxxxxx> CC: Eduardo Habkost <ehabkost@xxxxxxxxxx> CC: "Andreas Färber" <afaerber@xxxxxxx> CC: Marcelo Tosatti <mtosatti@xxxxxxxxxx> Message-Id: <1442397584-16698-2-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3a824b1552d68b708c161a900e2956a78d4ea466 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Oct 2 18:19:58 2015 +0200 linux-headers: update from kvm/next linux-headers/linux/vhost.h is currently out of sync with Linux. Do not touch it in this update. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5b906129524d564d61760d04586d6c2301457ead Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 5 14:45:55 2015 +0200 checkpatch: allow open braces on typedef lines The style here seems to be split according to the maintainer, but traditionally open braces were placed on typedef lines. Suggested-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 32857f4d5e165329c03d66000d666975d85f882a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 1 15:29:50 2015 +0100 exec.c: Collect AddressSpace related fields into a CPUAddressSpace struct Gather up all the fields currently in CPUState which deal with the CPU's AddressSpace into a separate CPUAddressSpace struct. This paves the way for allowing the CPU to know about more than one AddressSpace. The rearrangement also allows us to make the MemoryListener a directly embedded object in the CPUAddressSpace (it could not be embedded in CPUState because 'struct MemoryListener' isn't defined for the user-only builds). This allows us to resolve the FIXME in tcg_commit() by going directly from the MemoryListener to the CPUAddressSpace. This patch extracts the actual update of the cached dispatch pointer from cpu_reload_memory_map() (which is renamed accordingly to cpu_reloading_memory_map() as it is only responsible for breaking cpu-exec.c's RCU critical section now). This lets us keep the definition of the CPUAddressSpace struct private to exec.c. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1443709790-25180-4-git-send-email-peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 53f8a5e9e2633a4a3b6918c36aec725aa80f2887 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 1 15:29:49 2015 +0100 cpu-exec-common.c: Clarify comment about cpu_reload_memory_map()'s RCU operations The reason for cpu_reload_memory_map()'s RCU operations is not so much because the guest could make the critical section very long, but that it could have a critical section within which it made an arbitrary number of changes to the memory map and thus accumulate an unbounded amount of memory data structures awaiting reclamation. Clarify the comment to make this clearer. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1443709790-25180-3-git-send-email-peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0a1c71cec63e95f9b8d0dc96d049d2daa00c5210 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 1 15:29:48 2015 +0100 exec.c: Don't call cpu_reload_memory_map() from cpu_exec_init() Currently we call cpu_reload_memory_map() from cpu_exec_init(), but this is not necessary: * KVM doesn't use the data structures maintained by cpu_reload_memory_map() (the TLB and cpu->memory_dispatch) * for TCG, we will call this function via tcg_commit() either as soon as tcg_cpu_address_space_init() registers the listener, or when the first MemoryRegion is added to the AddressSpace if the AS is empty when we register the listener The unnecessary call is awkward for adding support for multiple address spaces per CPU, so drop it. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxx> Message-Id: <1443709790-25180-2-git-send-email-peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fec21036ff516d20721abc01ae7be99ae5bb0c7b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Sep 4 21:53:03 2015 +0200 configure: Require Python 2.6 RHEL-6 and SLES-11 provide Python 2.6. It'll also work on OS X back to 10.6. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1441396383-17304-1-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8ef2eb8d2cad7400236d6b2c152bdb5506761b4d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Sep 30 19:21:10 2015 +0200 megasas: fix megasas_get_sata_addr There are two bugs here. First, the 16-bit id loses the high 8 bits when shifted left by 24. Second, the address must be combined with an "or" or we just get zero. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 633dccb458c4eaa40107cd7026737d804f90b6c0 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Oct 1 12:59:01 2015 +0200 scsi: switch from g_slice allocator to malloc Simplify memory allocation by sticking with a single API. GSlice is not that fast anyway (tcmalloc/jemalloc are better). Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 1729404c62e1adae501feeaaf61b87262d52ae1b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Oct 1 12:59:08 2015 +0200 nbd: switch from g_slice allocator to malloc Simplify memory allocation by sticking with a single API. GSlice is not that fast anyway (tcmalloc/jemalloc are better). Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5451316ed07b758a187dedf21047bed8f843f7f1 Merge: 0bf224d 9201bb9 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Oct 12 15:52:54 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging Pull request v2: * Fix virtio 16lx -> HWADDR_PRIx format specifier [Peter] # gpg: Signature made Mon 12 Oct 2015 11:19:06 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: sdhci.c: Limit the maximum block size block: switch from g_slice allocator to malloc virtio dataplane: adapt dataplane for virtio Version 1 virtio-blk: use blk_io_plug/unplug for Linux AIO batching sdhci: Pass drive parameter to sdhci-pci via qdev property Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0bf224d5da41967a775b328234cda2d19f303908 Merge: 7684922 89b1273 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Oct 12 14:29:29 2015 +0100 Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging # gpg: Signature made Mon 12 Oct 2015 08:56:47 BST using RSA key ID 398D6211 # gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211 * remotes/jasowang/tags/net-pull-request: tests: add test cases for netfilter object netfilter: add a netbuffer filter net/queue: export qemu_net_queue_append_iov netfilter: print filter info associate with the netdev netfilter: add an API to pass the packet to next filter net/queue: introduce NetQueueDeliverFunc net: merge qemu_deliver_packet and qemu_deliver_packet_iov netfilter: hook packets before net queue send init/cleanup of netfilter object vl.c: init delayed object after net_init_clients vmxnet3: Add support for VMXNET3_CMD_GET_ADAPTIVE_RING_INFO command e1000: use alias for default model vmxnet3: Support reading IMR registers on bar0 net/vmxnet3: Refine l2 header validation Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9201bb9a8c7cd3ba2382b7db5b2e40f603e61528 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Oct 6 10:40:41 2015 -0700 sdhci.c: Limit the maximum block size It is possible for the guest to set an invalid block size which is larger then the fifo_buffer[] array. This could cause a buffer overflow. To avoid this limit the maximum size of the blksize variable. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reported-by: Intel Security ATR <secure@xxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: abe4c51f513290bbb85d1ee271cb1a3d463d7561.1444067470.git.alistair.francis@xxxxxxxxxx Suggested-by: Igor Mitsyanko <i.mitsyanko@xxxxxxxxx> Reported-by: Intel Security ATR <secure@xxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c84b31926f018af6fea2ab37a1fc47060b4bcfa1 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Oct 1 13:04:39 2015 +0200 block: switch from g_slice allocator to malloc Simplify memory allocation by sticking with a single API. GSlice is not that fast anyway (tcmalloc/jemalloc are better). Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a9718ef0005d6910097788936dc40c0204713729 Author: Pierre Morel <pmorel@xxxxxxxxxxxxxxxxxx> Date: Mon Sep 7 13:33:56 2015 +0200 virtio dataplane: adapt dataplane for virtio Version 1 Let dataplane allocate different region for the desc/avail/used ring regions. Take VIRTIO_RING_F_EVENT_IDX into account to increase the used/avail rings accordingly. [Fix 32-bit builds by changing 16lx format specifier to HWADDR_PRIx. --Stefan] Signed-off-by: Pierre Morel <pmorel@xxxxxxxxxxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Message-id: 1441625636-23773-1-git-send-email-pmorel@xxxxxxxxxxxxxxxxxx (changed __virtio16 into uint16_t, map descriptor table and available ring read-only) Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 768492239014cb5e6161f1be80a9c8043c4530c2 Merge: c9003eb 33fe968 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Oct 12 11:07:38 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-10-09' into staging Fix device introspection regressions # gpg: Signature made Fri 09 Oct 2015 14:43:41 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-monitor-2015-10-09: Revert "qdev: Use qdev_get_device_class() for -device <type>,help" qdev: Protect device-list-properties against broken devices qmp: Fix device-list-properties not to crash for abstract device device-introspect-test: New, covering device introspection libqtest: New hmp() & friends libqtest: Clean up unused QTestState member sigact_old tests: Fix how qom-test is run macio: move DBDMA_init from instance_init to realize hw: do not pass NULL to memory_region_init from instance_init memory: allow destroying a non-empty MemoryRegion virtio-input: Fix device introspection on non-Linux hosts update-linux-headers: Rename SW_MAX to SW_MAX_ Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit fc73548e444ae3239f6cef44a5200b5d2c3e85d1 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Jul 20 16:54:16 2015 +0100 virtio-blk: use blk_io_plug/unplug for Linux AIO batching The raw-posix block driver implements Linux AIO batching so multiple requests can be submitted with a single io_submit(2) system call. Batching is currently only used by virtio-scsi and virtio-blk-data-plane. Enable batching for regular virtio-blk so the number of io_submit(2) system calls is reduced for workloads with queue depth > 1. In 4KB random read performance tests with queue depth 32, the CPU utilization on the host is reduced by 9.4%. The fio job is as follows: [global] bs=4k ioengine=libaio iodepth=32 direct=1 sync=0 time_based=1 runtime=30 clocksource=gettimeofday ramp_time=5 [job1] rw=randread filename=/dev/vdb size=4096M write_bw_log=fio write_iops_log=fio write_lat_log=fio log_avg_msec=1000 This benchmark was run on an raw image on LVM. The disk was an SSD drive and -drive cache=none,aio=native was used. Tested-by: Pradeep Surisetty <psuriset@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> commit 5ec911c30ff4337d4185e29e82a254349f5a22da Author: Kevin O'Connor <kevin@xxxxxxxxxxxx> Date: Mon Aug 17 15:20:33 2015 -0400 sdhci: Pass drive parameter to sdhci-pci via qdev property Commit 19109131 disabled the sdhci-pci support because it used drive_get_next(). This patch reenables sdhci-pci and changes it to pass the drive via a qdev property - for example: -device sdhci-pci,drive=drive0 -drive id=drive0,if=sd,file=myimage Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin O'Connor <kevin@xxxxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 89b1273742f45c30927df203532fca0d9a3e1af7 Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:22 2015 +0800 tests: add test cases for netfilter object Using qtest qmp interface to implement following cases: 1) add/remove netfilter 2) add a netfilter then delete the netdev 3) add/remove more than one netfilters 4) add more than one netfilters and then delete the netdev Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 7dbb11c84f25e20301b47a77102db00d68a2c4a4 Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:21 2015 +0800 netfilter: add a netbuffer filter This filter is to buffer/release packets. Can be used when using MicroCheckpointing or other Remus like VM FT solutions. You can also use it to crudely simulate network delay. Doesn't actually delay individual packets, but batches them together, which is a delay of sorts. Usage: -netdev tap,id=bn0 -object filter-buffer,id=f0,netdev=bn0,queue=rx,interval=1000 NOTE: Interval is in microseconds, it can't be omitted currently, and can't be 0. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit b68c7f76926dee3f234ccee88f3167b640d9318e Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:20 2015 +0800 net/queue: export qemu_net_queue_append_iov This will be used by buffer filter implementation later to queue packets. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit a4960f52e7f402a4b7402ace204283de7b9d4879 Author: Yang Hongyang <burnef@xxxxxxxxx> Date: Wed Oct 7 11:52:19 2015 +0800 netfilter: print filter info associate with the netdev When execute "info network", print filter info also. add a info_str member to NetFilterState, store specific filters info. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 7ef7bc8586fb0d41742a896b532c7afa2bbb7f84 Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:18 2015 +0800 netfilter: add an API to pass the packet to next filter add an API qemu_netfilter_pass_to_next() to pass the packet to next filter. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 3e033a46a7e39ea31e15f1b53402df990977115a Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:17 2015 +0800 net/queue: introduce NetQueueDeliverFunc net/queue.c has logic to send/queue/flush packets but a qemu_deliver_packet_iov() call is hardcoded. Abstract this func so that we can use our own deliver function in netfilter. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit fefe2a78abde932e0f340b21bded2c86def1d242 Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:16 2015 +0800 net: merge qemu_deliver_packet and qemu_deliver_packet_iov qemu_deliver_packet_iov already have the compat delivery, we can drop qemu_deliver_packet. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit e64c770d1fa859bd8ee583d339b085fe345ac02b Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:15 2015 +0800 netfilter: hook packets before net queue send Capture packets that will be sent. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit fdccce4596218e49ca4d0f5d4b3f0c453bd99ba0 Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:14 2015 +0800 init/cleanup of netfilter object Add a netfilter object based on QOM. A netfilter is attached to a netdev, captures all network packets that pass through the netdev. When we delete the netdev, we also delete the netfilter object attached to it, because if the netdev is removed, the filter which attached to it is useless. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 9abce56d7b319b0c78b487720d128706272e0a0c Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:13 2015 +0800 vl.c: init delayed object after net_init_clients Init delayed object after net_init_clients, because netfilters need to be initialized after net clients initialized. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit d62241eb6da9bd2517f07b3219ba4208b90b4e0d Author: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Date: Fri Sep 18 08:55:04 2015 +0300 vmxnet3: Add support for VMXNET3_CMD_GET_ADAPTIVE_RING_INFO command Some drivers (e.g. vmware-tools) issue the VMXNET3_CMD_GET_ADAPTIVE_RING_INFO command. Currently, due to lack of support, a bogus value (-1) is returned. Support this command, returning the "adaptive-ring disabled" flag. Signed-off-by: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 8304402033e8dbe8e379017d51ed1dd8344f1dce Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Mon Sep 28 13:37:26 2015 +0800 e1000: use alias for default model Instead of duplicating the "e1000-82540em" device model as "e1000", make the latter an alias for the former. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> commit c6048f849c7e3f009786df76206e895a69de032c Author: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Date: Mon Sep 21 17:09:02 2015 +0300 vmxnet3: Support reading IMR registers on bar0 Instead of asserting, return the actual IMR register value. This is aligned with what's returned on ESXi. Signed-off-by: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Tested-by: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit a7278b36fcab9af469563bd7b9dadebe2ae25e48 Author: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> Date: Tue Aug 18 12:45:55 2015 +0300 net/vmxnet3: Refine l2 header validation Validation of l2 header length assumed minimal packet size as eth_header + 2 * vlan_header regardless of the actual protocol. This caused crash for valid non-IP packets shorter than 22 bytes, as 'tx_pkt->packet_type' hasn't been assigned for such packets, and 'vmxnet3_on_tx_done_update_stats()' expects it to be properly set. Refine header length validation in 'vmxnet_tx_pkt_parse_headers'. Check its return value during packet processing flow. As a side effect, in case IPv4 and IPv6 header validation failure, corrupt packets will be dropped. Signed-off-by: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> Signed-off-by: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit c9003eb4662f44c61be9c8d7d5c9d4a02d58b560 Merge: b37686f 925a040 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 9 17:30:03 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-virgl-20151008-1' into staging virtio-gpu: add 3d rendering support using virgl, misc fixes. ui/gtk: add opengl context and scanout support (for virtio-gpu). # gpg: Signature made Thu 08 Oct 2015 10:35:39 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-virgl-20151008-1: gtk/opengl: add opengl context and scanout support (GtkGLArea) gtk/opengl: add opengl context and scanout support (egl) opengl: add egl-context.[ch] helpers virtio-gpu: add cursor update tracepoint virtio-gpu: add 3d mode and virgl rendering support. virtio-gpu: update headers for virgl/3d virtio-gpu: change licence from GPLv2 to GPLv2+ virtio-gpu: move iov free to virtio_gpu_cleanup_mapping_iov ui/console: add opengl context and scanout support interfaces. sdl2: stop flickering shaders: initialize vertexes once Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 33fe96833015cf15f4c0aa5bf8d34f60526e0732 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 1 10:59:59 2015 +0200 Revert "qdev: Use qdev_get_device_class() for -device <type>,help" This reverts commit 31bed5509dfcbdfc293154ce81086a4dbd7a80b6. The reverted commit changed qdev_device_help() to reject abstract devices and devices that have cannot_instantiate_with_device_add_yet set, to fix crash bugs like -device x86_64-cpu,help. Rejecting abstract devices makes sense: they're purely internal, and the implementation of the help feature can't cope with them. Rejecting non-pluggable devices makes less sense: even though you can't use them with -device, the help may still be useful elsewhere, for instance with -global. This is a regression: -device FOO,help used to help even for FOO that aren't pluggable. The previous two commits fixed the crash bug at a lower layer, so reverting this one is now safe. Fixes the -device FOO,help regression, except for the broken devices marked cannot_even_create_with_object_new_yet. For those, the error message is improved. Example of a device where the regression is fixed: $ qemu-system-x86_64 -device PIIX4_PM,help PIIX4_PM.command_serr_enable=bool (on/off) PIIX4_PM.multifunction=bool (on/off) PIIX4_PM.rombar=uint32 PIIX4_PM.romfile=str PIIX4_PM.addr=int32 (Slot and optional function number, example: 06.0 or 06) PIIX4_PM.memory-hotplug-support=bool PIIX4_PM.acpi-pci-hotplug-with-bridge-support=bool PIIX4_PM.s4_val=uint8 PIIX4_PM.disable_s4=uint8 PIIX4_PM.disable_s3=uint8 PIIX4_PM.smb_io_base=uint32 Example of a device where it isn't fixed: $ qemu-system-x86_64 -device host-x86_64-cpu,help Can't list properties of device 'host-x86_64-cpu' Both failed with "Parameter 'driver' expects pluggable device type" before. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1443689999-12182-11-git-send-email-armbru@xxxxxxxxxx> commit 4c315c27661502a0813b129e41c0bf640c34a8d6 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 1 10:59:58 2015 +0200 qdev: Protect device-list-properties against broken devices Several devices don't survive object_unref(object_new(T)): they crash or hang during cleanup, or they leave dangling pointers behind. This breaks at least device-list-properties, because qmp_device_list_properties() needs to create a device to find its properties. Broken in commit f4eb32b "qmp: show QOM properties in device-list-properties", v2.1. Example reproducer: $ qemu-system-aarch64 -nodefaults -display none -machine none -S -qmp stdio {"QMP": {"version": {"qemu": {"micro": 50, "minor": 4, "major": 2}, "package": ""}, "capabilities": []}} { "execute": "qmp_capabilities" } {"return": {}} { "execute": "device-list-properties", "arguments": { "typename": "pxa2xx-pcmcia" } } qemu-system-aarch64: /home/armbru/work/qemu/memory.c:1307: memory_region_finalize: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed. Aborted (core dumped) [Exit 134 (SIGABRT)] Unfortunately, I can't fix the problems in these devices right now. Instead, add DeviceClass member cannot_destroy_with_object_finalize_yet to mark them: * Hang during cleanup (didn't debug, so I can't say why): "realview_pci", "versatile_pci". * Dangling pointer in cpus: most CPUs, plus "allwinner-a10", "digic", "fsl,imx25", "fsl,imx31", "xlnx,zynqmp", because they create such CPUs * Assert kvm_enabled(): "host-x86_64-cpu", host-i386-cpu", "host-powerpc64-cpu", "host-embedded-powerpc-cpu", "host-powerpc-cpu" (the powerpc ones can't currently reach the assertion, because the CPUs are only registered when KVM is enabled, but the assertion is arguably in the wrong place all the same) Make qmp_device_list_properties() fail cleanly when the device is so marked. This improves device-list-properties from "crashes, hangs or leaves dangling pointers behind" to "fails". Not a complete fix, just a better-than-nothing work-around. In the above reproducer, device-list-properties now fails with "Can't list properties of device 'pxa2xx-pcmcia'". This also protects -device FOO,help, which uses the same machinery since commit ef52358 "qdev-monitor: include QOM properties in -device FOO, help output", v2.2. Example reproducer: $ qemu-system-aarch64 -machine none -device pxa2xx-pcmcia,help Before: qemu-system-aarch64: .../memory.c:1307: memory_region_finalize: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed. After: Can't list properties of device 'pxa2xx-pcmcia' Cc: "Andreas Färber" <afaerber@xxxxxxx> Cc: "Edgar E. Iglesias" <edgar.iglesias@xxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Cc: Anthony Green <green@xxxxxxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Cc: Blue Swirl <blauwirbel@xxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Cc: Guan Xuetao <gxt@xxxxxxxxxxxxxxx> Cc: Jia Liu <proljc@xxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Cc: Max Filippov <jcmvbkbc@xxxxxxxxx> Cc: Michael Walle <michael@xxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: qemu-ppc@xxxxxxxxxx Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1443689999-12182-10-git-send-email-armbru@xxxxxxxxxx> commit edb1523d90415cb79f60f83b4028ef3820d15612 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 1 10:59:57 2015 +0200 qmp: Fix device-list-properties not to crash for abstract device Broken in commit f4eb32b "qmp: show QOM properties in device-list-properties", v2.1. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Message-Id: <1443689999-12182-9-git-send-email-armbru@xxxxxxxxxx> commit 2d1abb850fd15fd6eb75a92290be5f93b2772ec5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 1 10:59:56 2015 +0200 device-introspect-test: New, covering device introspection The test doesn't check that the output makes any sense, only that QEMU survives. Useful since we've had an astounding number of crash bugs around there. In fact, we have a bunch of them right now: a few devices crash or hang, and some leave dangling pointers behind. The test skips testing the broken parts. The next commits will fix them up, and drop the skipping. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443689999-12182-8-git-send-email-armbru@xxxxxxxxxx> commit 5fb48d9673b76fc53507a0e717a12968e57d846e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 1 10:59:55 2015 +0200 libqtest: New hmp() & friends New convenience function hmp() to facilitate use of human-monitor-command in tests. Use it to simplify its existing uses. To blend into existing libqtest code, also add qtest_hmpv() and qtest_hmp(). That, and the egregiously verbose GTK-Doc comment format make this patch look bigger than it is. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Message-Id: <1443689999-12182-7-git-send-email-armbru@xxxxxxxxxx> commit 82b15c7bdbda6207d1fee2ec824432e64af3ecb4 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 1 10:59:54 2015 +0200 libqtest: Clean up unused QTestState member sigact_old Unused since commit d766825. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443689999-12182-6-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> commit e253c287153c6f3ce4177686ac12c196f9bd8292 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 1 10:59:53 2015 +0200 tests: Fix how qom-test is run We want to run qom-test for every architecture, without having to manually add it to every architecture's list of tests. Commit 3687d53 accomplished this by adding it to every architecture's list automatically. However, some architectures inherit their tests from others, like this: check-qtest-x86_64-y = $(check-qtest-i386-y) check-qtest-microblazeel-y = $(check-qtest-microblaze-y) check-qtest-xtensaeb-y = $(check-qtest-xtensa-y) For such architectures, we ended up running the (slow!) test twice. Commit 2b8419c attempted to avoid this by adding the test only when it's not already present. Works only as long as we consider adding the test to the architectures on the left hand side *after* the ones on the right hand side: x86_64 after i386, microblazeel after microblaze, xtensaeb after xtensa. Turns out we consider them in $(SYSEMU_TARGET_LIST) order. Defined as SYSEMU_TARGET_LIST := $(subst -softmmu.mak,,$(notdir \ $(wildcard $(SRC_PATH)/default-configs/*-softmmu.mak))) On my machine, this results in the oder xtensa, x86_64, microblazeel, microblaze, i386. Consequently, qom-test runs twice for microblazeel and x86_64. Replace this complex and flawed machinery with a much simpler one: add generic tests (currently just qom-test) to check-qtest-generic-y instead of check-qtest-$(target)-y for every target, then run $(check-qtest-generic-y) for every target. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Message-Id: <1443689999-12182-5-git-send-email-armbru@xxxxxxxxxx> commit c7104402353bf32ac1d3a276e3619a20e910506b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Oct 1 10:59:52 2015 +0200 macio: move DBDMA_init from instance_init to realize DBDMA_init is not idempotent, and calling it from instance_init breaks a simple object_new/object_unref pair. Work around this, pending qdev-ification of DBDMA, by moving the call to realize. Reported-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1443689999-12182-4-git-send-email-armbru@xxxxxxxxxx> commit 81e0ab48dda611e9571dc2e166840205a4208567 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Oct 1 10:59:51 2015 +0200 hw: do not pass NULL to memory_region_init from instance_init This causes the region to outlive the object, because it attaches the region to /machine. This is not nice for the "realize" method, but much worse for "instance_init" because it can cause dangling pointers after a simple object_new/object_unref pair. Reported-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1443689999-12182-3-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> commit 2e2b8eb70fdb7dfbec39f3a19b20f9a73f2f813e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Oct 1 10:59:50 2015 +0200 memory: allow destroying a non-empty MemoryRegion This is legal; the MemoryRegion will simply unreference all the existing subregions and possibly bring them down with it as well. However, it requires a bit of care to avoid an infinite loop. Finalizing a memory region cannot trigger an address space update, but memory_region_del_subregion errs on the side of caution and might trigger a spurious update: avoid that by resetting mr->enabled first. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1443689999-12182-2-git-send-email-armbru@xxxxxxxxxx> commit c6047e9621f77a65993bcda8f58b676996e24bb5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 8 18:11:40 2015 +0200 virtio-input: Fix device introspection on non-Linux hosts When CONFIG_LINUX is off, devices "virtio-keyboard-device", "virtio-mouse-device", "virtio-tablet-device" and "virtio-input-host-device" aren't compiled in, yet "virtio-keyboard-pci", "virtio-mouse-pci", "virtio-tablet-pci" and "virtio-input-host-pci" still are. Attempts to introspect them crash, e.g. $ qemu-system-x86_64 -device virtio-tablet-pci,help ** ERROR:/work/armbru/qemu/qom/object.c:333:object_initialize_with_type: assertion failed: (type != NULL) Broken in commit 710e2d9 and commit 006a5ed. Fix by compiling the "virtio-FOO-pci" exactly when compiling the "virtio-FOO-device": compile "virtio-keyboard-device", "virtio-mouse-device", "virtio-tablet-device" regardless of CONFIG_LINUX, and compile "virtio-input-host-pci" only for CONFIG_LINUX. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Message-Id: <1444320700-26260-3-git-send-email-armbru@xxxxxxxxxx> commit ac98fa849e834f48e5a64cf4b22218ba4047e142 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 8 18:11:39 2015 +0200 update-linux-headers: Rename SW_MAX to SW_MAX_ The next commit will compile hw/input/virtio-input.c and hw/input/virtio-input-hid.c even when CONFIG_LINUX is off. These files include both "include/standard-headers/linux/input.h" and <windows.h> then. Doesn't work, because both define SW_MAX. We don't actually use it. Patch input.h to define SW_MAX_ instead. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444320700-26260-2-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit b37686f7e84b22cfaf7fd01ac5133f2617cc3027 Merge: 8be6e62 98cf48f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 9 12:18:13 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging # gpg: Signature made Fri 09 Oct 2015 10:15:13 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/tracing-pull-request: trace: remove malloc tracing docs: update the usage example of "dtrace" backend in tracing.txt Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8be6e623a28497d1dcd10547a573c9143ece525c Merge: 1d27b91 deb847b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 9 10:45:09 2015 +0100 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-10-08' into staging trivial patches for 2015-10-08 # gpg: Signature made Thu 08 Oct 2015 17:51:05 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-10-08: tests: Unique test path for /string-visitor/output linux-user: Remove type casts to union type linux-user: Use g_new() & friends where that makes obvious sense rocker: Use g_new() & friends where that makes obvious sense .travis.yml: Run make check for all targets, not just some hw: char: Remove unnecessary variable hw: timer: Remove unnecessary variable qapi: add missing @ MAINTAINERS: Add NSIS file for W32, W64 hosts target-ppc: Remove unnecessary variable target-microblaze: Remove unnecessary variable s/cpu_get_real_ticks/cpu_get_host_ticks/ pc: check for underflow in load_linux pci-assign: do not include sys/io.h block/ssh: remove dead code imx_serial: Generate interrupt on tx empty if enabled sdhci: Change debug prints to compile unconditionally sdhci: use PRIx64 for uint64_t type Add .dir-locals.el file to configure emacs coding style Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 98cf48f60aa4999f5b2808569a193a401a390e6a Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Sep 16 17:38:44 2015 +0200 trace: remove malloc tracing The malloc vtable is not supported anymore in glib, because it broke when constructors called g_malloc. Remove tracing of g_malloc, g_realloc and g_free calls. Note that, for systemtap users, glib also provides tracepoints glib.mem_alloc, glib.mem_free, glib.mem_realloc, glib.slice_alloc and glib.slice_free. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1442417924-25831-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 2e4ccbbc64b212c4d1c7008ca58e141d6a984494 Author: Lin Ma <lma@xxxxxxxx> Date: Fri Sep 11 14:58:50 2015 +0800 docs: update the usage example of "dtrace" backend in tracing.txt The usage example of dtrace is quite ancient, We have tracetool.py with different parameters instead of the original tracetool shell script for a long time, So update the old information. Signed-off-by: Lin Ma <lma@xxxxxxxx> Message-id: 1441954730-17341-1-git-send-email-lma@xxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit deb847bfba7ee0ab8151842f5e9cb12d4daad3a3 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Mon Oct 5 12:04:20 2015 +0100 tests: Unique test path for /string-visitor/output Newer GLib's want unique test paths, and thus moan at dupes. (Seen on Fedora 23 which has glib 2.46) Uniquify the paths. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit d1c002b6ae2dc81d97bbe23fe65e1960abdba9a4 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Sun Feb 8 15:40:58 2015 +0100 linux-user: Remove type casts to union type Casting to a union type is a gcc (and clang) extension. Other compilers might not support it. This is not a problem today, but the type casts can be removed easily. Smatch now no longer complains like before: linux-user/syscall.c:3190:18: warning: cast to non-scalar linux-user/syscall.c:7348:44: warning: cast to non-scalar Cc: Riku Voipio <riku.voipio@xxxxxx> Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit c78d65e8a7d87badf46eda3a0b41330f5d239132 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Sep 14 13:53:03 2015 +0200 linux-user: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 778358d0a8f74a76488daea3c1b6fb327d8135b4 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Sep 14 13:52:23 2015 +0200 rocker: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patchas in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Acked-by: Jiri Pirko <jiri@xxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Jiri Pirko <jiri@xxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit cb157af23833ca0762125f34b3fe73cfdbac297e Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 23 15:27:12 2015 +1000 .travis.yml: Run make check for all targets, not just some ed173cb ".travis.yml: remove "make check" from main matrix" stopped running make check for all the Travis build targets for various reasons. It continued to run make check on one Travis build, which builds for a big list of all (? nearly all) our supported softmmu targets. Unfortunately, due to a spacing / quoting error it only actually builds for the alpha, arm, aarch64 and cris targets. Specifically, the list of targets is split over several lines. Even with YAML folding, this will leave spaces in the list, meaning $TARGETS won't have the value we need. I had a look at the YAML spec and I couldn't quickly see a way of splitting the list so that it doesn't end up with spaces, so this patch fixes the problem by putting the whole list on one huge line. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 65cb2a14cacbc08c754f3cb41436fe6ece46593a Author: Shraddha Barke <shraddha.6596@xxxxxxxxx> Date: Fri Sep 25 20:06:02 2015 +0530 hw: char: Remove unnecessary variable Compress lines and remove the variable. Signed-off-by: Shraddha Barke <shraddha.6596@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit bf5f78efed26054c2ce71e6f4c30ece13bf06e87 Author: Shraddha Barke <shraddha.6596@xxxxxxxxx> Date: Fri Sep 25 20:06:03 2015 +0530 hw: timer: Remove unnecessary variable Compress lines and remove the variable. Signed-off-by: Shraddha Barke <shraddha.6596@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f169f8fbca3999fe59f37a86822f305f7292949d Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Sep 25 16:03:30 2015 +0200 qapi: add missing @ Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 885bdc95b165dc2b63bdc756be4919e948b9d27b Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Fri Sep 25 22:25:32 2015 +0200 MAINTAINERS: Add NSIS file for W32, W64 hosts The NSIS installer configuration is maintained by me. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f9b8e7f63acf9418238444aec654aba249a334ba Author: Shraddha Barke <shraddha.6596@xxxxxxxxx> Date: Fri Sep 25 14:07:58 2015 +0530 target-ppc: Remove unnecessary variable Compress lines and remove the variable. Signed-off-by: Shraddha Barke <shraddha.6596@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 738c8b01ba4d020ee42c72e83a6aa3d9408a2530 Author: Shraddha Barke <shraddha.6596@xxxxxxxxx> Date: Fri Sep 25 14:07:56 2015 +0530 target-microblaze: Remove unnecessary variable Compress lines and remove the variable. Signed-off-by: Shraddha Barke <shraddha.6596@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 4a7428c5a7e82f4dde3646e4a8cc8e54f3257e2a Author: Christopher Covington <cov@xxxxxxxxxxxxxx> Date: Fri Sep 25 10:42:21 2015 -0400 s/cpu_get_real_ticks/cpu_get_host_ticks/ This should help clarify the purpose of the function that returns the host system's CPU cycle count. Signed-off-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> ppc portion Acked-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ec5fd402645fd4f03d89dcd5840b0e8542549e82 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Sep 14 12:07:22 2015 +0200 pc: check for underflow in load_linux If (setup_size+1)*512 is small enough, kernel_size -= setup_size can allocate a huge amount of memory. Avoid that. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 16033ba577059c5675e4c786234c46027380c29b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 15 10:47:36 2015 +0200 pci-assign: do not include sys/io.h This file does not exist on bionic libc and the functions it defines are in fact not used by pci-assign.c. Remove it. Reported-by: Houcheng Lin <houcheng@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit eab2ac9d3c1675a58989000c2647aa33e440906a Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Sep 14 13:12:34 2015 +0200 block/ssh: remove dead code The "err" label cannot be reached with qp != NULL. Remove the free-ing of qp and avoid future regressions by removing the initializer. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> ACKed-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit dc1442204a2235b1ad0c4bdceb3580c97f71f1b5 Author: Guenter Roeck <linux@xxxxxxxxxxxx> Date: Thu Aug 20 08:52:35 2015 -0700 imx_serial: Generate interrupt on tx empty if enabled Generate an interrupt if the tx buffer is empty and the tx empty interrupt is enabled. This fixes a problem seen when running a Linux image since Linux commit 55c3cb1358e ("serial: imx: remove unneeded imx_transmit_buffer() from imx_start_tx()"). Linux now waits for the tx empty interrupt before starting to send data, causing transmit stalls until there is an interrupt for another reason. Signed-off-by: Guenter Roeck <linux@xxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 7af0fc994e85c0ff16eda6d7e328427b02a01008 Author: Sai Pavan Boddu <sai.pavan.boddu@xxxxxxxxxx> Date: Mon Sep 7 23:36:41 2015 +0530 sdhci: Change debug prints to compile unconditionally Conditional compilation hides few type mismatch warnings, fix it to compile unconditionally. Signed-off-by: Sai Pavan Boddu <saipava@xxxxxxxxxx> Suggested-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit be9c5ddeabb73e9dee2d6922c03ffee4e1f4c8ec Author: Sai Pavan Boddu <sai.pavan.boddu@xxxxxxxxxx> Date: Mon Sep 7 23:36:40 2015 +0530 sdhci: use PRIx64 for uint64_t type Fix compile time warnings, because of type mismatch for unsigned long long type. Signed-off-by: Sai Pavan Boddu <saipava@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 91288a58a550be4dc80628456d5e1d2e91424827 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Thu Jun 4 14:30:07 2015 +0100 Add .dir-locals.el file to configure emacs coding style Some default emacs setups indent by 2 spaces and uses tabs which is counter to the QEMU coding style rules. Adding a .dir-locals.el file in the top level of the GIT repo will inform emacs about the QEMU coding style, and so assist contributors in avoiding common style mistakes before they submit patches. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 1d27b91723c252d9a97151dc1959cfd89c5816cb Merge: 31c9bd1 508ce5e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 8 16:50:34 2015 +0100 Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20151007.0' into staging VFIO updates 2015-10-07 - Change platform device IRQ setup sequence for compatibility with upcoming IRQ forwarding (Eric Auger) - Extensions to support vfio-pci devices on spapr-pci-host-bridge (David Gibson) [clang problem patch dropped] # gpg: Signature made Wed 07 Oct 2015 16:30:52 BST using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex@xxxxxxxxxxx>" # gpg: aka "Alex Williamson <alwillia@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex.l.williamson@xxxxxxxxx>" * remotes/awilliam/tags/vfio-update-20151007.0: vfio: Allow hotplug of containers onto existing guest IOMMU mappings memory: Allow replay of IOMMU mapping notifications vfio: Record host IOMMU's available IO page sizes vfio: Check guest IOVA ranges against host IOMMU capabilities vfio: Generalize vfio_listener_region_add failure path vfio: Remove unneeded union from VFIOContainer hw/vfio/platform: do not set resamplefd for edge-sensitive IRQS hw/vfio/platform: change interrupt/unmask fields into pointer hw/vfio/platform: irqfd setup sequence update Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 31c9bd164ddb653915b9029ba0edd40cd57530d9 Merge: ca4e4b8 126d89e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 8 15:33:56 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20151007' into staging Do away with TB retranslation # gpg: Signature made Wed 07 Oct 2015 10:42:08 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20151007: (26 commits) tcg: Adjust CODE_GEN_AVG_BLOCK_SIZE tcg: Check for overflow via highwater mark tcg: Allocate a guard page after code_gen_buffer tcg: Emit prologue to the beginning of code_gen_buffer tcg: Remove tcg_gen_code_search_pc tcg: Remove gen_intermediate_code_pc tcg: Save insn data and use it in cpu_restore_state_from_tb tcg: Pass data argument to restore_state_to_opc tcg: Add TCG_MAX_INSNS target-*: Drop cpu_gen_code define tcg: Merge cpu_gen_code into tb_gen_code target-sparc: Add npc state to insn_start target-sparc: Remove gen_opc_jump_pc target-sparc: Split out gen_branch_n target-sparc: Tidy gen_branch_a interface target-cris: Mirror gen_opc_pc into insn_start target-sh4: Add flags state to insn_start target-s390x: Add cc_op state to insn_start target-mips: Add delayed branch state to insn_start target-i386: Add cc_op state to insn_start ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ca4e4b82848982311a40d0937c1de9db1108fdb0 Merge: fb6345f fec7daa Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 8 13:37:04 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tile-20151007' into staging Collected patches # gpg: Signature made Wed 07 Oct 2015 10:30:17 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tile-20151007: target-tilegx: Support iret instruction and related special registers target-tilegx: Use TILEGX_EXCP_OPCODE_UNKNOWN and TILEGX_EXCP_OPCODE_UNIMPLEMENTED correctly target-tilegx: Implement v2mults instruction target-tilegx: Implement v?int_* instructions. target-tilegx: Implement v2sh* instructions target-tilegx: Handle nofault prefetch instructions target-tilegx: Fix a typo for mnemonic about "ld_add" target-tilegx: Use TILEGX_EXCP_SIGNAL instead of TILEGX_EXCP_SEGV target-tilegx: Decode ill pseudo-instructions linux-user/tilegx: Implement tilegx signal features linux-user/syscall_defs.h: Sync the latest si_code from Linux kernel target-tilegx: Let x1 pipe process bpt instruction only target-tilegx: Implement complex multiply instructions target-tilegx: Implement table index instructions target-tilegx: Implement crc instructions target-tilegx: Implement v1multu instruction target-tilegx: Implement v*add and v*sub instructions target-tilegx: Implement v*shl, v*shru, and v*shrs instructions target-tilegx: Tidy simd_helper.c Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit fb6345f452ba7cefb395389abb17d0af0e42c54b Merge: eed2df6 32532f2 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 8 11:28:17 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging NUMA queue, 2015-10-06 # gpg: Signature made Tue 06 Oct 2015 20:53:42 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" * remotes/ehabkost/tags/numa-pull-request: pc-dimm: Fail realization for invalid nodes in non-NUMA config Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 925a04000231ad865770ba227876ba518ac3e479 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue May 26 12:26:21 2015 +0200 gtk/opengl: add opengl context and scanout support (GtkGLArea) This allows virtio-gpu to render in 3d mode. Uses native opengl support which is present in gtk versions 3.16 and newer. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 4782aeb79fbcb70bb96b52f6d9bc7cadb3cf7d58 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri May 8 11:30:51 2015 +0200 gtk/opengl: add opengl context and scanout support (egl) This allows virtio-gpu to render in 3d mode. Uses egl, for gtk versions 3.14 and older. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 6c18744d0f99138cb19cd9d1241d7b11c478a944 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Apr 29 10:08:04 2015 +0200 opengl: add egl-context.[ch] helpers Add helper functions to manage opengl contexts using egl. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit e9c1b459f28fb4dce52dd5afa6a1ad7fb00ee5e2 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 2 08:30:27 2015 +0200 virtio-gpu: add cursor update tracepoint Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 9d9e152136bdaa75ea98e5c2105f2a7127e369eb Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jul 11 12:51:43 2014 +0200 virtio-gpu: add 3d mode and virgl rendering support. Add virglrenderer library detection. Add 3d mode to virtio-gpu, wire up virglrenderer library. When in 3d mode render using the new context management and texture scanout callbacks. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit bc79e96442283471c92c8ea7ae15563274f7b0cb Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri May 22 15:38:33 2015 +0200 virtio-gpu: update headers for virgl/3d Sync with linux kernel headers with virgl/3d patches applied. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 2e2521452e28399dbc6fecec56d5bbb29f9b6796 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 16 09:15:15 2015 +0200 virtio-gpu: change licence from GPLv2 to GPLv2+ Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 7f3be0f20ff8d976ab982cc06026cac0600f1fb6 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Sep 15 09:23:14 2015 +0200 virtio-gpu: move iov free to virtio_gpu_cleanup_mapping_iov For symmetry reasons: virtio_gpu_create_mapping_iov() allocates it so virtio_gpu_cleanup_mapping_iov() should free it, otherwise it's easy to miss a free() needed and leak memory. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 06020b950c0a6a73cbee0527af846b05679c937a Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jul 11 13:56:51 2014 +0200 ui/console: add opengl context and scanout support interfaces. Add callbacks for opengl context management and scanout texture configuration to DisplayChangeListenerOps. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 136a8d9d444560f71fca89f27475cfeaffa19cf3 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jun 12 12:16:02 2015 +0200 sdl2: stop flickering Optimizing updates by copying the dirty rectangle only do not work because of double-buffering. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit c046d8284474a0f7763dea849433bde37a69023d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jul 10 14:40:01 2015 +0200 shaders: initialize vertexes once Create a buffer for the vertex data and place vertexes there at initialization time. Then just use the buffer for each texture blit. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 126d89e8cdfa3be15d51f76906eaccbcd0023f98 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Sep 26 09:23:42 2015 -0700 tcg: Adjust CODE_GEN_AVG_BLOCK_SIZE At present, the "average" guestimate of TB size is way too small, leading to many unused entries in the pre-allocated TB array. For a guest with 1GB ram, we're currently allocating 256MB for the array. Survey arm, alpha, aarch64, ppc, sparc, i686, x86_64 guests running on x86_64 and ppc64 hosts and select a new average. The size of the array drops to 81MB with no more flushing than before. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit b125f9dc7bd68cd4c57189db4da83b0620b28a72 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 22 13:01:15 2015 -0700 tcg: Check for overflow via highwater mark We currently pre-compute an worst case code size for any TB, which works out to be 122kB. Since the average TB size is near 1kB, this wastes quite a lot of storage. Instead, check for overflow in between generating code for each opcode. The overhead of the check isn't measurable and wastage is minimized. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit f293709c6af7a65a9bcec09cdba7a60183657a3e Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Sep 19 12:03:15 2015 -0700 tcg: Allocate a guard page after code_gen_buffer This will catch any overflow of the buffer. Add a native win32 alternative for alloc_code_gen_buffer; remove the malloc alternative. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 8163b74938d8b7d12e70597c4553dd0dc49443d5 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Sep 18 23:43:05 2015 -0700 tcg: Emit prologue to the beginning of code_gen_buffer By putting the prologue at the end, we risk overwriting the prologue should our estimate of maximum TB size. Given the two different placements of the call to tcg_prologue_init, move the high water mark computation into tcg_prologue_init. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 04fe64000162c45d8974da9ca4d266f8d0e67eb7 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 1 20:07:48 2015 -0700 tcg: Remove tcg_gen_code_search_pc It's no longer used, so tidy up everything reached by it. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 4e5e1215156662b2b153255c49d4640d82c5568b Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 1 20:01:40 2015 -0700 tcg: Remove gen_intermediate_code_pc It is no longer used, so tidy up everything reached by it. This includes the gen_opc_* arrays, the search_pc parameter and the inline gen_intermediate_code_internal functions. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit fca8a500d519a56abeaedf8073167a61d3c6b9c4 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 1 19:11:45 2015 -0700 tcg: Save insn data and use it in cpu_restore_state_from_tb We can now restore state without retranslation. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit bad729e272387de7dbfa3ec4319036552fc6c107 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 1 15:51:12 2015 -0700 tcg: Pass data argument to restore_state_to_opc The gen_opc_* arrays are already redundant with the data stored in the insn_start arguments. Transition restore_state_to_opc to use data from the latter. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 190ce7fbc79fd0883a6170d7f30da59d366e6830 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 31 14:34:41 2015 -0700 tcg: Add TCG_MAX_INSNS Adjust all translators to respect it. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit dc03246cc377268db63abc8c5663ef571aec2eea Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Aug 27 18:18:09 2015 -0700 target-*: Drop cpu_gen_code define This symbol no longer exists. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit fec88f64bda27846add83e924c8f4def9d94e068 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Aug 27 18:17:40 2015 -0700 tcg: Merge cpu_gen_code into tb_gen_code As it's only caller, this tidies things a bit. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit a3d5ad761cafc669e25f4185e63d8d758a989135 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 31 13:30:52 2015 -0700 target-sparc: Add npc state to insn_start Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 6c42444f9a53b6af39d46008cb9f650b11e96cb9 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 31 13:24:44 2015 -0700 target-sparc: Remove gen_opc_jump_pc Since jump_pc[1] is always npc + 4, we can infer after incrementing that jump_pc[1] == pc + 4. Because of that, we can encode the branch destination into a single word, and store that in npc. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2bf2e019ed0a6349220620240c0ba807846793b9 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 31 13:01:47 2015 -0700 target-sparc: Split out gen_branch_n Unify three copies of this code from different branch types. Fix the case when npc == DYNAMIC_PC, i.e. a branch within a delay slot. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit bfa31b765798139804ce9e5e35c7e142d233df31 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 31 12:44:16 2015 -0700 target-sparc: Tidy gen_branch_a interface We always pass pc2 == dc->npc and r_cond == cpu_cond, and always set is_br afterward. Infer all of that. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit bd03c791a6ed1bb7aec17df15cfeea649362e8fd Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sun Aug 30 09:35:14 2015 -0700 target-cris: Mirror gen_opc_pc into insn_start This perhaps isn't ideal in terms of (ab)using the "pc" field to encode both pc and ppc + delay branch state, as one has to be aware of this when examining opcode dumps. But it preserves existing logic, which will be good for bisection, and it certainly does save storage space. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 07f3c16ced2b869228d58683c1dea06e3e1c9aa5 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sun Aug 30 09:28:52 2015 -0700 target-sh4: Add flags state to insn_start Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit a3fd522048f6728d8259e14596c9632c7c67305a Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sun Aug 30 09:26:10 2015 -0700 target-s390x: Add cc_op state to insn_start Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit c20d594e45bc8c4b21be1a7637cba0f279f72879 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sun Aug 30 09:25:36 2015 -0700 target-mips: Add delayed branch state to insn_start Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2066d09516ba34d0d180fdea451436d9babb3308 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sun Aug 30 09:24:58 2015 -0700 target-i386: Add cc_op state to insn_start Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 52e971d9ff67e340ac2a86bd67e14bd31c7991e0 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sun Aug 30 09:22:06 2015 -0700 target-arm: Add condexec state to insn_start Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9aef40ed1f6e2bd794bbb3ba8c8b773e506334c9 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sun Aug 30 09:21:33 2015 -0700 tcg: Allow extra data to be attached to insn_start With an eye toward having this data replace the gen_opc_* arrays that each target collects in order to enable restore_state_from_tb. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit b933066ae03d924a92b2616b4a24e7d91cd5b841 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Sep 17 15:58:10 2015 -0700 target-*: Introduce and use cpu_breakpoint_test Reduce the boilerplate required for each target. At the same time, move the test for breakpoint after calling tcg_gen_insn_start. Note that arm and aarch64 do not use cpu_breakpoint_test, but still move the inline test down after tcg_gen_insn_start. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 959082fc4a93a016a6b697e1e0c2b373d8a3a373 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Sep 17 14:25:46 2015 -0700 target-*: Increment num_insns immediately after tcg_gen_insn_start This does tidy the icount test common to all targets. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 667b8e29c5b1d8c5b4e6ad5f780ca60914eb6e96 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Aug 29 12:59:29 2015 -0700 target-*: Unconditionally emit tcg_gen_insn_start While we're at it, emit the opcode adjacent to where we currently record data for search_pc. This puts gen_io_start et al on the "correct" side of the marker. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 765b842adec4c5a359e69ca08785553599f71496 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Aug 29 12:37:33 2015 -0700 tcg: Rename debug_insn_start to insn_start With an eye toward making it mandatory. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit fec7daab3d63b7b2ca61581fffc40142b22b2bd5 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sun Oct 4 17:41:14 2015 +0800 target-tilegx: Support iret instruction and related special registers EX_CONTEXT_0_0 is used for jumping address, and EX_CONTEXT_0_1 is for INTERRUPT_CRITICAL_SECTION, which should only be 0 or 1 in user mode, or it will cause target SIGILL (and the patch doesn't support system mode). Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 77b3adc0012153e629b48b710ad19a8b544bb507 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sun Oct 4 13:34:33 2015 +0800 target-tilegx: Use TILEGX_EXCP_OPCODE_UNKNOWN and TILEGX_EXCP_OPCODE_UNIMPLEMENTED correctly For some cases, they are for TILEGX_EXCP_OPCODE_UNKNOWN, not for TILEGX_EXCP_OPCODE_UNIMPLEMENTED. Also for some cases, they are for TILEGX_EXCP_OPCODE_UNIMPLEMENTED, not for TILEGX_EXCP_OPCODE_UNKNOWN. When analyzing issues, the correct printing information is necessary, e.g. grep UIMP in gcc testsuite output log for finding qemu tilegx umimplementation issues, grep UNKNOWN for finding unknown instructions. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit a419e22d703667211521d4257df294047c13eca3 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sun Oct 4 19:01:27 2015 +0800 target-tilegx: Implement v2mults instruction Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1443956491-26850-3-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit aaf893a6ad6c7c0a986638ba599000e13f9f4182 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sun Oct 4 19:01:26 2015 +0800 target-tilegx: Implement v?int_* instructions. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1443956491-26850-2-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 78affcb798516dcb5d44a7ed598d79dcd42cd988 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sun Oct 4 19:01:25 2015 +0800 target-tilegx: Implement v2sh* instructions It is just according to v1sh* instructions implementation. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1443956491-26850-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 133b84c819166a6da1425a007cf44d7a96d507a4 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Oct 1 12:32:52 2015 +1000 target-tilegx: Handle nofault prefetch instructions These are mapped onto some of the normal load instructions, when the destination is the zero register. Other load insns do fault even when targeting the zero register. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 95df61e6238c79c2dc14f2bffa76abb2bd3acba7 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Wed Sep 30 05:38:40 2015 +0800 target-tilegx: Fix a typo for mnemonic about "ld_add" Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1443562720-3008-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit a0577d2aa9bd42d5d584fa03649a166ba45c2f3d Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sun Sep 27 14:26:04 2015 -0700 target-tilegx: Use TILEGX_EXCP_SIGNAL instead of TILEGX_EXCP_SEGV Consolidate signal handling under a single exception. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit dd8070d865ad1b32876931f812a80645f97112ff Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sat Sep 26 13:00:35 2015 +0800 target-tilegx: Decode ill pseudo-instructions Notice raise and bpt, decoding the constants embedded in the nop addil instruction in the x0 slot. [rth: Generalize TILEGX_EXCP_OPCODE_ILL to TILEGX_EXCP_SIGNAL. Drop validation of signal values.] Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1443243635-4886-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit bf0f60a61b92f4f9ddf09a3cf4fc41796fa42aed Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sun Sep 27 08:10:18 2015 +0800 linux-user/tilegx: Implement tilegx signal features [rth: Remove the spreg[EX1] handling, as it's irrelevant to user-mode.] Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1443312618-13641-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit de2fdd56b11f4207e6614ee2f56039ef240399f1 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sat Sep 26 12:10:05 2015 +0800 linux-user/syscall_defs.h: Sync the latest si_code from Linux kernel They content several new macro members, also contents TARGET_N*. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1443240605-2924-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit f723287944c30f1bf230f08b4fb03d6d11a16504 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sat Sep 26 07:42:54 2015 +0800 target-tilegx: Let x1 pipe process bpt instruction only According to the related document, bpt can be only in x1 pipe. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1443224574-2718-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9ff5b57c219f38f025b95ebf4b593b5d4e828b53 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Sep 23 10:43:48 2015 -0700 target-tilegx: Implement complex multiply instructions Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 0b4232f10895e863b1759a93ba0d0a1b3380dc31 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Sep 23 10:19:44 2015 -0700 target-tilegx: Implement table index instructions Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit ba1fc78f65fdea9d4b14d6449514c1351ad64fa4 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Sep 23 10:12:16 2015 -0700 target-tilegx: Implement crc instructions Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 38c949ffe7497b1d833bca5f70b22c87df9bd567 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Tue Sep 22 06:26:54 2015 +0800 target-tilegx: Implement v1multu instruction Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Message-Id: <1442874414-3578-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit c6876d7e1c3ff04a9b9f751f6260bf427ab8cf1a Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Tue Sep 22 06:18:38 2015 +0800 target-tilegx: Implement v*add and v*sub instructions [rth: Implement everything inline; handle v1addi and v2addi as well.] Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1442873918-3394-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 0ab0a3d768a4f6ab6747b6fd936c5cf70b5069c2 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Tue Sep 22 05:47:35 2015 +0800 target-tilegx: Implement v*shl, v*shru, and v*shrs instructions v2sh* are implemented with helper functions; v4sh* are implmeneted with inline code. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1442872055-2836-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 055130107683c3b199c1848a25e5e2c568230cbf Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 21 17:27:11 2015 -0700 target-tilegx: Tidy simd_helper.c Using the V1 macro when we want to replicate a byte across the 8 elements of the word. Using deposit and extract for manipulating specific elements. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 32532f215c49f005aaef942adfae34cbcc5fa678 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Fri Jul 17 18:19:40 2015 +0530 pc-dimm: Fail realization for invalid nodes in non-NUMA config pc_dimm_realize() validates the NUMA node to which memory hotplug is being performed only in case of NUMA configuration. Include a check to fail for invalid nodes in case of non-NUMA configuration too. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit eed2df678574f7f17947180a01127a8ba673a226 Merge: 5fdb467 d9f090e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 6 16:32:16 2015 +0100 Merge remote-tracking branch 'remotes/borntraeger/tags/s390x-20151006' into staging s390: fixes Some fixes all over the place: - ccw bios and gcc 5.1 (avoid floating point ops) - properly print vector registers - sclp and sclp-event-facility no longer hang on object_unref(object_new(T)) - better name for io_subsystem_reset One feature - the gdb server now exposes several virtualization specific register # gpg: Signature made Tue 06 Oct 2015 11:20:24 BST using RSA key ID B5A61C7C # gpg: Good signature from "Christian Borntraeger (IBM) <borntraeger@xxxxxxxxxx>" * remotes/borntraeger/tags/s390x-20151006: s390x: rename io_subsystem_reset -> subsystem_reset s390x/info registers: print vector registers properly s390x: set missing parent for hotplug and quiesce events s390x/gdb: expose virtualization specific registers pc-bios/s390-ccw: avoid floating point operations Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5fdb4671b08e0d1631447e81348b2b50a6b85bf7 Merge: 006d5c7 dfeb867 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 6 13:42:33 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 queue, 2015-10-05 # gpg: Signature made Mon 05 Oct 2015 17:04:38 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" * remotes/ehabkost/tags/x86-pull-request: icc_bus: drop the unused files cpu/apic: drop icc bus/bridge x86: use new method to correct reset sequence apic: move APIC's MMIO region mapping into APIC Correctly re-init EFER state during INIT IPI target-i386: add ABM to Haswell* and Broadwell* CPU models target-i386: get/put MSR_TSC_AUX across reset and migration target-i386: Make check_hw_breakpoints static target-i386: Move breakpoint related functions to new file target-i386: Convert kvm_default_*features to property/value pairs vl: Add another sanity check to smp_parse() function cpu: Introduce X86CPUTopoInfo structure for argument simplification Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 006d5c741bbfcdbedeb59e14527fe58d45c9c76b Merge: 7fe34ca ec6b69c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 6 12:09:56 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Mon 05 Oct 2015 17:01:11 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" * remotes/jnsnow/tags/ide-pull-request: qtest/ide-test: ppc64be correction for ATAPI tests MAINTAINERS: Small IDE/FDC touchup qtest/ahci: fix redundant assertion Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7fe34ca9c2e99560dc65395d599a6920624b127d Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Oct 6 10:17:55 2015 +0100 tests: vhost-user: disable unless CONFIG_VHOST_NET vhost-user depends on vhost-net. We should probably fix that. For now, let's disable the test otherwise. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 508ce5eb00070809f0d19917a1b2960dfcf5a64b Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 30 12:13:56 2015 +1000 vfio: Allow hotplug of containers onto existing guest IOMMU mappings At present the memory listener used by vfio to keep host IOMMU mappings in sync with the guest memory image assumes that if a guest IOMMU appears, then it has no existing mappings. This may not be true if a VFIO device is hotplugged onto a guest bus which didn't previously include a VFIO device, and which has existing guest IOMMU mappings. Therefore, use the memory_region_register_iommu_notifier_replay() function in order to fix this case, replaying existing guest IOMMU mappings, bringing the host IOMMU into sync with the guest IOMMU. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit a788f227ef7bd2912fcaacdfe13d13ece2998149 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 30 12:13:55 2015 +1000 memory: Allow replay of IOMMU mapping notifications When we have guest visible IOMMUs, we allow notifiers to be registered which will be informed of all changes to IOMMU mappings. This is used by vfio to keep the host IOMMU mappings in sync with guest IOMMU mappings. However, unlike with a memory region listener, an iommu notifier won't be told about any mappings which already exist in the (guest) IOMMU at the time it is registered. This can cause problems if hotplugging a VFIO device onto a guest bus which had existing guest IOMMU mappings, but didn't previously have an VFIO devices (and hence no host IOMMU mappings). This adds a memory_region_iommu_replay() function to handle this case. It replays any existing mappings in an IOMMU memory region to a specified notifier. Because the IOMMU memory region doesn't internally remember the granularity of the guest IOMMU it has a small hack where the caller must specify a granularity at which to replay mappings. If there are finer mappings in the guest IOMMU these will be reported in the iotlb structures passed to the notifier which it must handle (probably causing it to flag an error). This isn't new - the VFIO iommu notifier must already handle notifications about guest IOMMU mappings too short for it to represent in the host IOMMU. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 7a140a57c69293a2f19b045f40953a87879e8c76 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 30 12:13:54 2015 +1000 vfio: Record host IOMMU's available IO page sizes Depending on the host IOMMU type we determine and record the available page sizes for IOMMU translation. We'll need this for other validation in future patches. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 3898aad323475cf19127d9fc0846954d591d8e11 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 30 12:13:53 2015 +1000 vfio: Check guest IOVA ranges against host IOMMU capabilities The current vfio core code assumes that the host IOMMU is capable of mapping any IOVA the guest wants to use to where we need. However, real IOMMUs generally only support translating a certain range of IOVAs (the "DMA window") not a full 64-bit address space. The common x86 IOMMUs support a wide enough range that guests are very unlikely to go beyond it in practice, however the IOMMU used on IBM Power machines - in the default configuration - supports only a much more limited IOVA range, usually 0..2GiB. If the guest attempts to set up an IOVA range that the host IOMMU can't map, qemu won't report an error until it actually attempts to map a bad IOVA. If guest RAM is being mapped directly into the IOMMU (i.e. no guest visible IOMMU) then this will show up very quickly. If there is a guest visible IOMMU, however, the problem might not show up until much later when the guest actually attempt to DMA with an IOVA the host can't handle. This patch adds a test so that we will detect earlier if the guest is attempting to use IOVA ranges that the host IOMMU won't be able to deal with. For now, we assume that "Type1" (x86) IOMMUs can support any IOVA, this is incorrect, but no worse than what we have already. We can't do better for now because the Type1 kernel interface doesn't tell us what IOVA range the IOMMU actually supports. For the Power "sPAPR TCE" IOMMU, however, we can retrieve the supported IOVA range and validate guest IOVA ranges against it, and this patch does so. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit ac6dc3894fbb6775245565229953879a0263d27f Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 30 12:13:52 2015 +1000 vfio: Generalize vfio_listener_region_add failure path If a DMA mapping operation fails in vfio_listener_region_add() it checks to see if we've already completed initial setup of the container. If so it reports an error so the setup code can fail gracefully, otherwise throws a hw_error(). There are other potential failure cases in vfio_listener_region_add() which could benefit from the same logic, so move it to its own fail: block. Later patches can use this to extend other failure cases to fail as gracefully as possible under the circumstances. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit ee0bf0e59bb1c07c0196142f2ecfd88f7f8b194e Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 30 12:13:51 2015 +1000 vfio: Remove unneeded union from VFIOContainer Currently the VFIOContainer iommu_data field contains a union with different information for different host iommu types. However: * It only actually contains information for the x86-like "Type1" iommu * Because we have a common listener the Type1 fields are actually used on all IOMMU types, including the SPAPR TCE type as well In fact we now have a general structure for the listener which is unlikely to ever need per-iommu-type information, so this patch removes the union. In a similar way we can unify the setup of the vfio memory listener in vfio_connect_container() that is currently split across a switch on iommu type, but is effectively the same in both cases. The iommu_data.release pointer was only needed as a cleanup function which would handle potentially different data in the union. With the union gone, it too can be removed. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit a5b39cd3f647eaaaef5b648beda5cb2f387418c0 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Oct 5 12:30:12 2015 -0600 hw/vfio/platform: do not set resamplefd for edge-sensitive IRQS In irqfd mode, current code attempts to set a resamplefd whatever the type of the IRQ. For an edge-sensitive IRQ this attempt fails and as a consequence, the whole irqfd setup fails and we fall back to the slow mode. This patch bypasses the resamplefd setting for non level-sentive IRQs. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit a22313deca720e038ebc5805cf451b3a685d29ce Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Oct 5 12:30:12 2015 -0600 hw/vfio/platform: change interrupt/unmask fields into pointer unmask EventNotifier might not be initialized in case of edge sensitive irq. Using EventNotifier pointers make life simpler to handle the edge-sensitive irqfd setup. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 58892b447f0ffcd0967bc6f1bcb40df288ebeebc Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Oct 5 12:30:12 2015 -0600 hw/vfio/platform: irqfd setup sequence update With current implementation, eventfd VFIO signaling is first set up and then irqfd is setup, if supported and allowed. This start sequence causes several issues with IRQ forwarding setup which, if supported, is transparently attempted on irqfd setup: IRQ forwarding setup is likely to fail if the IRQ is detected as under injection into the guest (active at irqchip level or VFIO masked). This currently always happens because the current sequence explicitly VFIO-masks the IRQ before setting irqfd. Even if that masking were removed, we couldn't prevent the case where the IRQ is under injection into the guest. So the simpler solution is to remove this 2-step startup and directly attempt irqfd setup. This is what this patch does. Also in case the eventfd setup fails, there is no reason to go farther: let's abort. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit ec6b69ca0305ab3a3e0461aecb6f190c59a765df Author: John Snow <jsnow@xxxxxxxxxx> Date: Mon Oct 5 12:00:56 2015 -0400 qtest/ide-test: ppc64be correction for ATAPI tests the 16bit ide data register is LE by definition. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1443461938-30039-1-git-send-email-jsnow@xxxxxxxxxx commit aee50319873da4ed1c1d6901260c37d6236c74b5 Author: John Snow <jsnow@xxxxxxxxxx> Date: Mon Oct 5 12:00:56 2015 -0400 MAINTAINERS: Small IDE/FDC touchup libqos/ahci and tests/fdc-test are under my purview also, include them in the appropriate stanzas. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1443117055-29240-1-git-send-email-jsnow@xxxxxxxxxx commit 3d937150dce20cb95cbaae99b6fd48dca4261f32 Author: John Snow <jsnow@xxxxxxxxxx> Date: Mon Oct 5 12:00:55 2015 -0400 qtest/ahci: fix redundant assertion Fixes https://bugs.launchpad.net/qemu/+bug/1497711 (!ncq || (ncq && lba48)) is the same as (!ncq || lba48). The intention is simply: "If a command is NCQ, it must also be LBA48." Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1442868929-17777-1-git-send-email-jsnow@xxxxxxxxxx commit dfeb8679db358e1f8e0ee4dd84f903d71f000378 Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Wed Sep 16 17:19:15 2015 +0800 icc_bus: drop the unused files ICC bus impl has been droped, so all icc related files are not useful any more; delete them. Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 46232aaacb66733d3e16dcbd0d26c32ec388801d Author: Chen Fan <chen.fan.fnst@xxxxxxxxxxxxxx> Date: Wed Sep 16 17:19:14 2015 +0800 cpu/apic: drop icc bus/bridge After CPU hotplug has been converted to BUS-less hot-plug infrastructure, the only function ICC bus performs is to propagate reset to LAPICs. However LAPIC could be reset by registering its reset handler after all device are initialized. Do so and drop ~30LOC of not needed anymore ICCBus related code. Signed-off-by: Chen Fan <chen.fan.fnst@xxxxxxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit ae50c55a09b8a90205972518d8129447000ae188 Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Wed Sep 16 17:19:13 2015 +0800 x86: use new method to correct reset sequence During reset some devices (such as hpet, rtc) might send IRQ to APIC which changes APIC's state from default one it's supposed to have at machine startup time. Fix this by resetting APIC after devices have been reset to cancel any changes that qemu_devices_reset() might have done to its state. Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 8d42d2d32b508484106f1c600f5cdd5496bc867e Author: Chen Fan <chen.fan.fnst@xxxxxxxxxxxxxx> Date: Wed Sep 16 17:19:11 2015 +0800 apic: move APIC's MMIO region mapping into APIC When ICC bus/bridge is removed, APIC MMIO will be left unmapped since it was mapped into system's address space indirectly by ICC bridge. Fix it by moving mapping into APIC code, so it would be possible to remove ICC bus/bridge code later. Signed-off-by: Chen Fan <chen.fan.fnst@xxxxxxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 2188cc52cb363433751f72b991d8fb05fc60e39d Author: Bill Paul <wpaul@xxxxxxxxxxxxx> Date: Wed Sep 30 15:33:29 2015 -0700 Correctly re-init EFER state during INIT IPI When doing a re-initialization of a CPU core, the default state is to _not_ have 64-bit long mode enabled. This means the LME (long mode enable) and LMA (long mode active) bits in the EFER model-specific register should be cleared. However, the EFER state is part of the CPU environment which is preserved by do_cpu_init(), so if EFER.LME and EFER.LMA were set at the time an INIT IPI was received, they will remain set after the init completes. This is contrary to what the Intel architecture manual describes and what happens on real hardware, and it leaves the CPU in a weird state that the guest can't clear. To fix this, the 'efer' member of the CPUX86State structure has been moved to an area outside the region preserved by do_cpu_init(), so that it can be properly re-initialized by x86_cpu_reset(). Signed-off-by: Bill Paul <wpaul@xxxxxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Richard Henderson <rth@xxxxxxxxxxx> CC: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit becb66673ec30cb604926d247ab9449a60ad8b11 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Sep 28 14:00:18 2015 +0200 target-i386: add ABM to Haswell* and Broadwell* CPU models ABM is only implemented as a single instruction set by AMD; all AMD processors support both instructions or neither. Intel considers POPCNT as part of SSE4.2, and LZCNT as part of BMI1, but Intel also uses AMD's ABM flag to indicate support for both POPCNT and LZCNT. It has to be added to Haswell and Broadwell because Haswell, by adding LZCNT, has completed the ABM. Tested with "qemu-kvm -cpu Haswell-noTSX,enforce" (and also with older machine types) on an Haswell-EP machine. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit c9b8f6b6210847b4381c5b2ee172b1c7eb9985d6 Author: Amit Shah <amit.shah@xxxxxxxxxx> Date: Wed Sep 23 11:57:33 2015 +0530 target-i386: get/put MSR_TSC_AUX across reset and migration There's one report of migration breaking due to missing MSR_TSC_AUX save/restore. Fix this by adding a new subsection that saves the state of this MSR. https://bugzilla.redhat.com/show_bug.cgi?id=1261797 Reported-by: Xiaoqing Wei <xwei@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Juan Quintela <quintela@xxxxxxxxxx> CC: "Dr. David Alan Gilbert" <dgilbert@xxxxxxxxxx> CC: Marcelo Tosatti <mtosatti@xxxxxxxxxx> CC: Richard Henderson <rth@xxxxxxxxxxx> CC: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit dd941cdcfec536aad6a310a153778142ed9f3e92 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 15 11:45:07 2015 -0700 target-i386: Make check_hw_breakpoints static The function is now only used from within a single file. Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit ba4b5c65a98ea91dc3b13e42dd9404808c999dda Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 15 11:45:06 2015 -0700 target-i386: Move breakpoint related functions to new file Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 5114e8422201190c3e2e1a4d77e38ad70cf001d2 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 11 12:40:27 2015 -0300 target-i386: Convert kvm_default_*features to property/value pairs Convert the kvm_default_features and kvm_default_unset_features arrays into a simple list of property/value pairs that will be applied to X86CPU objects when using KVM. Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit a32ef3bfc12c8d0588f43f74dcc5280885bbdb30 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Wed Jul 22 15:59:50 2015 +0200 vl: Add another sanity check to smp_parse() function The code in smp_parse already checks the topology information for sockets * cores * threads < cpus and bails out with an error in that case. However, it is still possible to supply a bad configuration the other way round, e.g. with: qemu-system-xxx -smp 4,sockets=1,cores=4,threads=2 QEMU then still starts the guest, with topology configuration that is rather incomprehensible and likely not what the user wanted. So let's add another check to refuse such wrong configurations. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Acked-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit ed256144cd6f0ca2ff59fc3fc8dca547506f433b Author: Chen Fan <chen.fan.fnst@xxxxxxxxxxxxxx> Date: Fri Aug 21 17:34:45 2015 +0800 cpu: Introduce X86CPUTopoInfo structure for argument simplification In order to simplify arguments of function, introduce a new struct named X86CPUTopoInfo. Signed-off-by: Chen Fan <chen.fan.fnst@xxxxxxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit c0b520dfb8890294a9f8879f4759172900585995 Merge: 945507d 6fdac09 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 2 16:59:21 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio,pc features, fixes New features: guest RAM buffer overrun mitigation RAM physical address gaps for memory hotplug (except refactoring which got some review comments) Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Fri 02 Oct 2015 15:04:56 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: vhost-user-test: fix predictable filename on tmpfs vhost-user-test: use tmpfs by default pc: memhp: force gaps between DIMM's GPA memhp: extend address auto assignment to support gaps vhost-user: unit test for new messages vhost-user-test: do not reinvent glib-compat.h virtio: Notice when the system doesn't support MSIx at all pc: Add a comment explaining why pc_compat_2_4() doesn't exist exec: allocate PROT_NONE pages on top of RAM oslib: allocate PROT_NONE pages on top of RAM oslib: rework anonimous RAM allocation virtio-net: correctly drop truncated packets virtio: introduce virtqueue_discard() virtio: introduce virtqueue_unmap_sg() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 945507d6bcde334f42b00cae134b4d47301d1821 Merge: 37dd86a 86abac0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 2 16:04:25 2015 +0100 Merge remote-tracking branch 'remotes/riku/tags/pull-linux-user-20151002' into staging First set of Linux-user que patches for 2.5 # gpg: Signature made Fri 02 Oct 2015 13:38:00 BST using RSA key ID DE3C9BC0 # gpg: Good signature from "Riku Voipio <riku.voipio@xxxxxx>" # gpg: aka "Riku Voipio <riku.voipio@xxxxxxxxxx>" * remotes/riku/tags/pull-linux-user-20151002: linux-user: assert that target_mprotect cannot fail linux-user/signal.c: Use setup_rt_frame() instead of setup_frame() for target openrisc linux-user/syscall.c: Add EAGAIN to host_to_target_errno_table for linux-user: add name_to_handle_at/open_by_handle_at linux-user: Return target error number in do_fork() linux-user: fix cmsg conversion in case of multiple headers linux-user: remove MAX_ARG_PAGES limit linux-user: remove unused image_info members linux-user: Treat --foo options the same as -foo linux-user: use EXIT_SUCCESS and EXIT_FAILURE linux-user: Add proper error messages for bad options linux-user: Add -help linux-user: Exit 0 when -h is used Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6fdac09370530be0cc6fe9e8d425c0670ba994b1 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Oct 1 15:50:52 2015 +0300 vhost-user-test: fix predictable filename on tmpfs vhost-user-test uses getpid to create a unique filename. This name is predictable, and a security problem. Instead, use a tmp directory created by mkdtemp, which is a suggested best practice. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 1b7e1e3b463a6e5c117498b192cb07603c04b668 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Sep 30 18:01:21 2015 +0300 vhost-user-test: use tmpfs by default Most people don't run make check by default, so they skip vhost-user unit tests. Solve this by using tmpfs instead, unless hugetlbfs is specified (using an environment variable). Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit aa8580cddf011e8cedcf87f7a0fdea7549fc4704 Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Tue Sep 29 16:53:29 2015 +0200 pc: memhp: force gaps between DIMM's GPA mapping DIMMs non contiguously allows to workaround virtio bug reported earlier: http://lists.nongnu.org/archive/html/qemu-devel/2015-08/msg00522.html in this case guest kernel doesn't allocate buffers that can cross DIMM boundary keeping each buffer local to a DIMM. Suggested-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Acked-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit df0acded19ec4b826aa095cfc19d341bd66fafd3 Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Tue Sep 29 16:53:28 2015 +0200 memhp: extend address auto assignment to support gaps setting gap to TRUE will make sparse DIMM address auto allocation, leaving gaps between a new DIMM address and preceeding existing DIMM. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8a9b6b37dabf00388e8069a2f5c0f659626693b3 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Sep 24 18:22:01 2015 +0200 vhost-user: unit test for new messages Data is empty for now, but do make sure master sets the new feature bit flag. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ca06d9cc6691e23b6d02e07b44ea549aeac60151 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 14:12:03 2015 +0200 vhost-user-test: do not reinvent glib-compat.h glib-compat.h has the gunk to support both old-style and new-style gthread functions. Use it instead of reinventing it. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Tested-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 37dd86a44cc4298f58ac370e0190b069469b6d25 Merge: ff770b0 73ba05d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 2 14:47:10 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches # gpg: Signature made Fri 02 Oct 2015 12:49:13 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: block/raw-posix: Open file descriptor O_RDWR to work around glibc posix_fallocate emulation issue. block: disable I/O limits at the beginning of bdrv_close() iotests: Fix test 128 for password-less sudo tests: Fix test 049 fallout from improved HMP error messages raw-win32: Fix write request error handling Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 73ba05d936e82fe01b2b2cf987bf3aecb4792af5 Author: Richard W.M. Jones <rjones@xxxxxxxxxx> Date: Tue Sep 29 16:54:10 2015 +0100 block/raw-posix: Open file descriptor O_RDWR to work around glibc posix_fallocate emulation issue. https://bugzilla.redhat.com/show_bug.cgi?id=1265196 The following command fails on an NFS mountpoint: $ qemu-img create -f qcow2 -o preallocation=falloc disk.img 262144 Formatting 'disk.img', fmt=qcow2 size=262144 encryption=off cluster_size=65536 preallocation='falloc' lazy_refcounts=off qemu-img: disk.img: Could not preallocate data for the new file: Bad file descriptor The reason turns out to be because NFS doesn't support the posix_fallocate call. glibc emulates it instead. However glibc's emulation involves using the pread(2) syscall. The pread syscall fails with EBADF if the file descriptor is opened without the read open-flag (ie. open (..., O_WRONLY)). I contacted glibc upstream about this, and their response is here: https://bugzilla.redhat.com/show_bug.cgi?id=1265196#c9 There are two possible fixes: Use Linux fallocate directly, or (this fix) work around the problem in qemu by opening the file with O_RDWR instead of O_WRONLY. Signed-off-by: Richard W.M. Jones <rjones@xxxxxxxxxx> BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1265196 Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 99b7e7756780cec03fe5175db0f53b2fffa9426b Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Fri Sep 25 16:41:44 2015 +0300 block: disable I/O limits at the beginning of bdrv_close() Disabling I/O limits from a BDS also drains all pending throttled requests, so it should be done at the beginning of bdrv_close() with the rest of the bdrv_drain() calls before the BlockDriver is closed. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit bb3c801df7ed454b663312326bc29c8b9c2e4de6 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Fri Sep 25 19:19:24 2015 +0200 iotests: Fix test 128 for password-less sudo As of 934659c460d46c948cf348822fda1d38556ed9a4, $QEMU_IO is generally no longer a program name, and therefore "sudo -n $QEMU_IO" will no longer work. Fix this by copying the qemu-io invocation function from common.config, making it use $sudo for invoking $QEMU_IO_PROG, and then use that function instead of $QEMU_IO. Reported-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 552bb52c4bf199ae9c038570187749b93c91310a Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 22 17:15:52 2015 -0600 tests: Fix test 049 fallout from improved HMP error messages Commit 50b7b000 improved HMP error messages, but forgot to update qemu-iotests to match. Reported-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5d555030ba10ef3be12cd75a121a7cd5f6ef9bd2 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Sep 23 14:58:21 2015 +0200 raw-win32: Fix write request error handling aio_worker() wrote the return code to the wrong variable. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Guangmu Zhu <guangmuzhu@xxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit d9f090ec7794d433b8f222ae8c8f95601369a4a5 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Thu Oct 1 10:49:47 2015 +0200 s390x: rename io_subsystem_reset -> subsystem_reset According to the Pop: "Subsystem reset operates only on those elements in the configuration which are not CPUs". As this is what we actually do, let's simply rename the function. Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Message-Id: <1443689387-34473-6-git-send-email-jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit a6085fab3b6b9f0f9d636170b7d7bd31172b5038 Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Thu Oct 1 10:49:46 2015 +0200 s390x/info registers: print vector registers properly We want F12=0000000000000000 F13=0000000000000000 F14=0000000000000000 F15=0000000000000000 V00=00000000000000000000000000000000 V01=00000000000000000000000000000000 instead of F12=0000000000000000 F13=0000000000000000 F14=0000000000000000 F15=0000000000000000 V00=00000000000000000000000000000000 V01=00000000000000000000000000000000 V02=00000000000000000000000000000000 Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Message-Id: <1443689387-34473-5-git-send-email-jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 7059384c7e27d68c502d8636eb711873a9a6a597 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Thu Oct 1 10:49:45 2015 +0200 s390x: set missing parent for hotplug and quiesce events Existing code missed to set a parent for the quiesce and hotplug event. While this didn't matter in practise, new introspection APIs basically now do an object_unref(object_new(T)), which loops forever. When trying to remove the event facility bus, the code tries to unparent all childs on the bus, so they are properly deleted and therefore removed. As object_unparent() on these child devices doesn't work, as there is no parent, we loop forever. Let's fix this by adding the event facility as a parent. Also switch from object_initialize to object_new, so the only valid reference is in fact the parent property. This makes it more obvious when the device (state) is actually gone (and how the reference counting works). Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Message-Id: <1443689387-34473-4-git-send-email-jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 8a641ff60f38799a10ed44a7c5bddd386bc169ed Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Thu Oct 1 10:49:44 2015 +0200 s390x/gdb: expose virtualization specific registers Let's expose some virtual/fake registers as virtualization specific registers. Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Message-Id: <1443689387-34473-3-git-send-email-jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit af3c15fee54e841d859d003b90a88042daf6cd7a Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Thu Oct 1 10:49:43 2015 +0200 pc-bios/s390-ccw: avoid floating point operations Some gcc versions (e.g. Fedora 22 gcc 5.1.1) seem to use floating point registers for spilling and filling of general purpose registers. As the BIOS does not activate the AFP register setting of CR0 this can cause data exception program checks. Disallow floating point in the BIOS as a simple solution. Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Message-Id: <1443689387-34473-2-git-send-email-jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit ff770b07f34d28b79013a83989bd6c85f8f16b2f Merge: 5250ced 5279efe Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 2 11:01:18 2015 +0100 Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging # gpg: Signature made Thu 01 Oct 2015 20:02:33 BST using RSA key ID C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@xxxxxxxxxx>" # gpg: aka "Jeffrey Cody <jeff@xxxxxxxxxxxxx>" # gpg: aka "Jeffrey Cody <codyprime@xxxxxxxxx>" * remotes/cody/tags/block-pull-request: block: mirror - fix full sync mode when target does not support zero init Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5250ced83173c9534b4a2723b7a50b67b7c7a6ee Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jul 23 08:13:56 2015 -0700 target-microblaze: Set the PC in reset instead of realize Set the Microblaze CPU PC in the reset instead of setting it in the realize. This is required as the PC is zeroed in the reset function and causes problems in some situations. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit c8667283a070d810f7917d69ea84209475c6e75e Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Fri Sep 25 22:45:53 2015 +0200 disas/cris: Fix typo in comment Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 5279efebcf8f8fbf2ed2feed63cdb9d375c7cd07 Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Thu Oct 1 00:06:37 2015 -0400 block: mirror - fix full sync mode when target does not support zero init During mirror, if the target device does not support zero init, a mirror may result in a corrupted image for sync="full" mode. This is due to how the initial dirty bitmap is set up prior to copying data - we did not mark sectors as dirty that are unallocated. This means those unallocated sectors are skipped over on the target, and for a device without zero init, invalid data may reside in those holes. If both of the following conditions are true, then we will explicitly mark all sectors as dirty: 1.) sync = "full" 2.) bdrv_has_zero_init(target) == false If the target does support zero init, but a target image is passed in with data already present (i.e. an "existing" image), it is assumed the data present in the existing image is valid data for those sectors. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 91ed4bc5bda7e2b09eb508b07c83f4071fe0b3c9.1443705220.git.jcody@xxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 0d583647a7fc73f621eeb64ed703556c4bbebfcc Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue May 19 13:29:51 2015 -0700 virtio: Notice when the system doesn't support MSIx at all And do not issue an error_report in that case. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 798595075bf51c7e3125d260a19d860b9aa63e69 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Sep 28 15:07:21 2015 -0300 pc: Add a comment explaining why pc_compat_2_4() doesn't exist pc_compat_2_4() doesn't exist, and we shouldn't create one. Add a comment explaining why the function doesn't exist and why pc_compat_*() functions are deprecated. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8561c9244ddf1122dfe7ccac9b23f506062f1499 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Sep 10 16:41:17 2015 +0300 exec: allocate PROT_NONE pages on top of RAM This inserts a read and write protected page between RAM and QEMU memory, for file-backend RAM. This makes it harder to exploit QEMU bugs resulting from buffer overflows in devices using variants of cpu_physical_memory_map, dma_memory_map etc. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9fac18f03a9040b67ec38e14d3e1ed34db9c7e06 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Sep 10 16:41:17 2015 +0300 oslib: allocate PROT_NONE pages on top of RAM This inserts a read and write protected page between RAM and QEMU memory. This makes it harder to exploit QEMU bugs resulting from buffer overflows in devices using variants of cpu_physical_memory_map, dma_memory_map etc. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c2dfc5ba3fb3a1b7278c99bfd3bf350202169434 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Sep 10 16:36:51 2015 +0300 oslib: rework anonimous RAM allocation At the moment we first allocate RAM, sometimes more than necessary for alignment reasons. We then free the extra RAM. Rework this to avoid the temporary allocation: reserve the range by mapping it with PROT_NONE, then use just the necessary range with MAP_FIXED. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0cf33fb6b49a19de32859e2cdc6021334f448fb3 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Sep 25 13:21:30 2015 +0800 virtio-net: correctly drop truncated packets When packet is truncated during receiving, we drop the packets but neither discard the descriptor nor add and signal used descriptor. This will lead several issues: - sg mappings are leaked - rx will be stalled if a lots of packets were truncated In order to be consistent with vhost, fix by discarding the descriptor in this case. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 29b9f5efd78ae0f9cc02dd169b6e80d2c404bade Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Sep 25 13:21:29 2015 +0800 virtio: introduce virtqueue_discard() This patch introduces virtqueue_discard() to discard a descriptor and unmap the sgs. This will be used by the patch that will discard descriptor when packet is truncated. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ce317461573bac12b10d67699b4ddf1f97cf066c Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Sep 25 13:21:28 2015 +0800 virtio: introduce virtqueue_unmap_sg() Factor out sg unmapping logic. This will be reused by the patch that can discard descriptor. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Andrew James <andrew.james@xxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fa500928ad9da6dd570918e3dfca13c029af07a8 Merge: b2312c6 dc32562 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 1 10:49:38 2015 +0100 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20150930' into staging migration/next for 20150930 # gpg: Signature made Wed 30 Sep 2015 09:24:02 BST using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20150930: migration: Disambiguate MAX_THROTTLE qmp/hmp: Add throttle ratio to query-migrate and info migrate migration: Dynamic cpu throttling for auto-converge migration: Parameters for auto-converge cpu throttling cpu: Provide vcpu throttling interface migration: yet more possible state transitions Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 86abac06c142d20772b3f2e04c9bf02b7936a0b3 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Sep 14 12:31:44 2015 +0200 linux-user: assert that target_mprotect cannot fail All error conditions that target_mprotect checks are also checked by target_mmap. EACCESS cannot happen because we are just removing PROT_WRITE. ENOMEM should not happen because we are modifying a whole VMA (and we have bigger problems anyway if it happens). Fixes a Coverity false positive, where Coverity complains about target_mprotect's return value being passed to tb_invalidate_phys_range. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit d0924a26d8f37ab95fdef99f6850b93e9af3ffb2 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sat Sep 12 23:32:30 2015 +0800 linux-user/signal.c: Use setup_rt_frame() instead of setup_frame() for target openrisc qemu has already considered about some targets may have no traditional signals. And openrisc's setup_frame() is dummy, but it can be supported by setup_rt_frame(). Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit dc3256272cf70b2152279b013a8abb16e0f6fe96 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 8 13:12:37 2015 -0400 migration: Disambiguate MAX_THROTTLE Migration has a define for MAX_THROTTLE. Update comment to clarify that this is used for throttling transfer speed. Hopefully this will prevent it from being confused with a guest cpu throttling entity. Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> commit 4782893e099cde24c0b10a48d0412eea575ddcb3 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 8 13:12:36 2015 -0400 qmp/hmp: Add throttle ratio to query-migrate and info migrate Report throttle percentage in info migrate and query-migrate responses when cpu throttling is active. Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> commit 070afca258f973c704dcadf2769aa1ca921209a1 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 8 13:12:35 2015 -0400 migration: Dynamic cpu throttling for auto-converge Remove traditional auto-converge static 30ms throttling code and replace it with a dynamic throttling algorithm. Additionally, be more aggressive when deciding when to start throttling. Previously we waited until four unproductive memory passes. Now we begin throttling after only two unproductive memory passes. Four seemed quite arbitrary and only waiting for two passes allows us to complete the migration faster. Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> commit 1626fee3bdbb295d5e8aff800f7621357bb376d6 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 8 13:12:34 2015 -0400 migration: Parameters for auto-converge cpu throttling Add migration parameters to allow the user to adjust the parameters that control cpu throttling when auto-converge is in effect. The added parameters are as follows: x-cpu-throttle-initial : Initial percantage of time guest cpus are throttled when migration auto-converge is activated. x-cpu-throttle-increment: throttle percantage increase each time auto-converge detects that migration is not making progress. Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> commit 2adcc85d407c1ab985f5abed808c78dbb84f4773 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 8 13:12:33 2015 -0400 cpu: Provide vcpu throttling interface Provide a method to throttle guest cpu execution. CPUState is augmented with timeout controls and throttle start/stop functions. To throttle the guest cpu the caller simply has to call the throttle set function and provide a percentage of throttle time. Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> commit 2a6e6e59dfdeb0b98e744eb8f110a236f26a3ea4 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Tue Jul 28 15:28:28 2015 +0200 migration: yet more possible state transitions On destination, we move from INMIGRATE to FINISH_MIGRATE. Add that to the list of allowed states. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> commit b2312c680084ea18cd55fa7093397cad2224ec14 Merge: 6996a00 b9e6092 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 29 12:41:19 2015 +0100 Merge remote-tracking branch 'remotes/amit-migration/tags/for-juan-201509' into staging Migration queue # gpg: Signature made Tue 29 Sep 2015 07:13:55 BST using RSA key ID 854083B6 # gpg: Good signature from "Amit Shah <amit@xxxxxxxxxxxx>" # gpg: aka "Amit Shah <amit@xxxxxxxxxx>" # gpg: aka "Amit Shah <amitshah@xxxxxxx>" * remotes/amit-migration/tags/for-juan-201509: ram_find_and_save_block: Split out the finding Move dirty page search state into separate structure migration: Use g_new() & friends where that makes obvious sense migration: qemu-file more size_t'ifying migration: size_t'ify some of qemu-file Init page sizes in qtest Split out end of migration code from migration_thread migration/ram.c: Use RAMBlock rather than MemoryRegion vmstate: Remove redefinition of VMSTATE_UINT32_ARRAY Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b9e6092814735853cc1149e2e68245b09f621306 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Sep 23 15:27:11 2015 +0100 ram_find_and_save_block: Split out the finding Split out the finding of the dirty page and all the wrap detection into a separate function since it was getting a bit hairy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-Id: <1443018431-11170-3-git-send-email-dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> [Fix comment -- Amit] Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit b8fb8cb748497aa070304eec27b03edd3b05373d Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Sep 23 15:27:10 2015 +0100 Move dirty page search state into separate structure Pull the search state for one iteration of the dirty page search into a structure. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Message-Id: <1443018431-11170-2-git-send-email-dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit 97f3ad35517e0d02c0149637d1bb10713c52b057 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Sep 14 13:51:31 2015 +0200 migration: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1442231491-23352-1-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit 56f3835ff1e70df97f843f4a27abdff6b4a2ae77 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Aug 13 11:51:34 2015 +0100 migration: qemu-file more size_t'ifying This time convert the external functions: qemu_get_buffer, qemu_peek_buffer qemu_put_buffer and qemu_put_buffer_async Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-Id: <1439463094-5394-6-git-send-email-dgilbert@xxxxxxxxxx> Reviewed-by: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit a202a4c001fd35b50d99abcc329bc9e666eb8eed Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Aug 13 11:51:33 2015 +0100 migration: size_t'ify some of qemu-file This is a start on using size_t more in qemu-file and friends; it fixes up QEMUFilePutBufferFunc and QEMUFileGetBufferFunc to take size_t lengths and return ssize_t return values (like read(2)) and fixes up all the different implementations of them. Note that I've not yet followed this deeply into bdrv_ implementations. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-Id: <1439463094-5394-5-git-send-email-dgilbert@xxxxxxxxxx> Reviewed-by: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit c50766f5a99ef7bf6c9a86cd07341c389faf7ae6 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Aug 13 11:51:32 2015 +0100 Init page sizes in qtest One of my patches used a loop that was based on host page size; it dies in qtest since qtest hadn't bothered init'ing it. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Message-Id: <1439463094-5394-4-git-send-email-dgilbert@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit 09f6c85e39ee9e57bd245adbe6f400d387061707 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Aug 13 11:51:31 2015 +0100 Split out end of migration code from migration_thread The code that gets run at the end of the migration process is getting large, and I'm about to add more for postcopy. Split it into a separate function. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-Id: <1439463094-5394-3-git-send-email-dgilbert@xxxxxxxxxx> Reviewed-by: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit 2f68e39956b7504f6669671fd95b70859afc340d Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Aug 13 11:51:30 2015 +0100 migration/ram.c: Use RAMBlock rather than MemoryRegion RAM migration mainly works on RAMBlocks but in a few places uses data from MemoryRegions to access the same information that's already held in RAMBlocks; clean it up just to avoid the MemoryRegion use. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-Id: <1439463094-5394-2-git-send-email-dgilbert@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit eb5c936e81e2e292ceefec9b6628862599f71c17 Author: Soren Brinkmann <soren.brinkmann@xxxxxxxxxx> Date: Thu Aug 13 23:16:27 2015 -0700 vmstate: Remove redefinition of VMSTATE_UINT32_ARRAY The macro is defined twice in identical ways. Signed-off-by: Soren Brinkmann <soren.brinkmann@xxxxxxxxxx> Message-Id: <1439532987-16335-1-git-send-email-soren.brinkmann@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit 08703b9f7bcd7ca2152d51a4c8893d26f1dc28de Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Mon Sep 7 10:35:06 2015 +0800 linux-user/syscall.c: Add EAGAIN to host_to_target_errno_table for Under Alpha host, EAGAIN is redefined to 35, so it need be remapped too. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 0f0426f343886fb5c9f137c2830f35cc2dae7327 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Tue Sep 1 22:27:33 2015 +0200 linux-user: add name_to_handle_at/open_by_handle_at This patch allows to run example given by open_by_handle_at(2): The following shell session demonstrates the use of these two programs: $ echo 'Can you please think about it?' > cecilia.txt $ ./t_name_to_handle_at cecilia.txt > fh $ ./t_open_by_handle_at < fh open_by_handle_at: Operation not permitted $ sudo ./t_open_by_handle_at < fh # Need CAP_SYS_ADMIN Read 31 bytes $ rm cecilia.txt Now we delete and (quickly) re-create the file so that it has the same content and (by chance) the same inode.[...] $ stat --printf="%i\n" cecilia.txt # Display inode number 4072121 $ rm cecilia.txt $ echo 'Can you please think about it?' > cecilia.txt $ stat --printf="%i\n" cecilia.txt # Check inode number 4072121 $ sudo ./t_open_by_handle_at < fh open_by_handle_at: Stale NFS file handle See the man page for source code. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 93b4eff80af9822e4b726dcf21ee61538e088695 Author: Timothy E Baldwin <T.E.Baldwin99@xxxxxxxxxxxxxxxxxxx> Date: Mon Aug 31 00:26:21 2015 +0100 linux-user: Return target error number in do_fork() Whilst calls to do_fork() are wrapped in get_errno() this does not translate return values. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Timothy Edward Baldwin <T.E.Baldwin99@xxxxxxxxxxxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit ee1045877a7e226945c7cec2bda80039bd2d0c8e Author: Jonathan Neuschäfer <j.neuschaefer@xxxxxxx> Date: Thu Sep 3 07:27:26 2015 +0200 linux-user: fix cmsg conversion in case of multiple headers Currently, __target_cmsg_nxthdr compares a pointer derived from target_cmsg against the msg_control field of target_msgh (through subtraction). This failed for me when emulating i386 code under x86_64, because pointers in the host address space and pointers in the guest address space were not the same. This patch passes the initial value of target_cmsg into __target_cmsg_nxthdr. I found and fixed two more related bugs: - __target_cmsg_nxthdr now returns the new cmsg pointer instead of the old one. - tgt_space (in host_to_target_cmsg) doesn't count "sizeof (struct target_cmsghdr)" twice anymore. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@xxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 59baae9a626396a3a05840279084c4bf2beb8f40 Author: Stefan Brüns <stefan.bruens@xxxxxxxxxxxxxx> Date: Wed Sep 2 03:38:53 2015 +0200 linux-user: remove MAX_ARG_PAGES limit Instead of creating a temporary copy for the whole environment and the arguments, directly copy everything to the target stack. For this to work, we have to change the order of stack creation and copying the arguments. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Stefan Brüns <stefan.bruens@xxxxxxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 84646ee25b68321624ef4768011e91064e4bd440 Author: Stefan Brüns <stefan.bruens@xxxxxxxxxxxxxx> Date: Wed Sep 2 03:38:52 2015 +0200 linux-user: remove unused image_info members Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Stefan Brüns <stefan.bruens@xxxxxxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit ba02577cadbe5b53db791522310c977f9960f81f Author: Meador Inge <meadori@xxxxxxxxxxxxxxxx> Date: Mon Jul 6 11:03:41 2015 -0700 linux-user: Treat --foo options the same as -foo The system mode binaries provide a similar alias and it makes common options like --version and --help work as expected. Signed-off-by: Meador Inge <meadori@xxxxxxxxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 4d1275c24d5d64d22ec4a30ce1b6a0db3ba9a25a Author: Riku Voipio <riku.voipio@xxxxxxxxxx> Date: Mon Sep 28 16:12:16 2015 +0300 linux-user: use EXIT_SUCCESS and EXIT_FAILURE As suggested by Laurent, use EXIT_SUCCESS and EXIT_FAILURE from stdlib.h instead of numeric values. Cc: Laurent Vivier <laurent@xxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 138940bf08df1d8e9b862ad019a0d7d451e2413a Author: Meador Inge <meadori@xxxxxxxxxxxxxxxx> Date: Mon Jul 6 11:03:40 2015 -0700 linux-user: Add proper error messages for bad options This patch adds better support for diagnosing option parser errors. The previous implementation just printed the usage text and exited when a bad option or argument was found. This made it very difficult to determine why the usage was being displayed and it was doubly confusing for cases like '--help' (it wasn't clear that --help was actually an error). Signed-off-by: Meador Inge <meadori@xxxxxxxxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit daaf8c8eb7135386134bc7075b9cf4dd57107c43 Author: Meador Inge <meadori@xxxxxxxxxxxxxxxx> Date: Mon Jul 6 11:03:39 2015 -0700 linux-user: Add -help This option is already available on the system mode binaries. It would be better if long options were supported (i.e. --help), but this is okay for now. Signed-off-by: Meador Inge <meadori@xxxxxxxxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit d03f9c320234d2e49ad8b2f4abd049a497afa2be Author: Meador Inge <meadori@xxxxxxxxxxxxxxxx> Date: Mon Jul 6 11:03:38 2015 -0700 linux-user: Exit 0 when -h is used Signed-off-by: Meador Inge <meadori@xxxxxxxxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 6996a002d845be0166e155c016448014a6fbfe05 Merge: 9e07142 365d7f3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 25 23:20:06 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20150925-1' into staging cocoa queue: * fix stuck-key bug if keys were down when QEMU lost focus * prompt the user whether they really meant to quit * remove the 'open image file' dialog box we used to display if the user started QEMU without arguments # gpg: Signature made Fri 25 Sep 2015 23:17:19 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-cocoa-20150925-1: ui/cocoa.m: remove open dialog code ui/cocoa.m: prevent stuck key situation ui/cocoa.m: verify with user before quitting QEMU Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 365d7f3c7aacc789ead96b8eeb5ba5b0a8d93d48 Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Fri Sep 25 23:14:00 2015 +0100 ui/cocoa.m: remove open dialog code Removes the open dialog code that runs when no arguments are supplied with QEMU. Not everyone needs a hard drive or cdrom to boot their target. A user might only need to use their target's bios to do work. With that said, this patch removes the unneeded open dialog code. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Message-id: 33856864-321C-4367-9170-FB0BF81E789B@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3b178b7130ecf4005cd73d0c40e964c9d0d31a48 Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Fri Sep 25 23:14:00 2015 +0100 ui/cocoa.m: prevent stuck key situation When the user puts QEMU in the background while holding down a key, QEMU will not receive the keyup event when the user lets go of the key. When the user goes back to QEMU, QEMU will think the key is still down causing stuck key symptoms. This patch fixes this problem by releasing all down keys when QEMU goes into the background. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Message-id: 7A3FA6EE-84C8-4422-A786-C899B7229D32@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d9bc14f63e880010ba72b3a0169ff8ef52275a63 Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Fri Sep 25 23:13:59 2015 +0100 ui/cocoa.m: verify with user before quitting QEMU This patch prevents the user from accidentally quitting QEMU by pushing Command-Q or by pushing the close button on the main window. When the user does one of these two things, a dialog box appears verifying with the user if he or she wants to quit QEMU. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Message-id: 29169A74-0347-47F5-934F-A5AD24C225CA@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9e071429e649346c14b2dc76902f84f8352d2333 Merge: 8bfbbb4 8e9620a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 25 21:52:30 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * First batch of MAINTAINERS updates * IOAPIC fixes (to pass kvm-unit-tests with -machine kernel_irqchip=off) * NBD API upgrades from Daniel * strtosz fixes from Marc-André * improved support for readonly=on on scsi-generic devices * new "info ioapic" and "info lapic" monitor commands * Peter Crosthwaite's ELF_MACHINE cleanups * docs patches from Thomas and Daniel # gpg: Signature made Fri 25 Sep 2015 11:20:52 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" * remotes/bonzini/tags/for-upstream: (52 commits) doc: Refresh URLs in the qemu-tech documentation docs: describe the QEMU build system structure / design typedef: add typedef for QemuOpts i386: interrupt poll processing i386: partial revert of interrupt poll fix ppc: Rename ELF_MACHINE to be PPC specific i386: Rename ELF_MACHINE to be x86 specific alpha: Remove ELF_MACHINE from cpu.h mips: Remove ELF_MACHINE from cpu.h sparc: Remove ELF_MACHINE from cpu.h s390: Remove ELF_MACHINE from cpu.h sh4: Remove ELF_MACHINE from cpu.h xtensa: Remove ELF_MACHINE from cpu.h tricore: Remove ELF_MACHINE from cpu.h or32: Remove ELF_MACHINE from cpu.h lm32: Remove ELF_MACHINE from cpu.h unicore: Remove ELF_MACHINE from cpu.h moxie: Remove ELF_MACHINE from cpu.h cris: Remove ELF_MACHINE from cpu.h m68k: Remove ELF_MACHINE from cpu.h ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8bfbbb4bcb6e06aaf4a3e2264f53c8c44ed4c655 Merge: 54b3762 9d146b2 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 25 21:11:12 2015 +0100 Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150925.0' into staging VFIO updates 2015-09-25 - Remove use of g_malloc0_n for glib2.22 compat # gpg: Signature made Fri 25 Sep 2015 17:58:04 BST using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex@xxxxxxxxxxx>" # gpg: aka "Alex Williamson <alwillia@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex.l.williamson@xxxxxxxxx>" * remotes/awilliam/tags/vfio-update-20150925.0: vfio/pci: Remove use of g_malloc0_n() from quirks Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 54b376230c795d9f63490fa2e951cb786f7b1e12 Merge: 690b286 e6fd57e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 25 19:01:46 2015 +0100 Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging # gpg: Signature made Fri 25 Sep 2015 16:47:31 BST using RSA key ID C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@xxxxxxxxxx>" # gpg: aka "Jeffrey Cody <jeff@xxxxxxxxxxxxx>" # gpg: aka "Jeffrey Cody <codyprime@xxxxxxxxx>" * remotes/cody/tags/block-pull-request: sheepdog: refine discard support sheepdog: use per AIOCB dirty indexes for non overlapping requests Backup: don't do copy-on-read in before_write_notifier block: Introduce a new API bdrv_co_no_copy_on_readv() sheepdog: add reopen support block/nfs: cache allocated filesize for read-only files block/nfs: fix calculation of allocated file size Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 690b286fefa806f130dfc1931b5ba0b4dd2fb415 Merge: cdf9818 ab60b74 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 25 18:03:19 2015 +0100 Merge remote-tracking branch 'remotes/vivier-misc/tags/pull-muldiv64-20150925' into staging Remove muldiv64() by using period instead of frequency # gpg: Signature made Fri 25 Sep 2015 14:54:37 BST using RSA key ID 3F2FBE3C # gpg: Good signature from "Laurent Vivier <lvivier@xxxxxxxxxx>" # gpg: aka "Laurent Vivier <laurent@xxxxxxxxx>" # gpg: aka "Laurent Vivier (Red Hat) <lvivier@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C * remotes/vivier-misc/tags/pull-muldiv64-20150925: net: remove muldiv64() bt: remove muldiv64() hpet: remove muldiv64() arm: clarify the use of muldiv64() openrisc: remove muldiv64() mips: remove muldiv64() pcnet: remove muldiv64() rtl8139: remove muldiv64() i6300esb: remove muldiv64() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cdf98182420e3bec62e2fd957eb8a17761161c0f Merge: 8a47d57 f178bc6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 25 16:40:05 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio,pc features, fixes New features: vhost-user multiqueue support virtio-ccw virtio 1 support Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Fri 25 Sep 2015 07:40:35 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: MAINTAINERS: add more devices to the PCI section MAINTAINERS: add more devices to the PC section vhost-user: add a new message to disable/enable a specific virt queue. vhost-user: add multiple queue support vhost: introduce vhost_backend_get_vq_index method vhost-user: add VHOST_USER_GET_QUEUE_NUM message vhost: rename VHOST_RESET_OWNER to VHOST_RESET_DEVICE vhost-user: add protocol feature negotiation vhost-user: use VHOST_USER_XXX macro for switch statement virtio-ccw: enable virtio-1 virtio-ccw: feature bits > 31 handling virtio-ccw: support ring size changes virtio: ring sizes vs. reset pc: Introduce pc-*-2.5 machine classes q35: Move options common to all classes to pc_i440fx_machine_options() q35: Move options common to all classes to pc_q35_machine_options() virtio-net: unbreak self announcement and guest offloads after migration virtio: right size for virtio_queue_get_avail_size Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e6fd57ea297ec3aad32b24090c5d3757a99df3fe Author: Hitoshi Mitake <mitake.hitoshi@xxxxxxxxxxxxx> Date: Tue Sep 1 12:03:10 2015 +0900 sheepdog: refine discard support This patch refines discard support of the sheepdog driver. The existing discard mechanism was implemented on SD_OP_DISCARD_OBJ, which was introduced before fine grained reference counting on newer sheepdog. It doesn't care about relations of snapshots and clones and discards objects unconditionally. With this patch, the driver just updates an inode object for updating reference. Removing the object is done in sheep process side. Cc: Teruaki Ishizaki <ishizaki.teruaki@xxxxxxxxxxxxx> Cc: Vasiliy Tolstov <v.tolstov@xxxxxxxxx> Cc: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Hitoshi Mitake <mitake.hitoshi@xxxxxxxxxxxxx> Tested-by: Vasiliy Tolstov <v.tolstov@xxxxxxxxx> Message-id: 1441076590-8015-3-git-send-email-mitake.hitoshi@xxxxxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 498f21405a286f718a0767c791b7d2db19f4e5bd Author: Hitoshi Mitake <mitake.hitoshi@xxxxxxxxxxxxx> Date: Tue Sep 1 12:03:09 2015 +0900 sheepdog: use per AIOCB dirty indexes for non overlapping requests In the commit 96b14ff85acf, requests for overlapping areas are serialized. However, it cannot handle a case of non overlapping requests. In such a case, min_dirty_data_idx and max_dirty_data_idx can be overwritten by the requests and invalid inode update can happen e.g. a case like create(1, 2) and create(3, 4) are issued in parallel. This patch lets SheepdogAIOCB have dirty data indexes instead of BDRVSheepdogState for avoiding the above situation. This patch also does trivial renaming for better description: overwrapping -> overlapping Cc: Teruaki Ishizaki <ishizaki.teruaki@xxxxxxxxxxxxx> Cc: Vasiliy Tolstov <v.tolstov@xxxxxxxxx> Cc: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Hitoshi Mitake <mitake.hitoshi@xxxxxxxxxxxxx> Tested-by: Vasiliy Tolstov <v.tolstov@xxxxxxxxx> Message-id: 1441076590-8015-2-git-send-email-mitake.hitoshi@xxxxxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit ab60b7485cece312ad9c21327ee678f0f9898fb5 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Tue Aug 25 17:24:39 2015 +0200 net: remove muldiv64() muldiv64() is used to convert nanoseconds to microseconds. x = muldiv64(qemu_clock_get_ns(..), 1000000, get_ticks_per_sec()); As get_ticks_per_sec() is 10^9, it can be replaced by: x = qemu_clock_get_us(..); Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit fdfea124f9e12232f99d9f235267ca1eeeb23469 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Tue Aug 25 17:19:57 2015 +0200 bt: remove muldiv64() Originally, timers were ticks based, and it made sense to add ticks to current time to know when to trigger an alarm. But since commit: 7447545 change all other clock references to use nanosecond resolution accessors All timers use nanoseconds and we need to convert ticks to nanoseconds. As get_ticks_per_sec() is 10^9, a = muldiv64(b, get_ticks_per_sec(), 100); y = muldiv64(x, get_ticks_per_sec(), 1000000); can be converted to a = b * 10000000; y = x * 1000; Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0a4f9240f5b8b1bfe2d5c5c2748545bc23771bb4 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Tue Aug 25 17:13:01 2015 +0200 hpet: remove muldiv64() hpet defines a clock period in femtoseconds but then converts it to nanoseconds to use the internal timers. We can define the period in nanoseconds and use it directly, this allows to remove muldiv64(). We only need to convert the period to femtoseconds to put it in internal hpet capability register. Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 352c98e502893dee405d0bd8301264fca3b79179 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Tue Aug 25 17:09:36 2015 +0200 arm: clarify the use of muldiv64() muldiv64() is used to convert microseconds into CPU ticks. But it is not clear and not commented. This patch uses macro to clearly identify what is used: time, CPU frequency and ticks. For an elapsed time and a given frequency, we compute how many ticks we have. Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ccaf1749239aa33c5a5b755972232ffe1c0cf946 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Tue Aug 25 17:17:15 2015 +0200 openrisc: remove muldiv64() Originally, timers were ticks based, and it made sense to add ticks to current time to know when to trigger an alarm. But since commit: 7447545 change all other clock references to use nanosecond resolution accessors All timers use nanoseconds and we need to convert ticks to nanoseconds, by doing something like: y = muldiv64(x, get_ticks_per_sec(), TIMER_FREQ) where x is the number of device ticks and y the number of system ticks. y is used as nanoseconds in timer functions, it works because 1 tick is 1 nanosecond. (get_ticks_per_sec() is 10^9) But as openrisc timer frequency is 20 MHz, we can also do: y = x * 50; /* 20 MHz period is 50 ns */ Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> commit 683dca6bd5057a87d9376475b0c7e30d56d8e532 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Tue Aug 25 16:16:21 2015 +0200 mips: remove muldiv64() Originally, timers were ticks based, and it made sense to add ticks to current time to know when to trigger an alarm. But since commit: 7447545 change all other clock references to use nanosecond resolution accessors All timers use nanoseconds and we need to convert ticks to nanoseconds, by doing something like: y = muldiv64(x, get_ticks_per_sec(), TIMER_FREQ) where x is the number of device ticks and y the number of system ticks. y is used as nanoseconds in timer functions, it works because 1 tick is 1 nanosecond. (get_ticks_per_sec() is 10^9) But as MIPS timer frequency is 100 MHz, we can also do: y = x * 10; /* 100 MHz period is 10 ns */ Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit c6acbe861f1ed4203f4864baf756686064ba561f Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Mon Aug 24 19:29:45 2015 +0200 pcnet: remove muldiv64() Originally, timers were ticks based, and it made sense to add ticks to current time to know when to trigger an alarm. But since commit: 7447545 change all other clock references to use nanosecond resolution accessors All timers use nanoseconds and we need to convert ticks to nanoseconds, by doing something like: y = muldiv64(x, get_ticks_per_sec(), PCI_FREQUENCY) where x is the number of device ticks and y the number of system ticks. y is used as nanoseconds in timer functions, it works because 1 tick is 1 nanosecond. (get_ticks_per_sec() is 10^9) But as PCI frequency is 33 MHz, we can also do: y = x * 30; /* 33 MHz PCI period is 30 ns */ Which is much more simple. This implies a 33.333333 MHz PCI frequency, but this is correct. Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 37b9ab92f7f8295c61daa4a8893eb8fb1add63e2 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Mon Aug 24 19:29:45 2015 +0200 rtl8139: remove muldiv64() Originally, timers were ticks based, and it made sense to add ticks to current time to know when to trigger an alarm. But since commit: 7447545 change all other clock references to use nanosecond resolution accessors All timers use nanoseconds and we need to convert ticks to nanoseconds, by doing something like: y = muldiv64(x, get_ticks_per_sec(), PCI_FREQUENCY) where x is the number of device ticks and y the number of system ticks. y is used as nanoseconds in timer functions, it works because 1 tick is 1 nanosecond. (get_ticks_per_sec() is 10^9) But as PCI frequency is 33 MHz, we can also do: y = x * 30; /* 33 MHz PCI period is 30 ns */ Which is much more simple. This implies a 33.333333 MHz PCI frequency, but this is correct. Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 9491e9bc019a365dfa9780f462984a0d052f4c0d Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Mon Aug 24 19:29:45 2015 +0200 i6300esb: remove muldiv64() Originally, timers were ticks based, and it made sense to add ticks to current time to know when to trigger an alarm. But since commit: 7447545 change all other clock references to use nanosecond resolution accessors All timers use nanoseconds and we need to convert ticks to nanoseconds, by doing something like: y = muldiv64(x, get_ticks_per_sec(), PCI_FREQUENCY) where x is the number of device ticks and y the number of system ticks. y is used as nanoseconds in timer functions, it works because 1 tick is 1 nanosecond. (get_ticks_per_sec() is 10^9) But as PCI frequency is 33 MHz, we can also do: y = x * 30; /* 33 MHz PCI period is 30 ns */ Which is much more simple. This implies a 33.333333 MHz PCI frequency, but this is correct. Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> commit 06c3916b35a1cf6db548450a0cfb96983c33c82f Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Tue Sep 8 11:28:33 2015 +0800 Backup: don't do copy-on-read in before_write_notifier We will copy data in before_write_notifier to do backup. It is a nested I/O request, so we cannot do copy-on-read. The steps to reproduce it: 1. -drive copy-on-read=on,... // qemu option 2. drive_backup -f disk0 /path_to_backup.img // monitor command Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Tested-by: Jeff Cody <jcody@xxxxxxxxxx> Message-id: 1441682913-14320-3-git-send-email-wency@xxxxxxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 9568b511c9f91c3d21ea3e83426d4ee7168c98bb Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Tue Sep 8 11:28:32 2015 +0800 block: Introduce a new API bdrv_co_no_copy_on_readv() In some cases, we need to disable copy-on-read, and just read the data. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Message-id: 1441682913-14320-2-git-send-email-wency@xxxxxxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 4da65c80921139f3e0ff63f5ea20c5d9c778364f Author: Liu Yuan <liuyuan@xxxxxxxxxxxxxxxxxxxx> Date: Fri Aug 28 10:53:58 2015 +0800 sheepdog: add reopen support With reopen supported, block-commit (and offline commit) is now supported for image files whose base image uses the Sheepdog protocol driver. Cc: qemu-devel@xxxxxxxxxx Cc: Jeff Cody <jcody@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Liu Yuan <liuyuan@xxxxxxxxxxxxxxxxxxxx> Message-id: 1440730438-24676-1-git-send-email-namei.unix@xxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 18a8056e0bc744e5dd2bb5cb998423b607d99f19 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Aug 27 12:30:41 2015 +0200 block/nfs: cache allocated filesize for read-only files If the file is readonly its not expected to grow so save the blocking call to nfs_fstat_async and use the value saved at connection time. Also important the monitor (and thus the main loop) will not hang if block device info is queried and the NFS share is unresponsive. Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: 1440671441-7978-1-git-send-email-pl@xxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 055c6f912c8d3cd9a901972ae432c47e5872f71a Author: Peter Lieven <pl@xxxxxxx> Date: Thu Aug 20 12:46:47 2015 +0200 block/nfs: fix calculation of allocated file size st.st_blocks is always counted in 512 byte units. Do not use st.st_blksize as multiplicator which may be larger. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Message-id: 1440067607-14547-1-git-send-email-pl@xxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 8e9620a683925daf9900c2ac5f2dfa14b6439932 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Fri Sep 25 11:38:36 2015 +0200 doc: Refresh URLs in the qemu-tech documentation The TwoOStwo and Willows page seem to have disappeared completely, and also some of the other links were not pointing to the right locations anymore. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Message-Id: <1443173916-8895-1-git-send-email-thuth@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 717171bd2025f732d7fcf43efc08f1551953a0e3 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Thu Sep 24 14:41:38 2015 +0100 docs: describe the QEMU build system structure / design Developers who are new to QEMU, or have a background familiarity with GNU autotools, can have trouble getting their head around the home-grown QEMU build system. This document attempts to explain the structure / design of the configure script and the various Makefile pieces that live across the source tree. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1443102098-13642-1-git-send-email-berrange@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ae1e93801d9a60642b349c571122909f0019d59e Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:25:01 2015 +0300 typedef: add typedef for QemuOpts This patch moves typedefs for QemuOpts and related types to qemu/typedefs.h file. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162501.8676.85435.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit a4fc321219cc1c6bd5ca1262cdbbb2e8cee8d56e Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:11 2015 +0300 i386: interrupt poll processing This patch updates x86_cpu_exec_interrupt function. It can process two interrupt request at a time (poll and another one). This makes its execution non-deterministic. Determinism is requred for recorded icount execution. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162410.8676.13042.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6220e900bcdc524a175b2d2e725ebb9bb11a0008 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:23:31 2015 +0300 i386: partial revert of interrupt poll fix Processing CPU_INTERRUPT_POLL requests in cpu_has_work functions break the determinism of cpu_exec. This patch is required to make interrupts processing deterministic. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162331.8676.15286.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 4ecd4d16a0af714ff7d9a1ad2559c621bf27649f Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 ppc: Rename ELF_MACHINE to be PPC specific Rename ELF_MACHINE to be PPC specific. This is used as-is by the various PPC bootloaders and is locally defined to ELF_MACHINE in linux user in PPC specific ifdeffery. This removes another architecture specific definition from the global namespace (as desired by multi-arch). Cc: Alexander Graf <agraf@xxxxxxx> Cc: qemu-ppc@xxxxxxxxxx Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit a5e8788f89312f19f54dba0454ee5bf7209b4cd7 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 i386: Rename ELF_MACHINE to be x86 specific Rename ELF_MACHINE to be I386 specific. This is used as-is by the multiboot loader. Linux-user previously used this definition but will not anymore, falling back to the default bahaviour of using ELF_ARCH as ELF_MACHINE. This removes another architecture specific definition from the global namespace. Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Acked-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit a0036becd80f8eae260df68d7f2fd2d8d7d90f35 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 alpha: Remove ELF_MACHINE from cpu.h ELF_MACHINE is unused by target alpha. Cc: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 04ce380e9e3fad1dbf4e86ebdf9315573a06b30e Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 mips: Remove ELF_MACHINE from cpu.h The only generic code relying on this is linux-user, but linux users' default behaviour of defaulting ELF_MACHINE to ELF_ARCH will handle this. The bootloaders can just pass EM_MIPS directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 77452383e0c45704e2339b58eac29a3730bc18b1 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 sparc: Remove ELF_MACHINE from cpu.h The bootloaders can just pass EM_SPARC or EM_SPARCV9 directly, as they are architecture specific code (to one or the other). This removes another architecture specific definition from the global namespace. Cc: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 99a4434ed7355ba9b282b872ba2c2eb294f5dbec Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 s390: Remove ELF_MACHINE from cpu.h The bootloader can just pass EM_S390 directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bf337d4eae5ccf4d7f5d91b8d4471e7523f051de Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 sh4: Remove ELF_MACHINE from cpu.h The only generic code relying on this is linux-user, but linux users' default behaviour of defaulting ELF_MACHINE to ELF_ARCH will handle this. This removes another architecture specific definition from the global namespace. Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Acked-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 943cd387223df9398279a473ef20605c315ed2df Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 xtensa: Remove ELF_MACHINE from cpu.h The bootloaders can just pass EM_XTENSA directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Max Filippov <jcmvbkbc@xxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7183128bc9f335d66ed84316431c14e733e01a03 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 tricore: Remove ELF_MACHINE from cpu.h The bootloader can just pass EM_TRICORE directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Acked-By: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ed03ecf8f07a0c59a2fb422f91e80a6edd068d06 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 or32: Remove ELF_MACHINE from cpu.h The only generic code relying on this is linux-user, but linux users' default behaviour of defaulting ELF_MACHINE to ELF_ARCH will handle this. The bootloader can just pass EM_OPENRISC directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Jia Liu <proljc@xxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 22d2fb4c594e8ac540f5b3132ce0d7a635112b1a Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 lm32: Remove ELF_MACHINE from cpu.h The bootloaders can just pass EM_LATTICEMICO32 directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Michael Walle <michael@xxxxxxxx> Acked-By: Michael Walle <michael@xxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 663c40a50d06c8c299cc7449bf2c7b8f3261c8a9 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 unicore: Remove ELF_MACHINE from cpu.h The only generic code relying on this is linux-user, but linux users' default behaviour of defaulting ELF_MACHINE to ELF_ARCH will handle this. This removes another architecture specific definition from the global namespace. Cc: Guan Xuetao <gxt@xxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b744d332f3ef17adc1219be7098b0a4cc30b2dbe Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 moxie: Remove ELF_MACHINE from cpu.h The bootloader can just pass EM_MOXIE directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Anthony Green <green@xxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7233df4949df2b6c2b417beaf336a180b3c66e25 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 cris: Remove ELF_MACHINE from cpu.h The only generic code relying on this is linux-user, but linux users' default behaviour of defaulting ELF_MACHINE to ELF_ARCH will handle this. The bootloader can just pass EM_CRIS directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 45e6b8b61a7bbb71d1fa6c4193b47ba3a1f9f033 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 m68k: Remove ELF_MACHINE from cpu.h The only generic code relying on this is linux-user, but linux users' default behaviour of defaulting ELF_MACHINE to ELF_ARCH will handle this. The machine model bootloaders can just pass EM_68K directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Laurent Vivier <laurent@xxxxxxxxx> Cc: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Reviewed-by: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Laurent Vivier <laurent@xxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f4fc2bbfa2abd655ddcc622a8ae18c368bbce992 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 mb: Remove ELF_MACHINE from cpu.h The only generic code relying on this is linux-user, but linux-users' default behaviour or setting ELF_MACHINE to ELF_ARCH will handle this. The microblaze bootloader can just pass EM_MICROBLAZE directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b597c3f7da17fcb37d394a16a6c0ef0a02846177 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:25 2015 -0700 arm: Remove ELF_MACHINE from cpu.h The only generic code relying on this is linux-user. Linux user already has a lot of #ifdef TARGET_ customisation so instead, define ELF_ARCH as either EM_ARM or EM_AARCH64 appropriately. The armv7m bootloader can just pass EM_ARM directly, as that is architecture specific code. Note that arm_boot already has its own logic selecting an arm specific elf machine so this makes V7M more consistent with arm_boot. This removes another architecture specific definition from the global namespace. Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 98dbe5aca8c328b40a0598d6ab478d9b869d1b5c Author: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Date: Sat Aug 29 12:07:50 2015 -0700 elf: Update EM_MOXIE definition EM_MOXIE now has a proper assigned elf code. Use it. Register the old interim value as EM_MOXIE_OLD and accept either in elf loading. Cc: Anthony Green <green@xxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7cc472218c807ef85714ec71b161c39ee29d634e Author: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Date: Mon Aug 17 21:53:16 2015 -0700 elf_ops: Fix coding style for EM alias case statement Fix the coding style for these cases as per CODING_STYLE. Reverse the Yoda conditions and add missing if braces. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d276a604bfba002aafc3af2a906b7412907ea598 Author: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Date: Sun Jul 19 11:29:32 2015 -0700 linux-user: elfload: Provide default for elf_check_arch For many arch's this macro is defined as the predicatable behaviour of checking the argument for eqaulity against ELF_ARCH. Provide a default define as such, so only archs with special handling (usually allowing multiple EM values) need to provide a def. Arches that do any of: 1: provide this def exactly the same way as the new default (alpha, x86_64) 2: check against ELF_MACHINE while defining ELF_ARCH == ELF_MACHINE (arm, aarch64) 3: check against EM_FOO directly while defining ELF_ARCH == EM_FOO (unicore32, sparc32, ppc32, mips, openrisc, sh4, cris, m86k) have their elf_check_arch removed as the default will provide the correct behaviour. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 75be901cdcd20acc724534e2dff58bc7b539292f Author: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Date: Sun Jul 19 05:02:37 2015 -0700 linux_user: elfload: Default ELF_MACHINE to ELF_ARCH In most (but not all) cases, ELF_MACHINE and ELF_ARCH are safely the same. Default ELF_MACHINE to ELF_ARCH. This makes defining ELF_MACHINE optional for target-*/cpu.h when they are known to match. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6bde8fd69f874a107f04cea2695ebece849213c5 Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:21 2015 +0300 hmp: implemented io apic dump state for TCG Added support emulator for the hmp command "info ioapic" Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-10-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d665d696c53f776ec2cb91505658969b9eb9906b Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:20 2015 +0300 hmp: added io apic dump state Added the hmp command to query io apic state, may be usefull after guest crashes to understand IRQ routing in guest. Implementation is only for kvm here. The dump will look like (qemu) info ioapic ioapic id=0x00 sel=0x26 (redir[11]) pin 0 0x0000000000010000 dest=0 vec=0 active-hi edge masked fixed physical pin 1 0x0000000000000031 dest=0 vec=49 active-hi edge fixed physical ... pin 23 0x0000000000010000 dest=0 vec=0 active-hi edge masked fixed physical IRR (none) Remote IRR (none) Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-9-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit af599407352a2e05235d96196e8841ad1b39dd0f Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:19 2015 +0300 ioapic_internal.h: added more constants Added the masks for easy access to fields of the redirection table entry Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-8-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 1f871d49e3446f34a434860ce403c43eaad820a1 Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:18 2015 +0300 hmp: added local apic dump state Added the hmp command to query local apic registers state, may be usefull after guest crashes to understand IRQ routing in guest. (qemu) info lapic dumping local APIC state for CPU 0 LVT0 0x00010700 active-hi edge masked ExtINT (vec 0) LVT1 0x00000400 active-hi edge NMI LVTPC 0x00010000 active-hi edge masked Fixed (vec 0) LVTERR 0x000000fe active-hi edge Fixed (vec 254) LVTTHMR 0x00010000 active-hi edge masked Fixed (vec 0) LVTT 0x000000ef active-hi edge one-shot Fixed (vec 239) Timer DCR=0x3 (divide by 16) initial_count = 61360 SPIV 0x000001ff APIC enabled, focus=off, spurious vec 255 ICR 0x000000fd physical edge de-assert no-shorthand ICR2 0x00000001 cpu 1 (X2APIC ID) ESR 0x00000000 ISR (none) IRR 239 APR 0x00 TPR 0x00 DFR 0x0f LDR 0x00 PPR 0x00 Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-7-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit caf15319e8b636a2606e232a95c1623857db8152 Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:17 2015 +0300 monitor: make monitor_fprintf and mon_get_cpu externally visible monitor_fprintf and mon_get_cpu will be used in the target-specific monitor, so it is advisable to make it external. Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-6-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b6cfc3c2ac5a1025d8fe7d74421a73ec495408f9 Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:16 2015 +0300 apic_internal.h: fix formatting and drop unused consts Fix formatting of local apic definitions and drop unused constant APIC_INPUT_POLARITY, APIC_SEND_PENDING. Magic numbers in shifts are replaced with constants defined just above. Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-5-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6519d187e301c5a14a8c9b32fb93027b04a4336d Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:15 2015 +0300 apic_internal.h: added more constants These constants are needed for optimal access to bit fields local apic registers without magic numbers. Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-4-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit a22bf99c5852f369dc620be2c3c93535a5b69a58 Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:14 2015 +0300 apic_internal.h: rename ESR_ILLEGAL_ADDRESS to APIC_ESR_ILLEGAL_ADDRESS Added prefix APIC_ for determining the constant of a particular subsystem, improve the overall readability and match other constant names. Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-3-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 82a5e042fafe3def60380c847fa194220069f888 Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:13 2015 +0300 apic_internal.h: make some apic_get_* functions externally visible Move apic_get_bit(), apic_set_bit() to apic_internal.h, make the apic_get_ppr symbol external. It's necessary to work with isr, tmr, irr and ppr outside hw/intc/apic.c Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-2-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2f5a3b1252ac238590cba83a38494e1103c32e4e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jul 30 10:21:00 2015 +0200 ioapic: fix contents of arbitration register The arbitration register should read to the same value as the IOAPIC id register. Fixes kvm-unit-tests ioapic.flat. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c5955a561ccdb95ede14e83de0ee8eec00868bd3 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jul 30 10:19:24 2015 +0200 ioapic: coalesce level interrupts If a level-triggered interrupt goes down and back up before the corresponding EOI, it should be coalesced. This fixes one testcase in kvm-unit-tests' ioapic.flat. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f536f1124265026a0ab597773bd9df396fb59565 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:40:00 2015 +0200 MAINTAINERS: add maintainer for network device front-ends Only "Odd Fixes" status, but let's add a point of contact. Cc: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 61af0ee61b551b64f9a59b7e08133e357cae4b64 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:40:00 2015 +0200 MAINTAINERS: add maintainer for character device front-ends Only "Odd Fixes" status, but let's add a point of contact. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 28d54e58fd21e3176a2825c824a5921215835a3c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:37:27 2015 +0200 MAINTAINERS: add IPack section Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0c6aa7ee4026105a43bc36b93279ecb8e55cd843 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:37:07 2015 +0200 MAINTAINERS: Add more s390 files Cc: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c17652ee4094ce4feb1daf2f064c45db0e58ed02 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:36:16 2015 +0200 MAINTAINERS: Add disassemblers to the various backends Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit dcc1a2fd95d9e3e786fd5c7c61466c2fccef1e31 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:35:49 2015 +0200 MAINTAINERS: there is no PPC64 TCG backend anymore PPC32 and PPC64 were unified. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ba10f729f1f158333fcffe00f8656365a74cc662 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:54:32 2015 +0200 get_maintainer.pl: \C is deprecated "Match a single C-language char (octet) even if that is part of a larger UTF-8 character. Thus it breaks up characters into their UTF-8 bytes, so you may end up with malformed pieces of UTF-8." Just use a period instead. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 500887768a2428e480d13f6f0978f85d349bc312 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Sep 18 16:18:40 2015 +0200 vhost-scsi: include linux/vhost.h Replace ad-hoc declarations with the linux header. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Message-Id: <1442585920-28373-1-git-send-email-marcandre.lureau@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 57f54629299de6ad2981a275049ace2c3c165173 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Sep 18 11:01:35 2015 +0100 Makefile: fix build when VPATH is outside GIT tree Steve Ellcey / Leon Alrae reported that QEMU fails to build when the VPATH directory is outside of the GIT tree, and the system emulators & tools build is disabled. eg cd .. mkdir build cd build ../qemu/configure --disable-system --disable-tools make (...) make[1]: *** No rule to make target `../qom/object.o', needed by `qemu-aarch64'. Stop. make: *** [subdir-aarch64-linux-user] Error 2 The problem is due to the fact that some sub directory deps were listed against SOFTMMU_SUBDIR_RULES instead of SUBDIR_RULES, so were only processed for system emulators, not user emalutors. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442570495-22029-1-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0eb2baeb449d27d6e6208a257dba6be1aad4d476 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Sep 16 17:26:16 2015 +0200 scsi-generic: let guests recognize readonly=on on passthrough devices Passed-through SCSI devices can be opened with the readonly=on option. When this happens, Linux filters away write commands so that the guest cannot overwrite the contents of the device. However, the guest does not know that the device is read-only, and accepts writes. The writes only fail later when the page cache is flushed. This patch modifies scsi-generic to modify the MODE SENSE data and set the read-only bit in the device-specific parameters, so that the guest OS treats the disk as write protected. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5e43efb29ae877da131e6c1a4761cd7f4eec5a16 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Sep 16 18:35:09 2015 +0200 checkpatch: do not recommend qemu_strtok over strtok If anything it should recommend strtok_r! Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fe8545386726a2b1f8af409bcd5ea3d33218af54 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Wed Sep 16 18:02:57 2015 +0200 tests: add some qemu_strtosz() tests While reading the function I decided to write some tests. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Message-Id: <1442419377-9309-2-git-send-email-marcandre.lureau@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 4677bb40f809394bef5fa07329dea855c0371697 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Wed Sep 16 18:02:56 2015 +0200 utils: rename strtosz to use qemu prefix Not only it makes sense, but it gets rid of checkpatch warning: WARNING: consider using qemu_strtosz in preference to strtosz Also remove get rid of tabs to please checkpatch. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Message-Id: <1442419377-9309-1-git-send-email-marcandre.lureau@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 48bec07e8de2782fea2ea293998044bef2ab676d Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Sep 16 14:52:23 2015 +0100 qemu-nbd: convert to use the QAPI SocketAddress object The qemu-nbd program currently uses a QemuOpts objects when setting up sockets. Switch it over to use the QAPI SocketAddress objects instead. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442411543-28513-3-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7a5ed43764c04866b7642c7b6afcfb67bd2d424f Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Sep 16 14:52:22 2015 +0100 nbd: convert to use the QAPI SocketAddress object The nbd block driver currently uses a QemuOpts object when setting up sockets. Switch it over to use the QAPI SocketAddress object instead. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442411543-28513-2-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f178bc6b68e6c65cda7354ec4a671860b3123f7a Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:56:48 2015 +0200 MAINTAINERS: add more devices to the PCI section Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 9cc3b73cd8a88e16756f5d14fa87e156a4ce1e8d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:56:47 2015 +0200 MAINTAINERS: add more devices to the PC section For chipset devices, I can co-maintain it with Michael. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8a47d575dfac0f6675e2ac56c5921cc520d021a6 Merge: 9438fe9 4d9310f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 24 22:09:41 2015 +0100 Merge remote-tracking branch 'remotes/weil/tags/pull-wxx-20150924' into staging wxx patch queue # gpg: Signature made Thu 24 Sep 2015 20:24:50 BST using RSA key ID 677450AD # gpg: Good signature from "Stefan Weil <sw@xxxxxxxxxxx>" # gpg: aka "Stefan Weil <stefan.weil@xxxxxxxxxxx>" # gpg: aka "Stefan Weil <stefan.weil@xxxxxxxxxxxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 4923 6FEA 75C9 5D69 8EC2 B78A E08C 21D5 6774 50AD * remotes/weil/tags/pull-wxx-20150924: oslib-win32: only provide localtime_r/gmtime_r if missing gtk: avoid redefining _WIN32_WINNT macro qemu-thread: add a fast path to the Win32 QemuEvent slirp: Fix non blocking connect for w32 nsis: Add QEMU version information to Windows registry Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4d9310f427b477a126f6f2006c3a73b9764948b6 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Sep 22 15:13:26 2015 +0100 oslib-win32: only provide localtime_r/gmtime_r if missing The oslib-win32 file currently provides a localtime_r and gmtime_r replacement unconditionally. Some versions of Mingw-w64 would provide crude macros for localtime_r/gmtime_r which QEMU takes care to disable. Latest versions of Mingw-w64 now provide actual functions for localtime_r/gmtime_r, but with a twist that you have to include unistd.h or pthread.h before including time.h. By luck some files in QEMU have such an include order, resulting in compile errors: CC util/osdep.o In file included from include/qemu-common.h:48:0, from util/osdep.c:48: include/sysemu/os-win32.h:77:12: error: redundant redeclaration of 'gmtime_r' [-Werror=redundant-decls] struct tm *gmtime_r(const time_t *timep, struct tm *result); ^ In file included from include/qemu-common.h:35:0, from util/osdep.c:48: /usr/i686-w64-mingw32/sys-root/mingw/include/time.h:272:107: note: previous definition of 'gmtime_r' was here In file included from include/qemu-common.h:48:0, from util/osdep.c:48: include/sysemu/os-win32.h:79:12: error: redundant redeclaration of 'localtime_r' [-Werror=redundant-decls] struct tm *localtime_r(const time_t *timep, struct tm *result); ^ In file included from include/qemu-common.h:35:0, from util/osdep.c:48: /usr/i686-w64-mingw32/sys-root/mingw/include/time.h:269:107: note: previous definition of 'localtime_r' was here This change adds a configure test to see if localtime_r exits, and only enables the QEMU impl if missing. We also re-arrange qemu-common.h try attempt to guarantee that all source files get unistd.h before time.h and thus see the localtime_r/gmtime_r defs. [sw: Use "official" spellings for Mingw-w64, MinGW in comments.] [sw: Terminate sentences with a dot in comments.] Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> commit c8f3f17cf1015d6621f79aa6a88280539621a108 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Sep 8 11:34:35 2015 +0100 gtk: avoid redefining _WIN32_WINNT macro When building for Mingw64 target on Fedora 22 a warning is issued about _WIN32_WINNT being redefined. In file included from ui/gtk.c:40:0: include/ui/gtk.h:5:0: warning: "_WIN32_WINNT" redefined # define _WIN32_WINNT 0x0601 /* needed to get definition of MAPVK_VK_TO_VSC */ ^ In file included from /usr/i686-w64-mingw32/sys-root/mingw/include/crtdefs.h:10:0, from /usr/i686-w64-mingw32/sys-root/mingw/include/stdio.h:9, from /home/berrange/src/virt/qemu/include/qemu/fprintf-fn.h:12, from /home/berrange/src/virt/qemu/include/qemu-common.h:18, from ui/gtk.c:37: /usr/i686-w64-mingw32/sys-root/mingw/include/_mingw.h:225:0: note: this is the location of the previous definition #define _WIN32_WINNT 0x502 ^ Rather than try to get MAPVK_VK_TO_VSC defined indirectly by defining _WIN32_WINNT, instead just define it explicitly if missing. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7c9b2bf67775ecc1359ce973580807d173e7f710 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Aug 12 15:38:18 2015 +0200 qemu-thread: add a fast path to the Win32 QemuEvent QemuEvents are used heavily by call_rcu. We do not want them to be slow, but the current implementation does a kernel call on every invocation of qemu_event_* and won't cut it. So, wrap a Win32 manual-reset event with a fast userspace path. The states and transitions are the same as for the futex and mutex/condvar implementations, but the slow path is different of course. The idea is to reset the Win32 event lazily, as part of a test-reset-test-wait sequence. Such a sequence is, indeed, how QemuEvents are used by RCU and other subsystems! The patch includes a formal model of the algorithm. Tested-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> commit a246a01631f90230374c2b8ffce608232e2aa654 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Thu Jul 30 23:08:12 2015 +0200 slirp: Fix non blocking connect for w32 Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> commit 805d8a67647768173c27761cd86e6f99a9d3b7cd Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Sun May 3 19:57:09 2015 +0200 nsis: Add QEMU version information to Windows registry The uninstall keys include an option key "DisplayVersion" which we set now. By default the version value is read from file VERSION, but it is also possible to pass VERSION=#.#.# to make. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> commit 9438fe9e56760e5e5e11d6c7d12ed9c64a0c8446 Merge: eb9d0ea 7b02f54 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 24 17:04:31 2015 +0100 Merge remote-tracking branch 'remotes/elmarco/tags/rm-libcacard' into staging Remove libcacard # gpg: Signature made Wed 23 Sep 2015 22:37:11 BST using RSA key ID 75969CE5 # gpg: Good signature from "Marc-André Lureau <marcandre.lureau@xxxxxxxxxx>" # gpg: aka "Marc-André Lureau <marcandre.lureau@xxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 87A9 BD93 3F87 C606 D276 F62D DAE8 E109 7596 9CE5 * remotes/elmarco/tags/rm-libcacard: libcacard: use the standalone project Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7263a0ad7899994b719ebed736a1119cc2e08110 Author: Changchun Ouyang <changchun.ouyang@xxxxxxxxx> Date: Wed Sep 23 12:20:01 2015 +0800 vhost-user: add a new message to disable/enable a specific virt queue. Add a new message, VHOST_USER_SET_VRING_ENABLE, to enable or disable a specific virt queue, which is similar to attach/detach queue for tap device. virtio driver on guest doesn't have to use max virt queue pair, it could enable any number of virt queue ranging from 1 to max virt queue pair. Signed-off-by: Changchun Ouyang <changchun.ouyang@xxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> commit b931bfbf042983f311b3b09894d8030b2755a638 Author: Changchun Ouyang <changchun.ouyang@xxxxxxxxx> Date: Wed Sep 23 12:20:00 2015 +0800 vhost-user: add multiple queue support This patch is initially based a patch from Nikolay Nikolaev. This patch adds vhost-user multiple queue support, by creating a nc and vhost_net pair for each queue. Qemu exits if find that the backend can't support the number of requested queues (by providing queues=# option). The max number is queried by a new message, VHOST_USER_GET_QUEUE_NUM, and is sent only when protocol feature VHOST_USER_PROTOCOL_F_MQ is present first. The max queue check is done at vhost-user initiation stage. We initiate one queue first, which, in the meantime, also gets the max_queues the backend supports. In older version, it was reported that some messages are sent more times than necessary. Here we came an agreement with Michael that we could categorize vhost user messages to 2 types: non-vring specific messages, which should be sent only once, and vring specific messages, which should be sent per queue. Here I introduced a helper function vhost_user_one_time_request(), which lists following messages as non-vring specific messages: VHOST_USER_SET_OWNER VHOST_USER_RESET_DEVICE VHOST_USER_SET_MEM_TABLE VHOST_USER_GET_QUEUE_NUM For above messages, we simply ignore them when they are not sent the first time. Signed-off-by: Nikolay Nikolaev <n.nikolaev@xxxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Changchun Ouyang <changchun.ouyang@xxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> commit fc57fd9900dc6344b8833e7641f63cddc6840301 Author: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Date: Wed Sep 23 12:19:59 2015 +0800 vhost: introduce vhost_backend_get_vq_index method Minusing the idx with the base(dev->vq_index) for vhost-kernel, and then adding it back for vhost-user doesn't seem right. Here introduces a new method vhost_backend_get_vq_index() for getting the right vq index for following vhost messages calls. Suggested-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> commit e2051e9e004649b53af4db34f78c689fb44e075b Author: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Date: Wed Sep 23 12:19:58 2015 +0800 vhost-user: add VHOST_USER_GET_QUEUE_NUM message This is for querying how many queues the backend supports if it has mq support(when VHOST_USER_PROTOCOL_F_MQ flag is set from the quried protocol features). vhost_net_get_max_queues() is the interface to export that value, and to tell if the backend supports # of queues user requested, which is done in the following patch. Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> commit d1f8b30ec8dde0318fd1b98d24a64926feae9625 Author: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Date: Wed Sep 23 12:19:57 2015 +0800 vhost: rename VHOST_RESET_OWNER to VHOST_RESET_DEVICE Quote from Michael: We really should rename VHOST_RESET_OWNER to VHOST_RESET_DEVICE. Suggested-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> commit dcb10c000cdd4d14f5ac4f07b04fb666494ef4a8 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Sep 23 12:19:56 2015 +0800 vhost-user: add protocol feature negotiation Support a separate bitmask for vhost-user protocol features, and messages to get/set protocol features. Invoke them at init. No features are defined yet. [ leverage vhost_user_call for request handling -- Yuanhan Liu ] Signed-off-by: Michael S. Tsirkin <address@hidden> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> commit 7305483a3d113456681ba6c6e8dd41513decd5f6 Author: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Date: Wed Sep 23 12:19:55 2015 +0800 vhost-user: use VHOST_USER_XXX macro for switch statement So that we could let vhost_user_call to handle extented requests, such as VHOST_USER_GET/SET_PROTOCOL_FEATURES, instead of invoking vhost_user_read/write and constructing the msg again by ourself. Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> commit 542571d523268357fd8f5b1a523ba2a6191c4c18 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Sep 11 15:16:44 2015 +0200 virtio-ccw: enable virtio-1 Let's enable revision 1 for virtio-ccw devices. We can always offer VERSION_1 as drivers in legacy mode won't be able to see it anyway. We have to introduce a way to set a lower maximum revision for a device to accommodate the following cases: - compat machines (to enforce legacy only) - virtio-blk with scsi support (version 1 + scsi is fenced by common code, with a user-configured max revision of 0 we can allow scsi via not offering VERSION_1) Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b4f8f9df152fca0e79b7a3ca40a3eea700a40855 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Sep 11 15:16:43 2015 +0200 virtio-ccw: feature bits > 31 handling We currently switch off the VERSION_1 feature bit if the guest has not negotiated at least revision 1. As no feature bits beyond 31 are valid however unless VERSION_1 has been negotiated, make sure that legacy guests never see a feature bit beyond 31. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 79cd0c80f82215a32890e3d30ff621b32ece5156 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Sep 11 15:16:42 2015 +0200 virtio-ccw: support ring size changes Wire up changing the ring size for virtio-1 devices. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 46c5d0823d0186daf4064065bf739858dadfcf8c Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Sep 11 15:16:41 2015 +0200 virtio: ring sizes vs. reset We allow guests to change the size of the virtqueue rings by supplying a number of buffers that is different from the number of buffers the device was initialized with. Current code has some problems, however, since reset does not reset the ringsizes to the default values (as this is not saved anywhere). Let's extend the core code to keep track of the default ringsizes and migrate them once the guest changed them for any of the virtqueues for a device. Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 87e896abe6d926caba19a9b8a83936fca2137f05 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 11 17:14:25 2015 -0300 pc: Introduce pc-*-2.5 machine classes Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 254bdb1cbfd467ff9897c75a28a472e4381ce4cf Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 11 17:14:24 2015 -0300 q35: Move options common to all classes to pc_i440fx_machine_options() The existing default_machine_opts and default_display settings will still apply to future machine classes. So it makes sense to move them to pc_i440fx_machine_options() instead of keeping them in a version-specific machine_options function. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 0b7783a79ef73a06f3a67b68e72d109afe975b77 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 11 17:14:23 2015 -0300 q35: Move options common to all classes to pc_q35_machine_options() The existing default_machine_opts, default_display, no_floppy, and no_tco settings will still apply to future machine classes. So it makes sense to move them to pc_q35_machine_options() instead of keeping them in a version-specific machine_options function. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1f8828ef573c83365b4a87a776daf8bcef1caa21 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Sep 11 16:01:56 2015 +0800 virtio-net: unbreak self announcement and guest offloads after migration After commit 019a3edbb25f1571e876f8af1ce4c55412939e5d ("virtio: make features 64bit wide"). Device's guest_features was actually set after vdc->load(). This breaks the assumption that device specific load() function can check guest_features. For virtio-net, self announcement and guest offloads won't work after migration. Fixing this by defer them to virtio_net_load() where guest_features were guaranteed to be set. Other virtio devices looks fine. Fixes: 019a3edbb25f1571e876f8af1ce4c55412939e5d ("virtio: make features 64bit wide") Cc: qemu-stable@xxxxxxxxxx Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 50764fc8a382dc17ccc06c0ba29184d0fd73016e Author: Pierre Morel <pmorel@xxxxxxxxxxxxxxxxxx> Date: Thu Sep 10 13:37:10 2015 +0200 virtio: right size for virtio_queue_get_avail_size Being working on dataplane I notice something strange: virtio_queue_get_avail_size() used a 64bit size index for the calculation of the available ring size. It is quite strange but it did work with the old calculation of the avail ring, at most with performance penalty, and I wonder where I missed something. This patch let use a 16bit size as defined in virtio_ring.h Signed-off-by: Pierre Morel <pmorel@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 9d146b2e2fbc1c2e42be1e3ee6c0d507ea79f0f9 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 21:27:17 2015 -0600 vfio/pci: Remove use of g_malloc0_n() from quirks For compatibility with glib 2.22. Reported-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit eb9d0ea063fc7bdfab76b84085602a9e48d13ec7 Merge: fefa4b1 85b4d5d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 24 01:32:11 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150924' into staging target-arm queue: * support VGICv3 in KVM * fix bug in ACPI table entries for flash devices in virt board * update Allwinner entry in MAINTAINERS # gpg: Signature made Thu 24 Sep 2015 01:29:55 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150924: MAINTAINERS: update Allwinner A10 maintainer hw/arm/virt-acpi-build: Fix wrong size of flash in ACPI table hw/arm/virt: Add gic-version option to virt machine hw/intc: Initial implementation of vGICv3 arm_kvm: Do not assume particular GIC type in kvm_arch_irqchip_create() intc/gic: Extract some reusable vGIC code hw/intc: Implement GIC-500 base class Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 85b4d5dae12580ecdd446c0f71afa04a95641c91 Author: Beniamino Galvani <b.galvani@xxxxxxxxx> Date: Thu Sep 24 01:29:37 2015 +0100 MAINTAINERS: update Allwinner A10 maintainer Change the maintainer for Allwinner A10 to myself as Li Guang's mail address bounces. While at it, extend the file pattern for the entry to include allwinner_emac.[ch]. Signed-off-by: Beniamino Galvani <b.galvani@xxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 1442865156-5598-1-git-send-email-b.galvani@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cd37aaf876717a75d7af3a7465e8706cc4e13661 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Thu Sep 24 01:29:37 2015 +0100 hw/arm/virt-acpi-build: Fix wrong size of flash in ACPI table While virt machine creates two flash devices with total size 0x08000000, the ACPI table generation code was wrongly using this total size as the size of each flash device, so it would overlap other MMIO spaces. Make each device entry in the table half the total; this brings the ACPI table into line with the code which generates the device tree and which creates the flash devices themselves. Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Andrew Jones <drjones@xxxxxxxxxx> Reviewed-by: Wei Huang <wei@xxxxxxxxxx> Tested-by: Graeme Gregory <graeme.gregory@xxxxxxxxxx> Message-id: 1442455041-6596-1-git-send-email-shannon.zhao@xxxxxxxxxx [PMM: edited commit message] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b92ad3949bc9cacd1652b4e07e7f6003b9e512af Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Sep 24 01:29:37 2015 +0100 hw/arm/virt: Add gic-version option to virt machine Add gic_version to VirtMachineState, set it to value of the option and pass it around where necessary. Instantiate devices and fdt nodes according to the choice. max_cpus for virt machine increased to 123 (calculated from redistributor space available in the memory map). GICv2 compatibility check happens inside arm_gic_common_realize(). ITS region is added to the memory map too, however currently it not used, just reserved. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Tested-by: Ashok kumar <ashoks@xxxxxxxxxxxx> [PMM: Added missing cpu_to_le* calls, thanks to Shannon Zhao] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a7bf30342e6a7924132a5c70047928261d3c7e42 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Sep 24 01:29:37 2015 +0100 hw/intc: Initial implementation of vGICv3 This is the initial version of KVM-accelerated GICv3 support. State load and save are not yet supported, live migration is not possible. In order to get correct class name in a simpler way, gicv3_class_name() function is implemented, similar to gic_class_name(). Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Ashok kumar <ashoks@xxxxxxxxxxxx> Message-id: 69d8f01d14994d7a1a140e96aef59fd332d02293.1441784344.git.p.fedin@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 34e85cd9173816cd48f5578c7838c26afbe592c4 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Sep 24 01:29:37 2015 +0100 arm_kvm: Do not assume particular GIC type in kvm_arch_irqchip_create() This allows us to use different GIC types from v2. There are no kernels which could advertise KVM_CAP_DEVICE_CTRL without the actual ability to create GIC with it. GIC version probe code moved to kvm_arm_vgic_probe() which will be used later. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Eric Auger <eric.auger@xxxxxxxxxx> Tested-by: Ashok kumar <ashoks@xxxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 015f4d9e4a8a50dfbdd734c4730558e24a69c6dc.1441784344.git.p.fedin@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4b3cfe72d9b9c53be31a88e7eebdda14f1757d3e Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Sep 24 01:29:36 2015 +0100 intc/gic: Extract some reusable vGIC code Some functions previously used only by vGICv2 are useful also for vGICv3 implementation. Untie them from GICState and make accessible from within other modules: - kvm_arm_gic_set_irq() - kvm_gic_supports_attr() - moved to common code and renamed to kvm_device_check_attr() - kvm_gic_access() - turned into GIC-independent kvm_device_access(). Data pointer changed to void * because some GICv3 registers are 64-bit wide Some of these changes are not used right now, but they will be helpful for implementing live migration. Actually kvm_dist_get() and kvm_dist_put() could also be made reusable, but they would require two extra parameters (s->dev_fd and s->num_cpu) as well as lots of typecasts of 's' to DeviceState * and back to GICState *. This makes the code very ugly so i decided to stop at this point. I tried also an approach with making a base class for all possible GICs, but it would contain only three variables (dev_fd, cpu_num and irq_num), and accessing them through the rest of the code would be again tedious (either ugly casts or qemu-style separate object pointer). So i disliked it too. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Tested-by: Ashok kumar <ashoks@xxxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 2ef56d1dd64ffb75ed02a10dcdaf605e5b8ff4f8.1441784344.git.p.fedin@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ff8f06ee7680fb505079d33caaf8f5ebff0853bc Author: Shlomo Pongratz <shlomo.pongratz@xxxxxxxxxx> Date: Thu Sep 24 01:29:36 2015 +0100 hw/intc: Implement GIC-500 base class This class is to be used by both software and KVM implementations of GICv3 Currently it is mostly a placeholder, but in future it is supposed to hold qemu's representation of GICv3 state, which is necessary for migration. The interface of this class is fully compatible with GICv2 one. This is done in order to simplify integration with existing code. Signed-off-by: Shlomo Pongratz <shlomo.pongratz@xxxxxxxxxx> Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Eric Auger <eric.auger@xxxxxxxxxx> Tested-by: Ashok kumar <ashoks@xxxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: aff8baaee493cdcab0694b4a1d4dd5ff27c37ed2.1441784344.git.p.fedin@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7b02f5447c64d1854468f758398c9f6fe9e5721f Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Sun Aug 30 11:48:40 2015 +0200 libcacard: use the standalone project libcacard is now a standalone project hosted with the Spice project (see the 2.5.0 release announcement), remove it from qemu tree. Use the library if found during configure or if --enable-smartcard. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Tokarev <mjt@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Tested-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fefa4b128de06cec6d513f00ee61e8208aed4a87 Merge: 684bb57 89dcccc Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Sep 23 21:39:46 2015 +0100 Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150923.0' into staging VFIO updates 2015-09-23 - Tracing improvements to use common prefixes for functional areas - Quirks overhaul: - Split PCI quirks to separate file - Make them understandable and more extensible - Improve use of MemoryRegions and eliminate use of target pagesize - Eliminate build-time debugging, everything migrated to runtime opts # gpg: Signature made Wed 23 Sep 2015 21:09:05 BST using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex@xxxxxxxxxxx>" # gpg: aka "Alex Williamson <alwillia@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex.l.williamson@xxxxxxxxx>" * remotes/awilliam/tags/vfio-update-20150923.0: vfio/pci: Add emulated PCI IDs vfio/pci: Cache vendor and device ID vfio/pci: Move AMD device specific reset to quirks vfio/pci: Remove old config window and mirror quirks vfio/pci: Config mirror quirk vfio/pci: Config window quirks vfio/pci: Rework RTL8168 quirk vfio/pci: Cleanup Nvidia 0x3d0 quirk vfio/pci: Cleanup ATI 0x3c3 quirk vfio/pci: Foundation for new quirk structure vfio/pci: Cleanup ROM blacklist quirk vfio/pci: Split quirks to a separate file vfio/pci: Extract PCI structures to a separate header vfio: Change polarity of our no-mmap option vfio/pci: Make interrupt bypass runtime configurable vfio/pci: Rename MSI/X functions for easier tracing vfio/pci: Rename INTx functions for easier tracing vfio/pci: Cleanup vfio_early_setup_msix() error path vfio/pci: Cleanup RTL8168 quirk and tracing Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 89dcccc5931cc8afc2ccc7cd378695165768148b Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:49 2015 -0600 vfio/pci: Add emulated PCI IDs Specifying an emulated PCI vendor/device ID can be useful for testing various quirk paths, even though the behavior and functionality of the device with bogus IDs is fully unsupportable. We need to use a uint32_t for the vendor/device IDs, even though the registers themselves are only 16-bit in order to be able to determine whether the value is valid and user set. The same support is added for subsystem vendor/device ID, though these have the possibility of being useful and supported for more than a testing tool. An emulated platform might want to impose their own subsystem IDs or at least hide the physical subsystem ID. Windows guests will often reinstall drivers due to a change in subsystem IDs, something that VM users may want to avoid. Of course careful attention would be required to ensure that guest drivers do not rely on the subsystem ID as a basis for device driver quirks. All of these options are added using the standard experimental option prefix and should not be considered stable. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit ff635e3775447b7e797f1bad8cf33403199faba1 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:49 2015 -0600 vfio/pci: Cache vendor and device ID Simplify access to commonly referenced PCI vendor and device ID by caching it on the VFIOPCIDevice struct. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit c9c5000991148383d628aac59f1593937be572e4 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:49 2015 -0600 vfio/pci: Move AMD device specific reset to quirks This is just another quirk, for reset rather than affecting memory regions. Move it to our new quirks file. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 958d553405462e95b9d15e8ca6cfb602f7815277 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:48 2015 -0600 vfio/pci: Remove old config window and mirror quirks These are now unused. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 0d38fb1c5f921acc050d5f80a2ff4e627b565494 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:48 2015 -0600 vfio/pci: Config mirror quirk Re-implement our mirror quirk using the new infrastructure. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 0e54f24a5b4bb756715928058b60a7d5f70ccd7f Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:48 2015 -0600 vfio/pci: Config window quirks Config windows make use of an address register and a data register. In VGA cards, these are often used to provide real mode code in the BIOS an easy way to access MMIO registers since the window often resides in an I/O port register. When the MMIO register has a mirror of PCI config space, we need to trap those accesses and redirect them to emulated config space. The previous version of this functionality made use of a single MemoryRegion and single match address. This version uses separate MemoryRegions for each of the address and data registers and allows for multiple match addresses. This is useful for Nvidia cards which have two ranges which index into PCI config space. The previous implementation is left for the follow-on patch for a more reviewable diff. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 954258a5f11b51abd1ceed7c96d1204d4cef1353 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:47 2015 -0600 vfio/pci: Rework RTL8168 quirk Another rework of this quirk, this time to update to the new quirk structure. We can handle the address and data registers with separate MemoryRegions and a quirk specific data structure, making the code much more understandable. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 6029a424be37e0d7949546af7593b9b604611480 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:47 2015 -0600 vfio/pci: Cleanup Nvidia 0x3d0 quirk The Nvidia 0x3d0 quirk makes use of a two separate registers and gives us our first chance to make use of separate memory regions for each to simplify the code a bit. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit b946d286114e09a81c303c7ec8ec3f7b33dff9e8 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:47 2015 -0600 vfio/pci: Cleanup ATI 0x3c3 quirk This is an easy quirk that really doesn't need a data structure if its own. We can pass vdev as the opaque data and access to the MemoryRegion isn't required. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 8c4f234853d9d438dc1733ca98674b1139a87c99 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:46 2015 -0600 vfio/pci: Foundation for new quirk structure VFIOQuirk hosts a single memory region and a fixed set of data fields that try to handle all the quirk cases, but end up making those that don't exactly match really confusing. This patch introduces a struct intended to provide more flexibility and simpler code. VFIOQuirk is stripped to its basics, an opaque data pointer for quirk specific data and a pointer to an array of MemoryRegions with a counter. This still allows us to have common teardown routines, but adds much greater flexibility to support multiple memory regions and quirk specific data structures that are easier to maintain. The existing VFIOQuirk is transformed into VFIOLegacyQuirk, which further patches will eliminate entirely. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 056dfcb695cde3c62b7dc1d5ed6d2e38b3a73e29 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:45 2015 -0600 vfio/pci: Cleanup ROM blacklist quirk Create a vendor:device ID helper that we'll also use as we rework the rest of the quirks. Re-reading the config entries, even if we get more blacklist entries, is trivial overhead and only incurred during device setup. There's no need to typedef the blacklist structure, it's a static private data type used once. The elements get bumped up to uint32_t to avoid future maintenance issues if PCI_ANY_ID gets used for a blacklist entry (avoiding an actual hardware match). Our test loop is also crying out to be simplified as a for loop. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit c00d61d8fa22b096b15e19ee2fde846ffc1c0b5d Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:45 2015 -0600 vfio/pci: Split quirks to a separate file Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 78f33d2bfd26ec552d9e824bcc1dbb8e2736ce34 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:44 2015 -0600 vfio/pci: Extract PCI structures to a separate header Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 5e15d79b8681c7f4e2079833288785708e7520d3 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:44 2015 -0600 vfio: Change polarity of our no-mmap option The default should be to allow mmap and new drivers shouldn't need to expose an option or set it to other than the allocation default in their initfn. Take advantage of the experimental flag to change this option to the correct polarity. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 46746dbaa8c2c421b9bda78193caad57d7fb1136 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:44 2015 -0600 vfio/pci: Make interrupt bypass runtime configurable Tracing is more effective when we can completely disable all KVM bypass paths. Make these runtime rather than build-time configurable. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 0de70dc7bab1cd58d02e86ed27e291843983b13b Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:43 2015 -0600 vfio/pci: Rename MSI/X functions for easier tracing This allows vfio_msi* tracing. The MSI/X interrupt tracing is also pulled out of #ifdef DEBUG_VFIO to avoid a recompile for tracing this path. A few cycles to read the message is hardly anything if we're already in QEMU. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 870cb6f104e5d3364288d894746dd88fe9ac59cb Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:43 2015 -0600 vfio/pci: Rename INTx functions for easier tracing Rename functions and tracing callbacks so that we can trace vfio_intx* to see all the INTx related activities. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit b5bd049fa907bccc4600ad1855e1c9c0e62f0be3 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:43 2015 -0600 vfio/pci: Cleanup vfio_early_setup_msix() error path With the addition of the Chelsio quirk we have an error path out of vfio_early_setup_msix() that doesn't free the allocated VFIOMSIXInfo struct. This doesn't introduce a leak as it still gets freed in the vfio_put_device() path, but it's complicated and sloppy to rely on that. Restructure to free the allocated data on error and only link it into the vdev on success. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> Reported-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit d451008e0fdf7fb817c791397e7999d5f3687e58 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:42 2015 -0600 vfio/pci: Cleanup RTL8168 quirk and tracing There's quite a bit of cleanup that can be done to the RTL8168 quirk, as well as the tracing to prevent a spew of uninteresting accesses for anything else the driver might choose to use the window registers for besides the MSI-X table. There should be no functional change, but it's now possible to get compact and useful traces by enabling vfio_rtl8168_quirk*, ex: vfio_rtl8168_quirk_write 0000:04:00.0 [address]: 0x1f000 vfio_rtl8168_quirk_read 0000:04:00.0 [address]: 0x8001f000 vfio_rtl8168_quirk_read 0000:04:00.0 [data]: 0xfee0100c vfio_rtl8168_quirk_write 0000:04:00.0 [address]: 0x1f004 vfio_rtl8168_quirk_read 0000:04:00.0 [address]: 0x8001f004 vfio_rtl8168_quirk_read 0000:04:00.0 [data]: 0x0 vfio_rtl8168_quirk_write 0000:04:00.0 [address]: 0x1f008 vfio_rtl8168_quirk_read 0000:04:00.0 [address]: 0x8001f008 vfio_rtl8168_quirk_read 0000:04:00.0 [data]: 0x49b1 vfio_rtl8168_quirk_write 0000:04:00.0 [address]: 0x1f00c vfio_rtl8168_quirk_read 0000:04:00.0 [address]: 0x8001f00c vfio_rtl8168_quirk_read 0000:04:00.0 [data]: 0x0 Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 684bb5770ec5d72a66620f64fc5d9672bf8d3509 Merge: 27c7275 d76548a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Sep 23 16:52:54 2015 +0100 Merge remote-tracking branch 'remotes/dgibson/tags/spapr-next-20150923' into staging sPAPR Patch Queue: 2015-09-23 Highlights: * pseries-2.5 machine type * Memory hotplug for "pseries" guests * Fixes to the PAPR Dynamic Reconfiguration hotplug code * Several PAPR compliance fixes * New SLOF with: * GPT support * Much faster VGA handling # gpg: Signature made Wed 23 Sep 2015 02:50:10 BST using DSA key ID FDDA6FC6 # gpg: Good signature from "David Gibson <david@xxxxxxxxxxxxxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: F730 2185 38B4 D13E FD80 34F2 6882 CAC6 FDDA 6FC6 * remotes/dgibson/tags/spapr-next-20150923: (36 commits) sPAPR: Enable EEH on VFIO PCI device only sPAPR: Revert don't enable EEH on emulated PCI devices ppc/spapr: Implement H_RANDOM hypercall in QEMU ppc/spapr: Fix buffer overflow in spapr_populate_drconf_memory() spapr: Fix default NUMA node allocation for threads spapr: Move memory hotplug to RTAS_LOG_V6_HP_ID_DRC_COUNT type spapr: Support hotplug by specifying DRC count spapr: Revert to memory@XXXX representation for non-hotplugged memory spapr: Populate ibm,associativity-lookup-arrays correctly for non-NUMA spapr: Provide better error message when slots exceed max allowed spapr: Don't allow memory hotplug to memory less nodes spapr: Memory hotplug support spapr: Make hash table size a factor of maxram_size spapr: Support ibm,dynamic-reconfiguration-memory spapr: Add LMB DR connectors spapr: Use QEMU limit for maximum CPUs number spapr: Don't use QOM [*] syntax for DR connectors. spapr_drc: use RTAS return codes for methods called by RTAS spapr: Initialize hotplug memory address space spapr_drc: don't allow 'empty' DRCs to be unisolated or allocated ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d76548a98f4e18d3c65a3d921bbb70caf9be6138 Author: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Date: Fri Sep 18 17:30:44 2015 +1000 sPAPR: Enable EEH on VFIO PCI device only This checks if the PCI device retrieved from the PCI device address is VFIO PCI device when enabling EEH functionality. If it's not VFIO PCI device, the EEH functonality isn't enabled. Signed-off-by: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 47445c80fb57035331574ac1ac0bcee67fb84aeb Author: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Date: Fri Sep 18 17:30:43 2015 +1000 sPAPR: Revert don't enable EEH on emulated PCI devices This reverts commit 7cb18007 ("sPAPR: Don't enable EEH on emulated PCI devices") as rtas_ibm_set_eeh_option() isn't the right place to check if there has the corresponding PCI device for the input address, which can be PE address, not PCI device address. Signed-off-by: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 4d9392be6c1aada69ce86c0f6584128976985394 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu Sep 17 10:49:41 2015 +0200 ppc/spapr: Implement H_RANDOM hypercall in QEMU The PAPR interface defines a hypercall to pass high-quality hardware generated random numbers to guests. Recent kernels can already provide this hypercall to the guest if the right hardware random number generator is available. But in case the user wants to use another source like EGD, or QEMU is running with an older kernel, we should also have this call in QEMU, so that guests that do not support virtio-rng yet can get good random numbers, too. This patch now adds a new pseudo-device to QEMU that either directly provides this hypercall to the guest or is able to enable the in-kernel hypercall if available. The in-kernel hypercall can be enabled with the use-kvm property, e.g.: qemu-system-ppc64 -device spapr-rng,use-kvm=true For handling the hypercall in QEMU instead, a "RngBackend" is required since the hypercall should provide "good" random data instead of pseudo-random (like from a "simple" library function like rand() or g_random_int()). Since there are multiple RngBackends available, the user must select an appropriate back-end via the "rng" property of the device, e.g.: qemu-system-ppc64 -object rng-random,filename=/dev/hwrng,id=gid0 \ -device spapr-rng,rng=gid0 ... See http://wiki.qemu-project.org/Features-Done/VirtIORNG for other example of specifying RngBackends. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit ef001f069e0f175a036929782c5c63053df9569a Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Tue Sep 15 21:34:20 2015 +0200 ppc/spapr: Fix buffer overflow in spapr_populate_drconf_memory() The buffer that is allocated in spapr_populate_drconf_memory() is used for setting both, the "ibm,dynamic-memory" and the "ibm,associativity-lookup-arrays" property. However, only the size of the first one is taken into account when allocating the memory. So if the length of the second property is larger than the length of the first one, we run into a buffer overflow here! Fix it by taking the length of the second property into account, too. Fixes: "spapr: Support ibm,dynamic-reconfiguration-memory" patch Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 20bb648dca6d7fe8cdd1941194e7851950b25dc5 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Tue Sep 8 11:21:52 2015 +1000 spapr: Fix default NUMA node allocation for threads At present, if guest numa nodes are requested, but the cpus in each node are not specified, spapr just uses the default behaviour or assigning each vcpu round-robin to nodes. If smp_threads != 1, that will assign adjacent threads in a core to different NUMA nodes. As well as being just weird, that's a configuration that can't be represented in the device tree we give to the guest, which means the guest and qemu end up with different ideas of the NUMA topology. This patch implements mc->cpu_index_to_socket_id in the spapr code to make sure vcpus get assigned to nodes only at the socket granularity. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Alexey Kardashevskiy <aik@xxxxxxxxx> commit 0a4178692c2375a4516da7b71629bd08ee8697ee Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Aug 3 11:05:43 2015 +0530 spapr: Move memory hotplug to RTAS_LOG_V6_HP_ID_DRC_COUNT type Till now memory hotplug used RTAS_LOG_V6_HP_ID_DRC_INDEX hotplug type which meant that we generated one hotplug type of EPOW event for every 256MB (SPAPR_MEMORY_BLOCK_SIZE). This quickly overruns the kernel rtas log buffer thus resulting in loss of memory hotplug events. Switch to RTAS_LOG_V6_HP_ID_DRC_COUNT hotplug type for memory so that we generate only one event per hotplug request. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 7a36ae7a9f4f136d40fe1da4aab66b364d4aa56d Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Aug 3 11:05:42 2015 +0530 spapr: Support hotplug by specifying DRC count Support hotplug identifier type RTAS_LOG_V6_HP_ID_DRC_COUNT that allows hotplugging of DRCs by specifying the DRC count. While we are here, rename spapr_hotplug_req_add_event() to spapr_hotplug_req_add_by_index() spapr_hotplug_req_remove_event() to spapr_hotplug_req_remove_by_index() so that they match with spapr_hotplug_req_add_by_count(). Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit e8f986fc57a664a74b9f685b466506366a15201b Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Aug 3 11:05:41 2015 +0530 spapr: Revert to memory@XXXX representation for non-hotplugged memory Don't represent non-hotluggable memory under drconf node. With this we don't have to create DRC objects for them. The effect of this patch is that we revert back to memory@XXXX representation for all the memory specified with -m option and represent the cold plugged memory and hot-pluggable memory under ibm,dynamic-reconfiguration-memory. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 6663864e950d40c467ae4ab81c4dac64d7a8d9e6 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Aug 3 11:05:40 2015 +0530 spapr: Populate ibm,associativity-lookup-arrays correctly for non-NUMA When NUMA isn't configured explicitly, assume node 0 is present for the purpose of creating ibm,associativity-lookup-arrays property under ibm,dynamic-reconfiguration-memory DT node. This ensures that the associativity index property is correctly updated in ibm,dynamic-memory for the LMB that is hotplugged. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 19a35c9e1b964f420ee07141f049e6c96c63b740 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Aug 3 11:05:39 2015 +0530 spapr: Provide better error message when slots exceed max allowed Currently when user specifies more slots than allowed max of SPAPR_MAX_RAM_SLOTS (32), we error out like this: qemu-system-ppc64: unsupported amount of memory slots: 64 Let the user know about the max allowed slots like this: qemu-system-ppc64: Specified number of memory slots 64 exceeds max supported 32 Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit b556854bd8524c26b8be98ab1bfdf0826831e793 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 14:14:32 2015 +0530 spapr: Don't allow memory hotplug to memory less nodes Currently PowerPC kernel doesn't allow hot-adding memory to memory-less node, but instead will silently add the memory to the first node that has some memory. This causes two unexpected behaviours for the user. - Memory gets hotplugged to a different node than what the user specified. - Since pc-dimm subsystem in QEMU still thinks that memory belongs to memory-less node, a reboot will set things accordingly and the previously hotplugged memory now ends in the right node. This appears as if some memory moved from one node to another. So until kernel starts supporting memory hotplug to memory-less nodes, just prevent such attempts upfront in QEMU. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit c20d332a85c95245e3b720bfea1bd02e3a311463 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 1 11:22:35 2015 +1000 spapr: Memory hotplug support Make use of pc-dimm infrastructure to support memory hotplug for PowerPC. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit ce881f774d69d941eb999c25f0cb1f72cd228795 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 14:14:30 2015 +0530 spapr: Make hash table size a factor of maxram_size The hash table size is dependent on ram_size, but since with hotplug the memory can grow till maxram_size. Hence make hash table size dependent on maxram_size. This allows to hotplug huge amounts of memory to the guest. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 03d196b7c57f22f796197f221f9d95336debee9e Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jul 13 10:34:00 2015 +1000 spapr: Support ibm,dynamic-reconfiguration-memory Parse ibm,architecture.vec table obtained from the guest and enable memory node configuration via ibm,dynamic-reconfiguration-memory if guest supports it. This is in preparation to support memory hotplug for sPAPR guests. This changes the way memory node configuration is done. Currently all memory nodes are built upfront. But after this patch, only memory@0 node for RMA is built upfront. Guest kernel boots with just that and rest of the memory nodes (via memory@XXX or ibm,dynamic-reconfiguration-memory) are built when guest does ibm,client-architecture-support call. Note: This patch needs a SLOF enhancement which is already part of SLOF binary in QEMU. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 224245bf524189789d231f38434c9f8fd57a249c Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Aug 12 13:16:48 2015 +1000 spapr: Add LMB DR connectors Enable memory hotplug for pseries 2.4 and add LMB DR connectors. With memory hotplug, enforce RAM size, NUMA node memory size and maxmem to be a multiple of SPAPR_MEMORY_BLOCK_SIZE (256M) since that's the granularity in which LMBs are represented and hot-added. LMB DR connectors will be used by the memory hotplug code. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> [spapr_drc_reset implementation] [since this missed the 2.4 cutoff, changing to only enable for 2.5] Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 38b02bd846672f33bc2eabcb9847c4b78069e097 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu Aug 6 13:37:24 2015 +1000 spapr: Use QEMU limit for maximum CPUs number sPAPR uses hard coded limit of maximum 255 supported CPUs which is exactly the same as QEMU-wide limit which is MAX_CPUMASK_BITS and also defined as 255. This makes use of a global CPU number limit for the "pseries" machine. In order to anticipate future increase of the MAX_CPUMASK_BITS (or to help debugging large systems), this also bumps the FDT_MAX_SIZE limit from 256K to 1M assuming that 1 CPU core needs roughly 512 bytes in the device tree so the new limit can cover up to 2048 CPU cores. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 94649d423e4647fca3bc3e8b2b363d6d2adee9ce Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 16 16:57:51 2015 +1000 spapr: Don't use QOM [*] syntax for DR connectors. The dynamic reconfiguration (hotplug) code for the pseries machine type uses a "DR connector" QOM object for each resource it will be possible to hotplug. Each of these is added to its owner using object_property_add_child(owner, "dr-connector[*], ...); That works ok, mostly, but it means that the property indices are arbitrary, depending on the order in which the connectors are constructed. That might line up to something useful, but it doesn't have to. It will get worse once we add hotplug RAM support. That will add a DR connector object for every 256MB of potential memory. So if maxmem=2T, for example, there are 8192 objects under the same parent. The QOM interfaces aren't really designed for this. In particular object_property_add() with [*] has O(n^2) time complexity (in the number of existing children): first it has a linear search through array indices to find a free slot, each of which is attempted to a recursive call to object_property_add() with a specific [N]. Those calls are O(n) because there's a linear search through all properties to check for duplicates. By using a meaningful index value, which we already know is unique we can avoid the [*] special behaviour. That lets us reduce the total time for creating the DR objects from O(n^3) to O(n^2). O(n^2) is still kind of crappy, but it's enough to reduce the startup time of qemu (with in-progress memory hotplug support) with maxmem=2T from ~20 minutes to ~4 seconds. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Cc: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Tested-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: Alexey Kardashevskiy <aik@xxxxxxxxx> commit 0cb688d22b3941af02fee78ba21dc3a39c367e0b Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu Sep 10 16:11:02 2015 -0500 spapr_drc: use RTAS return codes for methods called by RTAS Certain methods in sPAPRDRConnector objects are only ever called by RTAS and in many cases are responsible for the logic that determines the RTAS return codes. Rather than having a level of indirection requiring RTAS code to re-interpret return values from such methods to determine the appropriate return code, just pass them through directly. This requires changing method return types to uint32_t to match the type of values currently passed to RTAS helpers. In the case of read accesses like drc->entity_sense() where we weren't previously reporting any errors, just the read value, we modify the function to return RTAS return code, and pass the read value back via reference. Suggested-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Suggested-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Cc: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 4a1c9cf0073e733b421e7b82ad673e7cf6ed8454 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 14:14:27 2015 +0530 spapr: Initialize hotplug memory address space Initialize a hotplug memory region under which all the hotplugged memory is accommodated. Also enable memory hotplug by setting CONFIG_MEM_HOTPLUG. Modelled on i386 memory hotplug. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 9d1852ce11c888e3ad5096be505d14045d8b49ae Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu Sep 10 16:11:03 2015 -0500 spapr_drc: don't allow 'empty' DRCs to be unisolated or allocated Logical resources start with allocation-state:UNUSABLE / isolation-state:ISOLATED. During hotplug, guests will transition them to allocation-state:USABLE, and then to isolation-state:UNISOLATED. For cases where we cannot transition to allocation-state:USABLE, in this case due to no device/resource being association with the logical DRC, we should return an error -3. For physical DRCs, we default to allocation-state:USABLE and stay there, so in this case we should report an error -3 when the guest attempts to make the isolation-state:ISOLATED transition for a DRC with no device associated. These are as documented in PAPR 2.7, 13.5.3.4. We also ensure allocation-state:USABLE when the guest attempts transition to isolation-state:UNISOLATED to deal with misbehaving guests attempting to bring online an unallocated logical resource. This is as documented in PAPR 2.7, 13.7. Currently we implement no such error logic. Fix this by handling these error cases as PAPR defines. Cc: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit a8ad731a001d41582c9cec4015f73ab3bc11a28d Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 15 16:34:59 2015 -0500 spapr_pci: fix device tree props for MSI/MSI-X PAPR requires ibm,req#msi and ibm,req#msi-x to be present in the device node to define the number of msi/msi-x interrupts the device supports, respectively. Currently we have ibm,req#msi-x hardcoded to a non-sensical constant that happens to be 2, and are missing ibm,req#msi entirely. The result of that is that msi-x capable devices get limited to 2 msi-x interrupts (which can impact performance), and msi-only devices likely wouldn't work at all. Additionally, if devices expect a minimum that exceeds 2, the guest driver may fail to load entirely. SLOF still owns the generation of these properties at boot-time (although other device properties have since been offloaded to QEMU), but for hotplugged devices we rely on the values generated by QEMU and thus hit the limitations above. Fix this by generating these properties in QEMU as expected by guests. In the future it may make sense to modify SLOF to pass through these values directly as we do with other props since we're duplicating SLOF code. Cc: qemu-ppc@xxxxxxxxxx Cc: qemu-stable@xxxxxxxxxx Cc: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Cc: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit ef9971dd69bdd84b0987b0e1e4f421223b080afd Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Tue Sep 8 11:25:13 2015 +1000 spapr: Enable in-kernel H_SET_MODE handling For setting debug watchpoints, sPAPR guests use H_SET_MODE hypercall. The existing QEMU H_SET_MODE handler does not support this but the KVM handler in HV KVM does. However it is not enabled. This enables the in-kernel H_SET_MODE handler which handles: - Completed Instruction Address Breakpoint Register - Watch point 0 registers. The rest is still handled in QEMU. Reported-by: Anton Blanchard <anton@xxxxxxxxx> Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 22419c2a90b859dcab49f9472259ad8a3ce091d6 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Tue Sep 8 11:21:31 2015 +1000 pseries: Fix incorrect calculation of threads per socket for chip-id The device tree presented to pseries machine type guests includes an ibm,chip-id property which gives essentially the socket number of each vcpu core (individual vcpu threads don't get a node in the device tree). To calculate this, it uses a vcpus_per_socket variable computed as (smp_cpus / #sockets). This is correct for the usual case where smp_cpus == smp_threads * smp_cores * #sockets. However, you can start QEMU with the number of cores and threads mismatching the total number of vcpus (whether that _should_ be permitted is a topic for another day). It's a bit hard to say what the "real" number of vcpus per socket here is, but for most purposes (smp_threads * smp_cores) will more meaningfully match how QEMU behaves with respect to socket boundaries. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Alexey Kardashevskiy <aik@xxxxxxxxx> commit 92d7a30cb3656f577f87b19042d9b66ff3b20e3b Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu Aug 13 19:24:16 2015 +1000 pseries: Update SLOF firmware image to qemu-slof-20150813 The changes are: 1. GPT support; 2. Much faster VGA support. The full changelog is: > Add missing half word access case to _FASTRMOVE and _FASTMOVE > Remove unused RMOVE64 stub > fbuffer: Implement RFILL as an accelerated primitive > fbuffer: Implement MRMOVE as an accelerated primitive > fbuffer: Precalculate line length in bytes > terminal: Disable the terminal-write trace by default > boot: remove trailing ":" in the bootpath > ci: implement boot client interface > boot: bootpath should be complete device path > fbuffer: Use a smaller cursor > fbuffer: Improve invert-region helper > usb-hid: Caps is not always shift > cas: Increase FDT buffer size to accomodate larger ibm, cas node properties > README: Update with patch submittion note > disk-label: add support for booting from GPT FAT partition > disk-label: introduce helper to check fat filesystem > introduce 8-byte LE helpers > disk-label: simplify gpt-prep-partition? routine > fbuffer: introduce the invert-region-x helper > fbuffer: introduce the invert-region helper > fbuffer: simplify address computations in fb8-toggle-cursor Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 785652dc4db2023aeda4e381eb08e0beae67b870 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Thu Aug 13 14:53:02 2015 +0200 pseries: define coldplugged devices as "configured" When a device is hotplugged, attach() sets "configured" to false, waiting an action from the OS to configure it and then to call ibm,configure-connector. On ibm,configure-connector, the hypervisor sets "configured" to true. In case of coldplugged device, attach() sets "configured" to false, but firmware and OS never call the ibm,configure-connector in this case, so it remains set to false. It could be harmless, but when we unplug a device, hypervisor waits the device becomes configured because for it, a not configured device is a device being configured, so it waits the end of configuration to unplug it... and it never happens, so it is never unplugged. This patch set by default coldplugged device to "configured=true", hotplugged device to "configured=false". Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit a14aa92b20c5482b9b694901304b8100b3c4b5a1 Author: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 1 11:05:12 2015 +1000 sPAPR: Introduce rtas_ldq() This introduces rtas_ldq() to load 64-bits parameter from continuous two 4-bytes memory chunk of RTAS parameter buffer, to simplify the code. Signed-off-by: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit e6fc9568c865f2f81499475a4e322cd563fdfd90 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 1 09:53:52 2015 +1000 spapr_rtas: Prevent QEMU crash during hotplug without a prior device_add If drmgr is used in the guest to hotplug a device before a device_add has been issued via the QEMU monitor, QEMU segfaults in configure_connector call. This occurs due to accessing of NULL FDT which otherwise would have been created and associated with the DRC during device_add command. Check for NULL FDT and return failure from configure_connector call. As per PAPR+, an error value of -9003 seems appropriate for this failure. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Cc: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit aaf87c6616370685a7cff6a21616fc5db7495014 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Tue Sep 1 11:29:02 2015 +1000 ppc/spapr: Use qemu_log_mask() for hcall_dprintf() To see the output of the hcall_dprintf statements, you currently have to enable the DEBUG_SPAPR_HCALLS macro in include/hw/ppc/spapr.h. This is ugly because a) not every user who wants to debug guest problems can or wants to recompile QEMU to be able to see such issues, and b) since this macro is disabled by default, the code in the hcall_dprintf() brackets tends to bitrot until somebody temporarily enables that macro again. Since the hcall_dprintf statements except one indicate guest problems, let's always use qemu_log_mask(LOG_GUEST_ERROR, ...) for this macro instead. One spot indicated an unimplemented host feature, so this is changed into qemu_log_mask(LOG_UNIMP, ...) instead. Now it's possible to see all those messages by simply adding the CLI parameter "-d guest_errors,unimp", without the need to re-compile the binary. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 627c2ef7898794a28d706ecdf094491bebbb083a Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Sep 3 10:08:23 2015 +1000 spapr_drc: Fix potential undefined behaviour The DRC_INDEX_ID_MASK macro does a left shift on ~0, which is a signed quantity, and therefore undefined behaviour according to the C spec. In particular this causes warnings from the clang sanitizer. This fixes it by calculating the same mask without using ~0 (I think the new method is a more common idiom for generating masks anyway). For good measure I also use 1ULL to force the expression's type to unsigned long long, which should be good for assigning to anything we're going to want to. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Alexey Kardashevskiy <aik@xxxxxxxxx> commit ad440b4ae0727dbef5cace419d94d774de96886c Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Tue Sep 1 11:25:35 2015 +1000 spapr: add dumpdtb support dumpdtb (-machine dumpdtb=<file>) allows one to inspect the generated device tree of machine types that generate device trees. This is useful for a) seeing what's there b) debugging/testing device tree generator patches. It can be used as follows $QEMU_CMDLINE -machine dumpdtb=dtb dtc -I dtb -O dts dtb Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit e39432282e2d2db42645c2ce183dfcaa1488752b Author: Sam Bobroff <sam.bobroff@xxxxxxxxxxx> Date: Tue Sep 1 11:24:37 2015 +1000 spapr: SPLPAR Characteristics Improve the SPLPAR Characteristics information: Add MaxPlatProcs: set to max_cpus, the maximum CPUs that could be addded to the system. Add DesMem: set to the initial memory of the system. Add DesProcs: set to smp_cpus, the inital number of CPUs in the system. These tokens and values are specified by PAPR. Signed-off-by: Sam Bobroff <sam.bobroff@xxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit b359bd6a424b8de7db994d7120e87a7465b69337 Author: Sam Bobroff <sam.bobroff@xxxxxxxxxxx> Date: Tue Sep 1 11:23:47 2015 +1000 spapr: Make ibm, change-msi respect 3 return values Currently, rtas_ibm_change_msi() always returns four values even if less are specified. Correct this by only returning the fourth parameter if it was requested. This is specified by PAPR. Signed-off-by: Sam Bobroff <sam.bobroff@xxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit a95f99224c08efcf91b4259c34754f69d962bf23 Author: Sam Bobroff <sam.bobroff@xxxxxxxxxxx> Date: Tue Sep 1 11:23:34 2015 +1000 spapr: Add /rtas/ibm,change-msix-capable QEMU is MSI-X capable and makes it available via ibm,change-msi, so we should indicate this by adding /rtas/ibm,change-msix-capable to the device tree. This is specificed by PAPR. Signed-off-by: Sam Bobroff <sam.bobroff@xxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 2c1aaa819a0d68a51086f5d7e8f9a0114ae0305c Author: Sam Bobroff <sam.bobroff@xxxxxxxxxxx> Date: Tue Sep 1 11:23:19 2015 +1000 spapr: Add /ibm,partition-name QEMU has a notion of the guest name, so if it's present we might as well put that into the device tree as /ibm,partition-name. This is specificed by PAPR. Signed-off-by: Sam Bobroff <sam.bobroff@xxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit fb0fc8f62c16b5b0910545f56c64aaafc91533ce Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Aug 12 13:15:56 2015 +1000 spapr: Create pseries-2.5 machine Add pseries-2.5 machine version. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> [Altered to merge before memory hotplug -- dwg] [Altered to work with b9f072d01 -- dwg] Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 613e7a764501a236cdfce39561f9bcf60c78cf49 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 30 20:25:15 2015 +0530 spapr: Provide an error message when migration fails due to htab_shift mismatch Include an error message when migration fails due to mismatch in htab_shift values at source and target. This should provide a bit more verbose message in addition to the current migration failure message that reads like: qemu-system-ppc64: error while loading state for instance 0x0 of device 'spapr/htab' After this patch, the failure message will look like this: qemu-system-ppc64: htab_shift mismatch: source 29 target 24 qemu-system-ppc64: error while loading state for instance 0x0 of device 'spapr/htab' Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 27c7275a56948f48f536e2d1599b22355f5714ac Merge: 482d7c0 f479832 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 22 19:22:23 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-ipxe-20150903-1' into staging ipxe: update to 35c53797 to 4e03af8, build tweaks. # gpg: Signature made Thu 03 Sep 2015 13:52:01 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-ipxe-20150903-1: ipxe: update binaries ipxe: use upstream configuration ipxe: don't override GITVERSION ipxe: update from 35c53797 to 4e03af8 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 482d7c0854423608e20e56b5824b7340bd3af7df Merge: 6138fbd abadcbc Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 22 16:51:36 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-09-22' into staging Monitor patches # gpg: Signature made Tue 22 Sep 2015 10:33:34 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-monitor-2015-09-22: hmp: Restore "info pci" monitor: allow device_del to accept QOM paths Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit abadcbc838a3b256819fd8932c34a4af41ec187f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Sep 18 17:18:29 2015 +0200 hmp: Restore "info pci" Dropped by commit da76ee76f78b9705e2a91e3c964aef28fecededb's transition to hmp-commands-info.hx. Reported-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1442589509-10806-1-git-send-email-pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 6287d827d494b5850049584c3f7fb1a589dbb1de Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Sep 11 13:33:56 2015 +0100 monitor: allow device_del to accept QOM paths Currently device_del requires that the client provide the device short ID. device_add allows devices to be created without giving an ID, at which point there is no way to delete them with device_del. The QOM object path, however, provides an alternative way to identify the devices. Allowing device_del to accept an object path ensures all devices are deletable regardless of whether they have an ID. (qemu) device_add usb-mouse (qemu) qom-list /machine/peripheral-anon device[0] (child<usb-mouse>) type (string) (qemu) device_del /machine/peripheral-anon/device[0] Devices are required to be marked as hotpluggable otherwise an error is raised (qemu) device_del /machine/unattached/device[4] Device 'PIIX3' does not support hotplugging Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1441974836-17476-1-git-send-email-berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> [Commit message touched up, accidental white-space change dropped] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 6138fbdebd72f6822367e88d14ddc635b5a5ddfb Merge: 9e72681 b2af43c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 22 00:37:05 2015 +0100 Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20150921-1' into staging spice: surface switch fast path requires same format too. # gpg: Signature made Mon 21 Sep 2015 10:05:54 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/spice/tags/pull-spice-20150921-1: spice: surface switch fast path requires same format too. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9e72681d16792d0ffc42bab634b1753ff299bdfd Merge: 75ebcd7 1a9a507 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 21 22:33:51 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-09-21' into staging qapi: QMP introspection # gpg: Signature made Mon 21 Sep 2015 08:59:17 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-09-21: (26 commits) qapi-introspect: Hide type names qapi: New QMP command query-qmp-schema for QMP introspection qapi: Pseudo-type '**' is now unused, drop it qapi-schema: Fix up misleading specification of netdev_add qom: Don't use 'gen': false for qom-get, qom-set, object-add qapi: Introduce a first class 'any' type qapi: Make output visitor return qnull() instead of NULL qapi: Improve built-in type documentation qapi-commands: De-duplicate output marshaling functions qapi: De-duplicate parameter list generation qapi: Rename qmp_marshal_input_FOO() to qmp_marshal_FOO() qapi-commands: Rearrange code qapi-visit: Rearrange code a bit qapi: Clean up after recent conversions to QAPISchemaVisitor qapi: Replace dirty is_c_ptr() by method c_null() qapi-event: Convert to QAPISchemaVisitor, fixing data with base qapi-event: Eliminate global variable event_enum_value qapi: De-duplicate enum code generation qapi-commands: Convert to QAPISchemaVisitor qapi-visit: Convert to QAPISchemaVisitor, fixing bugs ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 75ebcd7f080fa30893272f6fe07354e4ffa11b46 Merge: d345e0d 81dfaf1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 21 19:42:33 2015 +0100 Merge remote-tracking branch 'remotes/aurel/tags/pull-tcg-mips-20150921' into staging TCG MIPS queue - Fixes for 64-bit guests - Small cleanups # gpg: Signature made Sun 20 Sep 2015 23:33:15 BST using RSA key ID 1DDD8C9B # gpg: Good signature from "Aurelien Jarno <aurelien@xxxxxxxxxxx>" # gpg: aka "Aurelien Jarno <aurelien@xxxxxxxx>" # gpg: aka "Aurelien Jarno <aurel32@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 7746 2642 A9EF 94FD 0F77 196D BA9C 7806 1DDD 8C9B * remotes/aurel/tags/pull-tcg-mips-20150921: tcg/mips: pass oi to tcg_out_tlb_load tcg/mips: move tcg_out_addsub2 tcg/mips: Fix clobbering of qemu_ld inputs Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d345e0d7b755591da379b23c628613d0a5cd2566 Merge: 1864098 8f60f8e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 21 17:01:46 2015 +0100 Merge remote-tracking branch 'remotes/agraf/tags/signed-ppc-for-upstream' into staging Patch queue for ppc - 2015-09-20 Highlights this time around: - e500: Fix u-boot boot with -M virt by updating to new version - e500: fix ATMU reads - book3s: Fixes (unaligned exceptions, vector instructions) - yet another dbdma ide fix I'm out taking care of my son for the next 2 months. During that time please consider David Gibson the interim ppc queue maintainer. I'm sure Aurelien will be more than happy to help him review patches as well ;-). # gpg: Signature made Sun 20 Sep 2015 21:51:16 BST using RSA key ID 03FEDC60 # gpg: Good signature from "Alexander Graf <agraf@xxxxxxx>" # gpg: aka "Alexander Graf <alex@xxxxxxxxx>" * remotes/agraf/tags/signed-ppc-for-upstream: target-ppc: fix xscmpodp and xscmpudp decoding target-ppc: fix vcipher, vcipherlast, vncipherlast and vpermxor PPC: E500: Update u-boot to commit 79c884d7e4 target-ppc: Fix SRR0 when taking unaligned exceptions PPC: e500 pci host: Fix ATMUs register reads mac_dbdma: always clear FLUSH bit once DBDMA channel flush is complete kvm_ppc: remove kvmppc_timer_hack Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1a9a507b2e3e90aa719c96b4c092e7fad7215f21 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:29 2015 +0200 qapi-introspect: Hide type names To eliminate the temptation for clients to look up types by name (which are not ABI), replace all type names by meaningless strings. Reduces output of query-schema by 13 out of 85KiB. As a debugging aid, provide option -u to suppress the hiding. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1442401589-24189-27-git-send-email-armbru@xxxxxxxxxx> commit 39a181581650f4d50f4445bc6276d9716cece050 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:28 2015 +0200 qapi: New QMP command query-qmp-schema for QMP introspection qapi/introspect.json defines the introspection schema. It's designed for QMP introspection, but should do for similar uses, such as QGA. The introspection schema does not reflect all the rules and restrictions that apply to QAPI schemata. A valid QAPI schema has an introspection value conforming to the introspection schema, but the converse is not true. Introspection lowers away a number of schema details, and makes implicit things explicit: * The built-in types are declared with their JSON type. All integer types are mapped to 'int', because how many bits we use internally is an implementation detail. It could be pressed into external interface service as very approximate range information, but that's a bad idea. If we need range information, we better do it properly. * Implicit type definitions are made explicit, and given auto-generated names: - Array types, named by appending "List" to the name of their element type, like in generated C. - The enumeration types implicitly defined by simple union types, named by appending "Kind" to the name of their simple union type, like in generated C. - Types that don't occur in generated C. Their names start with ':' so they don't clash with the user's names. * All type references are by name. * The struct and union types are generalized into an object type. * Base types are flattened. * Commands take a single argument and return a single result. Dictionary argument or list result is an implicit type definition. The empty object type is used when a command takes no arguments or produces no results. The argument is always of object type, but the introspection schema doesn't reflect that. The 'gen': false directive is omitted as implementation detail. The 'success-response' directive is omitted as well for now, even though it's not an implementation detail, because it's not used by QMP. * Events carry a single data value. Implicit type definition and empty object type use, just like for commands. The value is of object type, but the introspection schema doesn't reflect that. * Types not used by commands or events are omitted. Indirect use counts as use. * Optional members have a default, which can only be null right now Instead of a mandatory "optional" flag, we have an optional default. No default means mandatory, default null means optional without default value. Non-null is available for optional with default (possible future extension). * Clients should *not* look up types by name, because type names are not ABI. Look up the command or event you're interested in, then follow the references. TODO Should we hide the type names to eliminate the temptation? New generator scripts/qapi-introspect.py computes an introspection value for its input, and generates a C variable holding it. It can generate awfully long lines. Marked TODO. A new test-qmp-input-visitor test case feeds its result for both tests/qapi-schema/qapi-schema-test.json and qapi-schema.json to a QmpInputVisitor to verify it actually conforms to the schema. New QMP command query-qmp-schema takes its return value from that variable. Its reply is some 85KiBytes for me right now. If this turns out to be too much, we have a couple of options: * We can use shorter names in the JSON. Not the QMP style. * Optionally return the sub-schema for commands and events given as arguments. Right now qmp_query_schema() sends the string literal computed by qmp-introspect.py. To compute sub-schema at run time, we'd have to duplicate parts of qapi-introspect.py in C. Unattractive. * Let clients cache the output of query-qmp-schema. It changes only on QEMU upgrades, i.e. rarely. Provide a command query-qmp-schema-hash. Clients can have a cache indexed by hash, and re-query the schema only when they don't have it cached. Even simpler: put the hash in the QMP greeting. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 2d21291ae645955fcc4652ebfec81ad338169ac6 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:27 2015 +0200 qapi: Pseudo-type '**' is now unused, drop it 'gen': false needs to stay for now, because netdev_add is still using it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-25-git-send-email-armbru@xxxxxxxxxx> commit b8a98326d565516bfcaa6582781605d167471b48 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:26 2015 +0200 qapi-schema: Fix up misleading specification of netdev_add It doesn't take a 'props' argument, let alone one in the format "NAME=VALUE,..." The bogus arguments specification doesn't matter due to 'gen': false. Clean it up to be incomplete rather than wrong, and document the incompleteness. While there, improve netdev_add usage example in the manual: add a device option to show how it's done. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-24-git-send-email-armbru@xxxxxxxxxx> commit 6eb3937e9b20319e1c4f4d53e906fda8f5ccda10 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:25 2015 +0200 qom: Don't use 'gen': false for qom-get, qom-set, object-add With the previous commit, the generated marshalers just work, and save us a bit of handwritten code. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-23-git-send-email-armbru@xxxxxxxxxx> commit 28770e057f265a4e70bcbdfc2447cce7b5f2dc19 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:24 2015 +0200 qapi: Introduce a first class 'any' type It's first class, because unlike '**', it actually works, i.e. doesn't require 'gen': false. '**' will go away next. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 6c2f9a15dfc8c18ba94defb0f819109902a817cb Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:23 2015 +0200 qapi: Make output visitor return qnull() instead of NULL Before commit 1d10b44, it crashed. Since then, it returns NULL, with a FIXME comment. The FIXME is valid: code that assumes QObject * can't be null exists. I'm not aware of a way to feed this problematic return value to code that actually chokes on null in the current code, but the next few commits will create one, failing "make check". Commit 481b002 solved a very similar problem by introducing a special null QObject. Using this special null QObject is clearly the right way to resolve this FIXME, so do that, and update the test accordingly. However, the patch isn't quite right: it messes up the reference counting. After about SIZE_MAX visits, the reference counter overflows, failing the assertion in qnull_destroy_obj(). Because that's many orders of magnitude more visits of nulls than we expect, we take this patch despite its flaws, to get the QMP introspection stuff in without further delay. We'll want to fix it for real before the release. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-21-git-send-email-armbru@xxxxxxxxxx> commit f133f2db1eedd409d3c1b0892f65b99f83c74754 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:22 2015 +0200 qapi: Improve built-in type documentation Clarify how they map to JSON. Add how they map to C. Fix the reference to StringInputVisitor. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-20-git-send-email-armbru@xxxxxxxxxx> commit 56d92b003a223585980df5403ee9e3a55de90adf Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:21 2015 +0200 qapi-commands: De-duplicate output marshaling functions gen_marshal_output() uses its parameter name only for name of the generated function. Name it after the type being marshaled instead of its caller, and drop duplicates. Saves 7 copies of qmp_marshal_output_int() in qemu-ga, and one copy of qmp_marshal_output_str() in qemu-system-*. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-19-git-send-email-armbru@xxxxxxxxxx> commit 03b4367a556179e3e59affa535493427bd009e9d Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:20 2015 +0200 qapi: De-duplicate parameter list generation Generated qapi-event.[ch] lose line breaks. No change otherwise. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-18-git-send-email-armbru@xxxxxxxxxx> commit 7fad30f06eb6aa57aaa8f3d264288f24ae7646f0 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:19 2015 +0200 qapi: Rename qmp_marshal_input_FOO() to qmp_marshal_FOO() These functions marshal both input and output. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-17-git-send-email-armbru@xxxxxxxxxx> commit f15380190a6e635e6c579ca24d672aa4aa068632 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:18 2015 +0200 qapi-commands: Rearrange code Rename gen_marshal_input() to gen_marshal(), because the generated function marshals both arguments and results. Rename gen_visitor_input_containers_decl() to gen_marshal_vars(), and move the other variable declarations there, too. Rename gen_visitor_input_block() to gen_marshal_input_visit(), and rearrange its code slightly. Rename gen_marshal_input_decl() to gen_marshal_proto(), because the result isn't a full declaration, unlike gen_command_decl()'s. New gen_marshal_decl() actually returns a full declaration. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-16-git-send-email-armbru@xxxxxxxxxx> commit 60f8546acd113e636bf2ba8af991ebe0f6e8ad66 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:17 2015 +0200 qapi-visit: Rearrange code a bit Move gen_visit_decl() to a better place. Inline generate_visit_struct_body(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-15-git-send-email-armbru@xxxxxxxxxx> commit e98859a9b96d71dea8f9af43325edd43c7effe66 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:16 2015 +0200 qapi: Clean up after recent conversions to QAPISchemaVisitor Generate just 'FOO' instead of 'struct FOO' when possible. Drop helper functions that are now unused. Make pep8 and pylint reasonably happy. Rename generate_FOO() functions to gen_FOO() for consistency. Use more consistent and sensible variable names. Consistently use c_ for mapping keys when their value is a C identifier or type. Simplify gen_enum() and gen_visit_union() Consistently use single quotes for C text string literals. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1442401589-24189-14-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 5710153e7310995b5d4127af267e36d8529b3b30 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:15 2015 +0200 qapi: Replace dirty is_c_ptr() by method c_null() is_c_ptr() looks whether the end of the C text for the type looks like a pointer. Works, but is fragile. We now have a better tool: use QAPISchemaType method c_null(). The initializers for non-pointers become prettier: 0, false or the enumeration constant with the value 0 instead of {0}. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-13-git-send-email-armbru@xxxxxxxxxx> commit 05f43a960877cf941635324b2d0a74c0d0f7128e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:14 2015 +0200 qapi-event: Convert to QAPISchemaVisitor, fixing data with base Fixes events whose data is struct with base to include the struct's base members. Test case is qapi-schema-test.json's event __org.qemu_x-command: { 'event': '__ORG.QEMU_X-EVENT', 'data': '__org.qemu_x-Struct' } { 'struct': '__org.qemu_x-Struct', 'base': '__org.qemu_x-Base', 'data': { '__org.qemu_x-member2': 'str' } } { 'struct': '__org.qemu_x-Base', 'data': { '__org.qemu_x-member1': '__org.qemu_x-Enum' } } Patch's effect on generated qapi_event_send___org_qemu_x_event(): -void qapi_event_send___org_qemu_x_event(const char *__org_qemu_x_member2, +void qapi_event_send___org_qemu_x_event(__org_qemu_x_Enum __org_qemu_x_member1, + const char *__org_qemu_x_member2, Error **errp) { QDict *qmp; @@ -224,6 +225,10 @@ void qapi_event_send___org_qemu_x_event( goto clean; } + visit_type___org_qemu_x_Enum(v, &__org_qemu_x_member1, "__org.qemu_x-member1", &local_err); + if (local_err) { + goto clean; + } visit_type_str(v, (char **)&__org_qemu_x_member2, "__org.qemu_x-member2", &local_err); if (local_err) { goto clean; Code is generated in a different order now, but that doesn't matter. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 7b24626cd019ed5084c8e3370999176a1ebd44be Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:13 2015 +0200 qapi-event: Eliminate global variable event_enum_value Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-11-git-send-email-armbru@xxxxxxxxxx> commit efd2eaa6c2992c214a13f102b6ddd4dca4697fb3 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:12 2015 +0200 qapi: De-duplicate enum code generation Duplicated in commit 21cd70d. Yes, we can't import qapi-types, but that's no excuse. Move the helpers from qapi-types.py to qapi.py, and replace the duplicates in qapi-event.py. The generated event enumeration type's lookup table becomes const-correct (see commit 2e4450f), and uses explicit indexes instead of relying on order (see commit 912ae9c). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1442401589-24189-10-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit ee44602857660e79f46547de02e26d65bcaf1519 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:11 2015 +0200 qapi-commands: Convert to QAPISchemaVisitor Output unchanged apart from reordering and white-space. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1442401589-24189-9-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 441cbac0c7e641780decbc674a9a68c6a5200f71 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:10 2015 +0200 qapi-visit: Convert to QAPISchemaVisitor, fixing bugs Fixes flat unions to visit the base's base members (the previous commit merely added them to the struct). Same test case. Patch's effect on visit_type_UserDefFlatUnion(): static void visit_type_UserDefFlatUnion_fields(Visitor *m, UserDefFlatUnion **obj, Error **errp) { Error *err = NULL; + visit_type_int(m, &(*obj)->integer, "integer", &err); + if (err) { + goto out; + } visit_type_str(m, &(*obj)->string, "string", &err); if (err) { goto out; Test cases updated for the bug fix. Fixes alternates to generate a visitor for their implicit enumeration type. None of them are currently used, obviously. Example: block-core.json's BlockdevRef now generates visit_type_BlockdevRefKind(). Code is generated in a different order now, and therefore has got a few new forward declarations. Doesn't matter. The guard QAPI_VISIT_BUILTIN_VISITOR_DECL is renamed to QAPI_VISIT_BUILTIN. The previous commit's two ugly special cases exist here, too. Mark both TODO. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 2b162ccbe875e5323fc04c1009addbdea4d35220 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:09 2015 +0200 qapi-types: Convert to QAPISchemaVisitor, fixing flat unions Fixes flat unions to get the base's base members. Test case is from commit 2fc0043, in qapi-schema-test.json: { 'union': 'UserDefFlatUnion', 'base': 'UserDefUnionBase', 'discriminator': 'enum1', 'data': { 'value1' : 'UserDefA', 'value2' : 'UserDefB', 'value3' : 'UserDefB' } } { 'struct': 'UserDefUnionBase', 'base': 'UserDefZero', 'data': { 'string': 'str', 'enum1': 'EnumOne' } } { 'struct': 'UserDefZero', 'data': { 'integer': 'int' } } Patch's effect on UserDefFlatUnion: struct UserDefFlatUnion { /* Members inherited from UserDefUnionBase: */ + int64_t integer; char *string; EnumOne enum1; /* Own members: */ union { /* union tag is @enum1 */ void *data; UserDefA *value1; UserDefB *value2; UserDefB *value3; }; }; Flat union visitors remain broken. They'll be fixed next. Code is generated in a different order now, but that doesn't matter. The two guards QAPI_TYPES_BUILTIN_STRUCT_DECL and QAPI_TYPES_BUILTIN_CLEANUP_DECL are replaced by just QAPI_TYPES_BUILTIN. Two ugly special cases for simple unions now stand out like sore thumbs: 1. The type tag is named 'type' everywhere, except in generated C, where it's 'kind'. 2. QAPISchema lowers simple unions to semantically equivalent flat unions. However, the C generated for a simple unions differs from the C generated for its equivalent flat union, and we therefore need special code to preserve that pointless difference for now. Mark both TODO. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit b2af43cc379e1d4c30d92af257bedebf0e3f618a Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Sep 18 12:07:18 2015 +0200 spice: surface switch fast path requires same format too. Commit "555e72f spice: rework mirror allocation, add no-resize fast path" adds a fast path for surface switches which does't go through the full primary surface destroy and re-recreation in case the new surface is identical to the old one (page-flip). It checks the size only though, but the format must be identical too. This patch adds the format check. Commit "0002a51 ui/spice: Support shared surface for most pixman formats" increases the chance to actually trigger this. https://bugzilla.redhat.com/show_bug.cgi?id=1247479 Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 156402e5042193c45e70c378a93ccafd3832d8ff Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:08 2015 +0200 tests/qapi-schema: Convert test harness to QAPISchemaVisitor The old code prints the result of parsing (list of expression dictionaries), and partial results of semantic analysis (list of enum dictionaries, list of struct dictionaries). The new code prints a trace of a schema visit, i.e. what the back-ends are going to use. Built-in and array types are omitted, because they're boring. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 3f7dc21bee1e930d5cccf607b8f83831c3bbdb09 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:07 2015 +0200 qapi: New QAPISchemaVisitor The visitor will help keeping the code generation code simple and reasonably separated from QAPISchema details. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1442401589-24189-5-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit f51d8c3db11b0f3052b3bb4b8b0c7f0bc76f7136 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:06 2015 +0200 qapi: QAPISchema code generation helper methods New methods c_name(), c_type(), c_null(), json_type(), alternate_qtype(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1442401589-24189-4-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit ac88219a6c78302c693fb60fe6cf04358540fbce Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:05 2015 +0200 qapi: New QAPISchema intermediate reperesentation The QAPI code generators work with a syntax tree (nested dictionaries) plus a few symbol tables (also dictionaries) on the side. They have clearly outgrown these simple data structures. There's lots of rummaging around in dictionaries, and information is recomputed on the fly. For the work I'm going to do, I want more clearly defined and more convenient interfaces. Going forward, I also want less coupling between the back-ends and the syntax tree, to make messing with the syntax easier. Create a bunch of classes to represent QAPI schemata. Have the QAPISchema initializer call the parser, then walk the syntax tree to create the new internal representation, and finally perform semantic analysis. Shortcut: the semantic analysis still relies on existing check_exprs() to do the actual semantic checking. All this code needs to move into the classes. Mark as TODO. Simple unions are lowered to flat unions. Flat unions and structs are represented as a more general object type. Catching name collisions in generated code would be nice. Mark as TODO. We generate array types eagerly, even though most of them aren't used. Mark as TODO. Nothing uses the new intermediate representation just yet, thus no change to generated files. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit a4bcb2080d5c1d08bab512d76fb260296e2cae74 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:04 2015 +0200 qapi: Rename class QAPISchema to QAPISchemaParser I want to name a new class QAPISchema. While there, make it a new-style class. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-2-git-send-email-armbru@xxxxxxxxxx> commit 8f60f8e2e574f341709128ff7637e685fd640254 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Sep 13 23:03:45 2015 +0200 target-ppc: fix xscmpodp and xscmpudp decoding The xscmpodp and xscmpudp instructions only have the AX, BX bits in there encoding, the lowest bit (usually TX) is marked as an invalid bit. We therefore can't decode them with GEN_XX2FORM, which decodes the two lowest bit. Introduce a new form GEN_XX2FORM, which decodes AX and BX and mark the lowest bit as invalid. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 65cf1f65be0fc4883edbd66feeab3ddaceb11c00 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Sep 13 23:03:44 2015 +0200 target-ppc: fix vcipher, vcipherlast, vncipherlast and vpermxor For vector instructions, the helpers get pointers to the vector register in arguments. Some operands might point to the same register, including the operand holding the result. When emulating instructions which access the vector elements in a non-linear way, we need to store the result in an temporary variable. This fixes openssl when emulating a POWER8 CPU. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit d4574435a6530bbd96ae130eddfe5b676f91367a Author: Alexander Graf <agraf@xxxxxxx> Date: Fri Aug 28 13:10:17 2015 +0200 PPC: E500: Update u-boot to commit 79c884d7e4 The current U-Boot binary in QEMU has a bug where it fails to support dynamic CCSR addressing. Without this support, u-boot can not boot the ppce500 machine anymore. This has been fixed upstream in u-boot commit e834975b. Update the u-boot blob we carry in QEMU to the latest u-boot upstream, so that we can successfully run u-boot with the ppce500 machine again. CC: qemu-stable@xxxxxxxxxx Signed-off-by: Alexander Graf <agraf@xxxxxxx> Tested-by: Thomas Huth <thuth@xxxxxxxxxx> commit 6bb9a0a9ef9b9b1c2434a52d1c1d066ce179adf8 Author: Anton Blanchard <anton@xxxxxxxxx> Date: Thu Jul 2 14:44:06 2015 +1000 target-ppc: Fix SRR0 when taking unaligned exceptions We are setting SRR0 to the instruction before the one causing the unaligned exception. A quick testcase: . = 0x100 .globl _start _start: /* Cause a 0x600 */ li 3,0x1 stwcx. 3,0,3 1: b 1b . = 0x600 1: b 1b Built into something we can load as a BIOS image: gcc -mbig -c test.S ld -EB -Ttext 0x0 -o test test.o objcopy -O binary test test.bin Run with: qemu-system-ppc64 -nographic -bios test.bin Shows an incorrect SRR0 (points at the li): SRR0 0000000000000100 With the patch we get the correct SRR0: SRR0 0000000000000104 Signed-off-by: Anton Blanchard <anton@xxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit e7f08320f055e1093007b3f1d55b145d5f4daaa1 Author: Rudolf Marek <mar@xxxxxxxxx> Date: Fri Aug 14 13:38:55 2015 +0200 PPC: e500 pci host: Fix ATMUs register reads There is a bug in the register mask when reading the ATMUs registers. As the result some registers cannot be read, and read is aliased to the other registers. Fix it. Signed-off-by: Rudolf Marek <rudolf.marek@xxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 1cde732d88af34849343dc1f0e68072eab0841b9 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Sun Aug 23 11:50:55 2015 +0100 mac_dbdma: always clear FLUSH bit once DBDMA channel flush is complete The code to flush the DBDMA channel was effectively duplicated in dbdma_control_write(), except for the fact that the copy executed outside of a RUN bit transition was broken by not clearing the FLUSH bit once the flush was complete. Newer PPC Linux kernels would timeout waiting for the FLUSH bit to clear again after submitting a FLUSH command. Fix this by always clearing the FLUSH bit once the channel flush is complete and removing the repeated code. Reported-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 116dc18db6854cc38c6abff799019b7237365a36 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Jul 27 14:46:02 2015 +0200 kvm_ppc: remove kvmppc_timer_hack QEMU does have an I/O thread now, that can be interrupted at any time because the VCPU thread runs outside the iothread mutex. Therefore, the kvmppc_timer_hack is obsolete. Remove it. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 18640989a9f5e4d2e84b566c52ff1fccfa0dbf4a Merge: b12a84c 3b53e45 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sat Sep 19 15:59:52 2015 +0100 Merge remote-tracking branch 'remotes/afaerber/tags/qom-devices-for-peter' into staging QOM infrastructure fixes and device conversions * QOM API error handling fixes * Performance improvements for device GPIO property creation * Remaining conversion of QEMUMachine to QOM # gpg: Signature made Sat 19 Sep 2015 15:40:44 BST using RSA key ID 3E7E013F # gpg: Good signature from "Andreas Färber <afaerber@xxxxxxx>" # gpg: aka "Andreas Färber <afaerber@xxxxxxxx>" * remotes/afaerber/tags/qom-devices-for-peter: (21 commits) machine: Eliminate QEMUMachine and qemu_register_machine() Revert use of DEFINE_MACHINE() for registrations of multiple machines Use DEFINE_MACHINE() to register all machines mac_world: Break long line machine: DEFINE_MACHINE() macro exynos4: Declare each QEMUMachine as a separate variable exynos4: Use MachineClass instead of exynos4_machines array exynos4: Use EXYNOS4210_NCPUS instead of max_cpus on error message machine: Set MachineClass::name automatically machine: Ensure all TYPE_MACHINE subclasses have the right suffix mac99: Use MACHINE_TYPE_NAME to encode class name s390: Rename s390-ccw-virtio-2.4 class name to use MACHINE_TYPE_NAME s390-virtio: Rename machine class name to use MACHINE_TYPE_NAME pseries: Rename machine class names to use MACHINE_TYPE_NAME arm: Rename virt machine class to use MACHINE_TYPE_NAME vexpress: Rename machine classes to use MACHINE_TYPE_NAME vexpress: Don't set name on abstract class machine: MACHINE_TYPE_NAME macro qdev: Do not use slow [*] expansion for GPIO creation qom: Fix invalid error check in property_get_str() ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3b53e45f43825caaaf4fad6a5b85ce6a9949ff02 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 4 15:37:09 2015 -0300 machine: Eliminate QEMUMachine and qemu_register_machine() The struct is not used anymore and can be eliminated. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 8a661aea0e7f6e776c6ebc9abe339a85b34fea1d Author: Andreas Färber <afaerber@xxxxxxx> Date: Sat Sep 19 10:49:44 2015 +0200 Revert use of DEFINE_MACHINE() for registrations of multiple machines The script used for converting from QEMUMachine had used one DEFINE_MACHINE() per machine registered. In cases where multiple machines are registered from one source file, avoid the excessive generation of module init functions by reverting this unrolling. Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit e264d29de28c5b0be3d063307ce9fb613b427cc3 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 4 15:37:08 2015 -0300 Use DEFINE_MACHINE() to register all machines Convert all machines to use DEFINE_MACHINE() instead of QEMUMachine automatically using a script. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> [AF: Style cleanups, convert imx25_pdk machine] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit f309ae852c67833c3cac11747474fbb013529382 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 4 15:37:07 2015 -0300 mac_world: Break long line Coding style change only. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit ed0b6de343448d1014b53bcf541041373322fa1c Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 4 15:37:06 2015 -0300 machine: DEFINE_MACHINE() macro The macro will allow easy registration of a TYPE_MACHINE subclass, using only the machine name and a MachineClass initialization function as parameter. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 97c6671cf16640f997fc8c54ef456bbad125b635 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 4 15:37:05 2015 -0300 exynos4: Declare each QEMUMachine as a separate variable This will make the code follow the same pattern used for other machines, and will make it easier to automatically convert the code to be QOM-based. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit ca17776088e41dabdc3bb07334dbc73d631e30e3 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 4 15:37:04 2015 -0300 exynos4: Use MachineClass instead of exynos4_machines array We don't need a QEMUMachine array to query max_cpus, if we can get the corresponding MachineClass. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 6aadcc71354bc683fdedd8a3d369095d23095e1c Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 4 15:37:03 2015 -0300 exynos4: Use EXYNOS4210_NCPUS instead of max_cpus on error message The code is checking smp_cpus against EXYNOS4210_NCPUS, not against max_cpus, so use EXYNOS4210_NCPUS in the error message for consistency. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 98cec76a7076c4a38e16f1a9de170a7942b3be54 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:36 2015 -0700 machine: Set MachineClass::name automatically Now all TYPE_MACHINE subclasses use MACHINE_TYPE_NAME to generate the class name. So instead of requiring each subclass to set MachineClass::name manually, we can now set it automatically at the TYPE_MACHINE class_base_init() function. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> [AF/ehabkost: Updated for s390-ccw machines] [AF: Cleanup of intermediate virt and vexpress name handling] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit dcb3d601115eed77aef543fe3a920adc17544e06 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:35 2015 -0700 machine: Ensure all TYPE_MACHINE subclasses have the right suffix Now that all non-abstract TYPE_MACHINE subclasses have the -machine suffix, add an assert to ensure this will be always true. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit c0f365186b30f97ef221489834e7ae146fc22db8 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:34 2015 -0700 mac99: Use MACHINE_TYPE_NAME to encode class name It will result in exactly the same class name, but it will make the code consistent with the other classes. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit af62e639fcc190f09c51e8b73dc6492b30ae2111 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:33 2015 -0700 s390: Rename s390-ccw-virtio-2.4 class name to use MACHINE_TYPE_NAME Machine class names should use the "-machine" suffix to allow class-name-based machine class lookup to work. Rename the s390-ccw-virtio-2.4 machine class using the MACHINE_TYPE_NAME macro. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> [AF/ehabkost: Updated for 2.5 machine] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 4c264d4b3d352d55663bd81667b5d177af1e871e Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:32 2015 -0700 s390-virtio: Rename machine class name to use MACHINE_TYPE_NAME Machine class names should use the "-machine" suffix to allow class-name-based machine class lookup to work. Rename the s390-virtio machine class using the MACHINE_TYPE_NAME macro. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit b9f072d01f81786f577c24d4f45050e63872cb13 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:31 2015 -0700 pseries: Rename machine class names to use MACHINE_TYPE_NAME Machine class names should use the "-machine" suffix to allow class-name-based machine class lookup to work. Rename the the pseries machine classes using the MACHINE_TYPE_NAME macro. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 64d3459c8586c8821970cbc99450340278507cfe Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:30 2015 -0700 arm: Rename virt machine class to use MACHINE_TYPE_NAME Machine class names should use the "-machine" suffix to allow class-name-based machine class lookup to work. Rename the arm virt machine class using the MACHINE_TYPE_NAME macro. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit fc603d29e96a2982f1b02123f83176f00a660b40 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:29 2015 -0700 vexpress: Rename machine classes to use MACHINE_TYPE_NAME Machine class names should use the "-machine" suffix to allow class-name-based machine class lookup to work. Rename the vexpress machine classes using the MACHINE_TYPE_NAME macro. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> [AF: Introduce VEXPRESS_*_MACHINE_NAME] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 54477b07fb81ab4a55c263f3449bc07469db30fb Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:28 2015 -0700 vexpress: Don't set name on abstract class The MachineClass::name field won't be ever be used on TYPE_VEXPRESS, as it is an abstract class and the machine class lookup code explicitly skips abstract classes. We can remove it to make the code simpler. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit c84a8f01b2a5d8bf98c447796d4a747333a5b1fd Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:27 2015 -0700 machine: MACHINE_TYPE_NAME macro The macro will be useful to ensure the machine class names follow the right format to make machine class lookup by class name work correctly. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 81dfaf1a8f7f95259801da9732472f879023ef77 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Fri Jul 10 22:10:02 2015 +0200 tcg/mips: pass oi to tcg_out_tlb_load Instead of computing mem_index and s_bits in both tcg_out_qemu_ld and tcg_out_qemu_st function and passing them to tcg_out_tlb_load, directly pass oi to the tcg_out_tlb_load function and compute mem_index and s_bits there. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit d9f26847f1429bdb8ccaa4e7bd5f8b57a9da0e8d Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Fri Jul 10 22:04:48 2015 +0200 tcg/mips: move tcg_out_addsub2 Somehow the tcg_out_addsub2 function ended-up in the middle of the qemu_ld/st related functions. Move it with other arithmetics related functions. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 5eb4f645eba8a79ea643b228c74a79183d436c97 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Mon Sep 14 11:34:54 2015 +0100 tcg/mips: Fix clobbering of qemu_ld inputs The MIPS TCG backend implements qemu_ld with 64-bit targets using the v0 register (base) as a temporary to load the upper half of the QEMU TLB comparator (see line 5 below), however this happens before the input address is used (line 8 to mask off the low bits for the TLB comparison, and line 12 to add the host-guest offset). If the input address (addrl) also happens to have been placed in v0 (as in the second column below), it gets clobbered before it is used. addrl in t2 addrl in v0 1 srl a0,t2,0x7 srl a0,v0,0x7 2 andi a0,a0,0x1fe0 andi a0,a0,0x1fe0 3 addu a0,a0,s0 addu a0,a0,s0 4 lw at,9136(a0) lw at,9136(a0) set TCG_TMP0 (at) 5 lw v0,9140(a0) lw v0,9140(a0) set base (v0) 6 li t9,-4093 li t9,-4093 7 lw a0,9160(a0) lw a0,9160(a0) set addend (a0) 8 and t9,t9,t2 and t9,t9,v0 use addrl 9 bne at,t9,0x836d8c8 bne at,t9,0x836d838 use TCG_TMP0 10 nop nop 11 bne v0,t8,0x836d8c8 bne v0,a1,0x836d838 use base 12 addu v0,a0,t2 addu v0,a0,v0 use addrl, addend 13 lw t0,0(v0) lw t0,0(v0) Fix by using TCG_TMP0 (at) as the temporary instead of v0 (base), pushing the load on line 5 forward into the delay slot of the low comparison (line 10). The early load of the addend on line 7 also needs pushing even further for 64-bit targets, or it will clobber a0 before we're done with it. The output for 32-bit targets is unaffected. srl a0,v0,0x7 andi a0,a0,0x1fe0 addu a0,a0,s0 lw at,9136(a0) -lw v0,9140(a0) load high comparator li t9,-4093 -lw a0,9160(a0) load addend and t9,t9,v0 bne at,t9,0x836d838 - nop + lw at,9140(a0) load high comparator +lw a0,9160(a0) load addend -bne v0,a1,0x836d838 +bne at,a1,0x836d838 addu v0,a0,v0 lw t0,0(v0) Cc: qemu-stable@xxxxxxxxxx Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 6c76b37742d4db8176af37b667b5420727e79e2c Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Fri Jul 31 15:23:22 2015 +0300 qdev: Do not use slow [*] expansion for GPIO creation Expansion of [*] suffix is very slow because index expansion is done using trial and error strategy, starting every time from zero and retrying with the next index until insertion succeeds. With large number of already added properties this process takes huge amount of time (O(n^2) complexity). Some architectures (like ARM) use very large amount of IRQ pins in interrupt controller models. This flaw makes machine startup extremely slow (~20 seconds for ARM64 with 32 CPUs). This patch decreases this time down to ~10 seconds. Also in qdev_init_gpio_out_named() memset() is now called only once for the whole array instead of per-cell cleaning Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit e1c8237df5395f6a453f18109bd9dd33fb2a397c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Aug 25 20:00:46 2015 +0200 qom: Fix invalid error check in property_get_str() When a function returns a null pointer on error and only on error, you can do if (!foo(foos, errp)) { ... handle error ... } instead of the more cumbersome Error *err = NULL; if (!foo(foos, &err)) { error_propagate(errp, err); ... handle error ... } A StringProperty's getter, however, may return null on success! We then fail to call visit_type_str(). Screwed up in 6a146eb, v1.1. Fails tests/qom-test in my current, heavily hacked QAPI branch. No reproducer for master known (but I didn't look hard). Cc: Anthony Liguori <anthony@xxxxxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 4715d42efe8632b0f9d2594a80e917de45e4ef88 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Aug 25 20:00:45 2015 +0200 qom: Do not reuse errp after a possible error The argument for an Error **errp parameter must point to a null pointer. If it doesn't, and an error happens, error_set() fails its assertion. Instead of foo(foos, errp); bar(bars, errp); you need to do something like Error *err = NULL; foo(foos, &err); if (err) { error_propagate(errp, err); goto out; } bar(bars, errp); out: Screwed up in commit 0e55884 (v1.3.0): property_get_bool(). Screwed up in commit 1f21772 (v2.1.0): object_property_get_enum() and object_property_get_uint16List(). Screwed up in commit a8e3fbe (v2.4.0): property_get_enum(), property_set_enum(). Found by inspection, no actual crashes observed. Fix them up. Cc: Anthony Liguori <anthony@xxxxxxxxxxxxx> Cc: Hu Tao <hutao@xxxxxxxxxxxxxx> Cc: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit b12a84ce3c27e42c8f51c436aa196938d5cc2c71 Author: Rainer Müller <raimue@xxxxxxxxxxxxx> Date: Wed Sep 9 16:08:30 2015 +0200 cocoa: Suppress Cocoa window with -display Do not open a Cocoa window when another display is selected that will be initialized later. The Cocoa display cannot be selected with -display, so there is no need to check its argument. Signed-off-by: Rainer Müller <raimue@xxxxxxxxxxxxx> Reviewed-by: Andreas Färber <andreas.faerber@xxxxxx> Message-id: 1441807710-25431-1-git-send-email-raimue@xxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a53efe9c47c9a441b307c5cec64d08d9647ab6a4 Merge: ffa4822 e47f9eb Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 18 16:57:59 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Fri 18 Sep 2015 15:59:02 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" * remotes/jnsnow/tags/ide-pull-request: ahci: clean up initial d2h semantics ahci: remove cmd_fis argument from write_fis_d2h ahci: fix signature generation ahci: remove dead reset code atapi: abort transfers with 0 byte limits ide: fix ATAPI command permissions ide-test: add cdrom dma test ide-test: add cdrom pio test qtest/ahci: export generate_pattern qtest/ahci: use generate_pattern everywhere ide: unify io_buffer_offset increments Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e47f9eb148fc3b9a67d318951ebceb834205f94c Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Sep 1 16:50:41 2015 -0400 ahci: clean up initial d2h semantics with write_fis_d2h and signature generation tidied up, let's adjust the initial d2h semantics to make more sense. The initial d2h is considered delivered if there is guest memory to save it to. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1441140641-17631-5-git-send-email-jsnow@xxxxxxxxxx commit 28ee82557cdbf3d9023b58f7229b0d0fd1a3d776 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Sep 1 16:50:40 2015 -0400 ahci: remove cmd_fis argument from write_fis_d2h It's no longer used. We used to generate a D2H FIS based upon the command FIS that prompted the update, but in reality, the D2H FIS is generated purely from register state. cmd_fis is vestigial, so get rid of it. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1441140641-17631-4-git-send-email-jsnow@xxxxxxxxxx commit 33a983cb2821600f4ed5720919434256e8371ec2 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Sep 1 16:50:39 2015 -0400 ahci: fix signature generation The initial register device-to-host FIS no longer needs to specially set certain fields, as these can be handled generically by setting those fields explicitly with the signatures we want at port reset time. (1) Signatures are decomposed into their four component registers and set upon (AHCI) port reset. (2) the signature cache register is no longer set manually per-each device type, but instead just once during ahci_init_d2h. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1441140641-17631-3-git-send-email-jsnow@xxxxxxxxxx commit f91a0aa3743c8bdf0dc0f646606a3dc8bb2c7df8 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Sep 1 16:50:38 2015 -0400 ahci: remove dead reset code This check is dead due to an earlier conditional. AHCI does not currently support hotplugging, so checks to see if devices are present or not are useless. Remove it. Reported-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1441140641-17631-2-git-send-email-jsnow@xxxxxxxxxx commit 9ef2e93f9b1888c7d0deb4a105149138e6ad2e98 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Sep 17 14:17:05 2015 -0400 atapi: abort transfers with 0 byte limits We're supposed to abort on transfers like this, unless we fill Word 125 of our IDENTIFY data with a default transfer size, which we don't currently do. This is an ATA error, not a SCSI/ATAPI one. See ATA8-ACS3 sections 7.17.6.49 or 7.21.5. If we don't do this, QEMU will loop forever trying to transfer zero bytes, which isn't particularly useful. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-id: 1442253685-23349-2-git-send-email-jsnow@xxxxxxxxxx commit d9033e1d3aa666c5071580617a57bd853c5d794a Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Sep 17 14:17:05 2015 -0400 ide: fix ATAPI command permissions We're a little too lenient with what we'll let an ATAPI drive handle. Clamp down on the IDE command execution table to remove CD_OK permissions from commands that are not and have never been ATAPI commands. For ATAPI command validity, please see: - ATA4 Section 6.5 ("PACKET Command feature set") - ATA8/ACS Section 4.3 ("The PACKET feature set") - ACS3 Section 4.3 ("The PACKET feature set") ACS3 has a historical command validity table in Table B.4 ("Historical Command Assignments") that can be referenced to find when a command was introduced, deprecated, obsoleted, etc. The only reference for ATAPI command validity is by checking that version's PACKET feature set section. ATAPI was introduced by T13 into ATA4, all commands retired prior to ATA4 therefore are assumed to have never been ATAPI commands. Mandatory commands, as listed in ATA8-ACS3, are: - DEVICE RESET - EXECUTE DEVICE DIAGNOSTIC - IDENTIFY DEVICE - IDENTIFY PACKET DEVICE - NOP - PACKET - READ SECTOR(S) - SET FEATURES Optional commands as listed in ATA8-ACS3, are: - FLUSH CACHE - READ LOG DMA EXT - READ LOG EXT - WRITE LOG DMA EXT - WRITE LOG EXT All other commands are illegal to send to an ATAPI device and should be rejected by the device. CD_OK removal justifications: 0x06 WIN_DSM Defined in ACS2. Not valid for ATAPI. 0x21 WIN_READ_ONCE Retired in ATA5. Not ATAPI in ATA4. 0x94 WIN_STANDBYNOW2 Retired in ATA4. Did not coexist with ATAPI. 0x95 WIN_IDLEIMMEDIATE2 Retired in ATA4. Did not coexist with ATAPI. 0x96 WIN_STANDBY2 Retired in ATA4. Did not coexist with ATAPI. 0x97 WIN_SETIDLE2 Retired in ATA4. Did not coexist with ATAPI. 0x98 WIN_CHECKPOWERMODE2 Retired in ATA4. Did not coexist with ATAPI. 0x99 WIN_SLEEPNOW2 Retired in ATA4. Did not coexist with ATAPI. 0xE0 WIN_STANDBYNOW1 Not part of ATAPI in ATA4, ACS or ACS3. 0xE1 WIN_IDLEIMMDIATE Not part of ATAPI in ATA4, ACS or ACS3. 0xE2 WIN_STANDBY Not part of ATAPI in ATA4, ACS or ACS3. 0xE3 WIN_SETIDLE1 Not part of ATAPI in ATA4, ACS or ACS3. 0xE4 WIN_CHECKPOWERMODE1 Not part of ATAPI in ATA4, ACS or ACS3. 0xE5 WIN_SLEEPNOW1 Not part of ATAPI in ATA4, ACS or ACS3. 0xF8 WIN_READ_NATIVE_MAX Obsoleted in ACS3. Not ATAPI in ATA4 or ACS. This patch fixes a divide by zero fault that can be caused by sending the WIN_READ_NATIVE_MAX command to an ATAPI drive, which causes it to attempt to use zeroed CHS values to perform sector arithmetic. Reported-by: Qinghao Tang <luodalongde@xxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-id: 1441816082-21031-1-git-send-email-jsnow@xxxxxxxxxx CC: qemu-stable@xxxxxxxxxx commit 00ea63fd18d0b7e0248e476c5150a04a06e79a3b Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Sep 17 14:17:05 2015 -0400 ide-test: add cdrom dma test Now, test the DMA functionality of the ATAPI drive. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1441926555-19471-5-git-send-email-jsnow@xxxxxxxxxx commit f7ba8d7fb6a7f22f8ecf99f61a35079accaba5c4 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Sep 17 14:17:04 2015 -0400 ide-test: add cdrom pio test Add a simple read test for ATAPI devices, using the PIO mechanism. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1441926555-19471-4-git-send-email-jsnow@xxxxxxxxxx commit ab4f705751c39d59e5039a145cf4703320e4207e Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Sep 17 14:17:04 2015 -0400 qtest/ahci: export generate_pattern Share the pattern function for ide and ahci test. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1441926555-19471-3-git-send-email-jsnow@xxxxxxxxxx commit d7531638db73396c9e89ade086bbeab6023656f9 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Sep 17 14:17:04 2015 -0400 qtest/ahci: use generate_pattern everywhere Fix the pattern generation to actually be interesting, and make sure all buffers in the ahci-test actually use it. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1441926555-19471-2-git-send-email-jsnow@xxxxxxxxxx commit ffa4822c015d5670ef6a2239f3cbd2ff2cec57de Merge: 3bf1f5e 0bdaa3a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 18 14:41:53 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2015-09-18' into staging Error reporting patches # gpg: Signature made Fri 18 Sep 2015 13:42:49 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-error-2015-09-18: memory: Fix bad error handling in memory_region_init_ram_ptr() loader: Fix memory_region_init_resizeable_ram() error handling Fix bad error handling after memory_region_init_ram() error: New error_fatal MAINTAINERS: Add "Error reporting" entry error: Copy location information in error_copy() hmp: Allow for error message hints on HMP error: only prepend timestamp on stderr Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0bdaa3a429c6d07cd437b442a1f15f70be1addaa Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Sep 11 16:51:45 2015 +0200 memory: Fix bad error handling in memory_region_init_ram_ptr() Commit ef701d7 screwed up handling of out-of-memory conditions. Before the commit, we report the error and exit(1), in one place. The commit lifts the error handling up the call chain some, to three places. Fine. Except it uses &error_abort in these places, changing the behavior from exit(1) to abort(), and thus undoing the work of commit 3922825 "exec: Don't abort when we can't allocate guest memory". The previous two commits fixed one of the three places, another one was fixed in commit 33e0eb5. This commit fixes the third one. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1441983105-26376-5-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> commit df8abec8cb48f6c439516fd78b3ab6535e6fd493 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Sep 11 16:51:44 2015 +0200 loader: Fix memory_region_init_resizeable_ram() error handling Commit ef701d7 screwed up handling of out-of-memory conditions. Before the commit, we report the error and exit(1), in one place. The commit lifts the error handling up the call chain some, to three places. Fine. Except it uses &error_abort in these places, changing the behavior from exit(1) to abort(), and thus undoing the work of commit 3922825 "exec: Don't abort when we can't allocate guest memory". The previous commit fixed up uses of memory_region_init_ram(). One of them was replaced by memory_region_init_resizeable_ram() [sic!] in commit a166614, so Coccinelle missed it. Fix it up. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1441983105-26376-4-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> commit f8ed85ac992c48814d916d5df4d44f9a971c5de4 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Sep 11 16:51:43 2015 +0200 Fix bad error handling after memory_region_init_ram() Symptom: $ qemu-system-x86_64 -m 10000000 Unexpected error in ram_block_add() at /work/armbru/qemu/exec.c:1456: upstream-qemu: cannot set up guest memory 'pc.ram': Cannot allocate memory Aborted (core dumped) Root cause: commit ef701d7 screwed up handling of out-of-memory conditions. Before the commit, we report the error and exit(1), in one place, ram_block_add(). The commit lifts the error handling up the call chain some, to three places. Fine. Except it uses &error_abort in these places, changing the behavior from exit(1) to abort(), and thus undoing the work of commit 3922825 "exec: Don't abort when we can't allocate guest memory". The three places are: * memory_region_init_ram() Commit 4994653 (right after commit ef701d7) lifted the error handling further, through memory_region_init_ram(), multiplying the incorrect use of &error_abort. Later on, imitation of existing (bad) code may have created more. * memory_region_init_ram_ptr() The &error_abort is still there. * memory_region_init_rom_device() Doesn't need fixing, because commit 33e0eb5 (soon after commit ef701d7) lifted the error handling further, and in the process changed it from &error_abort to passing it up the call chain. Correct, because the callers are realize() methods. Fix the error handling after memory_region_init_ram() with a Coccinelle semantic patch: @r@ expression mr, owner, name, size, err; position p; @@ memory_region_init_ram(mr, owner, name, size, ( - &error_abort + &error_fatal | err@p ) ); @script:python@ p << r.p; @@ print "%s:%s:%s" % (p[0].file, p[0].line, p[0].column) When the last argument is &error_abort, it gets replaced by &error_fatal. This is the fix. If the last argument is anything else, its position is reported. This lets us check the fix is complete. Four positions get reported: * ram_backend_memory_alloc() Error is passed up the call chain, ultimately through user_creatable_complete(). As far as I can tell, it's callers all handle the error sanely. * fsl_imx25_realize(), fsl_imx31_realize(), dp8393x_realize() DeviceClass.realize() methods, errors handled sanely further up the call chain. We're good. Test case again behaves: $ qemu-system-x86_64 -m 10000000 qemu-system-x86_64: cannot set up guest memory 'pc.ram': Cannot allocate memory [Exit 1 ] The next commits will repair the rest of commit ef701d7's damage. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1441983105-26376-3-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> commit a29a37b994ca3c5a1d39fa0e8934f7e0f2cf57ef Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Sep 11 16:51:42 2015 +0200 error: New error_fatal Similar to error_abort, but doesn't report where the error was created, and terminates the process with exit(1) rather than abort(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1441983105-26376-2-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> commit 4f966768acd1d677d24d60a01c160c18a09cce80 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Sat Sep 12 13:29:56 2015 +0200 MAINTAINERS: Add "Error reporting" entry Error reporting work has been flowing through my tree for a while. Time for MAINTAINERS to catch up. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1442057396-21989-1-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> commit 88e2ce291595ed8f12636b40523fdb215a9d3374 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Sep 10 10:34:50 2015 -0600 error: Copy location information in error_copy() Commit 1e9b65bb forgot to propagate source information to copied errors. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1441902890-23064-1-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 50b7b000c9171c1253c1c875f46f654c3c0e1fc8 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Sep 10 10:19:16 2015 -0600 hmp: Allow for error message hints on HMP Commits 7216ae3d and d2828429 disabled some error message hints, all because a change to use modern error reporting meant that the hint would be output prior to the actual error. Fix this by making hints a first-class member of Error. For example, we are now back to the pleasant: $ qemu-system-x86_64 --nodefaults -S --vnc :0 --chardev null,id=, qemu-system-x86_64: --chardev null,id=,: Parameter 'id' expects an identifier Identifiers consist of letters, digits, '-', '.', '_', starting with a letter. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1441901956-21991-1-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 615cf669b55a689f9e535ecf87075e50004b6e0a Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Aug 10 14:15:41 2015 +0100 error: only prepend timestamp on stderr The -msg timestamp=on option prepends a timestamp to error messages. This is useful on stderr where it allows users to identify when an error was raised. Timestamps do not make sense on the monitor since error_report() is called in response to a synchronous monitor command and the user already knows "when" the command was issued. Additionally, the rest of the monitor conversation lacks timestamps so the error timestamp cannot be correlated with other activity. Only prepend timestamps on stderr. This fixes libvirt's 'drive_del' processing, which did not expect a timestamp. Other QEMU monitor clients are probably equally confused by timestamps on monitor error messages. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Seiji Aguchi <seiji.aguchi@xxxxxxx> Cc: Frank Schreuder <fschreuder@xxxxxxxxxx> Cc: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1439212541-16997-1-git-send-email-stefanha@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Tested-by: Frank Schreuder <fschreuder@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 3bf1f5ec6a7ec8ee06c95bf308d213ebaa129ee0 Merge: 16a1b6e 9c708c7 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 18 12:55:27 2015 +0100 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150918' into staging MIPS patches 2015-09-18 Changes: * fixes for rdhwr, tlbwr, mtc0, recip.fmt, rsqrt.fmt and daui instructions * removal of MIPS_DEBUG code * use tcg_gen_extrh_i64_i32() * improve random tlb index generation in cpu_mips_get_random() * exception handling improvements to correctly restore icount # gpg: Signature made Fri 18 Sep 2015 12:15:28 BST using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" * remotes/lalrae/tags/mips-20150918: target-mips: improve exception handling target-mips: correct MTC0 instruction on MIPS64 target-mips: add missing restriction in DAUI instruction target-mips: fix corner case in TLBWR causing QEMU to hang pic32: use LCG algorithm for generated random index of TLBWR instruction target-mips: get rid of MIPS_DEBUG_SIGN_EXTENSIONS target-mips: get rid of MIPS_DEBUG target-mips: Fix RDHWR on CP0.Count target-mips: remove wrong checks for recip.fmt and rsqrt.fmt target-mips: Use tcg_gen_extrh_i64_i32 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9c708c7f9fbb813a3fac02f2728e51e62f2f5ffc Author: Pavel Dovgaluk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:57:08 2015 +0300 target-mips: improve exception handling This patch improves exception handling in MIPS. Instructions generate several types of exceptions. When exception is generated, it breaks the execution of the current translation block. Implementation of the exceptions handling does not correctly restore icount for the instruction which caused the exception. In most cases icount will be decreased by the value equal to the size of TB. This patch passes pointer to the translation block internals to the exception handler. It allows correct restoring of the icount value. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> [leon.alrae@xxxxxxxxxx: avoid retranslation in linux-user SC, break lines which are over 80 chars, remove v3 changelog from the commit message] Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit d54a299b83a07642c85a22bfe19b69ca4def9ec4 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Wed Sep 9 12:44:25 2015 +0100 target-mips: correct MTC0 instruction on MIPS64 MTC0 on a 64-bit processor should move entire 64-bit GPR content to CP0 register. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit db77d8523909b32d798cd2c80de422b68f9e5c42 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Wed Sep 9 14:45:36 2015 +0100 target-mips: add missing restriction in DAUI instruction rs cannot be the zero register, Reserved Instruction exception must be signalled for this case. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 3adafef2f35d9061b56a09071b2589b9e0b36f76 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Thu Sep 10 10:15:28 2015 +0100 target-mips: fix corner case in TLBWR causing QEMU to hang cpu_mips_get_random() function is used to generate a random index from CP0.Wired to TLBSize-1 range. Current implementation avoids generating the same as before value, hence the while loop. If the guest sets CP0.Wired to TLBSize-1 (which actually does not sound to be very practical) QEMU will get stuck in the loop infinitely as we always generate the same index. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit ceb0ee147df35adc7b705da1c84a4624c9cabb21 Author: Serge Vakulenko <serge.vakulenko@xxxxxxxxx> Date: Sun Jul 5 23:14:50 2015 -0700 pic32: use LCG algorithm for generated random index of TLBWR instruction The LFSR algorithm, used for generating random TLB indexes for TLBWR instruction, was inclined to produce a degenerate sequence in some cases. For example, for 16-entry TLB size and Wired=1, it gives: 15, 6, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2... When replaced with LCG algorithm from ISO/IEC 9899 standard, the sequence looks much better, with about the same computational effort needed. Signed-off-by: Serge Vakulenko <serge.vakulenko@xxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit b307446e04232b3a87e9da04886895a8e5a4a407 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Sep 13 23:07:59 2015 +0200 target-mips: get rid of MIPS_DEBUG_SIGN_EXTENSIONS MIPS_DEBUG_SIGN_EXTENSIONS was used sometimes ago to verify that 32-bit instructions correctly sign extend their results. It's now not need anymore, remove it. Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 9d68ac14dab3f5af33a6b23458941dc6fb261fce Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Sep 13 23:07:58 2015 +0200 target-mips: get rid of MIPS_DEBUG MIPS_DEBUG is a define used to dump the instruction disassembling. It has to be defined at compile time. In practice I believe it's more efficient to just look at the instruction disassembly and op dump using -d in_asm,op. This patch therefore removes the corresponding code, which clutters translate.c. Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit cdfcad788394ff53e317043e07b8e34f4987c659 Author: Alex Smith <alex.smith@xxxxxxxxxx> Date: Tue Sep 8 11:34:11 2015 +0100 target-mips: Fix RDHWR on CP0.Count For RDHWR on the CP0.Count register, env->CP0_Count was being returned. This value is a delta against the QEMU_CLOCK_VIRTUAL clock, not the correct current value of CP0.Count. Use cpu_mips_get_count() instead. Signed-off-by: Alex Smith <alex.smith@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit ca6c7803d2beae43299a80f4549d36579881fc0b Author: Petar Jovanovic <petar.jovanovic@xxxxxxxxxx> Date: Wed Aug 26 14:12:20 2015 +0200 target-mips: remove wrong checks for recip.fmt and rsqrt.fmt Instructions recip.{s|d} and rsqrt.{s|d} do not require 64-bit FPU neither they require any particular mode for its FPU. This patch removes the checks that may break a program that uses these instructions. Signed-off-by: Petar Jovanovic <petar.jovanovic@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 71f303cd246ae22ce6fdacb3801b5abbca25c409 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Sep 2 15:50:14 2015 -0700 target-mips: Use tcg_gen_extrh_i64_i32 We can tidy gen_load_fpr32h, as well as introduce a helper to cleanup the MACC instructions. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit aaeda4a3c9e4d1d25c65ce8ca98e2de06daf1eec Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Sep 17 14:17:04 2015 -0400 ide: unify io_buffer_offset increments IDEState's io_buffer_offset was originally added to keep track of offsets in AHCI rather exclusively, but it was added to IDEState instead of an AHCI-specific structure. AHCI fakes all PIO transfers using DMA and a scatter-gather list. When the core or atapi layers invoke HBA-specific mechanisms for transfers, they do not always know that it is being backed by DMA or a sglist, so this offset is not always updated by the HBA code everywhere. If we modify it in dma_buf_commit, however, any HBA that needs to use this offset to manage operating on only part of a sglist will have access to it. This will fix ATAPI PIO transfers performed through the AHCI HBA, which were previously not modifying this value appropriately. This will fix ATAPI PIO transfers larger than one sector. Reported-by: Hannes Reinecke <hare@xxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Tested-by: Laszlo Ersek <lersek@xxxxxxxxxx> Message-id: 1440546331-29087-2-git-send-email-jsnow@xxxxxxxxxx CC: qemu-stable@xxxxxxxxxx commit 16a1b6e97c2a2919fd296db4bea2f9da2ad3cc4d Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Fri May 4 12:54:34 2012 +0200 target-cris: update CPU state save/load to use VMStateDescription Update the CRIS CPU state save/load to use a VMStateDescription struct rather than cpu_save/cpu_load functions. Have to define TLBSet struct. Multidimensional arrays in C are a mess, just unroll them. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> [PMM: * expand commit message a little since it's no longer one patch in a 35-patch series * add header/copyright comment to machine.c; credited copyright is Red Hat and author is Juan, since this commit gives the file all-new contents; license is LGPL-2-or-later, to match other target-cris code * remove hardcoded tab * add fields for locked_irq, interrupt_vector, fault_vector, trap_vector * drop minimum_version_id_old fields * bump version_id to 2 as we are not compatible with old state format * remove unnecessary hw/boards.h include * update to register via dc->vmsd] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Acked-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit cc450bfdc030d1943d99b3cb526a3e2cb4f3cd72 Merge: 1c9f03b 271a234 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 17 13:07:50 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Thu 17 Sep 2015 12:43:56 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: net: smc91c111: flush packets on RCR register changes net: smc91c111: gate can_receive() on rx FIFO having a slot net: smc91c111: guard flush_queued_packets() on can_rx() MAINTAINERS: Stefan will not maintain net subsystem Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 271a234a2359975101396916f37f3c7d347c61b8 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 21:24:12 2015 -0700 net: smc91c111: flush packets on RCR register changes The SOFT_RST or RXEN in the control register can be used as a condition to unblock the net layer via can_receive(). So check for possible flushes on RCR changes. This will drop all pending packets on soft reset or disable which is the functional intent of the can_receive() logic. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard Purdie <richard.purdie@xxxxxxxxxxxxxxxxxxx> Message-id: b114d4c96f4afbdaa15f1361d9c07e3021755915.1441873621.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e62cb54cd5d08dc1c029f254b0d18faa138971b2 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 21:23:57 2015 -0700 net: smc91c111: gate can_receive() on rx FIFO having a slot Return false from can_receive() when the FIFO doesn't have a free RX slot. This fixes a bug in the current code where the allocated buffer is freed before the fifo pop, triggering a premature flush of queued RX packets. It also will handle a corner case, where the guest manually frees the allocated buffer before popping the rx FIFO (hence it is not enough to just delay the flush_queued_packets()). Reported-by: Richard Purdie <richard.purdie@xxxxxxxxxxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard Purdie <richard.purdie@xxxxxxxxxxxxxxxxxxx> Message-id: 97bfdfc5cbce0bd5e0cbbbff35ce7a1bf6f8603d.1441873621.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 8d06b149271cbd5b19bed5bde8da5ecef40ecbc6 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 21:23:43 2015 -0700 net: smc91c111: guard flush_queued_packets() on can_rx() Check that the core can once again receive packets before asking the net layer to do a flush. This will make it more convenient to flush packets when adding new conditions to can_receive. Add missing if braces while moving the can_receive() core code. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard Purdie <richard.purdie@xxxxxxxxxxxxxxxxxxx> Message-id: 92e15e12a6964274f4bc0eb71b61a7d94326f6c6.1441873621.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1c9f03b81ce9136cf1bd3c111582b320b507dfec Merge: 3c4698d d626834 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Sep 16 18:06:54 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * Linux header update and cleanup * Support for HyperV crash report * Cleanup of target-specific HMP commands * Multiarch batch * Checkpatch fix for Perl 5.22 * NBD fix * Revert incorrect commit 5243722376 # gpg: Signature made Wed 16 Sep 2015 16:39:01 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" * remotes/bonzini/tags/for-upstream: (24 commits) nbd: release exp->blk after all clients are closed checkpatch: Escape left braces in regex monitor: uninclude cpu_ldst include/exec: Move cputlb exec.c defs out cputlb: Change tlb_set_dirty() arg to cpu cputlb: move CPU_LOOP() for tlb_reset() to exec.c translate: move real_host_page setting to -common tcg: Move tci_tb_ptr to -common tcg: split tcg_op_defs to -common translate-all: Move tcg_handle_interrupt() to -common cpu-exec: Migrate some generic fns to cpu-exec-common qemu-char: Use g_new() & friends where that makes obvious sense monitor: added generation of documentation for hmp-commands-info.hx hmp-commands.hx: fix end of table info monitor: remove target-specific code from monitor.c hmp-commands-info: move info_cmds content out of monitor.c i386/kvm: Hyper-v crash msrs set/get'ers and migration kvm: Add kvm system event crash handler cpu: Add crash_occurred flag into CPUState target-i386: move asm-x86/hyperv.h to standard-headers ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d6268348493f32ecc096caa637620757472a1196 Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Wed Sep 16 16:35:46 2015 +0800 nbd: release exp->blk after all clients are closed If the socket fd is shutdown, there may be some data which is received before shutdown. We will read the data and do read/write in nbd_trip(). But the exp's blk is NULL, and it will cause qemu crashed. Reported-by: Li Zhijian <lizhijian@xxxxxxxxxxxxxx> Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Message-Id: <55F929E2.1020501@xxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 04f2562f8ec6af573508880ac607d098a5d3ad7f Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Sep 11 19:07:36 2015 +0800 checkpatch: Escape left braces in regex Latest perl now deprecates "{" literal in regex and print warnings like "unescaped left brace in regex is deprecated". Add escape to keep it happy. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1441969656-2640-1-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e6b65fe1c234b5f63af075b9c85691ea744ead34 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:45 2015 -0700 monitor: uninclude cpu_ldst This header is non-needed anymore and wont work in multi-arch where this service is not provided to core code. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <4e96622ab5320603829b6f94b8c4e94d573d34fc.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit dfccc7602374c9fd3b083208b552d62daa244811 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:43 2015 -0700 include/exec: Move cputlb exec.c defs out Move the architecture agnostic function prototypes for exec.c out of cputlb.h to exec-all.h. This allows hiding of the arch specific cputlb.h from exec.c which should be getting close to having no architecture specifics. Prepares support for multi-arch, which will have a minimal cpu.h that services exec.c but not cputlb.h. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <b4fe754c58c860315e35d44430c26b1c967ce2c9.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bcae01e468d961ad9afaf4148329147e4be209ab Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:42 2015 -0700 cputlb: Change tlb_set_dirty() arg to cpu Change tlb_set_dirty() to accept a CPU instead of an env pointer. This allows for removal of another CPUArchState usage from prototypes that need to be QOMified. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <d2b1dcbe7945112989861d8ba7369449c11cc273.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9a13565d52bfd321934fb44ee004bbaf5f5913a8 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:41 2015 -0700 cputlb: move CPU_LOOP() for tlb_reset() to exec.c To prepare for multi-arch, cputlb.c should only have awareness of one single architecture. This means it should not have access to the full CPU lists which may be heterogeneous. Instead, push the CPU_LOOP() up to the one and only caller in exec.c. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <db06dc6c49f8970caaf116d0385f00ee10a56f2f.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5f12a788c04cf36442f3be00ebf6fdc3b8c8c4ba Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:36 2015 -0700 translate: move real_host_page setting to -common Move the size and mask globals for the "real" host page size to translate-common. This is to allow system-level code to use REAL_HOST_PAGE_ALIGN and friends in builds which hide translate-all behind arch-obj. Cc: dgilbert@xxxxxxxxxx Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <b437638691f044bc690a7f03b1240c8b0f34ab57.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 162e992270fd3587b21fa77fd4a8ccc879c402c9 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:35 2015 -0700 tcg: Move tci_tb_ptr to -common This requires global visibility to common code. Move to tcg-common. Cc: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <cb0340eba225ab4945aa6cf7c9013f33aa05bcf8.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7d8f787d9d261d6880b69e35ed682241e3f9242f Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:34 2015 -0700 tcg: split tcg_op_defs to -common tcg_op_defs (and the _max) are both needed by the TCI disassembler. For multi-arch, tcg.c will be multiple-compiled (arch-obj) with its symbols hidden from common code. So split the definition off to new file, tcg-common.c which will remain a regular obj-y for use by both the TCI disas as well as the multiple tcg.c's. Cc: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <4b607425886d85aee65878e4935dfad46b3e6085.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9b68a7754a892d8deb7696cfe609fe2ec3c6034a Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:33 2015 -0700 translate-all: Move tcg_handle_interrupt() to -common Move this function to common code. It has no arch specific dependencies. Prepares support for multi-arch where the translate-all interface needs to be virtualised. One less thing to virtualise. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <44a7c73604ed2552af47ed02b047b6a772b683e0.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5abf9495ca9ff41160260ac274115825c10545cc Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:31 2015 -0700 cpu-exec: Migrate some generic fns to cpu-exec-common The goal is to split the functions such that cpu-exec is CPU specific content, while cpus-exec-common.c is generic code only. The function interface to cpu-exec needs to be virtualised to prepare support for multi-arch and moving these definitions out saves bloating the QOM interface. So move these definitions out of cpu-exec to a new module, cpu-exec-common. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <3cefeb3fbbb33031670951a0e74de2778529da3f.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2d528d45ecf5ee3c1a566a9f3d664464925ef830 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Sep 14 13:54:03 2015 +0200 qemu-char: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1442231643-23630-1-git-send-email-armbru@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2cd8af2d44268ffd4d224d6c297e8c644c01fa8d Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Thu Sep 10 18:39:01 2015 +0300 monitor: added generation of documentation for hmp-commands-info.hx It will be easier if you need to add info-commands to edit only hmp-commands-info.hx, before this had to edit monitor.c and hmp-commands.hx. From the build point of view all documentation is saved into qemu-monitor-info.texi which from now on is used for all user documentation building. Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1441899541-1856-5-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 70703344de56c2119fcb7c2e01be3fa02087fb3c Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Thu Sep 10 18:39:00 2015 +0300 hmp-commands.hx: fix end of table info The table info(information about the system state) closes earlier and some of its elements are outside(trace-events, rocker, etc). This can be confusing and lead to additional bugs. Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1441899541-1856-4-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bf957284006b6325e6ed64fd839c237c15b42029 Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Thu Sep 10 18:38:59 2015 +0300 monitor: remove target-specific code from monitor.c Move target-specific code out of /monitor.c to /target-*/monitor.c, this will avoid code cluttering and using random ifdeffery. The solution is quite simple, but solves the issue of the separation of target-specific code from monitor. Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1441899541-1856-3-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit da76ee76f78b9705e2a91e3c964aef28fecededb Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Thu Sep 10 18:38:58 2015 +0300 hmp-commands-info: move info_cmds content out of monitor.c For moving target- and device-specific code from monitor.c, to beginning we move info_cmds content to hmp-commands-info.hx Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1441899541-1856-2-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f2a53c9e05a24352a0f9740db0539ce5aeed22ca Author: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Date: Wed Sep 9 14:41:30 2015 +0200 i386/kvm: Hyper-v crash msrs set/get'ers and migration KVM Hyper-V based guests can notify hypervisor about occurred guest crash by writing into Hyper-V crash MSR's. This patch does handling and migration of HV_X64_MSR_CRASH_P0-P4, HV_X64_MSR_CRASH_CTL msrs. User can enable these MSR's by 'hv-crash' option. Signed-off-by: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas Färber <afaerber@xxxxxxx> Message-Id: <1435924905-8926-13-git-send-email-den@xxxxxxxxxx> [Folks, stop abrviating variable names!!! Also fix compilation on non-Linux/x86. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7c207b90465bc16a39b9fb8d9194f161059f69bf Author: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Date: Fri Jul 3 15:01:43 2015 +0300 kvm: Add kvm system event crash handler KVM kernel can send guest crash events into userspace. Appropriate guest crash handler is called when kernel guest crash event received. Guest crash event recognized by a KVM_SYSTEM_EVENT_CRASH type of system event. Signed-off-by: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas Färber <afaerber@xxxxxxx> Message-Id: <1435924905-8926-11-git-send-email-den@xxxxxxxxxx> [Rebase: add lock/unlock iothread around qemu_system_guest_panicked - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bac05aa9a77af1ca7972c8dc07560f4daa7c2dfc Author: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Date: Fri Jul 3 15:01:44 2015 +0300 cpu: Add crash_occurred flag into CPUState CPUState::crash_occurred field inside CPUState marks that guest crash occurred. This value is added into cpu common migration subsection. Signed-off-by: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas Färber <afaerber@xxxxxxx> Message-Id: <1435924905-8926-12-git-send-email-den@xxxxxxxxxx> [Document the new field. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 73aa529a48b4ed7fce21fc74e62fb24db526af5f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Sep 9 15:25:52 2015 +0200 target-i386: move asm-x86/hyperv.h to standard-headers The Hyper-V definitions are an industry standard and can be used from code that is not KVM-specific. Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit eddb4de3cc1403546b29e260068c4c1397cbd62d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Sep 9 15:25:52 2015 +0200 update-linux-headers: copy standard-headers files one by one cp_virtio is called for both the asm-s390/ and linux/ directories, so it looks for pci_regs.h and input.h files in asm-s390/ too. This makes little sense. In the next patch we will have the opposite problem; we want to add asm-x86/hyperv.h, and there's also a linux/hyperv.h file with unwanted dependencies on additional Linux uapi headers. We do not want to copy linux/hyperv.h. The solution is to make cp_virtio (now renamed to cp_portable) copy one file only, instead of using the "find" command, and call it multiple times. The new function is really just a reindentation of the old one. Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 120758fba4c52d1ccf3a8ae1fe3b7495f2b584d8 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Sep 9 14:50:17 2015 +0200 update Linux headers to 4.3-rc1 The update to 4.2 was reviewed by Michael S. Tsirkin and Cornelia Huck. The further update to 4.3-rc1 only touches KVM files. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 84090bbce91a386ae6e5f61b26f36783196712d2 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Sep 10 11:31:12 2015 +0200 pci: remove Link Training error from AER error list The spec says: Undefined â?? The value read from this bit is undefined. In previous versions of this specification, this bit was used to indicate a Link Training Error. System software must ignore the value read from this bit. System software is permitted to write any value to this bit. Do not allow injecting it. Suggested-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 05620f85e930b0ac3dc22fdf8e4c390fa11afdeb Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Sep 16 14:26:59 2015 +0200 Revert "rcu: init rcu_registry_lock after fork" This reverts commit 5243722376873a48e9852a58b91f4d4101ee66e4. The patch forgot about rcu_sync_lock and was committed by mistake. Reported-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3c4698d0b5cb19212868f94f0ba4743c2c86f91f Merge: 1a3abef 4054cde Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Sep 16 16:19:49 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-target-i386-20150915' into staging Exception handling improvments from Pavel Dovgalyuk. # gpg: Signature made Tue 15 Sep 2015 20:36:14 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-target-i386-20150915: target-i386: exception handling for other helper functions target-i386: exception handling for seg_helper functions target-i386: exception handling for memory helpers target-i386: exception handling for div instructions target-i386: exception handling for FPU instructions target-i386: introduce new raise_exception functions Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5fc51cc3ddcc7035313fc3e0ee6f351b5c083491 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Wed Sep 16 11:05:30 2015 +0800 MAINTAINERS: Stefan will not maintain net subsystem Talked with Stefan, he will not maintain net subsystem. Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1442372730-11360-1-git-send-email-jasowang@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 4054cdec0423c7190bfc733c27c303d513d531ab Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:57:41 2015 +0300 target-i386: exception handling for other helper functions This patch fixes exception handling for other helper functions. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 100ec0991958d0c1b61f140e64dbe92991c6dd2c Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:57:36 2015 +0300 target-i386: exception handling for seg_helper functions This patch fixes exception handling for seg_helper functions. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2afbdf84807d673eb682cb78158e11cdacbf4673 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:57:30 2015 +0300 target-i386: exception handling for memory helpers This patch fixes exception handling for memory helpers and removes obsolete PC update from translate.c. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit cc33c5d66bb315f77739f761a3f868a7d138c041 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:57:25 2015 +0300 target-i386: exception handling for div instructions This patch fixes exception handling for div instructions and removes obsolete PC update from translate.c. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 6cad09d2f74d7318f737acaa21b3da49a0c9e670 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:57:19 2015 +0300 target-i386: exception handling for FPU instructions This patch fixes exception handling for FPU instructions and removes obsolete PC update from translate.c. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9198009529d06b6489b68a7505942cca3a50893f Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:57:13 2015 +0300 target-i386: introduce new raise_exception functions This patch introduces new versions of raise_exception functions that receive TB return address as an argument. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 1a3abef74b5df6d6d3e851aaeacac8f265adcf80 Merge: 6196224 461aa67 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 15 17:24:27 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tile-20150915' into staging TileGX basic instructions # gpg: Signature made Tue 15 Sep 2015 15:57:08 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tile-20150915: (35 commits) target-tilegx: Handle v1shl, v1shru, v1shrs target-tilegx: Handle v1shli, v1shrui target-tilegx: Handle v4int_l/h target-tilegx: Handle atomic instructions target-tilegx: Handle mtspr, mfspr target-tilegx: Handle v1cmpeq, v1cmpne target-tilegx: Handle mask instructions target-tilegx: Handle scalar multiply instructions target-tilegx: Handle conditional move instructions target-tilegx: Handle shift instructions target-tilegx: Handle bitfield instructions target-tilegx: Implement system and memory management instructions target-tilegx: Handle comparison instructions target-tilegx: Handle conditional branch instructions target-tilegx: Handle unconditional jump instructions target-tilegx: Handle post-increment load and store instructions target-tilegx: Handle basic load and store instructions target-tilegx: Handle most bit manipulation instructions target-arm: Use new revbit functions host-utils: Add revbit functions ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 461aa6783eec27f209b026c6647fc7a83b2997cd Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 24 08:56:45 2015 -0700 target-tilegx: Handle v1shl, v1shru, v1shrs Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 3be19e8c83949b62895dd27866e26a1bf806ad56 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 24 08:13:59 2015 -0700 target-tilegx: Handle v1shli, v1shrui Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 5151c69abcc049a587b894f0b8e19e1c6d72dc1d Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 24 08:01:52 2015 -0700 target-tilegx: Handle v4int_l/h Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 0583b2332355dadb2d4681fe5a4eca882eb5b889 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 24 07:55:47 2015 -0700 target-tilegx: Handle atomic instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 03b217b168edfb45501146e98f60a6aea6bbb943 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Aug 22 14:19:45 2015 -0700 target-tilegx: Handle mtspr, mfspr Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit e7346cf0366b2167ddd2cfe9197018bf0ebccbaf Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Aug 22 12:37:59 2015 -0700 target-tilegx: Handle v1cmpeq, v1cmpne Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 661ff7431fb33bc29c6b27e053e1e7656105a106 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Aug 22 10:42:44 2015 -0700 target-tilegx: Handle mask instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 4ff49775ecc5e975ca5e4c1b6be25fb611ab38fa Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Aug 22 10:37:38 2015 -0700 target-tilegx: Handle scalar multiply instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit f090f9f7ce6bc112710a693e176341b5031eafd8 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Aug 22 00:15:07 2015 -0700 target-tilegx: Handle conditional move instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2369976deb9fa03bb32be690025a6f51de4cd377 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 14:41:41 2015 -0700 target-tilegx: Handle shift instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit c06b1817297b4486c372950b4f65d34417aa01d0 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 14:06:57 2015 -0700 target-tilegx: Handle bitfield instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit d5dbd6eb388a936bb4ea027c48f8f960ae3977c9 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 13:14:25 2015 -0700 target-tilegx: Implement system and memory management instructions Most of which are either nops or exceptions. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 73c543776b6983178026f744d3579ae16ae9b5b2 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 11:57:42 2015 -0700 target-tilegx: Handle comparison instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit e04e98bf277309c3964cfd773c0d4c0428f64399 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 11:03:37 2015 -0700 target-tilegx: Handle conditional branch instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit c230a9944dc902e595852b9cd764e4b12d0dc541 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 10:23:07 2015 -0700 target-tilegx: Handle unconditional jump instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 01cd675cfe89c62b27d3d6e28c0fae503c803bf0 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 09:49:44 2015 -0700 target-tilegx: Handle post-increment load and store instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 0426335d4fedb506197ccfd5aadbee2c9c5cd13b Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 09:47:56 2015 -0700 target-tilegx: Handle basic load and store instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 7f41a8d67232bee48ede90ea43f962fdb9e98371 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Aug 20 21:30:51 2015 -0700 target-tilegx: Handle most bit manipulation instructions The crc instructions are omitted from this set. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 42fedbca8f5b54324ed89be3484d4a3dc9946387 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 13:38:53 2015 -0700 target-arm: Use new revbit functions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 652a4b7e736f432a6809d1d2b52d169ab0b9aa3b Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 13:00:34 2015 -0700 host-utils: Add revbit functions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 89b8c7504fbc53a35c76e7738dbdf53f3c254b8f Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Aug 20 21:11:28 2015 -0700 target-tilegx: Handle arithmetic instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit a9fdfc7e7bf122f603486f4277db91a3d0d274ab Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 24 08:31:10 2015 -0700 target-tilegx: Handle simple logical operations Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 444e06b17201a16a77f070955dc2d518cbaf36aa Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:43:37 2015 +0800 target-tilegx: Add TILE-Gx building files Add related configuration and make files for tilegx. The target can now build, though not run anything. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <BLU436-SMTP1588E5A03AD5E94B07E988B9660@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9b9dc7aceca411f1fb69d5426e5e88dd204813ed Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 11:49:38 2015 -0700 target-tilegx: Generate SEGV properly Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 619622424dba749feef752d76d79ef2569f7f250 Merge: 1078f5d 3e305e4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 15 15:42:58 2015 +0100 Merge remote-tracking branch 'remotes/berrange/tags/vnc-crypto-v9-for-upstream' into staging Merge vnc-crypto-v9 # gpg: Signature made Tue 15 Sep 2015 15:32:38 BST using RSA key ID 15104FDF # gpg: Good signature from "Daniel P. Berrange <dan@xxxxxxxxxxxx>" # gpg: aka "Daniel P. Berrange <berrange@xxxxxxxxxx>" * remotes/berrange/tags/vnc-crypto-v9-for-upstream: ui: convert VNC server to use QCryptoTLSSession ui: fix return type for VNC I/O functions to be ssize_t crypto: introduce new module for handling TLS sessions crypto: add sanity checking of TLS x509 credentials crypto: introduce new module for TLS x509 credentials crypto: introduce new module for TLS anonymous credentials crypto: introduce new base module for TLS credentials qom: allow QOM to be linked into tools binaries crypto: move crypto objects out of libqemuutil.la tests: remove repetition in unit test object deps qapi: allow override of default enum prefix naming Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8fd29dd72b44b08af536248cbfc77f5c6bdf803d Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Aug 20 20:36:48 2015 -0700 target-tilegx: Framework for decoding bundles Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 5b212be632c8ec1e1fd851055445562ebe705352 Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:41:51 2015 +0800 target-tilegx: Add several helpers for instructions translation The related instructions are exception, cntlz, cnttz, shufflebytes. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <BLU436-SMTP83F96FD8422BE49AFDC9DFB9660@xxxxxxx> [rth: Remove incorrect implementation of add_saturate.] Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9f64170df2c767ea65adee6434968034fb2ff5aa Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:41:01 2015 +0800 target-tilegx: Add cpu basic features for linux-user It implements minimized cpu features for linux-user. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <BLU436-SMTP114819BB03D853801AA9C3CB9660@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit b69773a8a70d64189c5caa8d328dc2b6bfb7007d Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:40:18 2015 +0800 target-tilegx: Add special register information from Tilera Corporation The related copy is from Linux kernel "arch/tile/include/uapi/arch/ spr_def_64.h". Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <BLU436-SMTP1093D605AAE9B4837B564B8B9660@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 4fe221820f99251eaa4307bf45145651740803e5 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 09:49:30 2015 -0700 target-tilegx: Fix LDNA_ADD_IMM8_OPCODE_X1 An obvious typo in the mnemonic here. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit c6c00e17229863dedd710e53da732190f7660aa6 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Aug 20 20:40:14 2015 -0700 target-tilegx: Modify _SPECIAL_ opcodes Both ADDX_SPECIAL_0_OPCODE_Y1 and ADD_SPECIAL_0_OPCODE_Y1 do not appear to be "special" in any way, except that they don't follow the normal naming convention using _RRR_. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2c56c87fcf1355fbc9da20d06ebe7ddb320ada92 Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:39:33 2015 +0800 target-tilegx: Modify opcode_tilegx.h to fit QEMU usage Use 'inline' instead of '__inline', and also use 'uint64_t' instead of "unsigned long long" Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <BLU436-SMTP1945B04384351D5EE7D9DECB9660@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit b1406c6c5912d820b0a0b11b89623fae96fc74bc Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:38:46 2015 +0800 target-tilegx: Add opcode basic implementation from Tilera Corporation It is copied from Linux kernel "arch/tile/include/uapi/arch/ opcode_tilegx.h". Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <BLU436-SMTP2087FA98B64A20B25155D9AB9660@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 704eff6c23fc807e0c7f729518f73fb7ad26d98c Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:37:33 2015 +0800 linux-user: Conditionalize syscalls which are not defined in tilegx Some of architectures (e.g. tilegx), several syscall macros are not supported, so switch them. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <BLU436-SMTP457D6FC9B2B9BA87AEB22CB9660@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit b16189b22244e4cc158a3425b377b219586ec8ca Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:36:37 2015 +0800 linux-user: Support tilegx architecture in linux-user Add main working flow feature, system call processing feature, and elf64 tilegx binary loading feature, based on Linux kernel tilegx 64-bit implementation. [rth: Moved all of the implementation of atomic instructions to a later patch.] Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <BLU436-SMTP938552D42808AA60634582B9660@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 3e305e4a4752f70c0b5c3cf5b43ec957881714f7 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Thu Aug 6 14:39:32 2015 +0100 ui: convert VNC server to use QCryptoTLSSession Switch VNC server over to using the QCryptoTLSSession object for the TLS session. This removes the direct use of gnutls from the VNC server code. It also removes most knowledge about TLS certificate handling from the VNC server code. This has the nice effect that all the CONFIG_VNC_TLS conditionals go away and the user gets an actual error message when requesting TLS instead of it being silently ignored. With this change, the existing configuration options for enabling TLS with -vnc are deprecated. Old syntax for anon-DH credentials: -vnc hostname:0,tls New syntax: -object tls-creds-anon,id=tls0,endpoint=server \ -vnc hostname:0,tls-creds=tls0 Old syntax for x509 credentials, no client certs: -vnc hostname:0,tls,x509=/path/to/certs New syntax: -object tls-creds-x509,id=tls0,dir=/path/to/certs,endpoint=server,verify-peer=no \ -vnc hostname:0,tls-creds=tls0 Old syntax for x509 credentials, requiring client certs: -vnc hostname:0,tls,x509verify=/path/to/certs New syntax: -object tls-creds-x509,id=tls0,dir=/path/to/certs,endpoint=server,verify-peer=yes \ -vnc hostname:0,tls-creds=tls0 This aligns VNC with the way TLS credentials are to be configured in the future for chardev, nbd and migration backends. It also has the benefit that the same TLS credentials can be shared across multiple VNC server instances, if desired. If someone uses the deprecated syntax, it will internally result in the creation of a 'tls-creds' object with an ID based on the VNC server ID. This allows backwards compat with the CLI syntax, while still deleting all the original TLS code from the VNC server. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 2cb154bc19854232b5379236dd9dfc06d83ced1e Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:35:43 2015 +0800 linux-user: tilegx: Add architecture related features They are based on Linux kernel tilegx architecture for 64 bit binary, and also based on tilegx ABI reference document, and also reference from other targets implementations. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <BLU436-SMTP2508945F92945BB525605A3B9660@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit fdd1ab6ad5c27a1564a1c73045908736b228458b Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Thu Aug 6 15:35:55 2015 +0100 ui: fix return type for VNC I/O functions to be ssize_t Various VNC server I/O functions return 'long' and then also pass this to a method accepting 'int'. All these should be ssize_t to match the signature of read/write APIs and thus avoid potential for integer truncation / wraparound. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit d321e1e5268103af616ec4c623c6326c3f7c7bc7 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Mon Mar 2 17:23:31 2015 +0000 crypto: introduce new module for handling TLS sessions Introduce a QCryptoTLSSession object that will encapsulate all the code for setting up and using a client/sever TLS session. This isolates the code which depends on the gnutls library, avoiding #ifdefs in the rest of the codebase, as well as facilitating any possible future port to other TLS libraries, if desired. It makes use of the previously defined QCryptoTLSCreds object to access credentials to use with the session. It also includes further unit tests to validate the correctness of the TLS session handshake and certificate validation. This is functionally equivalent to the current TLS session handling code embedded in the VNC server, and will obsolete it. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 9a2fd4347c40321f5cbb4ab4220e759fcbf87d03 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Mon Apr 13 14:01:39 2015 +0100 crypto: add sanity checking of TLS x509 credentials If the administrator incorrectly sets up their x509 certificates, the errors seen at runtime during connection attempts are very obscure and difficult to diagnose. This has been a particular problem for people using openssl to generate their certificates instead of the gnutls certtool, because the openssl tools don't turn on the various x509 extensions that gnutls expects to be present by default. This change thus adds support in the TLS credentials object to sanity check the certificates when QEMU first loads them. This gives the administrator immediate feedback for the majority of common configuration mistakes, reducing the pain involved in setting up TLS. The code is derived from equivalent code that has been part of libvirt's TLS support and has been seen to be valuable in assisting admins. It is possible to disable the sanity checking, however, via the new 'sanity-check' property on the tls-creds object type, with a value of 'no'. Unit tests are included in this change to verify the correctness of the sanity checking code in all the key scenarios it is intended to cope with. As part of the test suite, the pkix_asn1_tab.c from gnutls is imported. This file is intentionally copied from the (long since obsolete) gnutls 1.6.3 source tree, since that version was still under GPLv2+, rather than the GPLv3+ of gnutls >= 2.0. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 85bcbc789eb65b54548a507b747ffffe6175b404 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Mar 13 17:39:26 2015 +0000 crypto: introduce new module for TLS x509 credentials Introduce a QCryptoTLSCredsX509 class which is used to manage x509 certificate TLS credentials. This will be the preferred credential type offering strong security characteristics Example CLI configuration: $QEMU -object tls-creds-x509,id=tls0,endpoint=server,\ dir=/path/to/creds/dir,verify-peer=yes The 'id' value in the -object args will be used to associate the credentials with the network services. For example, when the VNC server is later converted it would use $QEMU -object tls-creds-x509,id=tls0,.... \ -vnc 127.0.0.1:1,tls-creds=tls0 Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit e00adf6c3edf8dbbe7eb60c94e24fe2158e8342f Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Mar 13 17:39:26 2015 +0000 crypto: introduce new module for TLS anonymous credentials Introduce a QCryptoTLSCredsAnon class which is used to manage anonymous TLS credentials. Use of this class is generally discouraged since it does not offer strong security, but it is required for backwards compatibility with the current VNC server implementation. Simple example CLI configuration: $QEMU -object tls-creds-anon,id=tls0,endpoint=server Example using pre-created diffie-hellman parameters $QEMU -object tls-creds-anon,id=tls0,endpoint=server,\ dir=/path/to/creds/dir The 'id' value in the -object args will be used to associate the credentials with the network services. For example, when the VNC server is later converted it would use $QEMU -object tls-creds-anon,id=tls0,.... \ -vnc 127.0.0.1:1,tls-creds=tls0 Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit a090187de116a3d0b8146ca481249c8fc83ad3ee Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Mar 13 17:39:26 2015 +0000 crypto: introduce new base module for TLS credentials Introduce a QCryptoTLSCreds class to act as the base class for storing TLS credentials. This will be later subclassed to provide handling of anonymous and x509 credential types. The subclasses will be user creatable objects, so instances can be created & deleted via 'object-add' and 'object-del' QMP commands respectively, or via the -object command line arg. If the credentials cannot be initialized an error will be reported as a QMP reply, or on stderr respectively. The idea is to make it possible to represent and manage TLS credentials independently of the network service that is using them. This will enable multiple services to use the same set of credentials and minimize code duplication. A later patch will convert the current VNC server TLS code over to use this object. The representation of credentials will be functionally equivalent to that currently implemented in the VNC server with one exception. The new code has the ability to (optionally) load a pre-generated set of diffie-hellman parameters, if the file dh-params.pem exists, whereas the current VNC server will always generate them on startup. This is beneficial for admins who wish to avoid the (small) time sink of generating DH parameters at startup and/or avoid depleting entropy. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 0c7012e0558e4312e575fd4c70652d8ef2265ff7 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Sep 2 11:18:16 2015 +0100 qom: allow QOM to be linked into tools binaries The qom objects are currently added to common-obj-y which is only linked into the system emulators. The later crypto patches will depend on QOM infrastructure and will also be used from tools binaries. Thus the QOM objects are moved into a new qom-obj-y variable which can be referenced when linking tools, system emulators and tests. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit fb37726db77b21f3731b90693d2c93ade1777528 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Sep 2 10:57:27 2015 +0100 crypto: move crypto objects out of libqemuutil.la Future patches will be adding more crypto related APIs which rely on QOM infrastructure. This creates a problem, because QOM relies on library constructors to register objects. When you have a file in a static .a library though which is only referenced by a constructor the linker is dumb and will drop that file when linking to the final executable :-( The only workaround for this is to link the .a library to the executable using the -Wl,--whole-archive flag, but this creates its own set of problems because QEMU is relying on lazy linking for libqemuutil.a. Using --whole-archive majorly increases the size of final executables as they now contain a bunch of object code they don't actually use. The least bad option is to thus not include the crypto objects in libqemuutil.la, and instead define a crypto-obj-y variable that is referenced directly by all the executables that need this code (tools + softmmu, but not qemu-ga). We avoid pulling entire of crypto-obj-y into the userspace emulators as that would force them to link to gnutls too, which is not required. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 1078f5db8ada5097600443838492ef07103790c2 Merge: b76a0d5 2cb5d2a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 15 14:11:28 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-gtk-20150915-1' into staging gtk: misc grab tweaks, locale fix. # gpg: Signature made Tue 15 Sep 2015 11:35:36 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-gtk-20150915-1: gtk: use setlocale() for LC_MESSAGES only gtk: don't grab input when entering fullscreen. gtk: set free_scale when setting zoom_fit gtk: trace input grab reason gtk: move gd_update_caption calls to gd_{grab,ungrab}_{pointer,keyboard} gtk: check for existing grabs in gd_grab_{pointer,keyboard} Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b76a0d5db25ad9f81346930230092fdf1e88a5a1 Merge: 007e620 737d2b3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 15 13:03:53 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging This net pull request contains security fixes for qemu.git/master. The patches should also be applied to stable trees. The ne2000 NIC model has QEMU memory corruption issue. Both ne2000 and e1000 have an infinite loop. Please see the patches for CVE numbers and details on the bugs. # gpg: Signature made Tue 15 Sep 2015 13:02:21 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: net: avoid infinite loop when receiving packets(CVE-2015-5278) net: add checks to validate ring buffer pointers(CVE-2015-5279) e1000: Avoid infinite loop in processing transmit descriptor (CVE-2015-6815) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 737d2b3c41d59eb8f94ab7eb419b957938f24943 Author: P J P <pjp@xxxxxxxxxxxxxxxxx> Date: Tue Sep 15 16:46:59 2015 +0530 net: avoid infinite loop when receiving packets(CVE-2015-5278) Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152) bytes to process network packets. While receiving packets via ne2000_receive() routine, a local 'index' variable could exceed the ring buffer size, leading to an infinite loop situation. Reported-by: Qinghao Tang <luodalongde@xxxxxxxxx> Signed-off-by: P J P <pjp@xxxxxxxxxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 9bbdbc66e5765068dce76e9269dce4547afd8ad4 Author: P J P <pjp@xxxxxxxxxxxxxxxxx> Date: Tue Sep 15 16:40:49 2015 +0530 net: add checks to validate ring buffer pointers(CVE-2015-5279) Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152) bytes to process network packets. While receiving packets via ne2000_receive() routine, a local 'index' variable could exceed the ring buffer size, which could lead to a memory buffer overflow. Added other checks at initialisation. Reported-by: Qinghao Tang <luodalongde@xxxxxxxxx> Signed-off-by: P J P <pjp@xxxxxxxxxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b947ac2bf26479e710489739c465c8af336599e7 Author: P J P <pjp@xxxxxxxxxxxxxxxxx> Date: Fri Sep 4 17:21:06 2015 +0100 e1000: Avoid infinite loop in processing transmit descriptor (CVE-2015-6815) While processing transmit descriptors, it could lead to an infinite loop if 'bytes' was to become zero; Add a check to avoid it. [The guest can force 'bytes' to 0 by setting the hdr_len and mss descriptor fields to 0. --Stefan] Signed-off-by: P J P <pjp@xxxxxxxxxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Message-id: 1441383666-6590-1-git-send-email-stefanha@xxxxxxxxxx commit 2cb5d2a47c655331bcf0ab16bab8fe4701182c58 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Thu Sep 10 18:19:32 2015 +0300 gtk: use setlocale() for LC_MESSAGES only The QEMU code is not internationalized and assumes that it runs under the C locale, but if we use the GTK+ UI we'll end up importing the locale settings from the environment. This can break things, such as the JSON generator and iotest 120 in locales that use a decimal comma. We do however have translations for a few simple strings for the GTK+ menu items, so in order to run QEMU using the C locale, and yet have a translated UI let's use setlocale() for LC_MESSAGES only. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 78aee081122837cb488b12657a00deeb676b4730 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 9 10:14:54 2015 +0200 gtk: don't grab input when entering fullscreen. Kick off all grabbing logic from fullscreen mode. In the current state it seems to create more problems than it solves. Try running qemu/gtk fullscreen on one head of a multihead host for example ... There probably was a reason the grab-on-fullscreen logic was added in the first place. So please test and report any issues so we can try to find a sane way to handle it. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 1d73cd782fb910811a2e6b9d9b3375c4803d731c Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 9 10:34:41 2015 +0200 gtk: set free_scale when setting zoom_fit free_scale field tracks zoom-fit menu toggle state, so we should keep them in sync ... Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit d531deef119666d4b3605e186a43010782efd899 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 9 10:12:20 2015 +0200 gtk: trace input grab reason Add a reason to grab calls and trace points, so it is easier to debug grab related ui issues. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 695cc59d42f2e285abd5cf278bdc07360a995eaa Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 9 10:03:59 2015 +0200 gtk: move gd_update_caption calls to gd_{grab,ungrab}_{pointer,keyboard} Then we don't have to pair the grab/ungrab calls with update_caption calls any more because things happen automatically ;) Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit aa4f4058ba8cde200e62ef3dafc4e1595f6033e9 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 9 09:57:01 2015 +0200 gtk: check for existing grabs in gd_grab_{pointer,keyboard} If a grab is already active for our window, do nothing. If a grab is already active for another window, release it. Cleanup some checks and ungrab calls in the code which are not needed any more. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit b124533e069a6624316da2096d170b0bd9197d86 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Sep 2 11:35:52 2015 +0100 tests: remove repetition in unit test object deps Most of the unit tests have identical sets of object deps. For example all block unit tests need to depend on $(block-obj-y) libqemuutil.a libqemustub.a Currently each unit test repeats this list of test deps. This list of deps will grow as future patches add more modules to the build, so define some common variables that can be used by all unit tests to remove the repetition. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 351d36e454cddc67a1675740916636a7ccbf1c4b Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Aug 26 14:21:20 2015 +0100 qapi: allow override of default enum prefix naming The camel_to_upper() method applies some heuristics to turn a mixed case type name into an all-uppercase name. This is used for example, to generate enum constant name prefixes. The heuristics don't also generate a satisfactory name though. eg { 'enum': 'QCryptoTLSCredsEndpoint', 'data': ['client', 'server']} Results in Q_CRYPTOTLS_CREDS_ENDPOINT_CLIENT. This has an undesirable _ after the initial Q and is missing an _ between the CRYPTO & TLS strings. Rather than try to add more and more heuristics to try to cope with this, simply allow the QAPI schema to specify the desired enum constant prefix explicitly. eg { 'enum': 'QCryptoTLSCredsEndpoint', 'prefix': 'QCRYPTO_TLS_CREDS_ENDPOINT', 'data': ['client', 'server']} Now gives the QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT name. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 007e620a7576e4ce2ea6955541e87d8ae8ed32ae Merge: 2752e5b 2ac0152 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 14 18:51:09 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches (v2) # gpg: Signature made Mon 14 Sep 2015 15:56:54 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: (23 commits) qcow2: Make qcow2_alloc_bytes() more explicit vmdk: Fix next_cluster_sector for compressed write iotests: Add test for checking large image files qcow2: Make size_to_clusters() return uint64_t qemu-iotests: More qcow2 reopen tests qemu-iotests: Reopen qcow2 with lazy-refcounts change qcow2: Support updating driver-specific options in reopen qcow2: Make qcow2_update_options() suitable for transactions qcow2: Fix memory leak in qcow2_update_options() error path qcow2: Leave s unchanged on qcow2_update_options() failure qcow2: Move rest of option handling to qcow2_update_options() qcow2: Move qcow2_update_options() call up qcow2: Factor out qcow2_update_options() qcow2: Improve error message qemu-io: Add command 'reopen' qemu-io: Remove duplicate 'open' error message block: Allow specifying driver-specific options to reopen qcow2: Rename BDRVQcowState to BDRVQcow2State block: Drop bdrv_find_whitelisted_format() block: Drop drv parameter from bdrv_fill_options() ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2752e5bedb26fa0c7291f810f9f534b688b2f1d2 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Sep 7 17:45:55 2015 +0200 qapi: Fix cgen() for Python older than 2.7 A feature new in Python 2.7 crept into commit 77e703b: re.subn()'s fifth argument. Avoid that, use re.compile(). Reported-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Tested-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Message-id: 1441640755-23902-1-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a2aa09e18186801931763fbd40a751fa39971b18 Merge: 7e4804d 47d4be1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 14 16:13:16 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * Support for jemalloc * qemu_mutex_lock_iothread "No such process" fix * cutils: qemu_strto* wrappers * iohandler.c simplification * Many other fixes and misc patches. And some MTTCG work (with Emilio's fixes squashed): * Signal-free TCG kick * Removing spinlock in favor of QemuMutex * User-mode emulation multi-threading fixes/docs # gpg: Signature made Thu 10 Sep 2015 09:03:07 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" * remotes/bonzini/tags/for-upstream: (44 commits) cutils: work around platform differences in strto{l,ul,ll,ull} cpu-exec: fix lock hierarchy for user-mode emulation exec: make mmap_lock/mmap_unlock globally available tcg: comment on which functions have to be called with mmap_lock held tcg: add memory barriers in page_find_alloc accesses remove unused spinlock. replace spinlock by QemuMutex. cpus: remove tcg_halt_cond and tcg_cpu_thread globals cpus: protect work list with work_mutex scripts/dump-guest-memory.py: fix after RAMBlock change configure: Add support for jemalloc add macro file for coccinelle configure: factor out adding disas configure vhost-scsi: fix wrong vhost-scsi firmware path checkpatch: remove tests that are not relevant outside the kernel checkpatch: adapt some tests to QEMU CODING_STYLE: update mixed declaration rules qmp: Add example usage of strto*l() qemu wrapper cutils: Add qemu_strtoull() wrapper cutils: Add qemu_strtoll() wrapper ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2ac01520be8717f3492b10a083c3e0e22cb52cda Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Fri Sep 11 18:47:51 2015 +0200 qcow2: Make qcow2_alloc_bytes() more explicit In case of -EAGAIN returned by update_refcount(), we should discard the cluster offset we were trying to allocate and request a new one, because in theory that old offset might now be taken by a refcount block. In practice, this was not the case due to update_refcount() generally returning strictly monotonic increasing cluster offsets. However, this behavior is not set in stone, and it is also not obvious when looking at qcow2_alloc_bytes() alone, so we should not rely on it. Reported-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 3efffc3292d94271a15b1606b4a56adf6c6f04ed Author: Radoslav Gerganov <rgerganov@xxxxxxxxxx> Date: Thu Sep 10 10:53:14 2015 +0300 vmdk: Fix next_cluster_sector for compressed write When the VMDK is streamOptimized (or compressed), the next_cluster_sector must not be incremented by a fixed number of sectors. Instead of this, it must be rounded up to the next consecutive sector. Fixing this results in much smaller compressed images. Signed-off-by: Radoslav Gerganov <rgerganov@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 097b500c2dff7addfcd5f4c8a111f6bfd0cb3977 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Sep 9 18:09:47 2015 +0200 iotests: Add test for checking large image files Add a test for checking a qcow2 file with a multiple of 2^32 clusters. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b6d36def6d9e9fd187327182d0abafc9b7085d8f Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Sep 14 16:39:47 2015 +0200 qcow2: Make size_to_clusters() return uint64_t Sadly, some images may have more clusters than what can be represented using a plain int. We should be prepared for that case (in qcow2_check_refcounts() we actually were trying to catch that case, but since size_to_clusters() truncated the returned value, that check never did anything useful). Cc: qemu-stable <qemu-stable@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 231f66d2a3401473778c70a75d5f670765ab6d91 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Fri Sep 4 19:13:14 2015 +0200 qemu-iotests: More qcow2 reopen tests Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit e615053b1bd3e108a73958a54e3d0c5b965e15d3 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Fri Sep 4 18:26:09 2015 +0200 qemu-iotests: Reopen qcow2 with lazy-refcounts change Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 5b0959a7d432062dcd740f8065004285b15695fa Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 16 13:42:27 2015 +0200 qcow2: Support updating driver-specific options in reopen For updating the cache sizes, disabling lazy refcounts and updating the clean_cache_timer there is a bit more to do than just changing the variables, but otherwise we're all set for changing options during bdrv_reopen(). Just implement the missing pieces and hook the functions up in bdrv_reopen(). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit ee55b17304d998ddf9c792496110da0cca37aac5 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 16 16:16:02 2015 +0200 qcow2: Make qcow2_update_options() suitable for transactions Before we can allow updating options at runtime with bdrv_reopen(), we need to split the function into prepare/commit/abort parts. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit c1344ded70cf7d471aeb6fc08134997414631811 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Fri Apr 17 16:35:50 2015 +0200 qcow2: Fix memory leak in qcow2_update_options() error path Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 007dbc396cfc613d72ecea7744fe7398b300aa7d Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 16 13:11:39 2015 +0200 qcow2: Leave s unchanged on qcow2_update_options() failure On return, either all new options should be applied to BDRVQcowState (on success), or all of the old settings should be preserved (on failure). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 94edf3fbe8277284ad7d33de632839c7b93414a9 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 16 11:44:26 2015 +0200 qcow2: Move rest of option handling to qcow2_update_options() With this commit, the handling of driver-specific options in qcow2_open() is completely separated out into qcow2_update_options(). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 90efa0eaef2d1bbd161db6fd7a74d8e5a00d35a8 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 16 11:36:10 2015 +0200 qcow2: Move qcow2_update_options() call up qcow2_update_options() only updates some variables in BDRVQcowState and doesn't really depend on other parts of it being initialised yet, so it can be moved so that it immediately follows the other half of option handling code in qcow2_open(). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 4c75d1a157a6a0a6163c31f775b5e8ee5dd29f11 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 16 11:29:27 2015 +0200 qcow2: Factor out qcow2_update_options() Eventually we want to be able to change options at runtime. As a first step towards that goal, separate some option handling code from the general initialisation code in qcow2_open(). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit f113ae839ec9d6d25169bfa521a1affb999201c2 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed May 13 11:07:07 2015 +0200 qcow2: Improve error message Eric says that "any" sounds better than "either", and my non-native feeling says the same, so let's change it. Suggested-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 5bbd2e595e542ef6e5c76537e2bbad06192f72f4 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Dec 8 17:37:28 2014 +0100 qemu-io: Add command 'reopen' Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit ff7cfd7d926eca40abeb9a1440829dc83facf54a Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed May 13 10:39:13 2015 +0200 qemu-io: Remove duplicate 'open' error message qemu_opts_parse_noisily() already prints an error message with the exact reason why the parsing failed. No need to add another less specific one. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 4d2cb0925176f3eb75ef8e5f9c02cc84d7930de2 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Fri Apr 10 17:50:50 2015 +0200 block: Allow specifying driver-specific options to reopen Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit ff99129ab89a532f0ca0a0b89b9aa004c09d9b9d Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Sep 7 17:12:56 2015 +0200 qcow2: Rename BDRVQcowState to BDRVQcow2State BDRVQcowState is already used by qcow1, and gdb is always confused which one to use. Rename the qcow2 one so they can be distinguished. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> commit cf25ff850f0b5d44cb79daea88daaf24ce7e4c44 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Aug 26 19:47:52 2015 +0200 block: Drop bdrv_find_whitelisted_format() It is unused by now, so we can drop it. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 053e1578c9fa6a58e50e44de689f288063c77dbe Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Aug 26 19:47:51 2015 +0200 block: Drop drv parameter from bdrv_fill_options() Now that this parameter is effectively unused, we can drop it and change the function accordingly. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ce343771243a656b420c7a1b4099130f4a35bd5e Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Aug 26 19:47:50 2015 +0200 block: Drop drv parameter from bdrv_open_inherit() Now that this parameter is effectively unused, we can drop it and just pass NULL to bdrv_fill_options(). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 6ebf9aa2ef7f3e094d91ea27140dc6e73774386a Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Aug 26 19:47:49 2015 +0200 block: Drop drv parameter from bdrv_open() Now that this parameter is effectively unused, we can drop it and just pass NULL on to bdrv_open_inherit(). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e6641719fed794be8e0c48a69761528ae6c95ed9 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Aug 26 19:47:48 2015 +0200 block: Always pass NULL as drv for bdrv_open() Change all callers of bdrv_open() to pass the driver name in the options QDict instead of passing its BlockDriver pointer. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7e4804dafd4689312ef1172b549927a973bb5414 Merge: 2b750d9 f0d574d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 14 14:57:50 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150914' into staging target-arm queue: * fix GIC region size in xlnx-zynqmp * xlnx-zynqmp: Remove unnecessary brackets * improve A64 generated TCG code * add GPIO devices to i.MX25 and i.MX31 * more missing pieces for EL2 support # gpg: Signature made Mon 14 Sep 2015 14:51:12 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150914: (24 commits) target-arm: Add VMPIDR_EL2 target-arm: Break out mpidr_read_val() target-arm: Add VPIDR_EL2 target-arm: Suppress EPD for S2, EL2 and EL3 translations target-arm: Suppress TBI for S2 translations target-arm: Add VTTBR_EL2 target-arm: Add VTCR_EL2 hw/cpu/{a15mpcore, a9mpcore}: Handle missing has_el3 CPU props gracefully i.MX: Add GPIO devices to i.MX25 SOC i.MX: Add GPIO devices to i.MX31 SOC i.MX: Add GPIO device target-arm: Use tcg_gen_extrh_i64_i32 target-arm: Recognize ROR target-arm: Eliminate unnecessary zero-extend in disas_bitfield target-arm: Recognize UXTB, UXTH, LSR, LSL target-arm: Recognize SXTB, SXTH, SXTW, ASR target-arm: Implement fcsel with movcond target-arm: Implement ccmp branchless target-arm: Use setcond and movcond for csel target-arm: Handle always condition codes within arm_test_cc ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f0d574d63f4603ec431f16ad535a555bf7548b94 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Sep 14 14:39:51 2015 +0100 target-arm: Add VMPIDR_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1442135278-25281-9-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 06a7e6477c129ceaa72bd400cf281d44c456be43 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Sep 14 14:39:51 2015 +0100 target-arm: Break out mpidr_read_val() Break out mpidr_read_val() to allow future sharing of the code that conditionally sets the M and U bits of MPIDR. No functional changes. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1442135278-25281-8-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 731de9e60074620aa7d565f01f989adacd493514 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Sep 14 14:39:50 2015 +0100 target-arm: Add VPIDR_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1442135278-25281-7-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0c5fbf3b4c1e5210354de71a3dc2ebc8c8a01f31 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Sep 14 14:39:50 2015 +0100 target-arm: Suppress EPD for S2, EL2 and EL3 translations Stage-2 translations, EL2 and EL3 regimes don't have the EPD control. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1442135278-25281-6-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1edee4708a0e3163cbf20fac325be456abd960bb Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Sep 14 14:39:50 2015 +0100 target-arm: Suppress TBI for S2 translations Stage-2 MMU translations do not have configurable TBI as the top byte is always 0 (48-bit IPAs). Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1442135278-25281-5-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b698e9cfd282b228b36d426b75facb83e07a1072 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Sep 14 14:39:50 2015 +0100 target-arm: Add VTTBR_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1442135278-25281-4-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 68e9c2fe65bca7fc1bdc2411923333c3e87544a3 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Sep 14 14:39:50 2015 +0100 target-arm: Add VTCR_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1442135278-25281-3-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> [PMM: fixed typo in comment] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6533a1fcc2efa08570aa6d85851638783dddf2c6 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Sep 14 14:39:49 2015 +0100 hw/cpu/{a15mpcore, a9mpcore}: Handle missing has_el3 CPU props gracefully Handle missing CPU support for EL3 gracefully. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1442135278-25281-2-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6abc7158cb62e559ce7b3a99e116e3ec051a0c45 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 14 14:39:49 2015 +0100 i.MX: Add GPIO devices to i.MX25 SOC Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 2eb129ba8713aedfe877eaa3d8de80061d880fbb.1441828793.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dde0c4ca6b849eb5c376f255767c019bb45a1d57 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 14 14:39:49 2015 +0100 i.MX: Add GPIO devices to i.MX31 SOC Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 60b67c9a8b948159f4b4163ead86fbf701c011c6.1441828793.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f4427280977902273f98280b2572d88b6ed53144 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 14 14:39:49 2015 +0100 i.MX: Add GPIO device Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 5ea3b0021e47cf7f7d883a7edbabee44980f3df7.1441828793.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7cb36e18b2f1c1f971ebdc2121de22a8c2e94fd6 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:49 2015 +0100 target-arm: Use tcg_gen_extrh_i64_i32 Usually, eliminate an operation from the translator by combining a shift with an extract. In the case of gen_set_NZ64, we don't need a boolean value for cpu_ZF, merely a non-zero value. Given that we can extract both halves of a 64-bit input in one call, this simplifies the code. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-12-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8fb0ad8e16ab3d03433244a1a03e1df757342ad8 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:49 2015 +0100 target-arm: Recognize ROR Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-11-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d3a77b42decd0cbfa62a5526e67d1d6d380c83a9 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:48 2015 +0100 target-arm: Eliminate unnecessary zero-extend in disas_bitfield For !SF, this initial ext32u can't be optimized away by the current TCG code generator. (It would require backward bit liveness propagation.) But since the range of bits for !SF are already constrained by unallocated_encoding, we'll never reference the high bits anyway. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-10-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9924e85829fe21b5f38a5d267c9aea44c5d478ac Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:48 2015 +0100 target-arm: Recognize UXTB, UXTH, LSR, LSL These are all special case aliases of UBFM. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-9-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ef60151bee9a95e3a5cc98b345a19ed7eb435ddb Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:48 2015 +0100 target-arm: Recognize SXTB, SXTH, SXTW, ASR These are all special case aliases of SBFM. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-8-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6e061029d74455d83f6fa070ac33de7a356cf60d Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:48 2015 +0100 target-arm: Implement fcsel with movcond Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-7-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7dd03d773e0dafae9271318fc8d6b2b14de74403 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:48 2015 +0100 target-arm: Implement ccmp branchless This can allow much of a ccmp to be elided when particular flags are subsequently dead. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-6-git-send-email-rth@xxxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 259cb68491ab36427e7e5d820fe543d53b006ec6 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:47 2015 +0100 target-arm: Use setcond and movcond for csel Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-5-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9305eac09e61d857c9cc11e20db754dfc25a82db Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:47 2015 +0100 target-arm: Handle always condition codes within arm_test_cc Handling this with TCG_COND_ALWAYS will allow these unlikely cases to be handled without special cases in the rest of the translator. The TCG optimizer ought to be able to reduce these ALWAYS conditions completely. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-4-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6c2c63d3a02c79e9035ca0370cc549d0f938a4dd Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:47 2015 +0100 target-arm: Introduce DisasCompare Split arm_gen_test_cc into 3 functions, so that it can be reused for non-branch TCG comparisons. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-3-git-send-email-rth@xxxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 78bcaa3e37afbd0c5316634f917c13487384b6ca Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:47 2015 +0100 target-arm: Share all common TCG temporaries This is a bug fix for aarch64. At present, we have branches using the 32-bit (translate.c) versions of cpu_[NZCV]F, but we set the flags using the 64-bit (translate-a64.c) versions of cpu_[NZCV]F. From the view of the TCG code generator, these are unrelated variables. The bug is hard to see because we currently only read these variables from branches, and upon reaching a branch TCG will first spill live variables and then reload the arguments of the branch. Since the 32-bit versions were never live until reaching the branch, we'd re-read the data that had just been spilled from the 64-bit versions. There is currently no such problem with the cpu_exclusive_* variables, but there's no point in tempting fate. Cc: qemu-stable@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-2-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 24cfc8dc583db57303137fd41f9f42806ea315a0 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Mon Sep 14 14:39:47 2015 +0100 xlnx-zynqmp: Remove unnecessary brackets around error messages The errp and err variable have unnecessary brackets around them, so remove the brackets. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 9900393572b63f2ec3d68785ca98193d81e0ac71.1441758563.git.alistair.francis@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 52c16b458ab2f8766867bc5fc099b0a604a36f77 Author: Nathan Rossi <nathan@xxxxxxxxxxxxxxx> Date: Mon Sep 14 14:39:47 2015 +0100 arm: xlnx-zynqmp: Fix up GIC region size The GIC in ZynqMP cover a 64K address space, however the actual registers are decoded within a 4K address space and mirrored at the 4K boundaries. This change fixes the defined size for these regions as it was set to 0x4000/16K incorrectly. Signed-off-by: Nathan Rossi <nathan@xxxxxxxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1441719672-25296-1-git-send-email-nathan@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2b750d9d261bda7f75b39dfc1e1e5f22502929d5 Merge: 8f6e82e cdd14a8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 14 10:46:38 2015 +0100 Merge remote-tracking branch 'remotes/aurel/tags/pull-sh4-next-20150913' into staging sh4-next: - TCG optimizations - fix initramfs endianness issue # gpg: Signature made Sun 13 Sep 2015 22:16:12 BST using RSA key ID 1DDD8C9B # gpg: Good signature from "Aurelien Jarno <aurelien@xxxxxxxxxxx>" # gpg: aka "Aurelien Jarno <aurelien@xxxxxxxx>" # gpg: aka "Aurelien Jarno <aurel32@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 7746 2642 A9EF 94FD 0F77 196D BA9C 7806 1DDD 8C9B * remotes/aurel/tags/pull-sh4-next-20150913: sh4: Fix initramfs initialization for endiannes-mismatched targets target-sh4: improve shad instruction target-sh4: improve shld instruction target-sh4: improve cmp/str instruction target-sh4: use deposit in swap.b instruction target-sh4: add flags markups for FP helpers Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cdd14a8cf25c34ff8d0777530e8d16565f6bf7a1 Author: Guenter Roeck <linux@xxxxxxxxxxxx> Date: Wed Aug 12 07:20:36 2015 -0700 sh4: Fix initramfs initialization for endiannes-mismatched targets If host and target endianness does not match, loding an initramfs does not work. Fix by writing boot parameters with appropriate endianness conversion. Signed-off-by: Guenter Roeck <linux@xxxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit be654c83608eaba199ed45444debf2dd46a88fe6 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Jul 5 22:39:03 2015 +0200 target-sh4: improve shad instruction The SH4 shad instruction can shift in both direction, depending on the sign of the shift. This is currently implemented using branches, which is not really efficient and prevents the optimizer to do its job. In practice it is often used with a constant loaded in a register just before. Simplify the implementation by computing both the value shifted to the left and to the right, and then selecting the correct one with a movcond. As with a negative value the shift amount can go up to 32 which is undefined, we shift the value in two steps. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 577601616dea10db10a716de1be448f8564076f4 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Jul 5 22:37:18 2015 +0200 target-sh4: improve shld instruction The SH4 shld instruction can shift in both direction, depending on the sign of the shift. This is currently implemented using branches, which is not really efficient and prevents the optimizer to do its job. In practice it is often used with a constant loaded in a register just before. Simplify the implementation by computing both the value shifted to the left and to the right, and then selecting the correct one with a movcond. As with a negative value the shift amount can go up to 32 which is undefined, we shift the value in two steps. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit eb6ca2b4a69325e95526bc0f2897791df04e44dc Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Jul 5 18:50:09 2015 +0200 target-sh4: improve cmp/str instruction Instead of testing bytes one by one, we can use the following trick from https://graphics.stanford.edu/~seander/bithacks.html: haszero(v) = (v - 0x01010101) & ~v & 0x80808080 The subexpression v - 0x01010101, evaluates to a high bit set in any byte whenever the corresponding byte in v is zero or greater than 0x80. The sub-expression ~v & 0x80808080 evaluates to high bits set in bytes where the byte of v doesn't have its high bit set (so the byte was less than 0x80). Finally, by ANDing these two sub-expressions the result is the high bits set where the bytes in v were zero, since the high bits set due to a value greater than 0x80 in the first sub-expression are masked off by the second. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 218fd7301f88df440da3e16b9cfca000cd2fe111 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Jul 5 17:05:08 2015 +0200 target-sh4: use deposit in swap.b instruction Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 7f6bdc431a5c567fca0130d79c8b14f531a0eb14 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 17 12:53:13 2015 +0200 target-sh4: add flags markups for FP helpers Most floating point helpers can trigger an exception, but don't change the globals. Mark these helpers as TCG_CALL_NO_WG. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 8f6e82e4ecec9bc2726725275a138bc30f3ffc81 Merge: 30c38c9 1c3c8af Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 11 18:01:56 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150911' into staging queued tcg related patches # gpg: Signature made Fri 11 Sep 2015 16:17:00 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20150911: cpu-exec: introduce loop exit with restore function softmmu: remove now unused functions softmmu: add helper function to pass through retaddr tlb: Add "ifetch" argument to cpu_mmu_index() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 30c38c90bd3f1bb105ebc069ac1821067c980b7c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 14 18:46:32 2015 +0100 scripts/qemu-gdb: Add brief comment describing usage Add a brief comment describing how to use the debug support from GDB. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1439574392-4403-5-git-send-email-peter.maydell@xxxxxxxxxx commit 5e3c72d41e6909450e32f0b99545748cc25e9597 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 14 18:46:31 2015 +0100 scripts/qemu-gdb: Silently pass through SIGUSR1 SIGUSR1 is QEMU's IPI signal, and it gets sent a lot, so is best silently passed through to the guest without stopping. Make qemu-gdb.py do this bit of configuration for the user. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1439574392-4403-4-git-send-email-peter.maydell@xxxxxxxxxx commit 191590f09dcbd26822a8bc67628cbd341dd5c07f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 14 18:46:30 2015 +0100 scripts/qemu-gdb: Split CoroutineCommand into its own file Split the implementation of CoroutineCommand into its own file. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1439574392-4403-3-git-send-email-peter.maydell@xxxxxxxxxx commit 93b1b365dc06ff7c69d3131d68c083f824db5311 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 14 18:46:29 2015 +0100 scripts/qemu-gdb: Split MtreeCommand into its own module As we add more commands to our Python gdb debugging support, it's going to get unwieldy to have everything in a single file. Split the implementation of the 'mtree' command from qemu-gdb.py into its own module. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1439574392-4403-2-git-send-email-peter.maydell@xxxxxxxxxx commit 1c3c8af1fb40a481c07749e0448644d9b7700415 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:57:02 2015 +0300 cpu-exec: introduce loop exit with restore function This patch introduces loop exit function, which also restores guest CPU state according to the value of host program counter. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150710095702.13280.97477.stgit@PASHA-ISP> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit b8611499b940b1b4db67aa985e3a844437bcbf00 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:56:56 2015 +0300 softmmu: remove now unused functions Now that the cpu_ld/st_* function directly call helper_ret_ld/st, we can drop the old helper_ld/st functions. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150710095656.13280.7085.stgit@PASHA-ISP> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 282dffc8a4bfe8724548cabb8a26698bde0a6e18 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:56:50 2015 +0300 softmmu: add helper function to pass through retaddr This patch introduces several helpers to pass return address which points to the TB. Correct return address allows correct restoring of the guest PC and icount. These functions should be used when helpers embedded into TB invoke memory operations. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150710095650.13280.32255.stgit@PASHA-ISP> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 97ed5ccdee95f0b98bedc601ff979e368583472c Author: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Date: Mon Aug 17 17:34:10 2015 +1000 tlb: Add "ifetch" argument to cpu_mmu_index() This is set to true when the index is for an instruction fetch translation. The core get_page_addr_code() sets it, as do the SOFTMMU_CODE_ACCESS acessors. All targets ignore it for now, and all other callers pass "false". This will allow targets who wish to split the mmu index between instruction and data accesses to do so. A subsequent patch will do just that for PowerPC. Signed-off-by: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Message-Id: <1439796853-4410-2-git-send-email-benh@xxxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit ba9cef7b6e487a5a8969db81d09b8eec8a2b50c6 Merge: 7b9c09f af5b83d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 11 12:07:29 2015 +0100 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-09-11' into staging trivial patches for 2015-09-11 # gpg: Signature made Fri 11 Sep 2015 12:02:43 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-09-11: (26 commits) virtio-vga: enable for i386 hw/arm/spitz: Remove meaningless blank Property hw/gpio/zaurus: Remove meaningless blank Property hw/virtio/virtio-pci: Remove meaningless blank Property hw/s390x/s390-virtio-bus: Remove meaningless blank Property typofixes - v4 qapi-schema: remove legacy<> from doc disas/microblaze: Remove unused code help: dd missing newline Target-ppc: Remove unnecessary variable baum: Fix build with debugging enabled linux-user: Fix warnings caused by missing 'static' attribute opts: produce valid command line in qemu_opts_print docs: fix a qga/qapi-schema.json comment trivial: remove trailing newline from error_report maint: avoid useless "if (foo) free(foo)" pattern maint: avoid useless "if (foo) free(foo)" pattern maint: remove unused include for strings.h maint: remove unused include for signal.h maint: remove unused include for dirent.h ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit af5b83d7d5297f8bdfd3353a420c120c4fd5adfd Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Mon Jul 13 13:58:46 2015 +0200 virtio-vga: enable for i386 This one just syncs x86_64 and i386. Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: qemu-trivial@xxxxxxxxxx Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a3c088a72c70401fd4d1342173dd971c2fce5e4d Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue May 12 10:25:20 2015 +0800 hw/arm/spitz: Remove meaningless blank Property Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit c11b05836ead1e6354aa31857d31c0d908e7e08c Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue May 12 10:25:19 2015 +0800 hw/gpio/zaurus: Remove meaningless blank Property Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 6328d69de09243929d90665eb6a6e0c96c4d06fc Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue May 12 10:25:18 2015 +0800 hw/virtio/virtio-pci: Remove meaningless blank Property Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 01630e24b0993adb4874b5416e897646c964bb8f Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue May 12 10:25:16 2015 +0800 hw/s390x/s390-virtio-bus: Remove meaningless blank Property Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 67cc32ebfd8c0ee3fcdb26780a8991baf5eb1d45 Author: Veres Lajos <vlajos@xxxxxxxxx> Date: Tue Sep 8 22:45:14 2015 +0100 typofixes - v4 Signed-off-by: Veres Lajos <vlajos@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 33b23b4b5e15923acaf315b01a535c15b239483b Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Sep 4 21:41:01 2015 +0200 qapi-schema: remove legacy<> from doc The legacy<> type is no longer used since 7ce7ffe02. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 76621d1faa25405ab13cfe73890f9069b2890ed4 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Sat Aug 29 09:44:33 2015 +0200 disas/microblaze: Remove unused code Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 2382053f1deea2a2b49cf15571be7b542bec5fcf Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Fri Sep 4 21:30:04 2015 +0200 help: dd missing newline Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 74c373e42f3dccae3b3b1e91a82ab8f748a39a6f Author: Shraddha Barke <shraddha.6596@xxxxxxxxx> Date: Sat Sep 5 00:50:28 2015 +0530 Target-ppc: Remove unnecessary variable Compress lines and remove the variable ret. Change made using Coccinelle script @@ expression ret; @@ - if (ret) return ret; - return 0; + return ret; @@ local idexpression ret; expression e; @@ - ret = e; - return ret; + return e; @@ type T; identifier i; @@ - T i; ... when != i Signed-off-by: Shraddha Barke <shraddha.6596@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 70cbae1dd85c9b4bb7c42bb282baacaaed0dd9bd Author: Samuel Thibault <samuel.thibault@xxxxxxx> Date: Sun Aug 30 17:12:13 2015 +0200 baum: Fix build with debugging enabled cur and buf are pointers, so the difference is a ptrdiff_t Signed-off-by: Samuel Thibault <samuel.thibault@xxxxxxxxxxxx> Reviewed-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 8cb76755615326dd824ee3c7f3588afcd17acb28 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Sat Aug 29 09:29:52 2015 +0200 linux-user: Fix warnings caused by missing 'static' attribute Warnings from the Sparse static analysis tool: linux-user/main.c:40:12: warning: symbol 'filename' was not declared. Should it be static? linux-user/main.c:41:12: warning: symbol 'argv0' was not declared. Should it be static? linux-user/main.c:42:5: warning: symbol 'gdbstub_port' was not declared. Should it be static? linux-user/main.c:43:11: warning: symbol 'envlist' was not declared. Should it be static? Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit fe646693acc13ac48b98435d14149ab04dc597bc Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Tue Jul 7 16:42:10 2015 +0200 opts: produce valid command line in qemu_opts_print This will let us print options in a format that the user would actually write it on the command line (foo=bar,baz=asd,etc=def), without prepending a spurious comma at the beginning of the list, or quoting values unnecessarily. This patch provides the following changes: * write and id=, if the option has an id * do not print separator before the first element * do not quote string arguments * properly escape commas (,) for QEMU Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 71e0e067b2bef8823c389c3705a8bcbb2bb12429 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 12:48:35 2015 +0200 docs: fix a qga/qapi-schema.json comment For consistency with the rest of the comment blocks. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 594fd21102aa7b7dce1509b31944d10836108c6b Author: John Snow <jsnow@xxxxxxxxxx> Date: Mon Jun 29 16:56:26 2015 -0400 trivial: remove trailing newline from error_report Minor cleanup. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 012aef073461fd24a901d7a8742532093b7f6ae5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Aug 26 14:02:53 2015 +0200 maint: avoid useless "if (foo) free(foo)" pattern My Coccinelle semantic patch finds a few more, because it also fixes up the equally pointless conditional if (foo) { free(foo); foo = NULL; } Result (feel free to squash it into your patch): Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ef1e1e0782e99c9dcf2b35e5310cdd8ca9211374 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Aug 26 12:17:18 2015 +0100 maint: avoid useless "if (foo) free(foo)" pattern The free() and g_free() functions both happily accept NULL on any platform QEMU builds on. As such putting a conditional 'if (foo)' check before calls to 'free(foo)' merely serves to bloat the lines of code. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 4595a48a10e576638795950b61957f83d2ed09b4 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Aug 26 12:17:17 2015 +0100 maint: remove unused include for strings.h A number of files were including strings.h but not using any of the functions it provides Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 1618d2ae7f1728ea26fa38cb661253f134d389ed Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Aug 26 12:17:16 2015 +0100 maint: remove unused include for signal.h A number of files were including signal.h but not using any of the functions it provides Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit d7646f241c8efc17b4b86cc7a304472792f0cc74 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Aug 26 12:17:15 2015 +0100 maint: remove unused include for dirent.h A number of files were including dirent.h but not using any of the functions it provides Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 8abae4d31d92be2085fd66566585cba7699ad332 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Aug 26 12:17:14 2015 +0100 maint: remove unused include for assert.h A number of files were including assert.h but not using any of the functions it provides Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b6af097528caba5b23b79db3f1f1fd08fa4fa11e Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Aug 26 12:17:13 2015 +0100 maint: remove / fix many doubled words Many source files have doubled words (eg "the the", "to to", and so on). Most of these can simply be removed, but a couple were actual mis-spellings (eg "to to" instead of "to do"). There was even one triple word score "to to to" :-) Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a8f15a27752d855d339befd8de4f0ad1c4dbb0ab Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Aug 26 12:17:12 2015 +0100 maint: remove double semicolons in many files A number of source files have statements accidentally terminated by a double semicolon - eg 'foo = bar;;'. This is harmless but a mistake none the less. The tcg/ia64/tcg-target.c file is whitelisted because it has valid use of ';;' in a comment containing assembly code. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit fee562e9e41290a22623de83b673a8929ec5280d Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Tue Aug 4 10:27:31 2015 +0200 i6300esb: fix timer overflow We use muldiv64() to compute the time to wait: timeout = muldiv64(get_ticks_per_sec(), timeout, 33000000); but get_ticks_per_sec() is 10^9 (30 bit value) and timeout is a 35 bit value. Whereas muldiv64 is: uint64_t muldiv64(uint64_t a, uint32_t b, uint32_t c) So we loose 3 bits of timeout. Swapping get_ticks_per_sec() and timeout fixes it. We can also replace it by a multiplication by 30 ns, but this changes PCI clock frequency from 33MHz to 33.333333MHz and we need to do this on all the QEMU PCI devices (later...) Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 6883de6c9b647d5629ffe131ed5d97c06bb0db1a Author: Andrey Korolyov <andrey@xxxxxxx> Date: Fri Jul 31 22:12:54 2015 +0300 Trivial: fix commandline help message Fix obvious typo in printed help for qemu-nbd. Signed-off-by: Andrey Korolyov <andrey@xxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a23797efb14f4d8f093e3b68f8265c88e9ff1de6 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Thu Jul 30 07:46:43 2015 +0200 Update language files for QEMU 2.4.0 Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 7b9c09f7d486647784c605739d69b708a7249c9b Merge: fe55641 cae99f1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 10 18:25:52 2015 +0100 Merge remote-tracking branch 'remotes/sstabellini/tags/xen-2015-09-10-tag' into staging xen-2015-09-10 # gpg: Signature made Thu 10 Sep 2015 17:52:08 BST using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>" * remotes/sstabellini/tags/xen-2015-09-10-tag: (29 commits) xen/pt: Don't slurp wholesale the PCI configuration registers xen/pt: Check for return values for xen_host_pci_[get|set] in init xen/pt: Move bulk of xen_pt_unregister_device in its own routine. xen/pt: Make xen_pt_unregister_device idempotent xen/pt: Log xen_host_pci_get/set errors in MSI code. xen/pt: Log xen_host_pci_get in two init functions xen/pt: Remove XenPTReg->data field. xen/pt: Check if reg->init function sets the 'data' past the reg->size xen/pt: Sync up the dev.config and data values. xen/pt: Use xen_host_pci_get_[byte|word] instead of dev.config xen/pt: Use XEN_PT_LOG properly to guard against compiler warnings. xen/pt/msi: Add the register value when printing logging and error messages xen: use errno instead of rc for xc_domain_add_to_physmap xen/pt: xen_host_pci_config_read returns -errno, not -1 on failure xen/pt: Make xen_pt_msi_set_enable static xen/pt: Update comments with proper function name. xen/HVM: atomically access pointers in bufioreq handling xen-hvm: When using xc_domain_add_to_physmap also include errno when reporting xen, gfx passthrough: add opregion mapping xen, gfx passthrough: register host bridge specific to passthrough ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cae99f1d779a6e2c8721ce2dd80bafdbf0abe7a0 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Wed Jul 8 15:58:41 2015 -0400 xen/pt: Don't slurp wholesale the PCI configuration registers Instead we have the emulation registers ->init functions which consult the host values to see what the initial value should be and they are responsible for populating the dev.config. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 3d3697f2576424a2c0830a7b2e7c94c79dea9b50 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Thu Jul 2 14:33:44 2015 -0400 xen/pt: Check for return values for xen_host_pci_[get|set] in init and if we have failures we call xen_pt_destroy introduced in 'xen/pt: Move bulk of xen_pt_unregister_device in its own routine.' and free all of the allocated structures. Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit df6aa45752bf8145adcba9b077c346e9b758ebd1 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Tue Sep 8 16:21:59 2015 -0400 xen/pt: Move bulk of xen_pt_unregister_device in its own routine. This way we can call it if we fail during init. This code movement introduces no changes. Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit bce33948178e338eac2629284b199c0c1f05f8a3 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Tue Sep 8 16:21:29 2015 -0400 xen/pt: Make xen_pt_unregister_device idempotent To deal with xen_host_pci_[set|get]_ functions returning error values and clearing ourselves in the init function we should make the .exit (xen_pt_unregister_device) function be idempotent in case the generic code starts calling .exit (or for fun does it before calling .init!). Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit fe2da64c5ab882124aaf14c27d62409d02ff1786 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Wed Jun 24 17:27:40 2015 -0400 xen/pt: Log xen_host_pci_get/set errors in MSI code. We seem to only use these functions when de-activating the MSI - so just log errors. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit ea6c50f99de4b36a2c3e90dedabac46aef7992ac Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Wed Jun 24 17:18:26 2015 -0400 xen/pt: Log xen_host_pci_get in two init functions To help with troubleshooting in the field. Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit e2779de053b64f023de382fd87b3596613d47d1e Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Wed Jul 1 15:41:33 2015 -0400 xen/pt: Remove XenPTReg->data field. We do not want to have two entries to cache the guest configuration registers: XenPTReg->data and dev.config. Instead we want to use only the dev.config. To do without much complications we rip out the ->data field and replace it with an pointer to the dev.config. This way we have the type-checking (uint8_t, uint16_t, etc) and as well and pre-computed location. Alternatively we could compute the offset in dev.config by using the XenPTRRegInfo and XenPTRegGroup every time but this way we have the pre-computed values. This change also exposes some mis-use: - In 'xen_pt_status_reg_init' we used u32 for the Capabilities Pointer register, but said register is an an u16. - In 'xen_pt_msgdata_reg_write' we used u32 but should have only use u16. Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 5b4dd0f55ed3027557ed9a6fd89d5aa379122feb Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Mon Jun 29 16:41:14 2015 -0400 xen/pt: Check if reg->init function sets the 'data' past the reg->size It should never happen, but in case it does (an developer adds a new register and the 'init_val' expands past the register size) we want to report. The code will only write up to reg->size so there is no runtime danger of the register spilling across other ones - however to catch this sort of thing we still return an error. Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 2e87512eccf3c5e40f3142ff5a763f4f850839f4 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Mon Jun 29 16:24:40 2015 -0400 xen/pt: Sync up the dev.config and data values. For a passthrough device we maintain a state of emulated registers value contained within d->config. We also consult the host registers (and apply ro and write masks) whenever the guest access the registers. This is done in xen_pt_pci_write_config and xen_pt_pci_read_config. Also in this picture we call pci_default_write_config which updates the d->config and if the d->config[PCI_COMMAND] register has PCI_COMMAND_MEMORY (or PCI_COMMAND_IO) acts on those changes. On startup the d->config[PCI_COMMAND] are the host values, not what the guest initial values should be, which is exactly what we do _not_ want to do for 64-bit BARs when the guest just wants to read the size of the BAR. Huh you say? To get the size of 64-bit memory space BARs, the guest has to calculate ((BAR[x] & 0xFFFFFFF0) + ((BAR[x+1] & 0xFFFFFFFF) << 32)) which means it has to do two writes of ~0 to BARx and BARx+1. prior to this patch and with XSA120-addendum patch (Linux kernel) the PCI_COMMAND register is copied from the host it can have PCI_COMMAND_MEMORY bit set which means that QEMU will try to update the hypervisor's P2M with BARx+1 value to ~0 (0xffffffff) (to sync the guest state to host) instead of just having xen_pt_pci_write_config and xen_pt_bar_reg_write apply the proper masks and return the size to the guest. To thwart this, this patch syncs up the host values with the guest values taking into account the emu_mask (bit set means we emulate, PCI_COMMAND_MEMORY and PCI_COMMAND_IO are set). That is we copy the host values - masking out any bits which we will emulate. Then merge it with the initial emulation register values. Lastly this value is then copied both in dev.config _and_ XenPTReg->data field. There is also reg->size accounting taken into consideration that ends up being used in patch. xen/pt: Check if reg->init function sets the 'data' past the reg->size This fixes errors such as these: (XEN) memory_map:add: dom2 gfn=fffe0 mfn=fbce0 nr=20 (DEBUG) 189 pci dev 04:0 BAR16 wrote ~0. (DEBUG) 200 pci dev 04:0 BAR16 read 0x0fffe0004. (XEN) memory_map:remove: dom2 gfn=fffe0 mfn=fbce0 nr=20 (DEBUG) 204 pci dev 04:0 BAR16 wrote 0x0fffe0004. (DEBUG) 217 pci dev 04:0 BAR16 read upper 0x000000000. (XEN) memory_map:add: dom2 gfn=ffffffff00000 mfn=fbce0 nr=20 (XEN) p2m.c:883:d0v0 p2m_set_entry failed! mfn=ffffffffffffffff rc:-22 (XEN) memory_map:fail: dom2 gfn=ffffffff00000 mfn=fbce0 nr=20 ret:-22 (XEN) memory_map:remove: dom2 gfn=ffffffff00000 mfn=fbce0 nr=20 (XEN) p2m.c:920:d0v0 gfn_to_mfn failed! gfn=ffffffff00000 type:4 (XEN) p2m.c:920:d0v0 gfn_to_mfn failed! gfn=ffffffff00001 type:4 .. (XEN) memory_map: error -22 removing dom2 access to [fbce0,fbcff] (DEBUG) 222 pci dev 04:0 BAR16 read upper 0x0ffffffff. (XEN) memory_map:remove: dom2 gfn=ffffffff00000 mfn=fbce0 nr=20 (XEN) memory_map: error -22 removing dom2 access to [fbce0,fbcff] [The DEBUG is to illustate what the hvmloader was doing] Also we swap from xen_host_pci_long to using xen_host_pci_get_[byte,word,long]. Otherwise we get: xen_pt_config_reg_init: Offset 0x0004 mismatch! Emulated=0x0000, host=0x2300017, syncing to 0x2300014. xen_pt_config_reg_init: Error: Offset 0x0004:0x2300014 expands past register size(2)! which is not surprising. We read the value as an 32-bit (from host), then operate it as a 16-bit - and the remainder is left unchanged. We end up writing the value as 16-bit (so 0014) to dev.config (as we use proper xen_set_host_[byte,word,long] so we don't spill to other registers) but in XenPTReg->data it is as 32-bit (0x2300014)! It is harmless as the read/write functions end up using an size mask and never modify the bits past 16-bit (reg->size is 2). This patch fixes the warnings by reading the value using the proper size. Note that the check for size is still left in-case the developer sets bits past the reg->size in the ->init routines. The author tried to fiddle with QEMU_BUILD_BUG to make this work but failed. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Reported-by: Sander Eikelenboom <linux@xxxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 6aa07b1494d2725f24af097ca19c750ac25a7c11 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Mon Jun 29 14:01:13 2015 -0400 xen/pt: Use xen_host_pci_get_[byte|word] instead of dev.config During init time we treat the dev.config area as a cache of the host view. However during execution time we treat it as guest view (by the generic PCI API). We need to sync Xen's code to the generic PCI API view. This is the first step by replacing all of the code that uses dev.config or pci_get_[byte|word] to get host value to actually use the xen_host_pci_get_[byte|word] functions. Interestingly in 'xen_pt_ptr_reg_init' we also needed to swap reg_field from uint32_t to uint8_t - since the access is only for one byte not four bytes. We can split this as a seperate patch however we would have to use a cast to thwart compiler warnings in the meantime. We also truncated 'flags' to 'flag' to make the code fit within the 80 characters. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit fe556410cf09d6181a4e694c6db31562fdcfbeba Merge: fbf054c 1e9b65b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 10 14:51:35 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2015-09-10' into staging error: On abort, report where the error was created # gpg: Signature made Thu 10 Sep 2015 13:01:39 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-error-2015-09-10: error: On abort, report where the error was created error: Revamp interface documentation error: error_set_errno() is unused, drop qga/vss-win32: Document the DLL requires non-null errp qga: Clean up unnecessarily dirty casts error: Make error_setg() a function error: De-duplicate code creating Error objects Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 54fd08136e4ac8b88b88b15c397010e3b0de379f Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Mon Jun 29 16:06:19 2015 -0400 xen/pt: Use XEN_PT_LOG properly to guard against compiler warnings. If XEN_PT_LOGGING_ENABLED is enabled the XEN_PT_LOG macros start using the first argument. Which means if within the function there is only one user of the argument ('d') and XEN_PT_LOGGING_ENABLED is not set, we get compiler warnings. This is not the case now but with the "xen/pt: Use xen_host_pci_get_[byte|word] instead of dev.config" we will hit - so this sync up the function to the rest of them. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit faf5f56bf9f45ffc24a41fc8fc5ab76677aef688 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Mon Jun 29 12:30:37 2015 -0400 xen/pt/msi: Add the register value when printing logging and error messages We would like to know what the MSI register value is to help in troubleshooting in the field. As such modify the logging logic to include such details in xen_pt_msgctrl_reg_write. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 20a544c7dc2428e8816ed4a87af732884e885f2d Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Mon Jun 29 12:51:05 2015 -0400 xen: use errno instead of rc for xc_domain_add_to_physmap In Xen 4.6 commit cd2f100f0f61b3f333d52d1737dd73f02daee592 "libxc: Fix do_memory_op to return negative value on errors" made the libxc API less odd-ball: On errors, return value is -1 and error code is in errno. On success the return value is either 0 or an positive value. Since we could be running with an old toolstack in which the Exx value is in rc or the newer, we add an wrapper around the xc_domain_add_to_physmap (called xen_xc_domain_add_to_physmap) which will always return the EXX. Xen 4.6 did not change the libxc functions mentioned (same parameters) so we piggyback on the fact that Xen 4.6 has a new function: commit 504ed2053362381ac01b98db9313454488b7db40 "tools/libxc: Expose new hypercall xc_reserved_device_memory_map" and check for that. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Suggested-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 52c7265f602701751b55d437b347bd73debf9d91 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Mon Jun 29 13:58:17 2015 -0400 xen/pt: xen_host_pci_config_read returns -errno, not -1 on failure However the init routines assume that on errors the return code is -1 (as the libxc API is) - while those xen_host_* routines follow another paradigm - negative errno on return, 0 on success. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit cf8124f0078a7625fdf9836589210267817ae0ae Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Wed Jun 24 17:26:43 2015 -0400 xen/pt: Make xen_pt_msi_set_enable static As we do not use it outside our code. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit d3b9facba71ed45c9c1c09ca28eb5568a194b4de Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Wed Jun 24 17:16:01 2015 -0400 xen/pt: Update comments with proper function name. It has changed but the comments still refer to the old names. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit d8b441a3fbfd075c48ab2a519d779d926624ed79 Author: Jan Beulich <JBeulich@xxxxxxxx> Date: Fri Jul 24 03:38:28 2015 -0600 xen/HVM: atomically access pointers in bufioreq handling The number of slots per page being 511 (i.e. not a power of two) means that the (32-bit) read and write indexes going beyond 2^32 will likely disturb operation. The hypervisor side gets I/O req server creation extended so we can indicate that we're using suitable atomic accesses where needed, allowing it to atomically canonicalize both pointers when both have gone through at least one cycle. The Xen side counterpart (which is not a functional prereq to this change, albeit a build one) went in already (commit b7007bc6f9). Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit e763addd19e59dbd1986d4b0faae63dcb9a0f6aa Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Fri Mar 13 15:36:58 2015 -0400 xen-hvm: When using xc_domain_add_to_physmap also include errno when reporting .errors - as it will most likely have the proper error value. Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 5cec8aa38cc3b7c8cf9ce66abdda28b3598e2d88 Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:50 2015 +0800 xen, gfx passthrough: add opregion mapping The OpRegion shouldn't be mapped 1:1 because the address in the host can't be used in the guest directly. This patch traps read and write access to the opregion of the Intel GPU config space (offset 0xfc). The original patch is from Jean Guyader <jean.guyader@xxxxxxxxxxxxx> Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 998250e976613decf9e0da68b3922df330eac3f6 Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:49 2015 +0800 xen, gfx passthrough: register host bridge specific to passthrough Just register that pci host bridge specific to passthrough. Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit f37d630a69992822f2eb4a47a5a5fc6a54a6dd08 Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:48 2015 +0800 xen, gfx passthrough: register a isa bridge Currently we just register this isa bridge when we use IGD passthrough in Xen side. Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit bd8107d7301d3fa44f04aa435e06efb2226ca58c Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:47 2015 +0800 igd gfx passthrough: create a isa bridge Currently IGD drivers always need to access PCH by 1f.0. But we don't want to poke that directly to get ID, and although in real world different GPU should have different PCH. But actually the different PCH DIDs likely map to different PCH SKUs. We do the same thing for the GPU. For PCH, the different SKUs are going to be all the same silicon design and implementation, just different features turn on and off with fuses. The SW interfaces should be consistent across all SKUs in a given family (eg LPT). But just same features may not be supported. Most of these different PCH features probably don't matter to the Gfx driver, but obviously any difference in display port connections will so it should be fine with any PCH in case of passthrough. So currently use one PCH version, 0x8c4e, to cover all HSW(Haswell) scenarios, 0x9cc3 for BDW(Broadwell). Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 881213f1b9c5a8f4101405a5802d548cb62a4274 Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:46 2015 +0800 xen, gfx passthrough: retrieve VGA BIOS to work Now we retrieve VGA bios like kvm stuff in qemu but we need to fix Device Identification in case if its not matched with the real IGD device since Seabios is always trying to compare this ID to work out VGA BIOS. Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 798141799ccd5235a928b8fc0411d7d74e706489 Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:45 2015 +0800 xen, gfx passthrough: basic graphics passthrough support basic gfx passthrough support: - add a vga type for gfx passthrough - register/unregister legacy VGA I/O ports and MMIOs for passthrough GFX Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit bcd7461e7e84a65f1dfaa6af6e00aa498978d29d Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:44 2015 +0800 hw/pci-assign: split pci-assign.c We will try to reuse assign_dev_load_option_rom in xen side, and especially its a good beginning to unify pci assign codes both on kvm and xen in the future. [Fix build for Windows] Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 595a4f07d6bd18ba11c78b95d6a78089fee26eca Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:43 2015 +0800 piix: create host bridge to passthrough Implement a pci host bridge specific to passthrough. Actually this just inherits the standard one. And we also just expose a minimal real host bridge pci configuration subset. [Replace pread with lseek and read to fix Windows build] Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1e9b65bb1bad51735cab6c861c29b592dccabf0e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 19 19:21:59 2015 +0200 error: On abort, report where the error was created This is particularly useful when we abort in error_propagate(), because there the stack backtrace doesn't lead to where the error was created. Looks like this: Unexpected error in parse_block_error_action() at .../qemu/blockdev.c:322: qemu-system-x86_64: -drive if=none,werror=foo: 'foo' invalid write error action Aborted (core dumped) Note: to get this example output, I monkey-patched drive_new() to pass &error_abort to blockdev_init(). To keep the error handling boiler plate from growing even more, all error_setFOO() become macros expanding into error_setFOO_internal() with additional __FILE__, __LINE__, __func__ arguments. Not exactly pretty, but it works. The macro trickery breaks down when you take the address of an error_setFOO(). Fortunately, we do that in just one place: qemu-ga's Windows VSS provider and requester DLL wants to call error_setg_win32() through a function pointer "to avoid linking glib to the DLL". Use error_setg_win32_internal() there. The use of the function pointer is already wrapped in a macro, so the churn isn't bad. Code size increases by some 35KiB for me (0.7%). Tolerable. Could be less if we passed relative rather than absolute source file names to the compiler, or forwent reporting __func__. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit edf6f3b3358597d37da0cf636ce3ed8a546d0f26 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 19 18:29:24 2015 +0200 error: Revamp interface documentation Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 4463dcb85c9f992f0c4d93f2142c8d64dcc85c5c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 19 22:16:14 2015 +0200 error: error_set_errno() is unused, drop Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 08e64640357cd9517aa30fd49840f05f0f2ee3a4 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Sat Jun 20 09:33:56 2015 +0200 qga/vss-win32: Document the DLL requires non-null errp requester.cpp uses this pattern to receive an error and pass it on to the caller (err_is_set() macro peeled off for clarity): ... code that may set errset->errp ... if (errset->errp && *errset->errp) { ... handle error ... } This breaks when errset->errp is null. As far as I can tell, it currently isn't, so this is merely fragile, not actually broken. The robust way to do this is to receive the error in a local variable, then propagate it up, like this: Error *err = NULL; ... code that may set err ... if (err) ... handle error ... error_propagate(errset->errp, err); } See also commit 5e54769, 0f230bf, a903f40. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit e7cf59e84767e30b507b6bd7c1347072ec12b636 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 19 20:44:54 2015 +0200 qga: Clean up unnecessarily dirty casts qga_vss_fsfreeze() casts error_set_win32() from void (*)(Error **, int, ErrorClass, const char *, ...) to void (*)(void **, int, int, const char *, ...) The result is later called. Since the two types are not compatible, the call is undefined behavior. It works in practice anyway. However, there's no real need for trickery here. Clean it up as follows: * Declare struct Error, and fix the first parameter. * Switch to error_setg_win32(). This gets rid of the troublesome ErrorClass parameter. Requires converting error_setg_win32() from macro to function, but that's trivially easy, because this is the only user of error_set_win32(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit a9499ddd82a99c66cc72a08e72427c423acfea1c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 19 15:36:16 2015 +0200 error: Make error_setg() a function Saves a tiny amount of code at every call site. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 552375088a832fd5945ede92d01f98977b4eca13 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 19 13:59:47 2015 +0200 error: De-duplicate code creating Error objects Duplicated when commit 680d16d added error_set_errno(), and again when commit 20840d4 added error_set_win32(). Make the original copy in error_set() reusable by factoring out error_setv(), then rewrite error_set_errno() and error_set_win32() on top of it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit fbf054cb0a8ce2dc8f2d3012fb9204ef50d28d17 Merge: fc04a73 0f288f8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 10 10:24:30 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio,pc,acpi fixes, cleanups Fixes all over the place. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu 10 Sep 2015 10:16:18 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: hw/pci: fix pci_update_mappings() trace events pc: memhotplug: keep reserved-memory-end broken on 2.4 and earlier machines pc: memhotplug: fix incorrectly set reserved-memory-end acpi: Remove unused definition. virtio: avoid leading underscores for helpers pc: Remove redundant arguments from xen_hvm_init() pci: Fix pci_device_iommu_address_space() bus propagation Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0f288f854b96f56247e38f4207f71647133f0184 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Tue Sep 1 23:33:23 2015 +0200 hw/pci: fix pci_update_mappings() trace events The current trace prototypes and (matching) trace calls lead to "unorthodox" PCI BDF notation in at least the stderr trace backend. For example, the four BARs of a QXL video card at 00:01.0 (bus 0, slot 1, function 0) are traced like this (PID and timestamps removed): pci_update_mappings_add d=0x7f14a73bf890 00:00.1 0,0x84000000+0x4000000 pci_update_mappings_add d=0x7f14a73bf890 00:00.1 1,0x80000000+0x4000000 pci_update_mappings_add d=0x7f14a73bf890 00:00.1 2,0x88200000+0x2000 pci_update_mappings_add d=0x7f14a73bf890 00:00.1 3,0xd060+0x20 The slot and function values are in reverse order. Stick with the conventional BDF notation. Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Don Koch <dkoch@xxxxxxxxxxx> Cc: qemu-trivial@xxxxxxxxxx Fixes: 7828d75045 Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 2f8b50083b321e470ef8e2502910ade40cbfa020 Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Mon Sep 7 13:55:32 2015 +0200 pc: memhotplug: keep reserved-memory-end broken on 2.4 and earlier machines it will prevent guests on old machines from seeing inconsistent memory mapping in firmware/ACPI views. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 3385e8e2640e5c38582f6e8413042bd23d97c640 Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Mon Sep 7 13:55:31 2015 +0200 pc: memhotplug: fix incorrectly set reserved-memory-end reserved-memory-end tells firmware address from which it could start treating memory as PCI address space and map PCI BARs after it to avoid collisions with RAM. Currently it is incorrectly pointing to address where hotplugged memory range starts which could redirect hotplugged RAM accesses to PCI BARs when firmware maps them over RAM or viceverse. Fix this by pointing reserved-memory-end to the end of memory hotplug area. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 9372e3f5678cdd86e1ddfb957d9da4b1889a0dd0 Author: Richard W.M. Jones <rjones@xxxxxxxxxx> Date: Wed Sep 2 20:03:38 2015 +0100 acpi: Remove unused definition. Signed-off-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 95129d6fc9ead97155627a4ca0cfd37282883658 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Mon Aug 17 11:48:29 2015 +0200 virtio: avoid leading underscores for helpers Commit ef546f1275f6563e8934dd5e338d29d9f9909ca6 ("virtio: add feature checking helpers") introduced a helper __virtio_has_feature. We don't want to use reserved identifiers, though, so let's rename __virtio_has_feature to virtio_has_feature and virtio_has_feature to virtio_vdev_has_feature. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 91176e310527fac8414c417c093659e42e4564ea Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Aug 17 11:42:29 2015 -0700 pc: Remove redundant arguments from xen_hvm_init() Remove arguments that can be found in PCMachineState. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 5af2ae2305143f1805a696f9554231e1fc246edc Author: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Date: Sun Jul 5 09:19:15 2015 +1000 pci: Fix pci_device_iommu_address_space() bus propagation he current code walks up the bus tree for an iommu, however it passes to the iommu_fn() callback the bus/devfn of the immediate child of the level where the callback was found, rather than the original bus/devfn where the search started from. This prevents iommu's like POWER8 (and in fact also Q35) to properly provide an address space for a subset of devices that aren't immediate children of the iommu. PCIe carries the originator bdfn acccross to the iommu on all DMA transactions, so we must be able to properly identify devices at all levels. This changes the function pci_device_iommu_address_space() to pass the original pointers to the iommu_fn() callback instead. Signed-off-by: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 47d4be12c3997343e436c6cca89aefbbbeb70863 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Sep 10 10:02:00 2015 +0200 cutils: work around platform differences in strto{l,ul,ll,ull} Linux returns 0 if no conversion was made, while OS X and presumably the BSDs return EINVAL. The OS X convention rejects more invalid inputs, so convert to it and adjust the test case. Windows returns 1 from strtoul and strtoull (instead of -1) for negative out-of-range input; fix it up. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9fd1a94888cd6a559f95c3596ec1ac28b74838c1 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 11 11:33:24 2015 +0200 cpu-exec: fix lock hierarchy for user-mode emulation tb_lock has to be taken inside the mmap_lock (example: tb_invalidate_phys_range is called by target_mmap), but tb_link_page is taking the mmap_lock and it is called with the tb_lock held. To fix this, take the mmap_lock in tb_find_slow, not in tb_link_page. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8fd19e6cfd5b6cdf028c6ac2ff4157ed831ea3a6 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 11 10:57:52 2015 +0200 exec: make mmap_lock/mmap_unlock globally available There is some iffy lock hierarchy going on in translate-all.c. To fix it, we need to take the mmap_lock in cpu-exec.c. Make the functions globally available. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 756920876f60829fad0d15df4f3fa205077a8131 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 11 10:59:50 2015 +0200 tcg: comment on which functions have to be called with mmap_lock held Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6940fab84b826175cf90d48d0e3da1b76518f5b4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Aug 12 09:41:40 2015 +0200 tcg: add memory barriers in page_find_alloc accesses page_find is reading the radix tree outside all locks, so it has to use the RCU primitives. It does not need RCU critical sections because the PageDescs are never removed, so there is never a need to wait for the end of code sections that use a PageDesc. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2496ff1311283480f9de3614080b8842d838ade4 Author: KONRAD Frederic <fred.konrad@xxxxxxxxxxxxx> Date: Mon Aug 10 17:27:03 2015 +0200 remove unused spinlock. This just removes spinlock as it is not used anymore. Signed-off-by: KONRAD Frederic <fred.konrad@xxxxxxxxxxxxx> Message-Id: <1439220437-23957-6-git-send-email-fred.konrad@xxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 677ef6230b603571ae05125db469f7b4c8912a77 Author: KONRAD Frederic <fred.konrad@xxxxxxxxxxxxx> Date: Mon Aug 10 17:27:02 2015 +0200 replace spinlock by QemuMutex. spinlock is only used in two cases: * cpu-exec.c: to protect TranslationBlock * mem_helper.c: for lock helper in target-i386 (which seems broken). It's a pthread_mutex_t in user-mode, so we can use QemuMutex directly, with an #ifdef. The #ifdef will be removed when multithreaded TCG will need the mutex as well. Signed-off-by: KONRAD Frederic <fred.konrad@xxxxxxxxxxxxx> Message-Id: <1439220437-23957-5-git-send-email-fred.konrad@xxxxxxxxxxxxx> Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> [Merge Emilio G. Cota's patch to remove volatile. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d5f8d61390de8f2acc0da93f184e421a709cb503 Author: KONRAD Frederic <fred.konrad@xxxxxxxxxxxxx> Date: Mon Aug 10 17:27:06 2015 +0200 cpus: remove tcg_halt_cond and tcg_cpu_thread globals This hides the tcg_halt_cond and tcg_cpu_thread global variables inside qemu_tcg_init_vcpu. Multi-threaded TCG will need one QemuCond and one QemuThread per virtual cpu, so it's preferrable to use cpu->halt_cond and cpu->thread. Signed-off-by: KONRAD Frederic <fred.konrad@xxxxxxxxxxxxx> Message-Id: <1439220437-23957-9-git-send-email-fred.konrad@xxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 376692b9dc6f02303ee07a4146d08d8727d79c0c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Jul 10 12:32:32 2015 +0200 cpus: protect work list with work_mutex Protect the list of queued work items with something other than the BQL, as a preparation for running the work items outside it. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: KONRAD Frederic <fred.konrad@xxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0c71d41e2aa3c7356500ae624166f3bb8c201aee Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Aug 27 12:06:23 2015 +0300 scripts/dump-guest-memory.py: fix after RAMBlock change commit 9b8424d5735278ca382f11adc7c63072b632ab83 "exec: split length -> used_length/max_length" changed field names in struct RAMBlock It turns out that scripts/dump-guest-memory.py was poking at this field, update it accordingly. Cc: qemu-stable@xxxxxxxxxx Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-Id: <1440666378-3152-1-git-send-email-mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7b01cb974f1093885c40bf4d0d3e78e27e531363 Author: Alexandre Derumier <aderumier@xxxxxxxxx> Date: Fri Jun 19 12:56:58 2015 +0200 configure: Add support for jemalloc This adds "--enable-jemalloc" and "--disable-jemalloc" to allow linking to jemalloc memory allocator. We have already tcmalloc support, but it seem to not working well with a lot of iothreads/disks. The main problem is that tcmalloc use a shared thread cache of 16MB by default. With more threads, this cache is shared, and some bad garbage collections can occur if the cache is too low. It's possible to tcmalloc cache increase it with a env var: TCMALLOC_MAX_TOTAL_THREAD_CACHE_BYTES=256MB With default 16MB, performances are really bad with more than 2 disks. Increasing to 256MB, it's helping but still have problem with 16 disks/iothreads. Jemalloc don't have performance problem with default configuration. Here the benchmark results in iops of 1 qemu vm randread 4K iodepth=32, with rbd block backend (librbd is doing a lot of memory allocation), 1 iothread by disk glibc malloc ------------ 1 disk 29052 2 disks 55878 4 disks 127899 8 disks 240566 15 disks 269976 jemalloc -------- 1 disk 41278 2 disks 75781 4 disks 195351 8 disks 294241 15 disks 298199 tcmalloc 2.2.1 default 16M cache -------------------------------- 1 disk 37911 2 disks 67698 4 disks 41076 8 disks 43312 15 disks 37569 tcmalloc : 256M cache --------------------------- 1 disk 33914 2 disks 58839 4 disks 148205 8 disks 213298 15 disks 218383 Signed-off-by: Alexandre Derumier <aderumier@xxxxxxxxx> Message-Id: <1434711418-20429-1-git-send-email-aderumier@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3f7a899ff4e0681ed148b1cea07dc65550114fdb Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Sep 7 09:50:09 2015 +0200 add macro file for coccinelle Coccinelle chokes on some idioms from compiler.h and queue.h. Extract those in a macro file, to be used with "--macro-file scripts/cocci-macro-file.h". Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c765fcac96e111199225c7387c01694fe076b341 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Aug 29 03:33:59 2015 -0700 configure: factor out adding disas configure Every arch adds its disas configury to both its own config as well config_disas_all. Make a small function do to both at once. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <1440844439-19391-1-git-send-email-crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f42bf6a262ab5923a1a3bc8f731b830396937c47 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed Aug 26 09:52:51 2015 +0800 vhost-scsi: fix wrong vhost-scsi firmware path vhost-scsi bootindex does't work because Qemu passes wrong fireware path to seabios. before: /pci@i0cf8/scsi@7channel@0/vhost-scsi@0,0 after applying the patch: /pci@i0cf8/scsi@7/channel@0/vhost-scsi@0,0 Reported-by: Subo <subo7@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Message-Id: <1440553971-11108-1-git-send-email-arei.gonglei@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f1e155bbf863ade457019c6f09d4cba06b2d6bb4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Sun Aug 16 23:01:19 2015 +0200 checkpatch: remove tests that are not relevant outside the kernel Fully removing Sparse support requires more invasive changes. Only remove the really kernel-specific parts such as address space names. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 71c47b01ca0df34d6b41e0975be6e0633c5254cf Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Sun Aug 16 23:15:46 2015 +0200 checkpatch: adapt some tests to QEMU Mostly change severity levels, but some tests can also be adjusted to refer to QEMU APIs or data structures. Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 690a35e1f2acf4ccd0501b18228bc6fba8f9c768 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Jun 19 09:28:13 2015 +0200 CODING_STYLE: update mixed declaration rules Mixed declarations do come in handy at the top of #ifdef blocks. Reluctantly allow this particular usage and suggest an alternative. Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d4ba8cb0a17e7de54753ff1bdeee4428118bb9ab Author: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Date: Sun Jul 19 18:02:21 2015 -0500 qmp: Add example usage of strto*l() qemu wrapper Signed-off-by: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Message-Id: <11ac63e95d88551f1c2c9b1216b15d3cb8ba4468.1437346779.git.carlos.torres@xxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3904e6bf042391abc749d717465022e96e276fc7 Author: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Date: Sun Jul 19 18:02:20 2015 -0500 cutils: Add qemu_strtoull() wrapper Add wrapper for strtoull() function. Include unit tests. Signed-off-by: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Message-Id: <e0f0f611c9a81f3c29f451d0b17d755dfab1e90a.1437346779.git.carlos.torres@xxxxxxxxxxxxx> [Use uint64_t in prototype. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8ac4df40cc5de606a8ac9174e2340c21093b4e3b Author: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Date: Sun Jul 19 18:02:19 2015 -0500 cutils: Add qemu_strtoll() wrapper Add wrapper for strtoll() function. Include unit tests. Signed-off-by: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Message-Id: <7454a6bb9ec03b629e8beb4f109dd30dc2c9804c.1437346779.git.carlos.torres@xxxxxxxxxxxxx> [Use int64_t in prototype, since that's what QEMU uses. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c817c01548b1500753d0bea3852938d919161778 Author: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Date: Sun Jul 19 18:02:18 2015 -0500 cutils: Add qemu_strtoul() wrapper Add wrapper for strtoul() function. Include unit tests. Signed-off-by: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Message-Id: <9621b4ae8e35fded31c715c2ae2a98f904f07ad0.1437346779.git.carlos.torres@xxxxxxxxxxxxx> [Fix tests for 32-bit build. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 764e0fa497ff5bbc9c9d7c116da2f00f34e71716 Author: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Date: Sun Jul 19 18:02:17 2015 -0500 cutils: Add qemu_strtol() wrapper Add wrapper for strtol() function. Include unit tests. Signed-off-by: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Message-Id: <07199f1c0ff3892790c6322123aee1e92f580550.1437346779.git.carlos.torres@xxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d1142fb83efdcf8a6c2dee825569892203e16d2c Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Sun Aug 23 20:23:39 2015 -0400 translate-all: remove obsolete comment about l1_map l1_map is based on physical addresses in full-system mode, as pointed out in an earlier comment. Said comment also mentions that virtual addresses are only used in l1_map in user-only mode. Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Message-Id: <1440375847-17603-11-git-send-email-cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 709037636992e9289ce9147e59d56fb35d90b140 Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Sun Aug 23 20:23:41 2015 -0400 linux-user: call rcu_(un)register_thread on pthread_(exit|create) Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Message-Id: <1440375847-17603-13-git-send-email-cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 492e1ca9bd3f43ba417a5cf918e6c769aa2478b9 Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Sun Aug 23 20:23:38 2015 -0400 rcu: fix comment with s/rcu_gp_lock/rcu_registry_lock/ Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Message-Id: <1440375847-17603-10-git-send-email-cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5243722376873a48e9852a58b91f4d4101ee66e4 Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Sun Aug 23 20:23:37 2015 -0400 rcu: init rcu_registry_lock after fork We were unlocking this lock after fork, which is wrong since only the thread that holds a mutex is allowed to unlock it. Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Message-Id: <1440375847-17603-9-git-send-email-cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 12a1ddc160cb6a73e8a6c319f3962a20da2cd22f Author: Michael Marineau <michael.marineau@xxxxxxxxxx> Date: Sun Aug 9 00:02:55 2015 -0700 Makefile.target: include top level build dir in vpath Using ccache with CCACHE_BASEDIR set to $(SRC_PATH) or a parent will rewrite all absolute paths to relative paths. This interacts poorly with QEMU's two-level build directory scheme. For example, lets say BUILD_DIR=$(SRC_PATH)/build so build/blockdev.d will contain: blockdev.o: ../blockdev.c ../include/sysemu/block-backend.h \ Now the target build under build/x86_64-softmmu or similar will depend on ../blockdev.o which in turn will get make to source ../blockdev.d to check its dependencies. Since make always considers paths relative to the current working directory rather than the makefile the path appeared in the relative path to ../blockdev.c is useless. This change simply adds the top level build directory to vpath so paths relative to the source directory, top build directory, and target build directory all work just fine. Signed-off-by: Michael Marineau <michael.marineau@xxxxxxxxxx> Message-Id: <1439103775-11836-1-git-send-email-michael.marineau@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3c9589e180d98cdadb143bd2a792fb9d19d9aec6 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Fri Aug 14 11:25:14 2015 +0100 Move RAMBlock and ram_list to ram_addr.h Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-Id: <1439547914-18249-1-git-send-email-dgilbert@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e0c382113f768cc375a0d61b7cb3692f1b4bba58 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Aug 26 00:19:19 2015 +0200 tcg: signal-free qemu_cpu_kick Signals are slow and do not exist on Win32. The previous patches have done most of the legwork to introduce memory barriers (some of them were even there already for the sake of Windows!) and we can now set the flags directly in the iothread. qemu_cpu_kick_thread is not used anymore on TCG, since the TCG thread is never outside usermode while the CPU is running (not halted). Instead run the content of the signal handler (now in qemu_cpu_kick_no_halt) directly. qemu_cpu_kick_no_halt is also used in qemu_mutex_lock_iothread to avoid the overhead of qemu_cond_broadcast. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9102dedaa1ee1e89ce4a81283c403ff4928e9ef9 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 18 06:52:09 2015 -0700 use qemu_cpu_kick instead of cpu_exit or qemu_cpu_kick_thread Use the same API to trigger interruption of a CPU, no matter if under TCG or KVM. There is no difference: these calls come from the CPU thread, so the qemu_cpu_kick calls will send a signal to the running thread and it will be processed synchronously, just like a call to cpu_exit. The only difference is in the overhead, but neither call to cpu_exit (now qemu_cpu_kick) is in a hot path. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit aed807c8e2bf009b2c6a35490d4fd4383887221d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 18 06:43:15 2015 -0700 tcg: synchronize exit_request and tcg_current_cpu accesses Synchronize the remaining pair of accesses in cpu_signal. These should be necessary on Windows as well, at least in theory. Probably SuspendProcess and ResumeProcess introduce some implicit memory barrier. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ab096a75cd626dcd4ad34b2a11652df0269bee0d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 18 06:34:19 2015 -0700 tcg: synchronize cpu->exit_request and cpu->tcg_exit_req accesses Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b0a46fa796504c7334202877a68c857e49f7c96c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 18 06:32:02 2015 -0700 tcg: assign cpu->current_tb in a simpler place TCG has not been reading cpu->current_tb from signal handlers for years. The code that synchronized cpu_exec with the signal handler is not needed anymore. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f240eb6fdcf63a5600e15fb44c6960586459a97f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Aug 26 00:17:58 2015 +0200 remove qemu/tls.h TLS is now required on all platforms, so DECLARE_TLS/DEFINE_TLS is not needed anymore. Removing it does not break Windows because of the previous patch. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9373e63297c43752f9cf085feb7f5aed57d959f8 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 18 06:24:34 2015 -0700 tcg: introduce tcg_current_cpu This is already useful on Windows in order to remove tls.h, because accesses to current_cpu are done from a different thread on that platform. It will be used on POSIX platforms as soon TCG stops using signals to interrupt the execution of translated code. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5039d6e23586fe6bbedc5e4fe302b48a66890ade Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Feb 16 14:13:11 2015 +0100 i8257: remove cpu_request_exit irq This is unused. cpu_exit now is almost exclusively an internal function to the CPU execution loop. In a few patches, we'll change the remaining occurrences to qemu_cpu_kick, making it truly internal. Reviewed-by: Richard henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 19d2b5e6ff7202c2bf45c547efa85ae6c2d76bbd Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Feb 16 14:08:22 2015 +0100 i8257: rewrite DMA_schedule to avoid hooking into the CPU loop The i8257 DMA controller uses an idle bottom half, which by default does not cause the main loop to exit. Therefore, the DMA_schedule function is there to ensure that the CPU relinquishes the iothread mutex to the iothread. However, this is not enough since the iothread will call aio_compute_timeout() and go to sleep again. In the iothread world, forcing execution of the idle bottom half is much simpler, and only requires a call to qemu_notify_event(). Do it, removing the need for the "cpu_request_exit" pseudo-irq. The next patch will remove it. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fc04a730b7e60f4a62d6260d4eb9c537d1d3643f Merge: 8611280 6fdf328 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 18:02:36 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150908' into staging target-arm queue: * Implement priority handling properly via GICC_APR * Enable TZ extensions on the GIC if we're using them * Minor preparatory patches for EL3 support * cadence_gem: Correct Marvell PHY SPCFC reset value * Support AHCI in ZynqMP # gpg: Signature made Tue 08 Sep 2015 17:48:33 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150908: xlnx-zynqmp: Connect the sysbus AHCI to ZynqMP xlnx-zynqmp.c: Convert some of the error_propagate() calls to error_abort ahci.c: Don't assume AHCIState's parent is AHCIPCIState ahci: Separate the AHCI state structure into the header cadence_gem: Correct Marvell PHY SPCFC reset value target-arm: Add AArch64 access to PAR_EL1 target-arm: Correct opc1 for AT_S12Exx target-arm: Log the target EL when taking exceptions target-arm: Fix default_exception_el() function for the case when EL3 is not supported hw/arm/virt: Enable TZ extensions on the GIC if we are using them hw/arm/virt: Default to not providing TrustZone support hw/cpu/{a15mpcore, a9mpcore}: enable TrustZone in GIC if it is enabled in CPUs hw/intc/arm_gic_common: Configure IRQs as NS if doing direct NS kernel boot hw/arm: new interface for devices which need to behave differently for kernel boot qom: Add recursive version of object_child_for_each hw/intc/arm_gic: Actually set the active bits for active interrupts hw/intc/arm_gic: Drop running_irq and last_active arrays hw/intc/arm_gic: Fix handling of GICC_APR<n>, GICC_NSAPR<n> registers hw/intc/arm_gic: Running priority is group priority, not full priority armv7m_nvic: Implement ICSR without using internal GIC state Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6fdf3282d16e7fb6e798824fb5f4f60c6a73067d Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Sep 8 17:38:45 2015 +0100 xlnx-zynqmp: Connect the sysbus AHCI to ZynqMP Connect the Sysbus AHCI device to ZynqMP. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Sai Pavan Boddu <saipava@xxxxxxxxxx> [PMM: removed unnecessary brackets in error_propagate call] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e1292517103f7ad6a8dc9f0795d170a78ed408a8 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Sep 8 17:38:45 2015 +0100 xlnx-zynqmp.c: Convert some of the error_propagate() calls to error_abort Convert all of the non-realize error_propagate() calls into error_abort calls as they shouldn't be user visible failure cases. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bb639f829f139ddc83325b3b6825f93096ee44f1 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Sep 8 17:38:45 2015 +0100 ahci.c: Don't assume AHCIState's parent is AHCIPCIState The AHCIState struct can either have AHCIPCIState or SysbusAHCIState as a parent. The ahci_irq_lower() and ahci_irq_raise() functions assume that it is always AHCIPCIState, which is not always the case, which causes a seg fault. Verify what the container of AHCIState is before setting the PCIDevice struct. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Acked-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5ea8b9c5a3e823d1446a7e67d6d3b8d86bfd33d8 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Sep 8 17:38:45 2015 +0100 ahci: Separate the AHCI state structure into the header Pull the AHCI state structure out into the header. This allows other containers to access the struct. This is required to add the device to modern SoC containers. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Sai Pavan Boddu <saipava@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7777b7a0ba27696ddf34a19818be17cc415551cc Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Sep 8 17:38:45 2015 +0100 cadence_gem: Correct Marvell PHY SPCFC reset value Bit 15 of the PHY Specific Status Register is reserved and should remain 0. Fix the reset value to ensure that the 15th bit is not set. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: c795069e49040ff770fe2ece19dfe1791b729e22.1441316450.git.alistair.francis@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c96fc9b52d0a318d8026a0bcaba204d319ad91e0 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Sep 8 17:38:44 2015 +0100 target-arm: Add AArch64 access to PAR_EL1 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Message-id: 1441311266-8644-4-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7a379c7e68f1b2286602b0beeeb58dcef7c9e760 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Sep 8 17:38:44 2015 +0100 target-arm: Correct opc1 for AT_S12Exx Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Message-id: 1441311266-8644-3-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dbc29a868cf5b7e6fa7bb2e6c4f188b9470779c5 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Sep 8 17:38:44 2015 +0100 target-arm: Log the target EL when taking exceptions Log the target EL when taking exceptions. This is useful when debugging guest SW or QEMU itself while transitioning through the various ELs. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Message-id: 1441311266-8644-2-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cef9ee706792b1e205fe472b67053a0e82cd058e Author: Sergey Sorokin <afarallax@xxxxxxxxx> Date: Tue Sep 8 17:38:44 2015 +0100 target-arm: Fix default_exception_el() function for the case when EL3 is not supported If EL3 is not supported in current configuration, we should not try to get EL3 bitness. Signed-off-by: Sergey Sorokin <afarallax@xxxxxxxxx> Message-id: 1441208342-10601-2-git-send-email-afarallax@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0e21f183ca2d000bbda1fb63959a3d41a1c3ff42 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:44 2015 +0100 hw/arm/virt: Enable TZ extensions on the GIC if we are using them If we're creating a board with support for TrustZone, then enable it on the GIC model as well as on the CPUs. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1441383782-24378-7-git-send-email-peter.maydell@xxxxxxxxxx commit 2d710006a0da4a9b7ddf5c02d072e178906d0ef6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:44 2015 +0100 hw/arm/virt: Default to not providing TrustZone support Switch the default for the 'virt' board to not providing TrustZone support in either the CPU or the GIC. This is primarily for the benefit of UEFI, which currently assumes there is no TrustZone support, and does not set the GIC up correctly if it is TZ-aware. It also means the board is consistent about its behaviour whether we're using KVM or TCG (KVM never has TrustZone support). If TrustZone support is required (for instance for running test suites or TZ-aware firmware) it can be enabled with the "-machine secure=on" command line option. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1441383782-24378-6-git-send-email-peter.maydell@xxxxxxxxxx commit 4182bbb19d2e266dde0d4ed32e85e1b1be79bc61 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:43 2015 +0100 hw/cpu/{a15mpcore, a9mpcore}: enable TrustZone in GIC if it is enabled in CPUs If the A9 and A15 CPUs which we're creating the peripherals for have TrustZone (EL3) enabled, then also enable it in the GIC we create. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1441383782-24378-5-git-send-email-peter.maydell@xxxxxxxxxx commit 8ff41f3995ad2d942ecafb72519c1f09cb811259 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:43 2015 +0100 hw/intc/arm_gic_common: Configure IRQs as NS if doing direct NS kernel boot If we directly boot a kernel in NonSecure on a system where the GIC supports the security extensions then we must cause the GIC to configure its interrupts into group 1 (NonSecure) rather than the usual group 0, and with their initial priority set to the highest NonSecure priority rather than the usual highest Secure priority. Otherwise the guest kernel will be unable to use any interrupts. Implement this behaviour, controlled by a flag which we set if appropriate when the ARM bootloader code calls our ARMLinuxBootIf interface callback. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1441383782-24378-4-git-send-email-peter.maydell@xxxxxxxxxx commit d8b1ae4237b5f8cf5037a7f341ff43dc02955256 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:43 2015 +0100 hw/arm: new interface for devices which need to behave differently for kernel boot For ARM we have a little minimalist bootloader in hw/arm/boot.c which takes the place of firmware if we're directly booting a Linux kernel. Unfortunately a few devices need special case handling in this situation to do the initialization which on real hardware would be done by firmware. (In particular if we're booting a kernel in NonSecure state then we need to make a TZ-aware GIC put all its interrupts into Group 1, or the guest will be unable to use them.) Create a new QOM interface which can be implemented by devices which need to do something different from their default reset behaviour. The callback will be called after machine initialization and before first reset. Suggested-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1441383782-24378-3-git-send-email-peter.maydell@xxxxxxxxxx commit d714b8de7747f20fe42e5716d1d44f91e2b891f4 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Tue Sep 8 17:38:43 2015 +0100 qom: Add recursive version of object_child_for_each Useful for iterating through an entire QOM subtree. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1441383782-24378-2-git-send-email-peter.maydell@xxxxxxxxxx commit d5523a13656fb8df902a15a9fd8bd652b85e97e0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:43 2015 +0100 hw/intc/arm_gic: Actually set the active bits for active interrupts Although we were correctly handling interrupts becoming active and then inactive, we weren't actually exposing this to the guest by setting the 'active' flag for the interrupt, so reads of GICD_ICACTIVERn and GICD_ISACTIVERn would generally incorrectly return zeroes. Correct this oversight. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1438089748-5528-6-git-send-email-peter.maydell@xxxxxxxxxx commit 72889c8a809f4c65796b98d5af6a18c92510ed86 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:42 2015 +0100 hw/intc/arm_gic: Drop running_irq and last_active arrays The running_irq and last_active arrays represent state which doesn't exist in a real hardware GIC. The only thing we use them for is updating the running priority when an interrupt is completed, but in fact we can use the active-priority registers to do this. The running priority is always the priority corresponding to the lowest set bit in the active priority registers, because only one interrupt at any particular priority can be active at once. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1438089748-5528-5-git-send-email-peter.maydell@xxxxxxxxxx commit 51fd06e0eee8257fdcc147200796e362cf2298ea Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:42 2015 +0100 hw/intc/arm_gic: Fix handling of GICC_APR<n>, GICC_NSAPR<n> registers A GICv2 has both GICC_APR<n> and GICC_NSAPR<n> registers, with the latter holding the active priority bits for Group 1 interrupts (usually Nonsecure interrupts), and the Nonsecure view of the GICC_APR<n> is the second half of the GICC_NSAPR<n> registers. Turn our half-hearted implementation of APR<n> into a proper implementation of both APR<n> and NSAPR<n>: * Add the underlying state for NSAPR<n> * Make sure APR<n> aren't visible for pre-GICv2 * Implement reading of NSAPR<n> * Make non-secure reads of APR<n> behave correctly * Implement writing to APR<n> and NSAPR<n> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1438089748-5528-4-git-send-email-peter.maydell@xxxxxxxxxx commit df92cfa60eef82dad112ca5c5d0239ec5ba7aac3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:42 2015 +0100 hw/intc/arm_gic: Running priority is group priority, not full priority Priority values for the GIC are divided into a "group priority" and a "subpriority" (with the division being determined by the binary point register). The running priority is only determined by the group priority of the active interrupts, not the subpriority. In particular, this means that there can't be more than one active interrupt at any particular group priority. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1438089748-5528-3-git-send-email-peter.maydell@xxxxxxxxxx commit b06c262b45cf7afcf56dd0f2189ad8948b117e7d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:42 2015 +0100 armv7m_nvic: Implement ICSR without using internal GIC state Change the implementation of the Interrupt Control and State Register in the v7M NVIC to not use the running_irq and last_active internal state fields in the GIC. These fields don't correspond to state in a real GIC and will be removed soon. The changes to the ICSR are: * the VECTACTIVE field is documented as identical to the IPSR[8:0] field, so implement it that way * implement RETTOBASE via looking at the active state bits Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1438089748-5528-2-git-send-email-peter.maydell@xxxxxxxxxx commit 76d39ab49ec68608a3c0bafec7bed70f21302b0e Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:42 2015 +0800 pc_init1: pass parameters just with types Pass types to configure pc_init1(). Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 7bb836e4a27b7e364f3c8c4ebe41172fc8c70f75 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Jul 15 13:37:41 2015 +0800 i440fx: make types configurable at run-time IGD passthrough wants to supply a different pci and host devices, inheriting i440fx devices. Make types configurable. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit eeb6b13a5a45d16a7b348891921d496bc5d6df2c Author: Don Slutz <dslutz@xxxxxxxxxxx> Date: Thu Apr 30 14:27:09 2015 -0400 xen-hvm: Add trace to ioreq Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Don Slutz <dslutz@xxxxxxxxxxx> commit 8611280505119e296757a60711a881341603fa5a Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Sep 2 14:46:01 2015 -0700 target-microblaze: Use setcond for pcmp* Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 88174019d2e1d2e1c304d507654d37f6d7504957 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Sep 2 11:38:10 2015 -0700 target-cris: Use movcond and setcond Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 5f5b5942d56a138baad0ae01458d5d0e62d5be68 Author: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Date: Fri Jul 3 15:01:42 2015 +0300 Added generic panic handler qemu_system_guest_panicked() There are pieces of guest panic handling code that can be shared in one generic function. These code replaced by call qemu_system_guest_panicked(). Signed-off-by: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1435924905-8926-10-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6d1f252d8c1ba73bf6ed9af28731a9c9c3d473a2 Author: Peter Lieven <pl@xxxxxxx> Date: Fri Aug 14 13:33:36 2015 +0200 block/iscsi: validate block size returned from target It has been reported that at least tgtd returns a block size of 0 for LUN 0. To avoid running into divide by zero later on and protect against other problematic block sizes validate the block size right at connection time. Cc: qemu-stable@xxxxxxxxxx Reported-by: Andrey Korolyov <andrey@xxxxxxx> Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-Id: <1439552016-8557-1-git-send-email-pl@xxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f3926945c85689e8af324c0db0b39be771dbbebb Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Sep 7 11:28:58 2015 +0800 iohandler: Use aio API iohandler.c shares the same interface with aio, but with duplicated code. It's better to rebase iohandler, also because that aio is a more friendly interface to multi-threads. Create a global AioContext instance and let its GSource handle the iohandler events. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1441596538-4412-1-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 46036b2462c7ff56c0af6466ea6b9248197a38a8 Author: AnÃbal Limón <anibal.limon@xxxxxxxxxxxxxxx> Date: Thu Sep 3 15:48:33 2015 -0500 cpus.c: qemu_mutex_lock_iothread fix race condition at cpu thread init When QEMU starts the RCU thread executes qemu_mutex_lock_thread causing error "qemu:qemu_cpu_kick_thread: No such process" and exits. This isn't occur frequently but in glibc the thread id can exist and this not guarantee that the thread is on active/running state. If is inserted a sleep(1) after newthread assignment [1] the issue appears. So not make assumption that thread exist if first_cpu->thread is set then change the validation of cpu to created that is set into cpu threads (kvm, tcg, dummy). [1] https://sourceware.org/git/?p=glibc.git;a=blob;f=nptl/pthread_create.c;h=d10f4ea8004e1d8f3a268b95cc0f8d93b8d89867;hb=HEAD#l621 Cc: qemu-stable@xxxxxxxxxx Signed-off-by: AnÃbal Limón <anibal.limon@xxxxxxxxxxxxxxx> Message-Id: <1441313313-3040-1-git-send-email-anibal.limon@xxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d12f7309483e20d1bae9304f4b812bf53a8e6510 Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Sun Aug 23 20:23:36 2015 -0400 seqlock: read sequence number atomically With this change we make sure that the compiler will not optimise the read of the sequence number in any way. Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Message-Id: <1440375847-17603-8-git-send-email-cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 123fdbac9b8f1e394fbe92e8b5359193e94ba5bf Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Sun Aug 23 20:23:35 2015 -0400 seqlock: add missing 'inline' to seqlock_read_retry Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Message-Id: <1440375847-17603-7-git-send-email-cota@xxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9d34158a5af734e8de0b42b0a7228200c426a8d0 Merge: 8f1ed5f bd80a8a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 16:07:47 2015 +0100 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20150907' into staging s390x fixes and improvements: - various bugfixes (css/event-facility) - more efficient adapter interrupt routes setup - gdb enhancement - sclp got treated with a lot of remodelling/cleanup # gpg: Signature made Mon 07 Sep 2015 15:42:43 BST using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20150907: (23 commits) s390/sclp: simplify calculation of rnmax s390/sclp: store the increment_size in the sclp device s390: unify allocation of initial memory s390: move memory calculation into the sclp device s390/sclp: ignore memory hotplug operations if it is disabled s390: disallow memory hotplug for the s390-virtio machine s390: no need to manually parse for slots and maxmem s390/sclp: move sclp_service_interrupt into the sclp device s390/sclp: move sclp_execute related functions into the SCLP class s390/sclp: introduce a root sclp device s390/sclp: temporarily fix unassignment/reassignment of memory subregions s390/sclp: replace sclp event types with proper defines s390/sclp: rework sclp event facility initialization + device realization sclp/s390: rework sclp cpu hotplug device notification s390x/gdb: support reading/writing of control registers s390x/kvm: make setting of in-kernel irq routes more efficient pc-bios/s390-ccw: rebuild image pc-bios/s390-ccw: Device detection in higher subchannel sets s390x/event-facility: fix location of receive mask s390x/css: start with cleared cstat/dstat ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bd80a8ad555c2b5f79591b29edcf8196b8a5109b Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 1 13:04:03 2015 +0200 s390/sclp: simplify calculation of rnmax rnmax can be directly calculated using machine->maxram_size. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 71a2fd355d8fa429bcc04740c260635e084255f2 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 1 13:03:23 2015 +0200 s390/sclp: store the increment_size in the sclp device Let's calculate it once and reuse it. Suggested-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 80d23275e3c4bc93fa6f123613d5ff389ed3fc62 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Fri May 29 15:01:55 2015 +0200 s390: unify allocation of initial memory Now that the calculation of the initial memory is hidden in the sclp device, we can unify the allocation of the initial memory. The remaining ugly part is the reserved memory for the virtio queues, but that can be cleaned up later. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 1cf065fb87e8787e3e9cebcdb4713b81e4e61422 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Fri May 29 13:53:08 2015 +0200 s390: move memory calculation into the sclp device The restrictions for memory calculation belong to the sclp device. Let's move the calculation to that point, so we are able to unify it for both s390 machines. The sclp device is the first device to be initialized. It performs the calculation and safely stores it in the machine, where other parts of the system can access an reuse it. The memory hotplug device is now only created when it is really needed. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit b02ef3d92b19ad304a84433d3817f0903296ebc7 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Fri May 29 14:06:39 2015 +0200 s390/sclp: ignore memory hotplug operations if it is disabled If no memory hotplug device was created, the sclp command facility is not exposed (SCLP_FC_ASSIGN_ATTACH_READ_STOR). We therefore have no memory hotplug and should correctly report SCLP_RC_INVALID_SCLP_COMMAND if any such command is executed. This gets rid of these ugly asserts that could have been triggered for the s390-virtio machine. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 2998ffee245e3a141ce1b6fca127744c3e19dc63 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Fri May 29 13:22:12 2015 +0200 s390: disallow memory hotplug for the s390-virtio machine That machine type doesn't currently support memory hotplug, so let's abort if it is requested. Reason is, that the virtio queues are allocated for now at the end of the initial ram - extending the ram is therefore not possible. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 311467f77eab5c3e1f8e0f6f446201e3a1f46e70 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Fri May 29 13:14:50 2015 +0200 s390: no need to manually parse for slots and maxmem ram_slots and maxram_size has already been parsed and verified by common code for us. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 1723a1b6313851d9704961e1f527312ee0a5fce4 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Wed May 13 15:06:44 2015 +0200 s390/sclp: move sclp_service_interrupt into the sclp device Let's make that function a method of the new sclp device, keeping the wrapper for existing users. We can now let go of get_event_facility(). Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 25a3c5af57db0319f5cfb4c439efbc78b230599e Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Wed May 27 10:04:56 2015 +0200 s390/sclp: move sclp_execute related functions into the SCLP class Let's move the sclp_execute related functions into the SCLP class and pass the device state as parameter, so we have easy access to the SCLPDevice later on. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 515190d9da0c85084d32d6ad36afb15a6d35729e Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Wed May 27 09:49:43 2015 +0200 s390/sclp: introduce a root sclp device Let's create a root sclp device, which has other sclp devices as children (e.g. the event facility for now) and can later be used for migration of sclp specific attributes and setup of memory. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 732bdd383ee06be2655b1a849a628ff03b0000b8 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Sat Jun 13 08:46:54 2015 +0200 s390/sclp: temporarily fix unassignment/reassignment of memory subregions Commit 374f2981d1f1 ("memory: protect current_map by RCU") broke unassignment of standby memory on s390x. Looks like that the new parallelism allows races with our (semi broken) memory hotplug code. The flatview_unref() can now be executed after our unparenting. Therefore memory_region_unref() tries to unreference the MemoryRegion itself instead of the parent. In theory, MemoryRegions are now bound to separate devices that control their lifetime. We don't have this yet, so we really want to control their lifetime manually. This patch fixes it temporarily, until we have a proper rework. The only drawback is that they won't pop up in "info qom-tree", but that's better than qemu crashes. We have to release the reference to a memory region after a memory_region_find, as it automatically takes a reference. As we're now able to reassign memory, the MemoryRegion is in fact deleted (otherwise vmstate_register_ram() would complain). Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 35925a7a73e7df4118cb11667095bd2d8fc4e091 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Mon May 11 15:31:47 2015 +0200 s390/sclp: replace sclp event types with proper defines Introduce TYPE_SCLP_QUIESCE and make use of it. Also use TYPE_SCLP_CPU_HOTPLUG where applicable. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit f6102c329c43d7d5e0bee1fc2fe4043e05f9810c Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Thu May 21 12:43:31 2015 +0200 s390/sclp: rework sclp event facility initialization + device realization The current code only works by chance. The event facility is a sysbus device, but specifies in its class structure as parent the DeviceClass (instead of a device class). The init function in return lies therefore at the same position as the init function of SysBusDeviceClass and gets triggered instead - a very bad idea of doing that (e.g. the parameter types don't match). Let's bring the initialization code up to date, initializing the event facility + child events in .instance_init and moving the realization of the child events out of the init call, into the realization step. Device realization is now automatically performed when the event facility itself is realized. That realization implicitly triggers realization of the child bus, which in turn initializes the events. Please note that we have to manually propagate the realization of the bus children, common code still has a TODO set for that task. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 073f57ae347a41cbcc940ae0286bbbab993b9148 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Mon May 11 15:30:43 2015 +0200 sclp/s390: rework sclp cpu hotplug device notification Let's get rid of this strange local variable + irq logic and work directly on the QOM. (hint: what happens if two such devices are created?) We could introduce proper QOM class + state for the cpu hotplug device, however that would result in too much overhead for a simple "trigger_signal" function. Also remove one unnecessary class function initialization. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 5b9f6345a616c321a5ea2f35e09043edd933767e Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Tue Jun 23 11:00:09 2015 +0200 s390x/gdb: support reading/writing of control registers Let's support reading and writing of control registers for kvm and tcg. We have to take care of flushing the tlb (tcg) and pushing the changed registers into kvm. Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit c0194a00b0beb66814756ee255a8a86b2a92c27e Author: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Date: Mon Jul 27 16:53:27 2015 +0200 s390x/kvm: make setting of in-kernel irq routes more efficient When we add new adapter routes we call kvm_irqchip_add_route() for every virtqueue and in the same step also do the KVM_SET_GSI_ROUTING ioctl. This is unnecessary costly as the interface allows us to set multiple routes in one go. Let's first add all routes to the table stored in the global kvm_state and then do the ioctl to commit the routes to the in-kernel irqchip. This saves us several ioctls to the kernel where for each call a list is reallocated and populated. Signed-off-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 9f70b85c405093f24d9df22215ead6596819832f Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Aug 11 10:53:41 2015 +0200 pc-bios/s390-ccw: rebuild image Contains: - Device detection in higher subchannel sets Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 0f79b89bc2bdbed35d2c57d722acc4c31a5a2ce4 Author: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Date: Thu Jun 25 18:35:58 2015 +0300 pc-bios/s390-ccw: Device detection in higher subchannel sets If no bootdevice was specified, we try to autodetect a suitable IPL device. Current code only searched in subchannel set 0; extend this search to higher subchannel sets as well. Signed-off-by: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit f7822aa8b610a4fec57a09066974e5c088592c08 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Mon Jul 27 16:55:23 2015 +0200 s390x/event-facility: fix location of receive mask For read event mask, we assumed that the layout of the sccb was |sccb header|event buffer header|receive mask|...| The correct layout, however, is |sccb header|receive mask|...| as in-buffer and |sccb header|event buffer header|...| as out-buffer. Fix this: This makes selective read work. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 6b7741c2bedeae2e8c54fffce81723ca0a0c25c0 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Jul 24 12:08:37 2015 +0200 s390x/css: start with cleared cstat/dstat When executing the start function, we should start with a clear state regarding subchannel and device status; it is easy to forget updating one of them after the ccw has been processed. Note that we don't need to care about resetting the various control fields: They are cleared by tsch(), and if they were still pending, we wouldn't be able to execute the start function in the first place. Also note that we don't want to clear cstat/dstat if a suspended subchannel is resumed. This fixes a bug where we would continue to present channel-program check in cstat even though later ccw requests for the subchannel finished without error (i.e. cstat should be 0). Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> commit 3335ddddf9e5ba7743dc8e3f767f4ef857ccd20c Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Wed Jul 1 15:28:06 2015 +0200 s390x/event-facility: fix receive mask check For selective read event, we need to check if any event is requested that is not active instead of whether none of the requested events is active. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Reviewed-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit fa4463e0432ab66432a28d6b975f8eed99b3f4fa Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jul 16 10:42:18 2015 +0200 s390x/css: ccw-0 enforces count > 0 Type-0 ccws need to have a count > 0 for any command other than TIC. Generate a channel-program check if this is not the case. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit fde8206b8061f808c880709c2ac26a645b11c211 Author: Pierre Morel <pmorel@xxxxxxxxxxxxxxxxxx> Date: Wed Jul 15 16:16:20 2015 +0200 s390x/css: handle ccw-0 TIC correctly In CCW-0 format TIC command 4 highest bits are ignored in the subchannel. In CCW-1 format the TIC command 4 highest bits must be 0. To convert TIC from CCW-0 to CCW-1 we clear the 4 highest bits to guarantee compatibility. Signed-off-by: Pierre Morel <pmorel@xxxxxxxxxxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 8f1ed5f5081416d5d1cc9569aa826114c5b21213 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 13:33:12 2015 +0100 Make pow2ceil() and pow2floor() inline Since the pow2floor() function is now used in a hot code path, make it inline; for consistency, provide pow2ceil() as an inline function too. Because these functions use ctz64() we have to put the inline versions into host-utils.h, so they have access to ctz64(), and move the inline is_power_of_2() along with them. We then need to include host-utils.h from qemu-common.h so that the files which use these functions via qemu-common.h still have access to them. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1437741192-20955-7-git-send-email-peter.maydell@xxxxxxxxxx commit 10944a19209bb520054569e0f156f50338901264 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 13:33:11 2015 +0100 Remove unused qemu_fls function Nothing uses qemu_fls() any more, so delete it. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1437741192-20955-6-git-send-email-peter.maydell@xxxxxxxxxx commit 6554f5c03793bb8a3d5dedcebf758a1694fa186c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 13:33:10 2015 +0100 exec.c: Use pow2floor() rather than hand-calculation Use pow2floor() to round down to the nearest power of 2, rather than an inline calculation. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1437741192-20955-5-git-send-email-peter.maydell@xxxxxxxxxx commit 26efcec158a87133bb6255ae7d3127a5fa6e66fd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 13:33:09 2015 +0100 hw/block/nvme.c: Use pow2ceil() rather than hand-calculation Use pow2ceil() to round up to the next power of 2, rather than an inline calculation. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1437741192-20955-4-git-send-email-peter.maydell@xxxxxxxxxx commit 1d0148fe6c121b21476ac1ba5120f8990e7fe6cd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 13:33:08 2015 +0100 hw/virtio/virtio-pci: Use pow2ceil() rather than hand-calculation Use the utility function pow2ceil() for rounding up to the next largest power of 2, rather than inline calculation. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1437741192-20955-3-git-send-email-peter.maydell@xxxxxxxxxx commit 9bff5d8135fc3f37932d4177727d293aa93ce79b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 13:33:07 2015 +0100 hw/pci: Use pow2ceil() rather than hand-calculation A couple of places in hw/pci use an inline calculation to round a size up to the next largest power of 2. We have a utility routine for this, so use it. (The behaviour of the old code is different if the size value is 0 -- it would leave it as 0 rather than rounding up to 1, but in both cases we know the size can't be 0. In the case where the size value had bit 31 set, the old code would invoke undefined behaviour; the new code will give a result of 0. Presumably that could never happen either.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1437741192-20955-2-git-send-email-peter.maydell@xxxxxxxxxx commit 4169198617dc8d3e80697964b91eaea551e7f956 Merge: 298fae3 c804b57 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 11:23:08 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches # gpg: Signature made Fri 04 Sep 2015 20:45:33 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: quorum: validate vote threshold against num_children even if read-pattern is fifo qcow2: reorder fields in Qcow2CachedTable to reduce padding docs: document how to configure the qcow2 L2/refcount caches qcow2: add option to clean unused cache entries after some time qcow2: mark the memory as no longer needed after qcow2_cache_empty() iotests: Warn if python subprocess is killed iotests: Do not suppress segfaults in bash tests iotests: Respect -nodefaults in tests 41 and 55 iotests: More options for VM.add_drive() qemu-img: Fix crash in amend invocation block/raw-posix: Use raw_normalize_devicepath() qemu-iotests: s390x: fix test 130 qemu-iotests: s390x: fix test 049, reject negative sizes in QemuOpts qemu-iotests: s390x: fix test 041 and 055 qemu-iotests: disable default qemu devices for cross-platform compatibility qemu-iotests: qemu machine type support Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 298fae38972cc0165415ead04b64bfcae55640d9 Merge: b597aa0 8d45c54 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:43:18 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150907' into staging target-arm queue: * cleanup to use g_new() and friends * support semihosting in A64 * add SMBIOS support to mach-virt * remove hw_error() usages * fix bug in the AArch32:AArch64 register mapping * add a second PCI memory window in highmem on virt board * fix bug in arm_excp_unmasked() * add i.MX31 SoC * remove restriction on handling affinity values in virt board # gpg: Signature made Mon 07 Sep 2015 10:40:48 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150907: (27 commits) arm/virt: Add full-sized CPU affinity handling target-arm: Refactor CPU affinity handling i.MX: Add i2C devices to i.MX31 SOC i.MX: Add qtest support for I2C device emulator. i.MX: Add the i.MX25 PDK platform i.MX: Add SOC support for i.MX25 i.MX: Add FEC Ethernet Emulator i.MX: Add I2C controller emulator i.MX: KZM: use standalone i.MX31 SOC support i.MX: Add SOC support for i.MX31 target-arm: Fix arm_excp_unmasked() function hw/arm/virt: Add high MMIO PCI region, 512G in size target-arm: Fix AArch32:AArch64 general-purpose register mapping arm: Remove hw_error() usages. arm: cpu: assert() on no-EL2 virt IRQ error condition. smbios: implement smbios support for mach-virt smbios: add smbios 3.0 support target-arm: Wire up HLT 0xf000 as the A64 semihosting instruction target-arm/arm-semi.c: SYS_EXIT on A64 takes a parameter block target-arm/arm-semi.c: Implement A64 specific SyncCacheRange call ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8d45c54d4fd3612bd616afcc5c278394f312927b Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Mon Sep 7 10:39:31 2015 +0100 arm/virt: Add full-sized CPU affinity handling At least with KVM, currently there's no reason why QEMU would not be capable of handling Aff3 != 0. This commit fixes up FDT creation in such a case. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Message-id: eef5a86e6d9a313780dbc23b35fcb65df42a3e9e.1441366248.git.p.fedin@xxxxxxxxxxx [PMM: folded two overlong lines] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0f4a9e45ec35811ee250ac232d84d3c6d4fcd7fc Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Mon Sep 7 10:39:31 2015 +0100 target-arm: Refactor CPU affinity handling Introduces reusable definitions for CPU affinity masks/shifts and gets rid of hardcoded magic numbers. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Message-id: 7e6def4d0d91ae64615cdd2035b94d408d0a23c6.1441366248.git.p.fedin@xxxxxxxxxxx [PMM: folded overlong line] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d4e26d106a1ea35a81176cb5398406b08316adc7 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 7 10:39:31 2015 +0100 i.MX: Add i2C devices to i.MX31 SOC Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: fb20e6bf5cf946c4530b2cfb55c7e37f5a0fc051.1441057361.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7f3986278b0bc214e83111ea55c8d12bac79c4fa Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 7 10:39:31 2015 +0100 i.MX: Add qtest support for I2C device emulator. This is using a ds1338 RTC chip on the I2C bus. This RTC chip is not present on the real 3DS PDK board. Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Acked-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 05601683a2a95c881cbc9f22651a044d969bd0ae.1441057361.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 65f57c43632b102f8b1ef20baf1fc218c6b8d9cd Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 7 10:39:31 2015 +0100 i.MX: Add the i.MX25 PDK platform Tested by booting a minimal Linux system on the emulated platform Tested by booting the Xvisor hypervisor on the emulated platform Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: d27347300d253509d921bc27a6d0a14db877478b.1441057361.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ee708c999d45e3f742d2f1287694a1b9da87044b Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 7 10:39:30 2015 +0100 i.MX: Add SOC support for i.MX25 For now we support the following devices: * CPU: ARM926 * Interrupt Controller: AVIC * CCM * UART x 5 * EPIT x 2 * GPT x 4 * FEC * I2C x 3 Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 62218bfa90f9101f79098e768c3d58bd92dcb7f3.1441057361.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit fcbd8018e645f3ab1ef9af94dc88a0d3272926d3 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 7 10:39:30 2015 +0100 i.MX: Add FEC Ethernet Emulator This is based on mcf_fec.c FEC implementation for Coldfire * A generic PHY was added (borrowwed from LAN9118) * The buffer management is also modified as buffers are slightly different between Coldfire and i.MX Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: fb314f8a120aa49f8f6ad886f312c649b484fb5a.1441057361.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 20d0f9cf6a41bad52baba3ebc485849617cc42cf Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 7 10:39:30 2015 +0100 i.MX: Add I2C controller emulator The slave mode is not implemented. Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 508dbf2ebe26ec383d3a12a1db5a7890ac8acf20.1441057361.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f044ac4980922e23b608afc2f35648ebadb42950 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 7 10:39:30 2015 +0100 i.MX: KZM: use standalone i.MX31 SOC support Convert the KZM board to use the i.MX31 SoC defintition instead of redefining the entire SoC on the machine level. Major rewrite of the machine init code. While touching the memory map comment de-indent to the correct level of indentation. This obsoletes the legacy i.MX device device creation helpers which are removed. Tested by booting a minimal Linux system on the emulated platform Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 5e783561f092e1c939562fdff001f1ab1194b07f.1441057361.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 558df83db778dc2e839353357a508349b180d79b Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 7 10:39:30 2015 +0100 i.MX: Add SOC support for i.MX31 For now we support the following devices: * CPU: ARM1136 * Interrupt Controller: AVIC * CCM * UART x 2 * EPIT x 2 * GPT Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: f146d819594e41568daec42a1d0f440cdfe3df76.1441057361.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 771842585f3119f69641ed90a97d56eb9ed6f5ae Author: Sergey Sorokin <afarallax@xxxxxxxxx> Date: Mon Sep 7 10:39:30 2015 +0100 target-arm: Fix arm_excp_unmasked() function There is an error in arm_excp_unmasked() function: bitwise operator & is used with integer and bool operands causing an incorrect zeroed result. The patch fixes it. Signed-off-by: Sergey Sorokin <afarallax@xxxxxxxxx> Message-id: 1441209238-16881-1-git-send-email-afarallax@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5125f9cd2532f0aca25d966ecd27d0e30d4af7c9 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Mon Sep 7 10:39:29 2015 +0100 hw/arm/virt: Add high MMIO PCI region, 512G in size This large region is necessary for some devices like ivshmem and video cards 32-bit kernels can be built without LPAE support. In this case such a kernel will not be able to use PCI controller which has windows in high addresses. In order to work around the problem, "highmem" option is introduced. It defaults to on on, but can be manually set to off in order to be able to run those old 32-bit guests. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> [PMM: Added missing ULL suffixes and a comment to the a15memmap[] entry] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3a9148d0bdcee990fbe86759b9b1f5723c1d7fbc Author: Sergey Sorokin <afarallax@xxxxxxxxx> Date: Mon Sep 7 10:39:29 2015 +0100 target-arm: Fix AArch32:AArch64 general-purpose register mapping There is an error in functions aarch64_sync_32_to_64() and aarch64_sync_64_to_32() with mapping of registers between AArch32 and AArch64. This commit fixes the mapping to match the v8 ARM ARM section D1.20.1 (table D1-77). Signed-off-by: Sergey Sorokin <afarallax@xxxxxxxxx> Message-id: 1440796451-15276-1-git-send-email-afarallax@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> [PMM: tidied commit message a bit] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8f6fd322f6e25995629a1a07b56bc5b91fb947ca Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Mon Sep 7 10:39:29 2015 +0100 arm: Remove hw_error() usages. All of these hw_errors are fatal and indicate something wrong with QEMU implementation. Convert to g_assert_not_reached. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 169194d09017e5725535d31a1507d454c0043706.1440842587.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f128bf297ba100877313cb3e9c0da845da0bb58c Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Mon Sep 7 10:39:29 2015 +0100 arm: cpu: assert() on no-EL2 virt IRQ error condition. Replace the hw_error() for no-EL2 VIRQ with an assert. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 93b6acdee6cafe8ff0422a294a5640c3d35f0e17.1440842587.git.crosthwaite.peter@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c30e15658b1b3dc9c241a515322ca5dc6fa6b4fe Author: Wei Huang <wei@xxxxxxxxxx> Date: Mon Sep 7 10:39:29 2015 +0100 smbios: implement smbios support for mach-virt This patch generates smbios tables for ARM mach-virt. Also add CONFIG_SMBIOS=y for ARM default config. Acked-by: Gabriel Somlo <somlo@xxxxxxx> Tested-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Tested-by: Leif Lindholm <leif.lindholm@xxxxxxxxxx> Signed-off-by: Wei Huang <wei@xxxxxxxxxx> Message-id: 1440615870-9518-3-git-send-email-wei@xxxxxxxxxx [PMM: Added missing braces around an if().] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 86299120060f734a2f7c1137a46de0b8c78135b7 Author: Wei Huang <wei@xxxxxxxxxx> Date: Mon Sep 7 10:39:28 2015 +0100 smbios: add smbios 3.0 support This patch adds support for SMBIOS 3.0 entry point. When caller invokes smbios_set_defaults(), it can specify entry point as 2.1 or 3.0. Then smbios_get_tables() will return the entry point table in right format. Acked-by: Gabriel Somlo <somlo@xxxxxxx> Tested-by: Gabriel Somlo <somlo@xxxxxxx> Tested-by: Leif Lindholm <leif.lindholm@xxxxxxxxxx> Signed-off-by: Wei Huang <wei@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Message-id: 1440615870-9518-2-git-send-email-wei@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8012c84ff92a36d05dfe61af9b24dd01a7ea25e4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:39:28 2015 +0100 target-arm: Wire up HLT 0xf000 as the A64 semihosting instruction For the A64 instruction set, the semihosting call instruction is 'HLT 0xf000'. Wire this up to call do_arm_semihosting() if semihosting is enabled. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Christopher Covington <christopher.covington@xxxxxxxxxx> Tested-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Message-id: 1439483745-28752-10-git-send-email-peter.maydell@xxxxxxxxxx commit 7446d35e1dd69e1da8241277eae09e293741b362 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:39:28 2015 +0100 target-arm/arm-semi.c: SYS_EXIT on A64 takes a parameter block The A64 semihosting API changes the interface for SYS_EXIT so that instead of taking a single exception type in a register, it takes a parameter block containing the exception type and a sub-code. Implement this. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Message-id: 1439483745-28752-9-git-send-email-peter.maydell@xxxxxxxxxx commit e9ebfbfcf31c11fb3bd2fc436fa17ce45a4e7086 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:39:28 2015 +0100 target-arm/arm-semi.c: Implement A64 specific SyncCacheRange call The A64 semihosting ABI defines a new call SyncCacheRange for doing a 'clean D-cache and invalidate I-cache' sequence. Since QEMU doesn't implement caches, we can implement this as a nop. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Christopher Covington <christopher.covington@xxxxxxxxxx> Tested-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Message-id: 1439483745-28752-8-git-send-email-peter.maydell@xxxxxxxxxx commit faacc041619581c566c21ed87aa1933420731282 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:39:28 2015 +0100 target-arm/arm-semi.c: Support widening APIs to 64 bits The 64-bit A64 semihosting API has some pervasive changes from the 32-bit version: * all parameter blocks are arrays of 64-bit values, not 32-bit * the semihosting call number is passed in W0 * the return value is a 64-bit value in X0 Implement the necessary handling for this widening. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Christopher Covington <christopher.covington@xxxxxxxxxx> Tested-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Message-id: 1439483745-28752-7-git-send-email-peter.maydell@xxxxxxxxxx commit 44d4a499b79d12d5c29f32bf2070c89335573c03 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:39:27 2015 +0100 include/exec/softmmu-semi.h: Add support for 64-bit values Add support for getting and setting 64-bit values in the softmmu semihosting support functions. This will be needed for 64-bit ARM semihosting. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Message-id: 1439483745-28752-6-git-send-email-peter.maydell@xxxxxxxxxx commit bb19cbc95ada89ce5e02c132bc6f3268b1a1bfa3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:39:27 2015 +0100 target-arm/arm-semi.c: Factor out repeated 'return env->regs[0]' Factor out a repeated pattern in the semihosting code: gdb_do_syscall(arm_semi_cb, "system,%s", arg0, (int)arg1+1); /* arm_semi_cb sets env->regs[0] to the syscall return value */ return env->regs[0]; For A64 the return value will go in a different register; pull the sequence out into its own function that passes the return value in a static variable rather than overloading regs[0] for the purpose, so the code will work on both A32/T32 and A64. Note that the lack-of-synchronization bug noted in the FIXME comment is not introduced by this commit, but was already present. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Christopher Covington <christopher.covington@xxxxxxxxxx> Tested-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Message-id: 1439483745-28752-5-git-send-email-peter.maydell@xxxxxxxxxx commit 19239b39e7501dedec8d92f0eca79c187685bcce Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:39:27 2015 +0100 gdbstub: Implement gdb_do_syscallv() Implement a variant of the existing gdb_do_syscall() which takes a va_list. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Message-id: 1439483745-28752-4-git-send-email-peter.maydell@xxxxxxxxxx commit 205ace55ffff77964e50af08c99639ec47db53f6 Author: Christopher Covington <christopher.covington@xxxxxxxxxx> Date: Mon Sep 7 10:39:27 2015 +0100 target-arm: Improve semihosting debug prints Print semihosting debugging information before the do_arm_semihosting() call so that angel_SWIreason_ReportException, which causes the function to not return, gets the same debug prints as other semihosting calls. Also print out the semihosting call number. Signed-off-by: Christopher Covington <christopher.covington@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Message-id: 1439483745-28752-3-git-send-email-peter.maydell@xxxxxxxxxx commit 857b55adb77004d9ec9202078b7f1f3a1a076112 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:39:27 2015 +0100 target-arm/arm-semi.c: Fix broken SYS_WRITE0 via gdb A spurious trailing "\n" in the gdb syscall format string used for SYS_WRITE0 meant that gdb would reject the remote syscall, with the effect that the output from the guest was silently dropped. Remove the newline so that gdb accepts the packet. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b45c03f585ea9bb1af76c73e82195418c294919d Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Sep 7 10:39:27 2015 +0100 arm: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Coccinelle semantic patch: @@ type T; @@ -g_malloc(sizeof(T)) +g_new(T, 1) @@ type T; @@ -g_try_malloc(sizeof(T)) +g_try_new(T, 1) @@ type T; @@ -g_malloc0(sizeof(T)) +g_new0(T, 1) @@ type T; @@ -g_try_malloc0(sizeof(T)) +g_try_new0(T, 1) @@ type T; expression n; @@ -g_malloc(sizeof(T) * (n)) +g_new(T, n) @@ type T; expression n; @@ -g_try_malloc(sizeof(T) * (n)) +g_try_new(T, n) @@ type T; expression n; @@ -g_malloc0(sizeof(T) * (n)) +g_new0(T, n) @@ type T; expression n; @@ -g_try_malloc0(sizeof(T) * (n)) +g_try_new0(T, n) @@ type T; expression p, n; @@ -g_realloc(p, sizeof(T) * (n)) +g_renew(T, p, n) @@ type T; expression p, n; @@ -g_try_realloc(p, sizeof(T) * (n)) +g_try_renew(T, p, n) @@ type T; expression n; @@ -(T *)g_new(T, n) +g_new(T, n) @@ type T; expression n; @@ -(T *)g_new0(T, n) +g_new0(T, n) @@ type T; expression p, n; @@ -(T *)g_renew(T, p, n) +g_renew(T, p, n) Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1440524394-15640-1-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c804b5791d51608c0e12e4cc2b40b3d763ce796c Merge: 2ef6093 834cb2a Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Fri Sep 4 21:43:40 2015 +0200 Merge remote-tracking branch 'mreitz/tags/pull-block-for-kevin-2015-09-04' into queue-block Block patches from 2015-08-24 until 2015-09-04. # gpg: Signature made Fri Sep 4 21:02:10 2015 CEST using RSA key ID E838ACAD # gpg: Good signature from "Max Reitz <mreitz@xxxxxxxxxx>" * mreitz/tags/pull-block-for-kevin-2015-09-04: quorum: validate vote threshold against num_children even if read-pattern is fifo qcow2: reorder fields in Qcow2CachedTable to reduce padding docs: document how to configure the qcow2 L2/refcount caches qcow2: add option to clean unused cache entries after some time qcow2: mark the memory as no longer needed after qcow2_cache_empty() Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 834cb2ada5db197a11c99142d50222945d196fc0 Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Fri Jul 3 14:45:06 2015 +0800 quorum: validate vote threshold against num_children even if read-pattern is fifo We need to use threshold to check if too many write operation fails. If threshold is larger than num children, we always get write error event even if all write operations success. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Message-id: 55962F72.3060003@xxxxxxxxxxxxxx Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 909c260c71d1bee7018e17034580ffd0743508db Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Aug 4 15:14:42 2015 +0300 qcow2: reorder fields in Qcow2CachedTable to reduce padding Changing the current ordering saves 8 bytes per cache entry in x86_64. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 0bd55291211df3dfb514d0e7d2031dd5c4f9f807.1438690126.git.berto@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 7f65ce834accce0b7e4bc79313bacf229b957783 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Aug 4 15:14:41 2015 +0300 docs: document how to configure the qcow2 L2/refcount caches QEMU has options to configure the size of the L2 and refcount caches for the qcow2 format. However, choosing the right sizes for a particular disk image is not a straightforward operation since the ratio between the cache size and the allocated disk space is not obvious and depends on the size of the cluster and the refcount entries. This document attempts to give an overview of both caches and how to configure their sizes. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: 55de928e139b1ba3f3d40fe9c6c88f30b1f36410.1438690126.git.berto@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 279621c046ce57de0af9e3c00663b48d3a7835ae Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Aug 4 15:14:40 2015 +0300 qcow2: add option to clean unused cache entries after some time This adds a new 'cache-clean-interval' option that cleans all qcow2 cache entries that haven't been used in a certain interval, given in seconds. This allows setting a large L2 cache size so it can handle scenarios with lots of I/O and at the same time use little memory during periods of inactivity. This feature currently relies on MADV_DONTNEED to free that memory, so it is not useful in systems that don't follow that behavior. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: a70d12da60433df9360ada648b3f34b8f6f354ce.1438690126.git.berto@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 355ee2d0e8ca536a6278c9c763ddd2f136eace3f Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Aug 4 15:14:39 2015 +0300 qcow2: mark the memory as no longer needed after qcow2_cache_empty() After having emptied the cache, the data in the cache tables is no longer useful, so we can tell the kernel that we are done with it. In Linux this frees the resources associated with it. The effect of this can be seen in the HMP commit operation: it moves data from the top to the base image (and fills both caches), then it empties the top image. At this point the data in that cache is no longer needed so it's just wasting memory. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: 08538b098e1faf6c92496477cf9b47a20e5aacea.1438690126.git.berto@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 2ef6093cd6990314304f2d3b18eb476ee418d73c Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Sep 2 20:52:28 2015 +0200 iotests: Warn if python subprocess is killed Currently, if a subprocess of a python test (i.e. qemu-io, qemu-img, or qemu) receives a signal and is subsequently aborted, this is not logged. This patch makes python tests always check the exit code of these subprocesses, and emit a message if they have been killed. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 934659c460d46c948cf348822fda1d38556ed9a4 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Sep 2 20:52:27 2015 +0200 iotests: Do not suppress segfaults in bash tests Currently, if a qemu/qemu-io/qemu-img/qemu-nbd invocation receives a segmentation fault, that message is invisible in most cases since the output is generally filtered and bash suppresses the segmentation fault notice for any but the last element of a pipe. Most of the time, the test will then fail anyway because of missing output, but not necessarily (as happened with test 82 recently). Fix this by making the corresponding environment variables point to wrapper functions which execute the respective command in a subshell. Giving options to qemu/qemu-io/qemu-img and path names with spaces were broken for the Python tests; this patch "accidentally" fixes that. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 0ed82f7a096537923ef3705946f254d2f61eaf93 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Sep 2 20:52:26 2015 +0200 iotests: Respect -nodefaults in tests 41 and 55 While -nodefaults is set in $QEMU_OPTIONS, this is currently (wrongly) ignored for Python iotests. In order to be prepared for when this is fixed, we should explicitly add an IDE CD-ROM drive instead of relying on it being created automatically. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8e4922535b6479c7a2fa6b14b0148c6ae4fcc003 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Sep 2 20:52:25 2015 +0200 iotests: More options for VM.add_drive() This patch allows specifying the interface to be used for the drive, and makes specifying a path optional (if the path is None, the "file" option will be omitted, thus creating an empty drive). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e814dffcc9810ed77fe99081be9751b620a894c4 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Thu Aug 20 16:00:38 2015 -0700 qemu-img: Fix crash in amend invocation Example: $ ./qemu-img create -f qcow2 /tmp/t.qcow2 64M $ ./qemu-img amend -f qcow2 -o backing_file=/tmp/t.qcow2, -o help \ /tmp/t.qcow2 This should not crash. This actually is tested by iotest 082, but not caught due to the segmentation fault being silent (which is something that needs to be fixed, too). Reported-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Cc: qemu-stable <qemu-stable@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit bdd03cdf5dc3176bc7169a1d5709303e9279fffb Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Aug 12 17:33:31 2015 +0200 block/raw-posix: Use raw_normalize_devicepath() The filename given to qemu_open() in block/raw-posix.c should generally have been processed by raw_normalize_devicepath(); unless we are only probing (in which case the caller often checks whether the file is a block device or not, and this property will be changed by raw_normalize_devicepath() on NetBSD) or it is about a deprecated device (i.e. floppy). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 137a905fdf43880c077438d57ef2d319569da9eb Author: Bo Tu <tubo@xxxxxxxxxxxxxxxxxx> Date: Fri Jul 3 15:28:50 2015 +0800 qemu-iotests: s390x: fix test 130 The default device id of hard disk on the s390 platform is "virtio0" which differs to the "ide0-hd0" for the x86 platform. Setting id in the drive definition, ie:"qemu -drive id=testdisk", will be the same on all platforms. Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Bo Tu <tubo@xxxxxxxxxxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 212789925efffe1c552b114321ee74081a7efb03 Author: Bo Tu <tubo@xxxxxxxxxxxxxxxxxx> Date: Fri Jul 3 15:28:49 2015 +0800 qemu-iotests: s390x: fix test 049, reject negative sizes in QemuOpts when creating an image qemu-img enable us specifying the size of the image using -o size=xx options. But when we specify an invalid size such as a negtive size then different platform gives different result. parse_option_size() function in util/qemu-option.c will be called to parse the size, a cast was called in the function to cast the input (saved as a double in the function) size to an unsigned int64 value, when the input is a negtive value or exceeds the maximum of uint64, then the result is undefined. According to C99 6.3.1.4, the result of converting a floating point number to an integer that cannot represent the (integer part of) number is undefined. And sure enough the results are different on x86 and s390. C99 Language spec 6.3.1.4 Real floating and integers: the result of this assignment/cast is undefined if the float is not in the open interval (-1, U<type>_MAX+1). Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Sascha Silbe <silbe@xxxxxxxxxxxxxxxxxx> Signed-off-by: Bo Tu <tubo@xxxxxxxxxxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d8683155fa76cabff112271771e43e21034ff2ba Author: Bo Tu <tubo@xxxxxxxxxxxxxxxxxx> Date: Fri Jul 3 15:28:48 2015 +0800 qemu-iotests: s390x: fix test 041 and 055 There is no 'ide-cd' device defined on non-pc platform, so test_medium_not_found() test should be skipped. Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Michael Mueller <mimu@xxxxxxxxxxxxxxxxxx> Reviewed-by: Sascha Silbe <silbe@xxxxxxxxxxxxxxxxxx> Signed-off-by: Xiao Guang Chen <chenxg@xxxxxxxxxxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 2711fd33a4b18c5e35a6f7efe57b5d868def829e Author: Bo Tu <tubo@xxxxxxxxxxxxxxxxxx> Date: Fri Jul 3 15:28:47 2015 +0800 qemu-iotests: disable default qemu devices for cross-platform compatibility This patch fixes an io test suite issue that was introduced with the commit c88930a6866e74953e931ae749781e98e486e5c8 'qemu-char: Permit only a single "stdio" character device'. The option supresses the creation of default devices such as the floopy and cdrom. Output files for test case 067, 071, 081 and 087 need to be updated to accommodate this change. Use virtio-blk instead of virtio-blk-pci as the device driver for test case 067. For virtio-blk-pci is the same with virtio-blk as device driver but other platform such as s390 may not recognize the virtio-blk-pci. The default devices differ across machines. As the qemu output often contains these devices (or events for them, like opening a CD tray on reset), the reference output currently is rather machine-specific. All existing qemu tests explicitly configure the devices they're working with, so just pass -nodefaults to qemu by default to disable the default devices. Update the reference outputs accordingly. Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Michael Mueller <mimu@xxxxxxxxxxxxxxxxxx> Reviewed-by: Sascha Silbe <silbe@xxxxxxxxxxxxxxxxxx> Signed-off-by: Xiao Guang Chen <chenxg@xxxxxxxxxxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e166b4148208656635ea2fe39df8b1e875a34fb8 Author: Bo Tu <tubo@xxxxxxxxxxxxxxxxxx> Date: Fri Jul 3 15:28:46 2015 +0800 qemu-iotests: qemu machine type support This patch adds qemu machine type support to the io test suite. Based on the qemu default machine type and alias of the default machine type the reference output file can now vary from the default to a machine specific output file if necessary. When using a machine specific reference file if the default machine has an alias then use the alias as the output file name otherwise use the default machine name as the output file name. Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Michael Mueller <mimu@xxxxxxxxxxxxxxxxxx> Reviewed-by: Sascha Silbe <silbe@xxxxxxxxxxxxxxxxxx> Signed-off-by: Xiao Guang Chen <chenxg@xxxxxxxxxxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b597aa037dbd98014c8dec3d69a5e2240f432533 Merge: b5bff75 6231316 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 4 17:37:50 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-09-04' into staging Monitor patches # gpg: Signature made Fri 04 Sep 2015 12:40:11 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-monitor-2015-09-04: hmp: add info iothreads command qmp-shell: add documentation Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b5bff7518d8e4feda95f5c523cb24f72863c1df6 Merge: b041066 c4f498f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 4 15:53:48 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-09-04' into staging qapi: Another round of fixes and cleanups # gpg: Signature made Fri 04 Sep 2015 14:48:54 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-09-04: (33 commits) qapi: Generators crash when --output-dir isn't given, fix docs/qapi-code-gen.txt: Fix QAPI schema examples qapi: Simplify error reporting for array types qapi: Fix errors for non-string, non-dictionary members tests/qapi-schema: Cover non-string, non-dictionary members tests/qapi-schema: Cover two more syntax errors qapi: Drop one of two "simple union must not have base" checks qapi: Generated code cleanup qapi-commands: Drop useless initialization qapi-commands: Don't feed output of mcgen() to mcgen() again qapi-commands: Inline gen_marshal_output_call() qapi-commands: Fix gen_err_check(e) for e and e != 'local_err' qapi: Command returning anonymous type doesn't work, outlaw qapi: Fix to reject union command and event arguments qapi-tests: New tests for union, alternate command arguments tests/qapi-schema: Rename tests from data- to args- tests/qapi-schema: Restore test case for flat union base bug qapi: Document flaws in checking of names qapi: Document shortcoming with union 'data' branch qapi: Document that input visitor semantics are prone to leaks ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c4f498fe8532cdacc609262b104322911108df54 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Sep 3 10:24:25 2015 +0200 qapi: Generators crash when --output-dir isn't given, fix Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 94a3f0af388820d74a9d89d1a856d2baa448c696 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Sep 3 10:18:06 2015 +0200 docs/qapi-code-gen.txt: Fix QAPI schema examples Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit eddf817bd823a90df209dfbdc2a0b2ec33b7cb77 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Aug 31 13:54:39 2015 +0200 qapi: Simplify error reporting for array types check_type() first checks and peels off the array type, then checks the element type. For two out of four error messages, it takes pains to report errors for "array of T" instead of just T. Odd. Let's examine the errors. * Unknown element type, e.g. tests/qapi-schema/args-array-unknown.json: Member 'array' of 'data' for command 'oops' uses unknown type 'array of NoSuchType' To make sense of this, you need to know that 'array of NoSuchType' refers to '[NoSuchType]'. Easy enough. However, simply reporting Member 'array' of 'data' for command 'oops' uses unknown type 'NoSuchType' is at least as easy to understand. * Element type's meta-type is inadmissible, e.g. tests/qapi-schema/returns-whitelist.json: 'returns' for command 'no-way-this-will-get-whitelisted' cannot use built-in type 'array of int' 'array of int' is technically not a built-in type, but that's pedantry. However, simply reporting 'returns' for command 'no-way-this-will-get-whitelisted' cannot use built-in type 'int' avoids the issue, and is at least as easy to understand. * The remaining two errors are unreachable, because the array checking ensures that value is a string. Thus, reporting some errors for "array of T" instead of just T works, but doesn't really improve things. Drop it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit c6b71e5ae73802057d700e2419b80aef1651f213 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Aug 31 17:28:52 2015 +0200 qapi: Fix errors for non-string, non-dictionary members Fixes the errors demonstrated by the previous commit. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 10689e36eb99e99751497ac8cef2a946e9a3a850 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Aug 31 17:17:42 2015 +0200 tests/qapi-schema: Cover non-string, non-dictionary members We always report "should be a dictionary" then. This is misleading: when allow_dict, it can be a dictionary or a type name string, else it can only be a type name. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 91f9816da4d505d379753896f3f7b6abb910324b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Aug 31 15:47:55 2015 +0200 tests/qapi-schema: Cover two more syntax errors Syntax error coverage should now be complete. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 65fbe125451da9421070ab03944c9600a264eefc Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Aug 31 15:37:42 2015 +0200 qapi: Drop one of two "simple union must not have base" checks The first check ensures the second one can't trigger. Drop the first one, because the second one is in a more logical place, and emits a nicer error message. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 3a864e7c52af15017d5082a9ee39a7919f46d2b5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jul 1 16:55:15 2015 +0200 qapi: Generated code cleanup Clean up white-space, brace placement, and superfluous #ifdef QAPI_TYPES_BUILTIN_CLEANUP_DEF. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 3f99144cd9afbf51a7fbddf20b921402c2d4f68c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jul 31 18:51:18 2015 +0200 qapi-commands: Drop useless initialization In generated command handlers, the assignment to retval dominates its only use. Therefore, its initialization is useless. Drop it. Suggested-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 1f9a7a1a5862ad224aa86f9b4c046248ffc27aa3 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Sat Jun 27 17:49:34 2015 +0200 qapi-commands: Don't feed output of mcgen() to mcgen() again Multiple passes through mcgen() is prone to produce unwanted blank lines, which we then combat by sprinkling .rstrip() on top. Just don't do it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit e02bca281c82f874d84578af4deea46142232115 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Sat Jun 27 17:21:12 2015 +0200 qapi-commands: Inline gen_marshal_output_call() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 8102307f51e68280ac965a140a87073d5c31e9a5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Sat Jun 27 16:48:14 2015 +0200 qapi-commands: Fix gen_err_check(e) for e and e != 'local_err' gen_err_check() hard-codes 'local_err' instead of substituting the argument. Currently harmless, since all callers pass either None or 'local_err'. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 9b090d42aea9a0abbf39a1d75561a186057b5fe6 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jul 31 17:59:38 2015 +0200 qapi: Command returning anonymous type doesn't work, outlaw Reproducer: with { 'command': 'user_def_cmd4', 'returns': { 'a': 'int' } } added to qapi-schema-test.json, qapi-commands.py dies when it tries to generate the command handler function Traceback (most recent call last): File "/work/armbru/qemu/scripts/qapi-commands.py", line 359, in <module> ret = generate_command_decl(cmd['command'], arglist, ret_type) + "\n" File "/work/armbru/qemu/scripts/qapi-commands.py", line 29, in generate_command_decl ret_type=c_type(ret_type), name=c_name(name), File "/work/armbru/qemu/scripts/qapi.py", line 927, in c_type assert isinstance(value, str) and value != "" AssertionError because the return type doesn't exist. Simply outlaw this usage, and drop or dumb down test cases accordingly. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 315932b5edb86597adafbd1faa2d29c46499d8c3 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jul 1 10:12:24 2015 +0200 qapi: Fix to reject union command and event arguments A command's or event's 'data' must be a struct type, given either as a dictionary, or as struct type name. Commit dd883c6 tightened the checking there, but not enough: we still accept 'union'. Fix to reject it. We may want to support union types there, but we'll have to extend qapi-commands.py and qapi-events.py for it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit d9658d58e33128df32093b7a84bed76b527fb884 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jul 1 09:54:11 2015 +0200 qapi-tests: New tests for union, alternate command arguments A command's 'data' must be a struct type, given either as a dictionary, or as struct type name. Existing test case data-int.json covers simple type 'int'. Add test cases for type names referring to union and alternate types. The latter is caught (good), but the former is not (bug). Events have the same problem, but since they get checked by the same code, we don't bother to duplicate the tests. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 6af9a8fc8ec83f823c079211bc7a2414b1d4e5fe Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jul 31 13:30:50 2015 +0200 tests/qapi-schema: Rename tests from data- to args- Since every schema entity has 'data', the data- prefix conveys no information. These tests actually exercise commands. Only commands have arguments, so change the prefix to to args-. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 80e60a19a82cf872652d1923e800fecef5cc7def Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 26 13:21:10 2015 +0200 tests/qapi-schema: Restore test case for flat union base bug Test case added in commit 2fc0043, and messed up in commit 5223070. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit d90675fa4bc256238b3dd3a7fdd5f9029eca00b8 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jul 31 11:33:52 2015 +0200 qapi: Document flaws in checking of names We don't actually enforce our "other than downstream extensions [...], all names should begin with a letter" rule. Add a FIXME. We should reject names that differ only in '_' vs. '.' vs. '-', because they're liable to clash in generated C. Add a FIXME. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit ca56a822dd538017715345cbbe1f8829e0cc2742 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Jul 30 17:07:17 2015 -0600 qapi: Document shortcoming with union 'data' branch Add a FIXME to remind us to fully audit whether removing the 'void *data' branch of each qapi union type can be done safely. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1438297637-26789-1-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 2f52e20597ebd55ede668b2b7d162a84f419b03e Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Jul 30 16:33:07 2015 -0600 qapi: Document that input visitor semantics are prone to leaks Most functions that can return a pointer or set an Error ** value are decent enough to guarantee a NULL return when reporting an error. Not so with our generated qapi visitor functions. If the caller is not careful to clean up partially-allocated objects on error, then the caller suffers a memory leak. Properly fixing it is probably complex enough to save for a later day, so merely document it for now. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1438295587-19069-1-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 999387782f736d7ac0083f4f02e2bc4ce7a9a27b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 26 13:14:02 2015 +0200 tests/qapi-schema: Document events with base don't work When event FOO's 'data' is a struct with a base, we consider only the struct's direct members, and ignore its base. The generated qapi_event_send_foo() doesn't take arguments for base members. No such events currently exist in the QMP schema. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 422e16aac4bd4476f5b40bee3049089de34ef6b6 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 26 17:52:45 2015 +0200 tests/qapi-schema: Document alternate's enum lacks visit function We generate a declaration, but no definition. The QMP schema has two: Qcow2OverlapChecks and BlockdevRef. Neither visit_type_Qcow2OverlapChecksKind() nor visit_type_BlockdevRefKind() is actually used. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 40b3adec13a9e022ff5a2e2b81c243fc0a026746 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 26 17:21:42 2015 +0200 qapi-visit: Fix two name arguments passed to visitors The generated code passes mangled schema names to visit_type_enum() and union's visit_start_struct(). Fix it to pass the names unadulterated, like we do everywhere else. Only qapi-schema-test.json actually has names where this makes a difference: enum __org.qemu_x-Enum, flat union __org.qemu_x-Union2, simple union __org.qemu_x-Union1 and its implicit enum __org.qemu_x-Union1Kind. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 8c07eddc619d618965fdd7a96bfe3b5c59f42b52 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Jun 30 09:27:04 2015 +0200 qapi-visit: Replace list implicit_structs by set Use set because that's what it is. While there, rename to implicit_structs_seen. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 8c3f8e77215bfedb7854221868f655e148506936 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 26 10:19:11 2015 +0200 qapi-visit: Fix generated code when schema has forward refs The visit_type_implicit_FOO() are generated on demand, right before their first use. Used by visit_type_STRUCT_fields() when STRUCT has base FOO, and by visit_type_UNION() when flat UNION has member a FOO. If the schema defines FOO after its first use as struct base or flat union member, visit_type_implicit_FOO() calls visit_type_implicit_FOO() before its definition, which doesn't compile. Rearrange qapi-schema-test.json to demonstrate the bug. Fix by generating the necessary forward declaration. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 1e6c1616a91cdcbe9a8387541f7689b8c11632aa Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Sun Jun 28 20:05:53 2015 +0200 qapi: Generate a nicer struct for flat unions The struct generated for a flat union is weird: the members of its base are at the end, except for the union tag, which is at the beginning. Example: qapi-schema-test.json has { 'struct': 'UserDefUnionBase', 'data': { 'string': 'str', 'enum1': 'EnumOne' } } { 'union': 'UserDefFlatUnion', 'base': 'UserDefUnionBase', 'discriminator': 'enum1', 'data': { 'value1' : 'UserDefA', 'value2' : 'UserDefB', 'value3' : 'UserDefB' } } We generate: struct UserDefFlatUnion { EnumOne enum1; union { void *data; UserDefA *value1; UserDefB *value2; UserDefB *value3; }; char *string; }; Change to put all base members at the beginning, unadulterated. Not only is this easier to understand, it also permits casting the flat union to its base, if that should become useful. We now generate: struct UserDefFlatUnion { /* Members inherited from UserDefUnionBase: */ char *string; EnumOne enum1; /* Own members: */ union { /* union tag is @enum1 */ void *data; UserDefA *value1; UserDefB *value2; UserDefB *value3; }; }; Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 0f61af3eb396ae163cd1572ce12e05f5d08d7c15 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jul 31 10:30:04 2015 +0200 qapi: Fix generated code when flat union has member 'kind' A flat union's tag member gets renamed to 'kind' in the generated code. Breaks when another member named 'kind' exists. Example, adapted from qapi-schema-test.json: { 'struct': 'UserDefUnionBase', 'data': { 'kind': 'str', 'enum1': 'EnumOne' } } We generate: struct UserDefFlatUnion { EnumOne kind; union { void *data; UserDefA *value1; UserDefB *value2; UserDefB *value3; }; char *kind; }; Kill the silly rename. Reported-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 5aa05d3f72e556752167f7005d6a3dea0f4432c5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Sun Jun 28 21:36:26 2015 +0200 qapi: Drop unused and useless parameters and variables gen_sync_call()'s parameter indent is useless: gen_sync_call() uses it only as optional argument for push_indent() and pop_indent(), their default is four, and gen_sync_call()'s only caller passes four. Drop the parameter. gen_visitor_input_containers_decl()'s parameter obj is always "QOBJECT(args)". Use that, and drop the parameter. Drop unused parameters of gen_marshal_output(), gen_marshal_input_decl(), generate_visit_struct_body(), generate_visit_list(), generate_visit_enum(), generate_declaration(), generate_enum_declaration(), generate_decl_enum(). Drop unused variables in generate_event_enum_lookup(), generate_enum_lookup(), generate_visit_struct_fields(), check_event(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 1cf47a15f18312436c7fa2d97be5fbe6df0292f5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jul 1 13:13:54 2015 +0200 qapi: Reject -p arguments that break qapi-event.py qapi-event.py breaks when you ask for a funny prefix like '@'. Protect it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 016a335bd8ca624f43adbb08fa1698c29ec52a1a Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jul 1 12:59:40 2015 +0200 qapi-event: Clean up how name of enum QAPIEvent is made Use c_name() instead of ad hoc code. Doesn't upcase the -p prefix, which is an improvement in my book. Unbreaks prefix containing '.', but other funny characters remain broken. To be fixed next. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 00dfc3b2c272d98556ec6095d56bdd8b036babf9 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Sat Jun 27 07:27:21 2015 +0200 qapi: Simplify guardname() The guards around built-in declarations lose their _H. It never made much sense anyway. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 77e703b861d34bb2879f3e845482d5cf0a3a0ad1 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jun 24 19:27:32 2015 +0200 qapi: Clean up cgen() and mcgen() Commit 05dfb26 added eatspace stripping to mcgen(). Move it to cgen(), just in case somebody gets tempted to use cgen() directly instead of via mcgen(). cgen() indents blank lines. No such lines get generated right now, but fix it anyway. We use triple-quoted strings for program text, like this: ''' Program text any number of lines ''' Keeps the program text relatively readable, but puts an extra newline at either end. mcgen() "fixes" that by dropping the first and last line outright. Drop only the newlines. This unmasks a bug in qapi-commands.py: four quotes instead of three. Fix it up. Output doesn't change Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 4247f839009159cb2cbaddfbd41513e180c4fe52 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Jun 9 15:24:36 2015 +0200 qapi: Clarify docs on including the same file multiple times It's idempotent. While there, update examples to current code. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 62313160cb5b6bdfbd77a063e94a5a7d25e59f2b Author: Ting Wang <kathy.wangting@xxxxxxxxxx> Date: Fri Jun 26 16:07:13 2015 +0800 hmp: add info iothreads command Make "info iothreads" available on the HMP monitor. For example, the results are as follows when executing qemu command with "-object iothread,id=iothread-1 -object iothread,id=iothread-2". (qemu) info iothreads iothread-1: thread_id=123 iothread-2: thread_id=456 Signed-off-by: Ting Wang <kathy.wangting@xxxxxxxxxx> Message-Id: <1435306033-58372-1-git-send-email-kathy.wangting@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Reviewed-by: Amos Jianjun Kong <kongjianjun@xxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit e2f9a6572bb400e64e7a56526c5f7a4a9f8f6f90 Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Jul 1 14:25:49 2015 -0400 qmp-shell: add documentation I should probably document the changes that were made. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-Id: <1435775149-17285-1-git-send-email-jsnow@xxxxxxxxxx> Reviewed-By: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit b041066421e8dcc7d080dfcfd83551c9c9f24ade Merge: 550e66e 987bd27 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 3 16:17:28 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging # gpg: Signature made Thu 03 Sep 2015 15:46:52 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/tracing-pull-request: trace-events: Add hmp completion Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 987bd27000b6e21df6c73f6badb945ab5e42996a Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Fri Aug 14 11:27:43 2015 +0100 trace-events: Add hmp completion Add completion for the trace event names in the hmp trace-event command. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-id: 1439548063-18410-1-git-send-email-dgilbert@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 550e66ea4cce7b6664d6caf7e651814cc2d30421 Merge: 561578c 9ef4017 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 3 14:33:03 2015 +0100 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20150903' into staging First batch of s390x patches for 2.5: - introduce 2.5 compat machine - support for migration of storage keys # gpg: Signature made Thu 03 Sep 2015 11:28:06 BST using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20150903: s390x: Disable storage key migration on old machine type s390x: Migrate guest storage keys (initial memory only) s390x: Info skeys sub-command s390x: Dump-skeys hmp support s390x: Dump storage keys qmp command s390x: Enable new s390-storage-keys device s390x: Create QOM device for s390 storage keys s390x: add 2.5 compat s390-ccw-virtio machine Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f4798320144245da66128edb840bd940fd287d28 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Apr 9 11:39:28 2015 +0200 ipxe: update binaries Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit cf2b4b5b77a7bfe9216efc76117447b88acd47a9 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Sep 3 14:40:29 2015 +0200 ipxe: use upstream configuration Upstream supports named configurations now and ships with settings for qemu. Use them, drop our config header copying. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f927f16213506a493ac416d9a9fa73c7460a766e Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Apr 9 11:37:15 2015 +0200 ipxe: don't override GITVERSION We had build problems due to the git version checking in the ipxe build system in the past. Don't remember the details, but the problem seems to be gone now, so lets remove the workaround. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> [ most likely ipxe commit 6153c09c41034250408f3596555fcaae715da46c: [build] Set GITVERSION only if there is a git repository ] Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit d4517d170c041ab654c9e65e5bbd3d79956af5b7 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Apr 9 10:52:19 2015 +0200 ipxe: update from 35c53797 to 4e03af8 git shortlog ============ Alex Williamson (1): [dhcp] Extract timing parameters out to config/dhcp.h Bernd Wiebelt (1): [tg3] Add support for BCM57766 Christian Hesse (3): [intel] Add PCI device IDs for Intel I218-LM and I218-V [build] Add missing "const" qualifiers [ath9k] Remove confusing logic inversion in an ANI variable Christian Nilsson (1): [bios] Add ANSI blink attribute Daniel Pieczko (1): [prefix] Use correct register for KEEP_IT_REAL physical address conversion Ed Swierk (1): [intel] Update PCI device IDs for Intel 82599 and X540 10G NICs Fabrice Bacchella (2): [efi] Improve NII driver logging [efi] Work around bugs in Emulex NII driver Laszlo Ersek (1): [virtio] Downgrade per-iobuf debug messages to DBGC2 Michael Brown (284): [device] Provide a driver-private data field for root devices [iobuf] Add iob_split() to split an I/O buffer into portions [rndis] Add generic RNDIS device abstraction [hyperv] Add support for Hyper-V hypervisor [hyperv] Add support for VMBus devices [hyperv] Add support for NetVSC paravirtual network devices [rndis] Send RNDIS_INITIALISE_MSG [rndis] Send RNDIS_HALT_MSG [hyperv] Tear down NetVSC RX buffer GPADL after closing VMBus device [rndis] Clear receive filter when closing the device [hyperv] Receive all VMBus messages in a poll [hyperv] Increase TX ring size [hyperv] Assume that VMBus xfer page ranges correspond to RNDIS messages [rndis] Ignore start-of-day RNDIS_INDICATE_STATUS_MSG with status 0x40020006 [hyperv] Tidy up debug output [hyperv] Require support for VMBus version 3.0 or newer [build] Include Hyper-V driver in the all-drivers build [pci] Allow drivers to specify a PCI class [romprefix] Ensure UNDI loader can be included by all ROM types [usb] Add basic support for USB devices [usb] Add basic support for USB hubs [usb] Add support for xHCI host controllers [ncm] Add support for CDC-NCM USB Ethernet devices [usb] Report xHCI host controller events [ncm] Use large multi-packet buffers by default [tftp] Explicitly abort connection whenever parent interface is closed [uri] Allow tftp_uri() to construct a URI with a custom port [pxe] Use tftp_uri() to construct PXE TFTP URIs [pxe] Maintain a queue for received PXE UDP packets [ncm] Reserve headroom in received packets [usb] Try multiple USB device configurations [usb] Handle CDC union functional descriptors [usb] Parse endpoint descriptor bInterval field [usb] Allow usb_stream() to enforce a terminating short packet [ecm] Add support for CDC-ECM USB Ethernet devices [xhci] Delay after (possibly) forcing port link state to RxDetect [build] Move branding information to config/branding.h [build] Use PRODUCT_SHORT_NAME for end-user visible strings [build] Allow product URI to be customised via config/branding.h [build] Allow error message URI to be customised via config/branding.h [build] Allow command help text URI to be customised via config/branding.h [build] Allow setting help text URI to be customised via config/branding.h [build] Allow product tag line to be customised via config/branding.h [rndis] Add rndis_rx_err() [usb] Handle port status changes received after failing to find a driver [efi] Disallow R_X86_64_32 relocations [build] Apply the "-fno-PIE -nopie" workaround only to i386 builds [usb] Provide generic framework for refilling receive endpoints [usb] Use generic refill framework for USB hub interrupt endpoints [ecm] Use generic refill framework for bulk IN and interrupt endpoints [ncm] Use generic refill framework for bulk IN and interrupt endpoints [libc] Remove unused string functions [libc] Rewrite string functions [test] Add self-tests for more string functions [test] Add constant-length memset() self-tests [libc] Reduce size of memset() [usb] Add generic USB network device framework [ecm] Use generic USB network device framework [ncm] Use generic USB network device framework [timer] Rewrite the 8254 Programmable Interval Timer support [xhci] Leak memory if controller fails to disable slot [xhci] Abort commands on timeout [test] Add IPv4 self-tests [legal] Add missing copyright header to net/ipv4.c [ipv4] Rewrite inet_aton() [libc] Rewrite strtoul() [hyperv] Check for required features [prefix] Use .bss16 as temporary stack space for calls to install_block [zbin] Use LZMA compression [zbin] Perform extra normalisation after completing decompression [prefix] Call decompressor in flat real mode when DEBUG=libprefix is enabled [zbin] Allow decompressor to generate debug output via BIOS console [zbin] Fix check for existence of most recent output byte [zbin] Remove now-unused unnrv2b.S decompressor [legal] Update GPLv2 licence text [legal] Include full licence text for all GPL2_OR_LATER files [mucurses] Add missing FILE_LICENCE declarations [legal] Add support for the Unmodified Binary Distribution Licence [legal] Add UBDL relicensing tool [legal] Relicense files under GPL2_OR_LATER_OR_UBDL [legal] Relicense files under GPL2_OR_LATER_OR_UBDL [legal] Relicense files under GPL2_OR_LATER_OR_UBDL [legal] Relicense files under GPL2_OR_LATER_OR_UBDL [libc] Rewrite unrelicensable portions of stddef.h [libc] Rewrite unrelicensable portions of ctype.h [libc] Rewrite setjmp() and longjmp() [libc] Rewrite byte-swapping code [elf] Rewrite ELF header [list] Relicense list.h [iscsi] Rewrite unrelicensable portions of iscsi.c [pci] Remove outdated and mostly-unused pci_ids.h file [pci] Rewrite unrelicensable portions of pci.h [settings] Use list_first_entry() when unregistering child settings [settings] Rewrite unrelicensable portions of settings.c [menu] Abstract out the generic concept of a jump scroller [settings] Use generic jump scrolling abstraction [malloc] Move valgrind headers out of arch/x86 [malloc] Rewrite unrelicensable portions of malloc.c [build] Remove unused IMPORT_SYMBOL() and EXPORT_SYMBOL() macros [build] Remove unused __keepme macro [pxe] Remove obsolete references to pxeparent_dhcp [build] Remove obsolete and unused portions of config.c [build] Use REQUIRE_OBJECT() to drag in per-object configuration [build] Fix the REQUIRE_SYMBOL mechanism [i386] Move real_to_user() to realmode.h [linux] Rewrite headers included in all builds [retry] Rewrite unrelicensable portions of retry.c [retry] Colourise debug output [legal] Relicense files under GPL2_OR_LATER_OR_UBDL [xhci] Enable USB3 ports on Intel PCH8/PCH9 controllers [xhci] Undo PCH-specific quirk fixes when removing device [xen] Set the "feature-rx-notify" flag for netfront devices [http] Abstract out HTTP Digest hash algorithm operations [http] Support MD5-sess Digest authentication [dm96xx] Add driver for Davicom DM96xx USB Ethernet NICs [legal] Relicense Davicom DM96xx drivers [mii] Add generic mii_check_link() function [smsc75xx] Add driver for SMSC/Microchip LAN75xx USB Ethernet NICs [legal] Relicense files under GPL2_OR_LATER_OR_UBDL [tcp] Implement support for TCP Selective Acknowledgements (SACK) [smsc75xx] Move RX FIFO overflow message to DBGLVL_EXTRA [tcpip] Fix dubious calculation of min_port [libc] Add ffs(), ffsl(), and ffsll() [usb] Add the concept of a USB bus maximum transfer size [ncm] Respect maximum transfer size of the bus [usb] Add functions for manual device address assignment [xhci] Forcibly disable SMIs if BIOS fails to release ownership [autoboot] Match against parent devices when matching by bus type and location [usb] Add config/usb.h for USB configuration options [xhci] Do not release ownership back to BIOS when booting an OS [ehci] Add support for EHCI host controllers [netdevice] Add missing bus types to netdev_fetch_bustype() [usb] Fix USB timeouts to match specification [libprefix] Fix building on 64-bit FreeBSD 8.4 [xhci] Ring doorbell as part of endpoint reset [usb] Reset endpoints without waiting for a new transfer to be enqueued [usb] Add clear_tt() hub method to clear transaction translator buffer [usb] Clear transaction translator buffers when applicable [ehci] Support USB1 devices attached via transaction translators [usb] Improve debug messages for failed control transactions [xhci] Support USB1 devices attached via transaction translators [libc] Fix typo in longjmp() [libc] Add x86_64 versions of setjmp() and longjmp() [test] Add setjmp()/longjmp() self-tests [test] Simplify digest algorithm self-tests [crypto] Add SHA-224 algorithm [crypto] Add SHA-512 algorithm [crypto] Add SHA-384 algorithm [crypto] Add SHA-512/256 algorithm [crypto] Add SHA-512/224 algorithm [efi] Ensure drivers are disconnected when ExitBootServices() is called [peerdist] Add support for decoding PeerDist Content Information [xhci] Always reset root hub ports [romprefix] Allow autoboot device filter to be disabled [util] Add ability to dump PCI device ID list [efi] Add EFI entropy source [efi] Add EFI time source [efi] Provide a dummy data block in nii_initialise() [efi] Poll media status only if advertised as supported [efi] Poll for TX completions only when there is an outstanding TX buffer [efi] Use the EFI_RNG_PROTOCOL as an entropy source if available [eepro100] Remove duplicate PCI_ROM() line [prism2] Remove duplicate PCI_ROM() lines [build] Allow building PCI ROMs with device ID lists [build] Fix compiler warning on OpenBSD 5.7 [build] Work around binutils quirk on OpenBSD 5.7 [build] Use a single call to parserom.pl to speed up building [intel] Report any unexpected interrupt causes [intel] Force RX polling on VMware emulated 82545em [realtek] Do not attempt to access EEPROM on RTL8169 chips [rtl818x] Obviate RTL_ROM() hack [build] Construct all-drivers list based on driver class [test] Include IPv6 support when performing settings self-tests [base16] Add buffer size parameter to base16_encode() and base16_decode() [base64] Add buffer size parameter to base64_encode() and base64_decode() [settings] Add "base64" setting type [vram] Add "vram" built-in setting to dump video RAM [usb] Include setup packet within I/O buffer for message transfers [pci] Provide PCI_CLASS() to calculate a scalar PCI class value [usb] Detect missed disconnections [usb] Maintain a list of all USB buses [usb] Maintain single lists of halted endpoints and changed ports [ehci] Poll child companion controllers after disowning port [usb] Add find_usb_bus_by_location() helper function [ehci] Allow UHCI/OHCI controllers to locate the EHCI companion controller [uhci] Add support for UHCI host controllers [usb] Provide usb_endpoint_name() for use by host controller drivers [xhci] Use meaningful device names in debug messages [ehci] Use meaningful device names in debug messages [uhci] Use meaningful device names in debug messages [ipv6] Disambiguate received ICMPv6 errors [usb] Add USB_INTERRUPT_OUT internal type [usb] Add generic USB human interface device (HID) framework [usb] Add basic support for USB keyboards [usb] Do not call usb_hotplug() when registering a new hub [usb] Always clear recorded disconnections after performing hotplug actions [intel] Expose intel_diag() for use by other Intel NIC drivers [intel] Allow for the use of advanced TX descriptors [intel] Add support for mailbox used by virtual functions [intel] Add intelxvf driver for Intel 10 GigE virtual function NICs [int13con] Add basic ability to log to a local disk via INT 13 [intel] Add intelxvf_stats() to dump packet statistics registers [intel] Fix operation when physical function has jumbo frames enabled [neighbour] Return success when deferring a packet [xhci] Fix length of allocated slot array [build] Fix .ids.o creation for drivers not in the all-drivers build [xhci] Fix comparison of signed and unsigned integers [ipoib] Fix REMAC cache discarder [xhci] Record device-specific quirks in xHCI device structure [xhci] Ignore invalid protocol speed ID values on Intel Skylake platforms [pci] Use flat real mode to call INT 1a,b101 [tcp] Do not shrink window when discarding received packets [mromprefix] Report a dummy size at offset 0x02 of .mrom payload [ethernet] Add minimal support for receiving LLC frames [netdevice] Add a generic concept of a "blocked link" [stp] Add support for detecting Spanning Tree Protocol non-forwarding ports [stp] Fix interpretaton of hello time [dhcp] Defer discovery if link is blocked [pxe] Always reconstruct packet for PXENV_GET_CACHED_INFO [serial] Add general abstraction of a 16550-compatible UART [gdb] Use new UART abstraction in GDB serial transport [serial] Use new UART abstraction in serial console driver [ipoib] Mark REMAC cache as expensive [ipoib] Attempt to generate ARPs as needed to repopulate REMAC cache [gdb] Allow gdbstub to be started on an arbitrary serial port [xen] Wait for and clear XenStore event before receiving data [tcp] Gracefully close connections during shutdown [ipoib] Transmit multicast packets as broadcasts [efi] Fix receive and transmit completion reporting [efi] Allow user experience to be downgraded [build] Add named configuration for qemu [tcp] Ensure FIN is actually sent if connection is closed while idle [fault] Generalise NETDEV_DISCARD_RATE fault injection mechanism [fault] Add inject_corruption() to randomly corrupt data [profile] Add profile_custom() for profiling with arbitrary time units [interface] Add intf_poke() helper [xfer] Use intf_poke() to implement xfer_window_changed() [xfer] Add xfer_check_order() utility function [xferbuf] Generalise to handle umalloc()-based buffers [xferbuf] Add xfer_buffer() to provide direct access to underlying buffer [downloader] Use generic data-transfer buffer mechanism [downloader] Provide direct access to the underlying data transfer buffer [build] Fix compiler warnings on some gcc versions [crypto] Add bit-rotation functions for 8-bit and 16-bit values [802.11] Use correct SHA1_DIGEST_SIZE constant name [crypto] Add ECB block cipher mode (for debug and self-tests only) [test] Generalise cipher tests and use okx() [test] Define shortcuts for frequently-used NIST AES test vectors [test] Add NIST self-tests for AES128 and AES256 in ECB mode [crypto] Replace AES implementation [test] Add NIST self-tests for AES192 in ECB and CBC modes [crypto] Remove AXTLS headers [build] Fix strict-aliasing warning on older gcc versions [ipv6] Treat a missing network device name as "netX" [netdevice] Avoid using zero as a network device index [ipv4] Redefine IP address constants to avoid unnecessary byte swapping [ipv4] Allow IPv4 socket addresses to include a scope ID [iscsi] Add missing "break" statements [netdevice] Allow network devices to disclaim IRQ support at runtime [peerdist] Include trimmed range within content information block [peerdist] Add support for constructing and decoding discovery messages [peerdist] Add support for constructing and decoding retrieval messages [pool] Add a generic concept of a pooled connection [linebuf] Support buffering of multiple lines [elf] Reject ELFBoot images requiring virtual addressing [comboot] Avoid dragging in serial console support unconditionally [serial] Check for UART existence in uart_select() [tls] Do not access beyond the end of a 24-bit integer [tls] Report supported signature algorithms in ClientHello [crypto] Support SHA-{224,384,512} in X.509 certificates [efi] Hold off watchdog timer while running [efi] Add missing "ULL" suffix on 64-bit constant [block] Add generic block device translator [http] Rewrite HTTP core to support content encodings [peerdist] Add segment discovery mechanism [peerdist] Add individual block download mechanism [peerdist] Add block download multiplexer [peerdist] Add support for PeerDist (aka BranchCache) HTTP content encoding [dhcp] Allow pseudo-DHCP servers to use pseudo-identifiers [dhcp] Ignore ProxyDHCPACKs without PXE options [pxe] Warn about PXE NBPs that may be EFI executables [test] Allow self-tests to report exit status when running under Linux [image] Detect image type when image is first registered [autoboot] Display image information as part of the default control flow Olaf Hering (1): [build] Sort objects in blib.a Robin Smidsrød (2): [vbox] Enable some more features now that we have LZMA compression [build] Rewrite parserom.pl to support multiple source files Thomas Miletich (1): [intel] Add PCI ID for I218-LM Tufan Karadere (1): [crypto] Add ASN.1 OIDs for sha{224,384,512}WithRsaEncryption Wissam Shoukair (2): [comboot] Implement INT22,0x000c [ipoib] Fix a race when chain-loading undionly.kpxe in IPoIB Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 561578c2a82292ddf55737791d2838b797f49f35 Merge: fc8135a 08b0b23 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 3 13:05:45 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150902' into staging queued tcg patches # gpg: Signature made Wed 02 Sep 2015 22:35:37 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20150902: tcg/i386: omit a few REXW prefixes in softmmu code tcg/aarch64: Fix tcg_out_qemu_{ld, st} for guest_base == 0 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit fc8135a46d095f865d285e697a874f617bfeeb90 Merge: 654cd2c 112e451 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 3 12:09:41 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-axp-20150902' into staging cmpbge emulation improvements # gpg: Signature made Wed 02 Sep 2015 20:25:10 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-axp-20150902: target-alpha: Special case cmpbge with zero target-alpha: Rewrite helper_cmpbge using bit tests Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9ef40173fbe99c0562d227980779a73613788782 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 9 13:56:44 2015 -0400 s390x: Disable storage key migration on old machine type This code disables storage key migration when an older machine type is specified. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 186208fa1fa1b4fa1fe0b77c0fa61b9c0de6d66d Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Fri Jun 26 14:11:23 2015 -0400 s390x: Migrate guest storage keys (initial memory only) Routines to save/load guest storage keys are provided. register_savevm is called to register them as migration handlers. We prepare the protocol to support more complex parameters. So we will later be able to support standby memory (having empty holes), compression and "state live migration" like done for ram. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit a08f0081c9886c1914d7bc2e6a29636a769fec84 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Fri Jun 26 14:10:16 2015 -0400 s390x: Info skeys sub-command Provide an info skeys hmp sub-command to allow the end user to dump a storage key for a given address. This is useful for guest operating system developers. Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit a4538a5cc57dd493ed1545be98fa0ead0d391b8a Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Fri Jun 26 14:07:21 2015 -0400 s390x: Dump-skeys hmp support Add dump-skeys command to the human monitor. Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 7ee0c3e33a0f8664c529ce621ea83326817fc14a Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Fri Jun 26 14:03:16 2015 -0400 s390x: Dump storage keys qmp command Provide a dump-skeys qmp command to allow the end user to dump storage keys. This is useful for debugging problems with guest storage key support within Qemu and for guest operating system developers. Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 0f5f669147b52f89928bdf180165f74c4219210e Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Fri Jun 26 14:01:00 2015 -0400 s390x: Enable new s390-storage-keys device s390 guest initialization is modified to make use of new s390-storage-keys device. Old code that globally allocated storage key array is removed. The new device enables storage key access for kvm guests. Cache storage key QOM objects in frequently used helper functions to avoid a performance hit every time we use one of these functions. Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 0efe406cac8a4d9f0b52eada4c6c2a768fe4b7d2 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Fri Jun 26 11:54:51 2015 -0400 s390x: Create QOM device for s390 storage keys A new QOM style device is provided to back guest storage keys. A special version for KVM is created, which handles the storage key access via KVM_S390_GET_SKEYS and KVM_S390_SET_SKEYS ioctl. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 84b48ad63ba1da6345c3f22da7cdefc93fbc07f0 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Jul 17 13:16:52 2015 +0200 s390x: add 2.5 compat s390-ccw-virtio machine Reviewed-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 654cd2c5841d70e8053b39fb1a9162d5c113326b Merge: 0eac598 c5a9378 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 3 11:15:01 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Wed 02 Sep 2015 17:14:40 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: ne2000: Drop ne2000_can_receive vmxnet3: Drop net_vmxnet3_info.can_receive rtl8139: Do not consume the packet during overflow in standard mode. rtl8139: Fix receive buffer overflow check rtl8139: use ldl/stl wrapper for unaligned 32-bit access rtl8139: use net/eth.h macros instead of custom macros rtl8139: remove duplicate net/eth.h definitions Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0eac5986fc4cfe845d6d656c3a4dc29e004b3a3e Merge: f8b8091 e12f378 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 3 09:50:37 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Wed 02 Sep 2015 17:01:33 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: block: more check for replaced node MAINTAINERS: add responsible person for Parallels format driver Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 08b0b23be639b955e5e3d84dc42fa4e5ce6a8728 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Jul 19 13:50:32 2015 +0200 tcg/i386: omit a few REXW prefixes in softmmu code When computing the TLB address we are likely to mask out the high 32-bits by using shr + and. We can use 32-bit instructions in that case. This saves 2 bytes per TLB access. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1437306632-20655-1-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 352bcb0a2b816ff9ab9d75d0f2384650d9e9ab19 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 1 15:58:02 2015 -0400 tcg/aarch64: Fix tcg_out_qemu_{ld, st} for guest_base == 0 In ffc6372851d8631a9f9fa56ec613b3244dc635b9, we swapped the guest base to the address base register from the address index register. Except that 31 in the base slot is SP not XZR, so we need to be more intelligent about which reg gets placed in which slot. Cc: qemu-stable@xxxxxxxxxx (v2.4.0) Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reported-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 16ef9d0252318d7e32e445fd7474af55dbaab7db Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Sun Aug 23 20:23:40 2015 -0400 qemu-thread: handle spurious futex_wait wakeups Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Message-Id: <1440375847-17603-12-git-send-email-cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e12f3784097a26a1ba51be420f41038b4c0ae5d1 Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Fri Jul 17 10:12:22 2015 +0800 block: more check for replaced node We use mirror+replace to fix quorum's broken child. bs/s->common.bs is quorum, and to_replace is the broken child. The new child is target_bs. Without this patch, the replace node can be any node, and it can be top BDS with BB, or another quorum's child. We just check if the broken child is part of the quorum BDS in this patch. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Message-id: 55A86486.1000404@xxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit f307371217c42d62015b8d83300a11cd9d3966f3 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Fri Aug 21 20:44:16 2015 +0300 MAINTAINERS: add responsible person for Parallels format driver Denis has spent 6 years working with this format in Parallels and QEMU code was rewritten almost completely by his. Thus it would be quite natural to add him as a maintainer and point of contact. Patches are going to flow though Stefan's tree. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Message-id: 1440179056-12934-1-git-send-email-den@xxxxxxxxxx CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c5a93780453e6da919287c17e873c843544ef2a3 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 1 13:25:05 2015 +0800 ne2000: Drop ne2000_can_receive ne2000_receive already checks the same conditions and drops the packet if it's not ready, removing the .can_receive callback avoids the necessity to add explicit flushes when the conditions turn true (which is required by the new semantics of .can_receive since 6e99c63 "net/socket: Drop net_socket_can_send"). Plus the "return 1" if E8390_STOP is also suspicious. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 2734a20b8161831ba68c9166014e00522599d1e2 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 1 10:26:27 2015 +0800 vmxnet3: Drop net_vmxnet3_info.can_receive Commit 6e99c63 ("net/socket: Drop net_socket_can_send") changed the semantics around .can_receive for sockets to now require the device to flush queued pkts when transitioning to a .can_receive=true state. But it's OK to drop incoming packets when the link is not active. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 26c4e7ca72d970d120f0f51244bc8d37458512a0 Author: Vladislav Yasevich <vyasevic@xxxxxxxxxx> Date: Tue Sep 1 11:26:46 2015 -0400 rtl8139: Do not consume the packet during overflow in standard mode. When operation in standard mode, we currently return the size of packet during buffer overflow. This consumes the overflow packet. Return 0 instead so we can re-process the overflow packet when we have room. This fixes issues with lost/dropped fragments of large messages. Signed-off-by: Vladislav Yasevich <vyasevic@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1441121206-6997-3-git-send-email-vyasevic@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit fabdcd3392f16fc666b1d04fc1bbe5f1dbbf10a4 Author: Vladislav Yasevich <vyasevic@xxxxxxxxxx> Date: Tue Sep 1 11:26:45 2015 -0400 rtl8139: Fix receive buffer overflow check rtl8139_do_receive() tries to check for the overflow condition by making sure that packet_size + 8 does not exceed the available buffer space. The issue here is that RxBuffAddr, used to calculate available buffer space, is aligned to a a 4 byte boundry after every update. So it is possible that every packet ends up being slightly padded when written to the receive buffer. This padding is not taken into account when checking for overflow and we may end up missing the overflow condition can causing buffer overwrite. This patch takes alignment into consideration when checking for overflow condition. Signed-off-by: Vladislav Yasevich <vyasevic@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1441121206-6997-2-git-send-email-vyasevic@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 26c0114d3f69c3accaf83d56ff1d850bd0213b58 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Aug 3 13:15:57 2015 +0100 rtl8139: use ldl/stl wrapper for unaligned 32-bit access The tx offload feature accesses a 16-bit aligned TCP header struct. The 32-bit fields must be accessed using ldl/stl wrappers since some host architectures fault on unaligned access. Suggested-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1438604157-29664-4-git-send-email-stefanha@xxxxxxxxxx commit 1bf11332c4770e2750247733c713a4e771047282 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Aug 3 13:15:56 2015 +0100 rtl8139: use net/eth.h macros instead of custom macros Eliminate the following "custom" macros since they are just duplicates of net/eth.h macros under a different name: ETHER_ADDR_LEN -> ETH_ALEN ETH_P_8021Q -> ETH_P_VLAN IP_HEADER_LENGTH -> IP_HDR_GET_LEN TCP_FLAG_FIN -> TH_FIN TCP_FLAG_PUSH -> TH_PUSH Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1438604157-29664-3-git-send-email-stefanha@xxxxxxxxxx commit 5d61721a621ef28d2f43fb5008afd38376be552b Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Aug 3 13:15:55 2015 +0100 rtl8139: remove duplicate net/eth.h definitions The transmit offload features inspect Ethernet, IP, TCP, and UDP headers. Avoid redefining these net/eth.h structs. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1438604157-29664-2-git-send-email-stefanha@xxxxxxxxxx commit f8b8091d2779d956011a3fb83ff60dbf7465c71d Merge: 090d0bf 15b19ed Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 1 19:42:43 2015 +0100 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-09-01-v2-tag' into staging qemu-ga patch queue * add config file dump/load support for qemu-ga * various w32 build fixes, particularly WRT to msi package creation * fixes for msi installer * w32 support for guest-set-user-password v2: * replaced g_list_free_full with g_list_foreach to maintain glib 2.22 compatibility # gpg: Signature made Tue 01 Sep 2015 19:34:15 BST using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" * remotes/mdroth/tags/qga-pull-2015-09-01-v2-tag: (26 commits) Makefile: qemu-ga: fix msi target error message build: qemu-ga: fix VSS dependencies configure: qemu-ga: explicitly enable qemu-ga MSI support when probed configure: qemu-ga: move MSI installer probe after qga probe qemu-ga: implement win32 guest-set-user-password qga: start a man page qga: add --dump-conf option qga: add an optional qemu-ga.conf system configuration qga: free a bit more qga: move agent run in a separate function qga: fill default options in main() qga: move option parsing to separate function qga: copy argument strings qga: rename 'path' to 'channel_path' qga: make split_list() return allocated strings qga: move string split in separate function qga: use exit() when parsing options qga: misc spelling configure: qemu-ga: report MSI install support in summary qemu-ga: Fixed paths issue with MSI build ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 15b19ed85fb5464b736ef0ece1edce194de2194a Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Wed Aug 26 17:05:01 2015 -0500 Makefile: qemu-ga: fix msi target error message 'msi' target reports error if we attempt to use it when QEMU hasn't been ./configure'd to enable it. The parenthesis cause an interpreter error if we don't enclose the error in quotes. Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit f33ca81f134a4f528117aafe11bfbd09f8c7fcfc Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Wed Aug 26 16:19:41 2015 -0500 build: qemu-ga: fix VSS dependencies Currently VSS dll/tlb files for use in w32 builds are only built as a result of having been added to the general 'tools' target alongside qemu-ga. This is fine for default make target, but if we build qemu-ga directly via `make qemu-ga.exe`, the VSS files are not created. Fix this by moving the VSS dependencies to qemu-ga.exe directly. With this move we can move the VSS files back out of 'tools', and drop the extra handling from MSI target in Makefile. Now we can build qemu-ga MSI package with: ./configure ... make qemu-ga.exe make msi or simply: ./configure ... make msi and no longer need to do a full build beforehand. Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 1a34904e5b59fd42f238dc50992af1c3a11a458b Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Wed Aug 26 11:14:31 2015 -0500 configure: qemu-ga: explicitly enable qemu-ga MSI support when probed Currently, if we don't explicitly disable support for MSI installer via --disable-guest-agent-msi, the configure variable that tracks the flag, 'guest_agent_msi', never gets set unless one of the probes fails. Subsequent code then treats this unset value the same as if it were a "yes" value (via != "no" style checks). Instead, set the default "yes" value explicitly after the probes, then make subsequent code expect the values to be set. This makes it easier to report on whether or not MSI support was enabled via probe by looking at the ./configure summary. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 9d6bc27b7e0e8520f1f91721d9c738e027eeb6c4 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Wed Aug 26 10:49:13 2015 -0500 configure: qemu-ga: move MSI installer probe after qga probe MSI probe assumes that qemu-ga support has been probed already, but in cases where --enable-guest-agent/--disable-guest-agent have not been passed to configure, qemu-ga support may end up getting enabled later, as is the case with w32 builds. This leads to MSI probe prematurely reporting error due to lack of qemu-ga support. Fix this by moving MSI installer probe after the final qga probes. Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 259434b8067e1c61017e9a5b8667b6526b474ff2 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Date: Tue Jun 30 16:37:13 2015 +0200 qemu-ga: implement win32 guest-set-user-password Use NetUserSetInfo() to set the user password. This function is notoriously known to be problematic for users with EFS encrypted files. But the alternative, NetUserChangePassword() requires the old password. Nevertheless, The EFS file should be recovered by changing back to the old password. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 665b5d0dff3b1cc9e9dd6ca84e8fa4070e46ee9f Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:59 2015 +0200 qga: start a man page Add a simple man page for the qemu agent. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> *squashed in review comments from Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit aeadcbb6338ddd8aedbc1473ba7e254623951248 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:58 2015 +0200 qga: add --dump-conf option This new option allows to review the agent configuration, and ease the task of writing a configuration file. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> * removed unecessary keyfile != NULL prior to free * documented --dump-conf is qemu-ga --help output Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit e236d060cba8d2d6d26a7e076c895d2a6812dafb Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:57 2015 +0200 qga: add an optional qemu-ga.conf system configuration Learn to configure the agent with a system configuration. This may simplify command-line handling, especially when the blacklist is long. Among the other benefits, this may standardize the configuration of an init service (instead of distro-specific init keys/files) Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> * removed unecessary keyfile != NULL prior to free Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit d4c8a5d49e514bfeac2040ee5371b4e6a7d8d561 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:56 2015 +0200 qga: free a bit more Now that main() has a single exit point, we can free a few more allocations. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit e3d3103975112a1ab8a0129a4be1cfe3314bce8b Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:55 2015 +0200 qga: move agent run in a separate function Once the options are populated, move the running state to a run_agent() function. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> * fixed up an s/ga_state/s/ artifact causing segfault * replaced g_list_free_full with g_list_foreach to maintain glib 2.22 compatibility Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit ef8be55429b9a6718c7e07ede20391c09be65974 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:54 2015 +0200 qga: fill default options in main() Fill all default options during main(). This is a preparation patch to allow to dump the configuration. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 7a40669491b344a4fe66a0957fe47d594b808f08 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:53 2015 +0200 qga: move option parsing to separate function Move option parsing out of giant main(). Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 2e38d9903be28493ccd6de4a55e5226e9f07dea9 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:52 2015 +0200 qga: copy argument strings Following patch will return allocated strings, so we must correctly initialize alloc & free them. The nice side effect is that we no longer have to check for "fixed_state_dir" to call ga_install_service() with a NULL state dir. The default values are set after parsing the command line options. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 44de156ca7bfaf899745291a0d603d4f7550f5ea Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:51 2015 +0200 qga: rename 'path' to 'channel_path' 'path' is already a global function, rename the variable since it's going to be in global scope in a later patch. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 4bca81ceedb59397f6082777f6ed4b39d456be85 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:50 2015 +0200 qga: make split_list() return allocated strings In order to avoid any confusion, let's allocate new strings when splitting. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 23b42894b389eccb45ab66da3a3e77d3a8cfc2b6 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:49 2015 +0200 qga: move string split in separate function The function is going to be reused in a later patch. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit c6c84523cd890e95b946c6a8f264ff54a7d5b930 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:48 2015 +0200 qga: use exit() when parsing options The option parsing is going to be moved to a separate function, use exit() consistently. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 2e2a58e0e49ddb3561b541dc01c3206543b3a1a3 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:47 2015 +0200 qga: misc spelling Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 4c875d89cb11f4033012eebd63963ab725f8108e Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Tue Aug 25 15:46:18 2015 -0500 configure: qemu-ga: report MSI install support in summary Currently we need to examine config-host.mak to determine whether options/probes for MSI package generation had desired result. Report this more prominently in ./configure summary as we do with other guest agent configure options. Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit decdfbd28d754f6ff596c0201ab55e9ff4df5b4e Author: Leonid Bloch <leonid@xxxxxxxxxx> Date: Wed Aug 26 15:07:16 2015 +0300 qemu-ga: Fixed paths issue with MSI build Previously, if building out-of-tree, the MSI build would fail since it wasn't able to find the needed files. Signed-off-by: Leonid Bloch <leonid@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> * fixed up commit msg formating Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 848849dddf68630021351f5068de12f5c54ae2f8 Author: Leonid Bloch <leonid@xxxxxxxxxx> Date: Mon Aug 3 20:54:24 2015 +0300 qemu-ga: Prevent QEMU-GA VSS provider from being unregistered on MSI reinstall Previously, running the .msi would unregister the QEMU GA VSS service if QEMU GA was already installed on the machine, and then register it only if QEMU GA was NOT previously installed. This behavior caused the service to be registered only after the INITIAL installation, and any subsequent run of the .msi (to redo, repair, or upgrade the installation) ended in the service being unregistered. Now, the VSS service is still unregistered if QEMU GA is already installed (so that a fix or an update could be performed) but then it is registered again (if the GA is not being uninstalled) thus finishing the repair/upgrade correctly. Additionally, downgrading is now prevented. If a user would like to downgrade a version, he/she must uninstall the newer version first. Signed-off-by: Leonid Bloch <leonid@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 5e994f94121cdb9c48939cb489e2da646c229a48 Author: Leonid Bloch <leonid@xxxxxxxxxx> Date: Mon Aug 3 20:54:23 2015 +0300 qemu-ga: Created a separate component for each installed file in the MSI This is done to follow the recommendations given here: https://msdn.microsoft.com/en-us/library/aa368269%28VS.85%29.aspx Signed-off-by: Leonid Bloch <leonid@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 8b17ccccb23bcd7554d327f46bf4e07ae6da60c0 Author: Leonid Bloch <leonid@xxxxxxxxxx> Date: Mon Aug 3 20:54:22 2015 +0300 qemu-ga: Minor cosmetic changes to the WXS file Signed-off-by: Leonid Bloch <leonid@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 1d394fb78771f4ca307c6020ff3b041905350f70 Author: Leonid Bloch <leonid@xxxxxxxxxx> Date: Mon Aug 3 20:54:21 2015 +0300 qemu-ga: Fixed GUID capitalization For compatibility, all the letters in GUID should be capital. Signed-off-by: Leonid Bloch <leonid@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 0a18750f296c85a5a446dc04e1c49cd35ad9e7d5 Author: Leonid Bloch <leonid@xxxxxxxxxx> Date: Wed Jul 29 20:10:51 2015 +0300 qemu-ga: Two MSI related cosmetic changes Signed-off-by: Leonid Bloch <leonid@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 9f3917804dfda737650a22c745469809725b3c6e Author: Leonid Bloch <leonid@xxxxxxxxxx> Date: Wed Jul 29 20:10:50 2015 +0300 qemu-ga: Add .msi files to .gitignore Signed-off-by: Leonid Bloch <leonid@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 090d0bfd948343d522cd20bc634105b5cfe2483b Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Fri Aug 28 12:23:41 2015 +0200 s390: fix softmmu compilation guest_base must be used only in linux-user mode. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Message-id: 1440757421-9674-1-git-send-email-laurent@xxxxxxxxx Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6c76ec68f68494d4a31b5d82073ed4d2798b8e13 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 28 11:42:53 2015 +0100 qemu-doc.texi: Fix capitalization error in OS X build instructions Fix a capitalization error in the OS X build instructions; this was picked up in review of commit b352153f5f and intended to be corrected before I applied it, but I accidentally didn't include it. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b352153f5f7eb12b56602fc03ae4361e01201f90 Author: G 3 <programmingkidx@xxxxxxxxx> Date: Fri Aug 14 13:54:25 2015 -0400 From: John Arbuckle <programmingkidx@xxxxxxxxx> qemu-doc.texi: Add information on compiling source code on Mac OS X Add information to the documentation on how to build QEMU on Mac OS X. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> [PMM: fixed a minor capitalization error] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 351053e76d21d0eaa2e0f27c9b69c8ebf65f3650 Merge: 47c9dfe a17d448 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 27 13:31:55 2015 +0100 Merge remote-tracking branch 'remotes/weil/tags/pull-tci-20150826' into staging tci patch queue # gpg: Signature made Wed 26 Aug 2015 19:51:07 BST using RSA key ID 677450AD # gpg: Good signature from "Stefan Weil <sw@xxxxxxxxxxx>" # gpg: aka "Stefan Weil <stefan.weil@xxxxxxxxxxx>" # gpg: aka "Stefan Weil <stefan.weil@xxxxxxxxxxxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 4923 6FEA 75C9 5D69 8EC2 B78A E08C 21D5 6774 50AD * remotes/weil/tags/pull-tci-20150826: exec-all: Translate TCI return addresses backwards too Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a17d448274575efbfcc1c04ec2641a0afeb74e17 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Mon Aug 17 20:28:18 2015 -0700 exec-all: Translate TCI return addresses backwards too This subtraction of return addresses applies directly to TCI as well as host-TCG. This fixes Linux boots for at least Microblaze, CRIS, ARM and SH4 when using TCI. [sw: Removed indentation for preprocessor statement] [sw: The patch also fixes Linux boot for x86_64] Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> commit 47c9dfee808f9455d732aea7c4390ad0972bbd84 Merge: 7df9671 eb8934b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 26 17:45:09 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-cve-2015-5225-20150826-1' into staging vnc: fix memory corruption (CVE-2015-5225) # gpg: Signature made Wed 26 Aug 2015 17:37:21 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-cve-2015-5225-20150826-1: vnc: fix memory corruption (CVE-2015-5225) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit eb8934b0418b3b1d125edddc4fc334a54334a49b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Mon Aug 17 19:56:53 2015 +0200 vnc: fix memory corruption (CVE-2015-5225) The _cmp_bytes variable added by commit "bea60dd ui/vnc: fix potential memory corruption issues" can become negative. Result is (possibly exploitable) memory corruption. Reason for that is it uses the stride instead of bytes per scanline to apply limits. For the server surface is is actually fine. vnc creates that itself, there is never any padding and thus scanline length always equals stride. For the guest surface scanline length and stride are typically identical too, but it doesn't has to be that way. So add and use a new variable (guest_ll) for the guest scanline length. Also rename min_stride to line_bytes to make more clear what it actually is. Finally sprinkle in an assert() to make sure we never use a negative _cmp_bytes again. Reported-by: è??ç¥?è?³(åº?ç?¹) <zuozhi.fzz@xxxxxxxxxxxxxxx> Reviewed-by: P J P <ppandit@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 7df9671989c1cfa693764f9ae6349324b2ada02a Merge: 34a4450 cea66e9 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 16:24:06 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150825-1' into staging target-arm queue: * add missing EL2/EL3 TLBI operations * add missing EL2/EL3 ATS operations * add missing EL2/EL3 registers * update Xilinx MAINTAINERS info * Xilinx: connect the four OCM banks # gpg: Signature made Tue 25 Aug 2015 16:22:43 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150825-1: target-arm: Implement AArch64 TLBI operations on IPAs target-arm: Implement missing EL3 TLB invalidate operations target-arm: Implement missing EL2 TLBI operations target-arm: Restrict AArch64 TLB flushes to the MMU indexes they must touch target-arm: Move TLBI ALLE1/ALLE1IS definitions into numeric order cputlb: Add functions for flushing TLB for a single MMU index target-arm: Implement AArch32 ATS1H* operations target-arm: Enable the AArch32 ATS12NSO ops target-arm: Add CP_ACCESS_TRAP_UNCATEGORIZED_EL2, 3 target-arm: Wire up AArch64 EL2 and EL3 address translation ops target-arm: there is no TTBR1 for 32-bit EL2 stage 1 translations target-arm: Implement missing ACTLR registers target-arm: Implement missing AFSR registers target-arm: Implement missing AMAIR registers target-arm: Add missing MAIR_EL3 and TPIDR_EL3 registers MAINTAINERS: Add ZynqMP to MAINTAINERS file MAINTAINERS: Update Xilinx Maintainership xlnx-zynqmp: Connect the four OCM banks Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cea66e91212164e02ad1d245c2371f7e8eb59e7f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:10 2015 +0100 target-arm: Implement AArch64 TLBI operations on IPAs Implement the AArch64 TLBI operations which take an intermediate physical address and invalidate stage 2 translations. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1439548879-1972-7-git-send-email-peter.maydell@xxxxxxxxxx commit 43efaa33faa2bdaed789b9ddaa76b30880e57554 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:10 2015 +0100 target-arm: Implement missing EL3 TLB invalidate operations Implement the remaining stage 1 TLB invalidate operations visible from EL3. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1439548879-1972-6-git-send-email-peter.maydell@xxxxxxxxxx commit 2bfb9d75d37ceab6ef1674f54fca06c74f6978e7 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:09 2015 +0100 target-arm: Implement missing EL2 TLBI operations Implement the missing TLBI operations that exist only if EL2 is implemented. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1439548879-1972-5-git-send-email-peter.maydell@xxxxxxxxxx commit fd3ed969227f54f08f87d9eb6de2d4e48e99279b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:09 2015 +0100 target-arm: Restrict AArch64 TLB flushes to the MMU indexes they must touch Now we have the ability to flush the TLB only for specific MMU indexes, update the AArch64 TLB maintenance instruction implementations to only flush the parts of the TLB they need to, rather than doing full flushes. We take the opportunity to remove some duplicate functions (the per-asid tlb ops work like the non-per-asid ones because we don't support flushing a TLB only by ASID) and to bring the function names in line with the architectural TLBI operation names. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1439548879-1972-4-git-send-email-peter.maydell@xxxxxxxxxx commit 83ddf975777cc23337b7ef92e83b1b9c949396f3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:09 2015 +0100 target-arm: Move TLBI ALLE1/ALLE1IS definitions into numeric order Move the two regdefs for TLBI ALLE1 and TLBI ALLE1IS down so that the whole set of AArch64 TLBI regdefs is arranged in numeric order. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1439548879-1972-3-git-send-email-peter.maydell@xxxxxxxxxx commit d7a74a9d4a68e27b3a8ceda17bb95cb0a23d8e4d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:09 2015 +0100 cputlb: Add functions for flushing TLB for a single MMU index Guest CPU TLB maintenance operations may be sufficiently specialized to only need to flush TLB entries corresponding to a particular MMU index. Implement cputlb functions for this, to avoid the inefficiency of flushing TLB entries which we don't need to. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1439548879-1972-2-git-send-email-peter.maydell@xxxxxxxxxx commit 14db7fe09a2c8d561ff37f98b328409906a560d7 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:08 2015 +0100 target-arm: Implement AArch32 ATS1H* operations Implement the AArch32 ATS1H* operations which perform Hyp mode stage 1 translations. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1437751263-21913-6-git-send-email-peter.maydell@xxxxxxxxxx commit 87562e4f4a2bdd028eef3549ce9cb4e7c83cb0bf Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:08 2015 +0100 target-arm: Enable the AArch32 ATS12NSO ops Apply the correct conditions in the ats_access() function for the ATS12NSO* address translation operations: * succeed at EL2 or EL3 * normal UNDEF trap from NS EL1 * trap to EL3 from S EL1 (only possible if EL3 is AArch64) (This change means they're now available in our EL3-supporting CPUs when they would previously always UNDEF.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1437751263-21913-5-git-send-email-peter.maydell@xxxxxxxxxx commit e76157264da20b85698b09fa5eb8e02e515e232c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:08 2015 +0100 target-arm: Add CP_ACCESS_TRAP_UNCATEGORIZED_EL2, 3 Some coprocessor register access functions need to be able to report "trap to EL3 with an 'uncategorized' syndrome"; add the necessary CPAccessResult enum and handling for it. I don't currently know of any registers that need to trap to EL2 with the 'uncategorized' syndrome, but adding the _EL2 enum as well is trivial and fills in what would otherwise be an odd gap in the handling. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1437751263-21913-4-git-send-email-peter.maydell@xxxxxxxxxx commit 2a47df953202e1f226aa045ea974427c4540a167 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:08 2015 +0100 target-arm: Wire up AArch64 EL2 and EL3 address translation ops Wire up the AArch64 EL2 and EL3 address translation operations (AT S12E1*, AT S12E0*, AT S1E2*, AT S1E3*), and correct some errors in the ats_write64() function in previously unused code that would have done the wrong kind of lookup for accesses from EL3 when SCR.NS==0. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1437751263-21913-3-git-send-email-peter.maydell@xxxxxxxxxx commit d0a2cbceb2aa20d64d53e1c20c7d26a78ade8382 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:08 2015 +0100 target-arm: there is no TTBR1 for 32-bit EL2 stage 1 translations For EL2 stage 1 translations, there is no TTBR1. We were already handling this for 64-bit EL2; add the code to take the 'no TTBR1' code path for 64-bit EL2 as well. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1437751263-21913-2-git-send-email-peter.maydell@xxxxxxxxxx commit 834a6c6920316d39aaf0e68ac936c0a3ad164815 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:07 2015 +0100 target-arm: Implement missing ACTLR registers We already implemented ACTLR_EL1; add the missing ACTLR_EL2 and ACTLR_EL3, for consistency. Since we don't currently have any CPUs that need the EL2/EL3 versions to reset to non-zero values, implement as RAZ/WI. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1438281398-18746-5-git-send-email-peter.maydell@xxxxxxxxxx commit 37cd6c2478196623ca28526627ca8c69afe0d654 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:07 2015 +0100 target-arm: Implement missing AFSR registers The AFSR registers are implementation dependent auxiliary fault status registers. We already implemented a RAZ/WI AFSR0_EL1 and AFSR_EL1; add the missing AFSR{0,1}_EL{2,3} for consistency. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1438281398-18746-4-git-send-email-peter.maydell@xxxxxxxxxx commit 2179ef958c81480b841ffa0aab5e265688ffd2b0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:07 2015 +0100 target-arm: Implement missing AMAIR registers The AMAIR registers are for providing auxiliary implementation defined memory attributes. We already implemented a RAZ/WI AMAIR_EL1; add the EL2 and EL3 versions for consistency. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1438281398-18746-3-git-send-email-peter.maydell@xxxxxxxxxx commit 4cfb8ad896a6f85953038bd913ce3d82d347013d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:07 2015 +0100 target-arm: Add missing MAIR_EL3 and TPIDR_EL3 registers Add the AArch64 registers MAIR_EL3 and TPIDR_EL3, which are the only two which we had implemented the 32-bit Secure equivalents of but not the 64-bit Secure versions. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1438281398-18746-2-git-send-email-peter.maydell@xxxxxxxxxx commit 137805f5d8504933faa4fe129cdab88f2695a8c2 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Aug 25 15:45:07 2015 +0100 MAINTAINERS: Add ZynqMP to MAINTAINERS file Add the Xilinx ZynqMP SoC and EP108 machine to the maintainers file. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: fed078103a0b02cfb3adadbe8e80e4420d554505.1436486024.git.alistair.francis@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4b46ba6145c4c9b79641efdcc9f1aa92fdbf779c Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Aug 25 15:45:06 2015 +0100 MAINTAINERS: Update Xilinx Maintainership Peter C is leaving Xilinx, so update the maintainer list to point to Alistair and Edgar from Xilinx and Peter's personal email address. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 54b4c070452bac05aa3a9c1d75899bc097fef831.1436486024.git.alistair.francis@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6675d719154969456e841a7e1729c0dc14113a44 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Aug 25 15:45:06 2015 +0100 xlnx-zynqmp: Connect the four OCM banks The Xilinx EP108 has four separate OCM banks which are located adjacent to each other. This patch adds the four banks to the ZynqMP SoC. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: afa6ba31163a5d541a0bef4b0dc11f2597e0c495.1436813543.git.alistair.francis@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 34a4450434f1a5daee06fca223afcbb9c8f1ee24 Merge: a30878e b76f21a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 13:34:57 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150824' into staging queued tcg patches # gpg: Signature made Mon 24 Aug 2015 19:37:15 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20150824: linux-user: remove useless macros GUEST_BASE and RESERVED_VA linux-user: remove --enable-guest-base/--disable-guest-base tcg/aarch64: Use softmmu fast path for unaligned accesses tcg/s390: Use softmmu fast path for unaligned accesses tcg/ppc: Improve unaligned load/store handling on 64-bit backend tcg/i386: use softmmu fast path for unaligned accesses tcg: Remove tcg_gen_trunc_i64_i32 tcg: Split trunc_shr_i32 opcode into extr[lh]_i64_i32 tcg: update README about size changing ops tcg/optimize: add optimizations for ext_i32_i64 and extu_i32_i64 ops tcg: implement real ext_i32_i64 and extu_i32_i64 ops tcg: don't abuse TCG type in tcg_gen_trunc_shr_i64_i32 tcg: rename trunc_shr_i32 into trunc_shr_i64_i32 tcg/optimize: allow constant to have copies tcg/optimize: track const/copy status separately tcg/optimize: add temp_is_const and temp_is_copy functions tcg/optimize: optimize temps tracking tcg/optimize: fix constant signedness Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b76f21a70748b735d6ac84fec4bb9bdaafa339b1 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Mon Aug 24 14:53:54 2015 +0200 linux-user: remove useless macros GUEST_BASE and RESERVED_VA As we have removed CONFIG_USE_GUEST_BASE, we always use a guest base and the macros GUEST_BASE and RESERVED_VA become useless: replace them by their values. Reviewed-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Message-Id: <1440420834-8388-1-git-send-email-laurent@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 4cbea5986981998cda07b13794c7e3ff7bc42e80 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Mon Aug 24 01:42:07 2015 +0200 linux-user: remove --enable-guest-base/--disable-guest-base All tcg host architectures now support the guest base and as there is no real performance lost, it can be always enabled. Anyway, guest base use can be disabled lively by setting guest base to 0. CONFIG_USE_GUEST_BASE is defined as (USE_GUEST_BASE && USER_ONLY), it should have to be replaced by CONFIG_USER_ONLY in non CONFIG_USER_ONLY parts, but as some other parts are using !CONFIG_SOFTMMU I have chosen to use !CONFIG_SOFTMMU instead. Reviewed-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Message-Id: <1440373328-9788-2-git-send-email-laurent@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9ee14902bf107e37fb2c8119fa7bca424396237c Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 17 12:18:05 2015 -0700 tcg/aarch64: Use softmmu fast path for unaligned accesses Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit a5e39810b9088b5d20fac8e0293f281e1c8b608f Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Jul 23 13:32:35 2015 -0700 tcg/s390: Use softmmu fast path for unaligned accesses Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 68d45bb61c5bbfb3999486f78cf026c1e79eb301 Author: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Date: Tue Jul 21 15:19:38 2015 +1000 tcg/ppc: Improve unaligned load/store handling on 64-bit backend Currently, we get to the slow path for any unaligned access in the backend, because we effectively preserve the bottom address bits below the alignment requirement when comparing with the TLB entry, so any non-0 bit there will cause the compare to fail. For the same number of instructions, we can instead add the access size - 1 to the address and stick to clearing all the bottom bits. That means that normal unaligned accesses will not fallback (the HW will handle them fine). Only when crossing a page boundary well we end up having a mismatch because we'll end up pointing to the next page which cannot possibly be in that same TLB entry. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Message-Id: <1437455978.5809.2.camel@xxxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 8cc580f6a0d8c0e2f590c1472cf5cd8e51761760 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jul 9 20:39:57 2015 +0200 tcg/i386: use softmmu fast path for unaligned accesses Softmmu unaligned load/stores currently goes through through the slow path for two reasons: - to support unaligned access on host with strict alignement - to correctly handle accesses crossing pages x86 is only concerned by the second reason. Unaligned accesses are avoided by compilers, but are not uncommon. We therefore would like to see them going through the fast path, if they don't cross pages. For that we can use the fact that two adjacent TLB entries can't contain the same page. Therefore accessing the TLB entry corresponding to the first byte, but comparing its content to page address of the last byte ensures that we don't cross pages. We can do this check without adding more instructions in the TLB code (but increasing its length by one byte) by using the LEA instruction to combine the existing move with the size addition. On an x86-64 host, this gives a 3% boot time improvement for a powerpc guest and 4% for an x86-64 guest. [rth: Tidied calculation of the offset mask] Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1436467197-2183-1-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit ecc7b3aa71f5fdcf9ee87e74ca811d988282641d Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Jul 24 11:49:53 2015 -0700 tcg: Remove tcg_gen_trunc_i64_i32 Replacing it with tcg_gen_extrl_i64_i32. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 609ad70562793937257c89d07bf7c1370b9fc9aa Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Jul 24 07:16:00 2015 -0700 tcg: Split trunc_shr_i32 opcode into extr[lh]_i64_i32 Rather than allow arbitrary shift+trunc, only concern ourselves with low and high parts. This is all that was being used anyway. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 870ad1547ac53bc79c21d86cf453b3b20cc660a2 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:45 2015 +0200 tcg: update README about size changing ops Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 8bcb5c8f34f9215d4f88f388c7ff14c9bd5cecd3 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:45 2015 +0200 tcg/optimize: add optimizations for ext_i32_i64 and extu_i32_i64 ops They behave the same as ext32s_i64 and ext32u_i64 from the constant folding and zero propagation point of view, except that they can't be replaced by a mov, so we don't compute the affected value. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 4f2331e5b67af8172419eb1c8db510b497b30a7b Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:45 2015 +0200 tcg: implement real ext_i32_i64 and extu_i32_i64 ops Implement real ext_i32_i64 and extu_i32_i64 ops. They ensure that a 32-bit value is always converted to a 64-bit value and not propagated through the register allocator or the optimizer. Cc: Andrzej Zaborowski <balrogg@xxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Cc: Blue Swirl <blauwirbel@xxxxxxxxx> Cc: Stefan Weil <sw@xxxxxxxxxxx> Acked-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 6acd2558fdb7dd9de6b10697914bdc1d75d624e5 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:45 2015 +0200 tcg: don't abuse TCG type in tcg_gen_trunc_shr_i64_i32 The tcg_gen_trunc_shr_i64_i32 function takes a 64-bit argument and returns a 32-bit value. Directly call tcg_gen_op3 with the correct types instead of calling tcg_gen_op3i_i32 and abusing the TCG types. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 0632e555fc4d281d69cb08d98d500d96185b041f Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:45 2015 +0200 tcg: rename trunc_shr_i32 into trunc_shr_i64_i32 The op is sometimes named trunc_shr_i32 and sometimes trunc_shr_i64_i32, and the name in the README doesn't match the name offered to the frontends. Always use the long name to make it clear it is a size changing op. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 299f80130401153af1a6ddb3cc011781bcd47600 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:44 2015 +0200 tcg/optimize: allow constant to have copies Now that copies and constants are tracked separately, we can allow constant to have copies, deferring the choice to use a register or a constant to the register allocation pass. This prevent this kind of regular constant reloading: -OUT: [size=338] +OUT: [size=298] mov -0x4(%r14),%ebp test %ebp,%ebp jne 0x7ffbe9cb0ed6 mov $0x40002219f8,%rbp mov %rbp,(%r14) - mov $0x40002219f8,%rbp mov $0x4000221a20,%rbx mov %rbp,(%rbx) mov $0x4000000000,%rbp mov %rbp,(%r14) - mov $0x4000000000,%rbp mov $0x4000221d38,%rbx mov %rbp,(%rbx) mov $0x40002221a8,%rbp mov %rbp,(%r14) - mov $0x40002221a8,%rbp mov $0x4000221d40,%rbx mov %rbp,(%rbx) mov $0x4000019170,%rbp mov %rbp,(%r14) - mov $0x4000019170,%rbp mov $0x4000221d48,%rbx mov %rbp,(%rbx) mov $0x40000049ee,%rbp mov %rbp,0x80(%r14) mov %r14,%rdi callq 0x7ffbe99924d0 mov $0x4000001680,%rbp mov %rbp,0x30(%r14) mov 0x10(%r14),%rbp mov $0x4000001680,%rbp mov %rbp,0x30(%r14) mov 0x10(%r14),%rbp shl $0x20,%rbp mov (%r14),%rbx mov %ebx,%ebx mov %rbx,(%r14) or %rbx,%rbp mov %rbp,0x10(%r14) mov %rbp,0x90(%r14) mov 0x60(%r14),%rbx mov %rbx,0x38(%r14) mov 0x28(%r14),%rbx mov $0x4000220e60,%r12 mov %rbx,(%r12) mov $0x40002219c8,%rbx mov %rbp,(%rbx) mov 0x20(%r14),%rbp sub $0x8,%rbp mov $0x4000004a16,%rbx mov %rbx,0x0(%rbp) mov %rbp,0x20(%r14) mov $0x19,%ebp mov %ebp,0xa8(%r14) mov $0x4000015110,%rbp mov %rbp,0x80(%r14) xor %eax,%eax jmpq 0x7ffbebcae426 lea -0x5f6d72a(%rip),%rax # 0x7ffbe3d437b3 jmpq 0x7ffbebcae426 Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit b41059dd9deec367a4ccd296659f0bc5de2dc705 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:44 2015 +0200 tcg/optimize: track const/copy status separately Instead of using an enum which could be either a copy or a const, track them separately. This will be used in the next patch. Constants are tracked through a bool. Copies are tracked by initializing temp's next_copy and prev_copy to itself, allowing to simplify the code a bit. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit d9c769c60948815ee03b2684b1c1c68ee4375149 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:44 2015 +0200 tcg/optimize: add temp_is_const and temp_is_copy functions Add two accessor functions temp_is_const and temp_is_copy, to make the code more readable and make code change easier. Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 1208d7dd5fddc1fbd98de800d17429b4e5578848 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:44 2015 +0200 tcg/optimize: optimize temps tracking The tcg_temp_info structure uses 24 bytes per temp. Now that we emulate vector registers on most guests, it's not uncommon to have more than 100 used temps. This means we have initialize more than 2kB at least twice per TB, often more when there is a few goto_tb. Instead used a TCGTempSet bit array to track which temps are in used in the current basic block. This means there are only around 16 bytes to initialize. This improves the boot time of a MIPS guest on an x86-64 host by around 7% and moves out tcg_optimize from the the top of the profiler list. [rth: Handle TCG_CALL_DUMMY_ARG] Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 29f3ff8d6cbc28f79933aeaa25805408d0984a8f Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Fri Jul 10 18:03:31 2015 +0200 tcg/optimize: fix constant signedness By convention, on a 64-bit host TCG internally stores 32-bit constants as sign-extended. This is not the case in the optimizer when a 32-bit constant is folded. This doesn't seem to have more consequences than suboptimal code generation. For instance the x86 backend assumes sign-extended constants, and in some rare cases uses a 32-bit unsigned immediate 0xffffffff instead of a 8-bit signed immediate 0xff for the constant -1. This is with a ppc guest: before ------ ---- 0x9f29cc movi_i32 tmp1,$0xffffffff movi_i32 tmp2,$0x0 add2_i32 tmp0,CA,CA,tmp2,r6,tmp2 add2_i32 tmp0,CA,tmp0,CA,tmp1,tmp2 mov_i32 r10,tmp0 0x7fd8c7dfe90c: xor %ebp,%ebp 0x7fd8c7dfe90e: mov %ebp,%r11d 0x7fd8c7dfe911: mov 0x18(%r14),%r9d 0x7fd8c7dfe915: add %r9d,%r10d 0x7fd8c7dfe918: adc %ebp,%r11d 0x7fd8c7dfe91b: add $0xffffffff,%r10d 0x7fd8c7dfe922: adc %ebp,%r11d 0x7fd8c7dfe925: mov %r11d,0x134(%r14) 0x7fd8c7dfe92c: mov %r10d,0x28(%r14) after ----- ---- 0x9f29cc movi_i32 tmp1,$0xffffffffffffffff movi_i32 tmp2,$0x0 add2_i32 tmp0,CA,CA,tmp2,r6,tmp2 add2_i32 tmp0,CA,tmp0,CA,tmp1,tmp2 mov_i32 r10,tmp0 0x7f37010d490c: xor %ebp,%ebp 0x7f37010d490e: mov %ebp,%r11d 0x7f37010d4911: mov 0x18(%r14),%r9d 0x7f37010d4915: add %r9d,%r10d 0x7f37010d4918: adc %ebp,%r11d 0x7f37010d491b: add $0xffffffffffffffff,%r10d 0x7f37010d491f: adc %ebp,%r11d 0x7f37010d4922: mov %r11d,0x134(%r14) 0x7f37010d4929: mov %r10d,0x28(%r14) Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1436544211-2769-2-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit a30878e708c2149ce07d709a8b62edd944628449 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 14 16:10:52 2015 +0100 configure: Don't permit SDL or GTK on OSX The cocoa GUI frontend assumes it is the only GUI (it redefines main() so it always gets control before the rest of QEMU), so it does not play well with other UIs like SDL or GTK. (Mostly people building QEMU on OSX don't have the necessary dependencies available for configure to build those other front ends, so mostly this problem goes unnoticed.) Make configure automatically disable the SDL and GTK front ends if the cocoa front end is enabled. (We were sort of attempting to do this for SDL before, but not in a way that worked very well.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: John Arbuckle <programmingkidx@xxxxxxxxx> Message-id: 1439565052-3457-1-git-send-email-peter.maydell@xxxxxxxxxx commit 20fbcfdd58ea47607a5755979d43f8c48ac93f08 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:20 2015 +0100 apic_internal.h: Include cpu.h directly apic_internal.h relies on cpu.h having been included (for the X86CPU type); include it directly rather than relying on it being pulled in via one of the other includes like timer.h. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 49caffe0cc95a9d0dc344e3328be8197f3536cf8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:20 2015 +0100 qemu-common.h: Move muldiv64() to host-utils.h Move the muldiv64() function from qemu-common.h to host-utils.h. This puts it together with all the other arithmetic functions where we provide a version with __int128_t and a fallback without, and allows headers which need muldiv64() to avoid including qemu-common.h. We don't include host-utils from qemu-common.h, to avoid dragging more things into qemu-common.h than it already has; in practice everywhere that needs muldiv64() can get it via qemu/timer.h. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 03557b9abaee78e9d1ef5cd236d32a7b3e75e6f8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:20 2015 +0100 osdep.h: Add header comment Add a header comment to osdep.h, explaining what the header is for and some rules to avoid circular-include difficulties. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit bfe7e449f14313f646da621288ca2fd12223414f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:19 2015 +0100 osdep.h: Move some OS header includes and fixups from qemu-common.h qemu-common.h has some system header includes and fixups for things that might be missing. This is really an OS dependency and belongs in osdep.h, so move it across. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 1aad8104f3b69206da1f868639e1f69c26f6d482 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:19 2015 +0100 qemu-common.h: Move Win32 fixups into os-win32.h qemu-common.h includes some fixups for things the Win32 headers don't define or define weirdly. These really belong in os-win32.h, so move them there. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 24134c4e9126bf505b612e901c63a102fc471083 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:19 2015 +0100 compiler.h: Use glue() in QEMU_BUILD_BUG_ON define Rather than rolling custom concatenate-strings macros for the QEMU_BUILD_BUG_ON macro to use, use the glue() macro we already have (since it's now available to us in this header). Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 4912086865083a008f4fb73173fd0ddf2206c4d9 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:19 2015 +0100 osdep.h: Move some compiler-specific things to compiler.h osdep.h has a few things which are really compiler specific; move them to compiler.h, and include compiler.h from osdep.h. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 71baf787d8fa2a5d186f22d8154069fd212be37f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:19 2015 +0100 osdep.h: Remove qemu_printf qemu_printf is an ancient remnant which has been a simple #define to printf for over a decade, and is used in only a few places. Expand it out in those places and remove the #define. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 38e20cac669083e2e10a2a9a9602cb99ec19299e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:19 2015 +0100 qapi/qmp-event.c: Don't manually include os-win32.h/os-posix.h qmp-event.c already includes qemu-common.h, so manually including os-win32.h/os-posix.h is unnecessary (and potentially fragile, since it's duplicating the #ifdef logic that chooses which of the two we need). Remove the unnecessary include logic. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 4c4a29cb681ec0374616e07c69714b909641e929 Merge: 5452b6f 6c05d3d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 00:25:52 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-axp-201508018' into staging Alpha shadow register optimization # gpg: Signature made Tue 18 Aug 2015 19:09:41 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-axp-201508018: target-alpha: Inline hw_ret target-alpha: Inline call_pal target-alpha: Use separate TCGv temporaries for the shadow registers Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6c05d3ded7b51154e67c35e270c48784b7046883 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 16 12:55:12 2014 -0700 target-alpha: Inline hw_ret Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2f458b7c311f8d79028b04930f8c820b326fbcdd Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 16 12:35:59 2014 -0700 target-alpha: Inline call_pal Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 591243846f7d0dc59f482a89e241a6ce02d25fae Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 16 12:16:38 2014 -0700 target-alpha: Use separate TCGv temporaries for the shadow registers This avoids having to manually swap them around when swapping to and from PALmode. We simply encode the shadow registers into the translation. The VMStateDescription version changes, because the meaning of "shadow" changes in the save file when in PALmode. It would be possible to fix this, but I don't think it's worth the effort. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 112e4518f0d38fc3c52e55c7d7e77b66a295ec2b Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Aug 5 11:04:11 2015 -0700 target-alpha: Special case cmpbge with zero Knowing the comparator is zero leads to a simpler operation. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 5452b6f61ae943aff5c13cdd65fb476efff636d3 Merge: 6b324b3 9504c54 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 18 17:06:41 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * SCSI fixes from Stefan and Fam * vhost-scsi fix from Igor and Lu Lina * a build system fix from Daniel * two more multi-arch-related patches from Peter C. * TCG patches from myself and Sergey Fedorov * RCU improvement from Wen Congyang * a few more simple cleanups # gpg: Signature made Fri 14 Aug 2015 22:41:52 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: disas: Defeature print_target_address hw: fix mask for ColdFire UART command register scsi-generic: identify AIO callbacks more clearly scsi-disk: identify AIO callbacks more clearly scsi: create restart bottom half in the right AioContext configure: only add CONFIG_RDMA to config-host.h once qemu-nbd: remove unnecessary qemu_notify_event() vhost-scsi: Clarify vhost_virtqueue_mask argument exec: use macro ROUND_UP for alignment rcu: Allow calling rcu_(un)register_thread() during synchronize_rcu() exec: drop cpu_can_do_io, just read cpu->can_do_io cpu_defs: Simplify CPUTLB padding logic cpu-exec: Do not invalidate original TB in cpu_exec_nocache() vhost/scsi: call vhost_dev_cleanup() at unrealize() time virtio-scsi-test: Add test case for tail unaligned WRITE SAME scsi-disk: Fix assertion failure on WRITE SAME tests: virtio-scsi: clear unit attention after reset scsi-disk: fix cmd.mode field typo virtio-scsi: use virtqueue_map_sg() when loading requests Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5f2a80adc6fd2b2e4e0579a6613a9913e3cc9a05 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Aug 5 10:33:12 2015 -0700 target-alpha: Rewrite helper_cmpbge using bit tests Not quite as good as using a proper host vector compare, but certainly better than a loop. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9504c5445cb709415aea509954a922983925c2d3 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Jul 5 13:50:32 2015 -0700 disas: Defeature print_target_address It does not work in multi-arch as it requires the CPU specific TARGET_VIRT_ADDR_SPACE_BITS global define. Just use the generic version that does no masking. Targets should be responsible for passing in a sane virtual address. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <1436129432-16617-1-git-send-email-crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 491ffc1f7ce857b88e9d310ce901ce033e45b75d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jun 24 13:55:51 2015 +0200 hw: fix mask for ColdFire UART command register The "miscellaneous commands" part of the register is 3 bits wide. Spotted by Coverity and confirmed in the datasheet, downloadable from http://cache.freescale.com/files/32bit/doc/ref_manual/MCF5307BUM.pdf (figure 14-6). Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fa0d653b06cec7b3188a733dc7394e030948018e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Sun Jul 19 19:15:26 2015 +0200 scsi-generic: identify AIO callbacks more clearly Functions that are not callbacks should assert that aiocb is NULL and have a SCSIGenericReq argument. AIO callbacks should assert that aiocb is not NULL. They also have an opaque argument. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5fd2b563a7624959ae7f000202785a30279021f8 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Sun Jul 19 19:15:26 2015 +0200 scsi-disk: identify AIO callbacks more clearly Functions that are not callbacks should assert that aiocb is NULL and have a non-opaque argument (usually a pointer to SCSIDiskReq). AIO callbacks should assert that aiocb is not NULL and take care of calling block_acct done. They also have an opaque argument. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d223c10453f1a7909349fd3e52a6047295d0e94f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jul 22 16:38:17 2015 +0200 scsi: create restart bottom half in the right AioContext This matches commit 4407c1c (virtio-blk: Schedule BH in the right context, 2014-06-17), which did the same thing for virtio-blk. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 416471916542f30c49f2ed2187d634e9ad26d57d Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Jul 31 13:23:23 2015 +0100 configure: only add CONFIG_RDMA to config-host.h once For unknown reasons (probably a git rebase merge mistake) commit 2da776db4846eadcb808598a5d3484d149773c05 Author: Michael R. Hines <mrhines@xxxxxxxxxx> Date: Mon Jul 22 10:01:54 2013 -0400 rdma: core logic Adds CONFIG_RDMA to config-host.h twice, as can be seen in the generated file: $ grep CONFIG_RDMA config-host.h #define CONFIG_RDMA 1 #define CONFIG_RDMA 1 Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1438345403-32467-1-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 06832648e1dbd268d7b719b9a49df476af689c6d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Jul 27 13:52:55 2015 +0200 qemu-nbd: remove unnecessary qemu_notify_event() This was needed when qemu-nbd was using qemu_set_fd_handler2. It is not needed anymore now that nbd_update_server_fd_handler is called whenever nbd_can_accept() can change from false to true. nbd_update_server_fd_handler will call qemu_set_fd_handler(), which will call qemu_notify_event(). Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fe2d1a81d96e8ffe74974bd4b3ebc608f1f6a25d Author: Lu Lina <lina.lulina@xxxxxxxxxx> Date: Mon Jul 27 14:25:59 2015 +0800 vhost-scsi: Clarify vhost_virtqueue_mask argument vhost_virtqueue_mask takes an "absolute" virtqueue index, while the code looks like it's passing an index that is relative to s->dev.vq_index. In reality, s->dev.vq_index is always zero, so this patch does not make any difference, but the code is clearer. Signed-off-by: Lu Lina <lina.lulina@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Message-Id: <1437978359-17960-1-git-send-email-arei.gonglei@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9284f31994919c001b54af57fc7d1bbb0d19b6fd Author: Chen Hanxiao <chenhanxiao@xxxxxxxxxxxxxx> Date: Fri Jul 24 11:12:03 2015 +0800 exec: use macro ROUND_UP for alignment Use ROUND_UP instead. Signed-off-by: Chen Hanxiao <chenhanxiao@xxxxxxxxxxxxxx> Message-Id: <1437707523-4910-1-git-send-email-chenhanxiao@xxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c097a60b100c10d79d8bd5c91ce804e865d7e70b Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Mon Jul 27 10:24:18 2015 +0800 rcu: Allow calling rcu_(un)register_thread() during synchronize_rcu() If rcu_(un)register_thread() is called together with synchronize_rcu(), it will wait for the synchronize_rcu() to finish. But when synchronize_rcu() waits for some events, we can modify the list registry. We also use the lock rcu_gp_lock to assume that synchronize_rcu() isn't executed in more than one thread at the same time. Add a new mutex lock rcu_sync_lock to assume it and rename rcu_gp_lock to rcu_registry_lock. Release rcu_registry_lock when synchronize_rcu() waits for some events. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Message-Id: <55B59652.4090503@xxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 414b15c909c88e4cf5f10e80d033b3aa90bcc9e1 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jun 24 14:16:26 2015 +0200 exec: drop cpu_can_do_io, just read cpu->can_do_io After commit 626cf8f (icount: set can_do_io outside TB execution, 2014-12-08), can_do_io is set to 1 if not executing code. It is no longer necessary to make this assumption in cpu_can_do_io. It is also possible to remove the use_icount test, simply by never setting cpu->can_do_io to 0 unless use_icount is true. With these changes cpu_can_do_io boils down to a read of cpu->can_do_io. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6b324b3e5906fd9a9ce7f4f24decd1f1c7afde97 Merge: 074a992 8887f84 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 14 18:06:44 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Fri 14 Aug 2015 16:01:19 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: tests: test rx recovery from cont tests: introduce basic pci test for virtio-net net/vmxnet3: Fix incorrect debug message Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 074a9925e1cfd659d5376dcaccd1436d3840e611 Merge: 8e0adf6 e424aff Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 14 16:52:34 2015 +0100 Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging # gpg: Signature made Fri 14 Aug 2015 14:54:27 BST using RSA key ID C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@xxxxxxxxxx>" # gpg: aka "Jeffrey Cody <jeff@xxxxxxxxxxxxx>" # gpg: aka "Jeffrey Cody <codyprime@xxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 9957 4B4D 3474 90E7 9D98 D624 BDBE 7B27 C0DE 3057 * remotes/cody/tags/block-pull-request: mirror: Fix coroutine reentrance block/mirror: limit qiov to IOV_MAX elements Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8e0adf64140ab93aba79be2f0227a47eda78e464 Merge: be1f13a 92e11a1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 14 15:51:24 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Fri 14 Aug 2015 15:41:14 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: throttle: add throttle_max_is_missing_limit() test throttle: refuse bps_max/iops_max without bps/iops Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e424aff5f307227b1c2512bbb8ece891bb895cef Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Aug 13 10:41:50 2015 +0200 mirror: Fix coroutine reentrance This fixes a regression introduced by commit dcfb3beb ("mirror: Do zero write on target if sectors not allocated"), which was reported to cause aborts with the message "Co-routine re-entered recursively". The cause for this bug is the following code in mirror_iteration_done(): if (s->common.busy) { qemu_coroutine_enter(s->common.co, NULL); } This has always been ugly because - unlike most places that reenter - it doesn't have a specific yield that it pairs with, but is more uncontrolled. What we really mean here is "reenter the coroutine if it's in one of the four explicit yields in mirror.c". This used to be equivalent with s->common.busy because neither mirror_run() nor mirror_iteration() call any function that could yield. However since commit dcfb3beb this doesn't hold true any more: bdrv_get_block_status_above() can yield. So what happens is that bdrv_get_block_status_above() wants to take a lock that is already held, so it adds itself to the queue of waiting coroutines and yields. Instead of being woken up by the unlock function, however, it gets woken up by mirror_iteration_done(), which is obviously wrong. In most cases the code actually happens to cope fairly well with such cases, but in this specific case, the unlock must already have scheduled the coroutine for wakeup when mirror_iteration_done() reentered it. And then the coroutine happened to process the scheduled restarts and tried to reenter itself recursively. This patch fixes the problem by pairing the reenter in mirror_iteration_done() with specific yields instead of abusing s->common.busy. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Message-id: 1439455310-11263-1-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit d90dedfcd5b9faad105bf28b718c9477d8467e77 Merge: be1f13a cae98cb Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Fri Aug 14 09:41:30 2015 -0400 Merge branch 'block-next' into HEAD commit be1f13ac9d9fc21908975460652a72f5f0c018c5 Merge: 5c314a2 c855701 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 13 17:47:44 2015 +0100 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150813' into staging MIPS patches 2015-08-13 Changes: * mips32r5-generic CPU updated and renamed to P5600 * improvements in LWL/LDL, logging and fulong2e # gpg: Signature made Thu 13 Aug 2015 17:10:59 BST using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 8DD3 2F98 5495 9D66 35D4 4FC0 5211 8E3C 0B29 DA6B * remotes/lalrae/tags/mips-20150813: target-mips: Use CPU_LOG_INT for logging related to interrupts hw/pci-host/bonito: Avoid buffer overrun for bad LDMA/COP accesses target-mips: simplify LWL/LDL mask generation target-mips: update mips32r5-generic into P5600 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c85570163bdf1ba29cb52a63f22ff1c48f1b9398 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 3 11:49:12 2015 -0700 target-mips: Use CPU_LOG_INT for logging related to interrupts There are now no unconditional uses of qemu_log in the subdirectory. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 58d479786b11a7e982419c1e0905b8490ef9a787 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 30 16:33:42 2015 +0100 hw/pci-host/bonito: Avoid buffer overrun for bad LDMA/COP accesses The LDMA and COP memory regions represent four 32 bit registers each, but the memory regions themselves are 0x100 bytes large. Add guards to the read and write accessors so that bogus accesses beyond the four defined registers don't just run off the end of the bonldma and boncop structs and into whatever lies beyond. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Acked-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit eb02cc3f89013612cb05df23b5441741e902bbd2 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jul 15 17:05:09 2015 +0200 target-mips: simplify LWL/LDL mask generation The LWL/LDL instructions mask the GPR with a mask depending on the address alignement. It is currently computed by doing: mask = 0x7fffffffffffffffull >> (t1 ^ 63) It's simpler to generate it by doing: mask = ~(-1 << t1) It uses one TCG instruction less, and it avoids a 32/64-bit constant loading which can take a few instructions on RISC hosts. Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit aff2bc6dc6d839caf6df0900437cc2cc9e180605 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Fri Jul 10 12:10:52 2015 +0100 target-mips: update mips32r5-generic into P5600 As full specification of P5600 is available, mips32r5-generic should be renamed to P5600 and corrected as its intention. Correct PRid and detail of configuration. Features which are not currently supported are described as FIXME. Fix Config.MM bit location Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> [leon.alrae@xxxxxxxxxx: correct cache line sizes and LLAddr shift] Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 5c314a2eb713f560d753cb194d194fd462cff719 Merge: 425591e d31e5ae Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 13 15:07:34 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio,pc,acpi fixes, cleanups Mostly cleanups, notably Eduardo's compat code rework, and smbios rearrangement for use by ARM. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu 13 Aug 2015 12:59:16 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: (24 commits) MAINTAINERS: list smbios maintainers smbios: move smbios code into a common folder smbios: remove dependency on x86 e820 tables smbios: extract x86 smbios building code into a function acpi: avoid potential uninitialized access to cpu_hp_io_base virtio-net: remove useless codes pci: allow 0 address for PCI IO/MEM regions pc: Remove redundant arguments from pc_memory_init() pc: Remove redundant arguments from pc_cmos_init() pc: Remove redundant arguments from *load_linux() pc: Use PCMachineState as pc_guest_info_init() argument pc: Move {above,below}_4g_mem_size variables to PCMachineState pc: Use PCMachineState for pc_memory_init() argument pc: Use PCMachineState for pc_cmos_init() argument pc: Eliminate pc_default_machine_options() pc: Eliminate pc_common_machine_options() pc: Move PCMachineClass, PCMachineState to qemu/typedefs.h pc: Rename pc_machine variables to pcms pc: Use error_abort when registering properties target-i386: Remove x86_cpu_compat_set_features() ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d31e5ae7f2c16de2caf752b7f7f903569fea894d Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Aug 12 12:17:36 2015 +0300 MAINTAINERS: list smbios maintainers Now that smbios has its own directory, list its maintainers. Same people as ACPI so just reuse that entry. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 60d8f328b878ead45a5e5e347935097e3426bbd9 Author: Wei Huang <wei@xxxxxxxxxx> Date: Tue Aug 11 22:08:20 2015 -0400 smbios: move smbios code into a common folder To share smbios among different architectures, this patch moves SMBIOS code (smbios.c and smbios.h) from x86 specific folders into new hw/smbios directories. As a result, CONFIG_SMBIOS=y is defined in x86 default config files. Acked-by: Gabriel Somlo <somlo@xxxxxxx> Tested-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Tested-by: Leif Lindholm <leif.lindholm@xxxxxxxxxx> Signed-off-by: Wei Huang <wei@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 89cc4a2760be800b5924dd705b1369bc29783c9f Author: Wei Huang <wei@xxxxxxxxxx> Date: Tue Aug 11 22:08:19 2015 -0400 smbios: remove dependency on x86 e820 tables Current smbios builds type 19 table from e820, which is x86 specific. This patch removes smbios' dependency on e820 by passing an array of memory area to smbios_get_tables(). Acked-by: Gabriel Somlo <somlo@xxxxxxx> Tested-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Tested-by: Leif Lindholm <leif.lindholm@xxxxxxxxxx> Signed-off-by: Wei Huang <wei@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 5fd0a9d410dc876ce134359c489d1d639ea32889 Author: Wei Huang <wei@xxxxxxxxxx> Date: Tue Aug 11 22:08:18 2015 -0400 smbios: extract x86 smbios building code into a function This patch extracts out the procedure of buidling x86 SMBIOS tables into a dedicated function. Acked-by: Gabriel Somlo <somlo@xxxxxxx> Tested-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Tested-by: Leif Lindholm <leif.lindholm@xxxxxxxxxx> Signed-off-by: Wei Huang <wei@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 94aaca6457e52bb9c8a53af3c89bfeec40afadfc Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Jul 31 11:14:35 2015 +0100 acpi: avoid potential uninitialized access to cpu_hp_io_base When building QEMU with Mingw64 toolchain I see a warning CC x86_64-softmmu/hw/i386/acpi-build.o hw/i386/acpi-build.c: In function 'acpi_build': hw/i386/acpi-build.c:1138:9: warning: 'pm.cpu_hp_io_base' may be used uninitialized in this function [-Wmaybe-uninitialized] aml_append(crs, ^ hw/i386/acpi-build.c:1666:16: note: 'pm.cpu_hp_io_base' was declared here AcpiPmInfo pm; ^ In acpi_get_pm_info() some of the fields are pre-initialized to 0, but this one was missed. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit bd89dd98b2b835bbff43f02f2e7c823eb0c61331 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Mon Aug 3 13:20:38 2015 +0800 virtio-net: remove useless codes After commit 40bad8f3deba15e2074ff34cfe923c12916b1cc5("virtio-net: fix used len for tx"), async_tx.len was no longer used afterwards. So remove useless codes with it. Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit e402463073ae51d00dc6cf98556e2f5c4b008a31 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Fri Jul 24 10:35:13 2015 +0200 pci: allow 0 address for PCI IO/MEM regions Some kernels program a 0 address for io regions. PCI 3.0 spec section 6.2.5.1 doesn't seem to disallow this. based on patch by Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Add pci_allow_0_addr in MachineClass to conditionally allow addr 0 for pseries, as this can break other architectures. This patch allows to hotplug PCI card in pseries machine, as the first added card BAR0 is always set to 0 address. This as a temporary hack, waiting to fix PCI memory priorities for more machine types... Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c8d163bc9e037ec32b2250b2d7950b1d1bc3fd61 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:55 2015 -0300 pc: Remove redundant arguments from pc_memory_init() Remove arguments that can be found in PCMachineState. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 880768546eabea369068f30f22e5d26aa4c6970b Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:54 2015 -0300 pc: Remove redundant arguments from pc_cmos_init() Remove arguments that can be found in PCMachineState. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit df1f79fdbb98f948f0f9d77a5a48a643026ef31d Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:53 2015 -0300 pc: Remove redundant arguments from *load_linux() Remove arguments that can be found in PCMachineState. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b9cfc918ddcbbb5d3b8c1a47675b927cc25eb632 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:52 2015 -0300 pc: Use PCMachineState as pc_guest_info_init() argument Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c0aa4e1ecbcad29bb9f1d654f930300b975c3ba8 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:51 2015 -0300 pc: Move {above,below}_4g_mem_size variables to PCMachineState This will make the info readily available for the other initialization functions, and will allow us to simplify their argument list. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 62b160c02ca46f0b5a06cc4416c47708c7ffd76b Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:50 2015 -0300 pc: Use PCMachineState for pc_memory_init() argument pc_memory_init() already expects a PCMachineState object, there's no point in upcasting it to MachineState before calling the function. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 23d3040704e8e2a10f3e21e2c6594b3a8c7b20db Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:49 2015 -0300 pc: Use PCMachineState for pc_cmos_init() argument pc_cmos_init() already expects a PCMachineState object, there's no point in upcasting it to MachineState before calling the function. While doing it, reorder the arguments so PCMachineState is the first function argument. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4458fb3a7993249f466662b18ccae75f1a313200 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:48 2015 -0300 pc: Eliminate pc_default_machine_options() The only PC machines that didn't call pc_default_machine_options() were isaps and xenfv. Both were already overwriting max_cpus, and only isapc was not overwriting hot_add_cpu. After making isapc set hot_add_cpu to NULL, we can move the pc_default_machine_options() code the PC common class_init. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 41742767bfa8127954b6f57b39b590adcde3ac6c Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:47 2015 -0300 pc: Eliminate pc_common_machine_options() All TYPE_PC_MACHINE subclasses call pc_common_machine_options(). TYPE_PC_MACHINE can simply initialize the common options on class_init directly. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8170dfa077761ed979b45f608cf706253a764f0d Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:46 2015 -0300 pc: Move PCMachineClass, PCMachineState to qemu/typedefs.h They will be used inside hw/xen/xen.h, which doesn't include hw/i386/pc.h. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ec68007a29bff36dab96ae3ea731c85b4b66fdca Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:45 2015 -0300 pc: Rename pc_machine variables to pcms Make the code use the same variable name everywhere. "pcms" is already being used in existing code and it's shorter. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit dda65c7c4b9b4925bdd056c66d4e1ef5cf4a8fb8 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:44 2015 -0300 pc: Use error_abort when registering properties No errors should happen when registering the properties, but we shouldn't silently ignore them if they happen. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit e8963e5cecd4bb47ec3a7221ae591f278de6b5d0 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:43 2015 -0300 target-i386: Remove x86_cpu_compat_set_features() The function is not used by PC code anymore and can be removed. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 27add3814157f5506672e85ff918d1b379ae8ac0 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:42 2015 -0300 pc: Use PC_COMPAT_* for CPUID feature compatibility Now we can use compat_props to keep CPUID feature compatibility, using the boolean QOM properties for CPUID feature flags. This simplifies the compatibility code, and reduces duplication between pc_piix.c and pc_q35.c. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit e33d22fab3ad64bedc1c9addb0a0fa437995c12a Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:15:31 2015 -0300 piix: Document coreboot-specific RAM size config register The existing i440fx initialization code sets a PCI config register that isn't documented anywhere in the Intel 440FX datasheet. Register 0x57 is DRAMC (DRAM Control) and has nothing to do with the RAM size. This was implemented in commit ec5f92ce6ac8ec09056be77e03c941be188648fa because old coreboot code tried to read registers 0x5a-0x5f,0x56,0x57 to get the RAM size from QEMU, but I couldn't find out why coreboot did that. I assume it was a mistake, and the original code was supposed to be reading the DRB[0-7] registers (offsets 0x60-0x67). Document that coreboot-specific register offset in a macro and a comment, for future reference. Cc: Ed Swierk <eswierk@xxxxxxxxxxxxxxxxxx> Cc: Richard Smith <smithbone@xxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 27fa7479801ac23609110535a997b2e3ed6eb867 Author: Victor Kaplansky <victork@xxxxxxxxxx> Date: Sun Aug 9 12:39:59 2015 +0300 make: load only required dependency files. The old rules.mak loads dependency .d files using include directive with file glob pattern "*.d". This breaks the build when build tree has left-over *.d files from another build. This patch fixes this by - loading precise list of .d files made from *.o and *.mo. - specifying explicit list of required dependency info files for *.hex autogenerated sources. Note that Makefile still includes some .d in root directory by including "*.d". Signed-off-by: Victor Kaplansky <victork@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 998b7b1db4f61ee2784d8e9050c3dda15abd4425 Author: Victor Kaplansky <victork@xxxxxxxxxx> Date: Sun Aug 9 12:39:53 2015 +0300 make: fix where dependency *.d are stored. In rules like "bar/%.o: %.c" there is a difference between $(*D) and $(@D). $(*D) expands to '.', while $(@D) expands to 'bar'. It is cleaner to generate *.d in the same directory where appropriate *.o resides. This allows precise including of dependency info from .d files. As a hack, we also touch two sources for generated *.hex files. Without this hack, anyone doing "git pull; make" will not get *.hex rebuilt correctly since the dependency file would be missing. Signed-off-by: Victor Kaplansky <victork@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 425591e3effb0bdd4dec2a5b0d092009ee1a8f32 Merge: ca0e5d8 f7a6785 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 13 12:04:24 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150813' into staging target-arm queue: * i.MX code cleanup/refactorings * i.MX UART fix to work with uninitialized chardev * minor GIC code refactorings * implement the ARM Secure physical timer * implement the ARM Hypervisor timer # gpg: Signature made Thu 13 Aug 2015 11:40:56 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150813: (27 commits) i.MX: Fix UART driver to work with unitialized "chardev" device hw/cpu/a15mpcore: Wire up hyp and secure physical timer interrupts hw/arm/virt: Wire up secure timer interrupt target-arm: Add AArch32 banked register access to secure physical timer target-arm: Add the AArch64 view of the Secure physical timer target-arm: Add debug check for mismatched cpreg resets Introduce gic_class_name() instead of repeating condition hw/arm/gic: Kill code duplication Merge memory_region_init_reservation() into memory_region_init_io() i.MX: Fix Coding style for GPT emulator i.MX: Split GPT emulator in a header file and a source file i.MX: Fix Coding style for EPIT emulator i.MX: Split EPIT emulator in a header file and a source file i.MX: Fix Coding style for CCM emulator i.MX: Split CCM emulator in a header file and a source file i.MX: Fix Coding style for AVIC emulator. i.MX: Split AVIC emulator in a header file and a source file i.MX:Fix Coding style for UART emulator. i.MX: Move serial initialization to init/realize of DeviceClass. i.MX: Split UART emulator in a header file and a source file ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f7a6785e12d834d05200b0595070db453344b25d Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:22 2015 +0100 i.MX: Fix UART driver to work with unitialized "chardev" device The "chardev" property initialization might have failed (for example because there are not enough chardevs provided by QEMU). The serial device emulator needs to be able to work with an uninitialized (NULL) chardev device pointer. This patch adds some missing tests on the chr pointer value before using it. Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1438342461-18967-1-git-send-email-jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5dfaa75b4d96fe88858a98d947b97e697e2811e6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 13 11:26:22 2015 +0100 hw/cpu/a15mpcore: Wire up hyp and secure physical timer interrupts Since we now support both the hypervisor and the secure physical timer, wire their interrupt lines up in the a15mpcore wrapper object. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1437047249-2357-5-git-send-email-peter.maydell@xxxxxxxxxx Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit a007b1f85813ef6450ad3e761e46c189e3f40e04 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 13 11:26:22 2015 +0100 hw/arm/virt: Wire up secure timer interrupt Wire up the secure timer interrupt. Since we've defined that the plain old physical timer is the NS timer, we can drop the now-out-of-date comment about QEMU not having TZ. Use a data-driven loop to wire up the timer interrupts, since we now have four of them and the code is the same for each. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1437047249-2357-4-git-send-email-peter.maydell@xxxxxxxxxx Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 9ff9dd3c875956523bb4c19ca712e5d05aab3c65 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 13 11:26:22 2015 +0100 target-arm: Add AArch32 banked register access to secure physical timer If EL3 is AArch32, then the secure physical timer is accessed via banking of the registers used for the non-secure physical timer. Implement this banking. Note that the access controls for the AArch32 banked registers remain the same as the physical-timer checks; they are not the same as the controls on the AArch64 secure timer registers. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1437047249-2357-3-git-send-email-peter.maydell@xxxxxxxxxx Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit b4d3978c2fdf944e428a46d2850dbd950b6fbe78 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 13 11:26:22 2015 +0100 target-arm: Add the AArch64 view of the Secure physical timer On CPUs with EL3, there are two physical timers, one for Secure and one for Non-secure. Implement this extra timer and the AArch64 registers which access it. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1437047249-2357-2-git-send-email-peter.maydell@xxxxxxxxxx commit 49a661910c1374858602a3002b67115893673c25 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 13 11:26:21 2015 +0100 target-arm: Add debug check for mismatched cpreg resets It's easy to accidentally define two cpregs which both try to reset the same underlying state field (for instance a clash between an AArch64 EL3 definition and an AArch32 banked register definition). if the two definitions disagree about the reset value then the result is dependent on which one happened to be reached last in the hashtable enumeration. Add a consistency check to detect and assert in these cases: after reset, we run a second pass where we check that the reset operation doesn't change the value of the register. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1436797559-20835-1-git-send-email-peter.maydell@xxxxxxxxxx commit e6fbcbc4e57322a8de1307556e68a4cd6d0d8c8b Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Aug 13 11:26:21 2015 +0100 Introduce gic_class_name() instead of repeating condition This small inline returns correct GIC class name depending on whether we use KVM acceleration or not. Avoids duplicating the condition everywhere. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 4f26901be9b844b563673ce3ad08eeedbb7a7132.1438758065.git.p.fedin@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7926c210ab0c44fc3612461a50f487d16be98dca Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Aug 13 11:26:21 2015 +0100 hw/arm/gic: Kill code duplication Extracted duplicated initialization code from SW-emulated and KVM GIC implementations and put into gic_init_irqs_and_mmio() Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Message-id: 8ea5b2781ef39cb5989420987fc73c70e377687d.1438758065.git.p.fedin@xxxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6d6d2abf2c2e52c0f404d0a31a963e945b0cc7ad Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Aug 13 11:26:21 2015 +0100 Merge memory_region_init_reservation() into memory_region_init_io() Just specifying ops = NULL in some cases can be more convenient than having two functions. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 78a379ab1b6b30ab497db7971ad336dad1dbee76.1438758065.git.p.fedin@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 68b85290c7e23cfa159e1a5058d959814c6fa289 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:21 2015 +0100 i.MX: Fix Coding style for GPT emulator Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: cc7d1589e774e87c346b75a6c25e07957f436ced.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d647b26dc68a71db89a0c431841f1532ef7502e9 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:20 2015 +0100 i.MX: Split GPT emulator in a header file and a source file Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: e32fba56b9dae3cc7c83726550514b2d0c890ae0.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 565328fcc35f34242b29182313e4d7cf525d9b1c Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:20 2015 +0100 i.MX: Fix Coding style for EPIT emulator Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: d8d70683c6a48ac318c1635595619cfb0eb31681.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 951cd00e924ed06a72f4c2831f4cf7be9e6b90ef Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:20 2015 +0100 i.MX: Split EPIT emulator in a header file and a source file Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 948927cab0c85da9a753c5f6d5501323d5604c8e.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c14875b2e1b70b470492a000e0bc0b19978d34a2 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:20 2015 +0100 i.MX: Fix Coding style for CCM emulator Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: ff0b6720b1c55204e663f07be47c0203f6871084.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 282e74c83fd8af08d14fb1220a960e34b60e505f Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:20 2015 +0100 i.MX: Split CCM emulator in a header file and a source file Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: b1d6f990229b2608bbaba24f4ff359571c0b07da.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dbeedce78eea56ac4d482722291d6a7ebfd414d2 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:20 2015 +0100 i.MX: Fix Coding style for AVIC emulator. Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 01e1d9026220992405819f25640ebd5bb843fc93.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f250c6a7510e0069fdc7fd1fb76700db4daa9ddd Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:19 2015 +0100 i.MX: Split AVIC emulator in a header file and a source file Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 06829257e845d693be05c7d491134313c1615d1a.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit fa2650a37e58877d889a726a47aadbf4578ef87e Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:19 2015 +0100 i.MX:Fix Coding style for UART emulator. Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 23ab872b7cd30b1399384fb26a2ebb75e9761d7b.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f6c64000f966d17ef1bead1e066f039d0be64d74 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:19 2015 +0100 i.MX: Move serial initialization to init/realize of DeviceClass. Move constructor to DeviceClass methods * imx_serial_init * imx_serial_realize imx32_serial_properties is renamed to imx_serial_properties. Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 6854bd75e2b5af312e04e760587e249dbaff807f.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cd0bda20874d65b5ac4ab6e69d3eec4f095a924b Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:19 2015 +0100 i.MX: Split UART emulator in a header file and a source file Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: a51ef50fa222a614169056d5389a6d3ed6a63b04.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a5c6a584a74c9c66a07a2ce019bbdd3bcf4e4909 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Thu Aug 13 11:26:19 2015 +0100 hw/arm/virt: Connect the Hypervisor timer Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1436791864-4582-8-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0e3e858f6a88b3c3befe9c98227aec846c01d9a1 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Thu Aug 13 11:26:18 2015 +0100 hw/arm/virt: Replace magic IRQ constants with macros Replace magic constants with macros from hw/arm/virt.h and hw/intc/arm_gic_common.h. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1436791864-4582-7-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b0e66d95e4f587b5818d2760668301ee0871ba5e Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Thu Aug 13 11:26:18 2015 +0100 target-arm: Add the Hypervisor timer Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1436791864-4582-6-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0e3eca4c26d6aa4f082db8e63fd81a16df061f3c Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Thu Aug 13 11:26:18 2015 +0100 target-arm: Pass timeridx as argument to various timer functions Prepare for adding the Hypervisor timer, no functional change. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1436791864-4582-5-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d57b9ee84f6b2786f025712609edb259d0de086d Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxx> Date: Thu Aug 13 11:26:18 2015 +0100 target-arm: Rename and move gt_cnt_reset Rename gt_cnt_reset to gt_timer_reset as the function really resets the timers and not the counters. Move the registration from counter regs to timer regs. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1436791864-4582-4-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0b6440afb807a80c6d64dcc987bcfed87e1ace17 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Thu Aug 13 11:26:18 2015 +0100 target-arm: Add CNTHCTL_EL2 Adds control for trapping selected timer and counter accesses to EL2. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1436791864-4582-3-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit edac4d8a168b9c0c4a765bbc5507e46fa5557b78 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Thu Aug 13 11:26:17 2015 +0100 target-arm: Add CNTVOFF_EL2 Adds support for the virtual timer offset controlled by EL2. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1436791864-4582-2-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ca0e5d8b0d065a95d0f9042f71b2ace45b015596 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 11 23:15:55 2015 +0100 Open 2.5 development tree Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5c79ae3615d5dafdf1bb09b7a356a3a005714e3d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 11 15:30:34 2015 +0100 Update version for v2.4.0 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b4a4b8d0e0767c85946fd8fc404643bf5766351a Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Jul 5 14:08:53 2015 -0700 cpu_defs: Simplify CPUTLB padding logic There was a complicated subtractive arithmetic for determining the padding on the CPUTLBEntry structure. Simplify this with a union. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <1436130533-18565-1-git-send-email-crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 02d57ea115b7669f588371c86484a2e8ebc369be Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Tue Jun 30 12:35:09 2015 +0300 cpu-exec: Do not invalidate original TB in cpu_exec_nocache() Instead of invalidating an original TB in cpu_exec_nocache() prematurely, just save a link to it in the temporary generated TB. If cpu_io_recompile() is raised subsequently from the temporary TB, invalidate the original one as well. That allows reusing the original TB each time cpu_exec_nocache() is called to handle expired instruction counter in icount mode. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-Id: <1435656909-29116-1-git-send-email-serge.fdrv@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit cae98cb87d269c33d23b2bccd79bb8d99a60d811 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 1 15:45:50 2015 +0100 block/mirror: limit qiov to IOV_MAX elements If mirror has more free buffers than IOV_MAX, preadv(2)/pwritev(2) EINVAL failures may be encountered. It is possible to trigger this by setting granularity to a low value like 8192. This patch stops appending chunks once IOV_MAX is reached. The spurious EINVAL failure can be reproduced with a qcow2 image file and the following QMP invocation: qmp.command('drive-mirror', device='virtio0', target='/tmp/r7.s1', granularity=8192, sync='full', mode='absolute-paths', format='raw') While the guest is running dd if=/dev/zero of=/var/tmp/foo oflag=direct bs=4k. Cc: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1435761950-26714-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 2d697366a14ce95da2e9a59ea9872d3034eb49e4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 5 17:02:58 2015 +0100 Update version for v2.4.0-rc4 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0175409df42c20257171df87657dd705558aa94d Merge: e94867e 74aae7b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 5 16:02:00 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio fix for 2.4 Fixes migration in virtio 1 mode. We still have a known bug with memory hotplug, it doesn't look like we can fix that in time for 2.4. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Wed 05 Aug 2015 15:57:39 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: virtio: fix 1.0 virtqueue migration Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e94867ed5f241008d0f53142b2704a075f9ed505 Author: Sascha Silbe <silbe@xxxxxxxxxxxxxxxxxx> Date: Tue Aug 4 16:48:25 2015 +0200 block: don't register quorum driver if SHA256 support is unavailable Commit 488981a4 [block: convert quorum blockdrv to use crypto APIs] broke qemu-iotest 041 on hosts with GnuTLS < 2.10.0. It converted a compile-time check to a run-time check at device open time. The result is that we now advertise a feature (the quorum block driver) that will never work (on those hosts). There's no way (short of parsing human-readable error messages) for qemu-iotests or any other API consumer to recognise that the quorum block driver isn't _actually_ available and shouldn't be used or tested. Move the run-time check to bdrv_quorum_init() to avoid registering the quorum block driver if we know it cannot work. This way API consumers can recognise it's unavailable. Fixes: 488981a4af396551a3178d032cc2b41d9553ada2 Signed-off-by: Sascha Silbe <silbe@xxxxxxxxxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1438699705-21761-1-git-send-email-silbe@xxxxxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 74aae7b22b8a67cf31937b2f4bdefe2881e799e9 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Wed Aug 5 17:50:07 2015 +0800 virtio: fix 1.0 virtqueue migration 1.0 does not requires physically-contiguous pages layout for a virtqueue. So we could not infer avail and used from desc. This means we need to migrate vring.avail and vring.used when host support virtio 1.0. This fixes malfunction of virtio 1.0 device after migration. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 92e11a17612108b1729bde4ce61aad0cc1ce5889 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Aug 4 11:22:13 2015 +0100 throttle: add throttle_max_is_missing_limit() test Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1438683733-21111-3-git-send-email-stefanha@xxxxxxxxxx commit ee2bdc33c913b7d765baa5aa338c29fb30a05c9a Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Aug 4 11:22:12 2015 +0100 throttle: refuse bps_max/iops_max without bps/iops The bps_max/iops_max values are meaningless without corresponding bps/iops values. Reported an error if bps_max/iops_max is given without bps/iops. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1438683733-21111-2-git-send-email-stefanha@xxxxxxxxxx commit 2be4f242b50a84bf360df02480b173bfed161107 Merge: 426d0e7 27751aa Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 4 16:51:24 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 queue, 2015-08-04 # gpg: Signature made Tue 04 Aug 2015 16:49:42 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-pull-request: target-i386: fix IvyBridge xlevel in PC_COMPAT_2_3 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 27751aabd1e0359d84314bc230beccdef2168d1f Author: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Date: Tue Aug 4 16:17:21 2015 +0200 target-i386: fix IvyBridge xlevel in PC_COMPAT_2_3 Previous patch changed xlevel and missed the compatibility code. Fixes: 3046bb5debc8 ("target-i386: emulate CPUID level of real hardware") Signed-off-by: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 426d0e7b7e031a1592292b3eb275483b341a2f28 Merge: 260425a b7f26e5 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 4 12:57:06 2015 +0100 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150804' into staging MIPS patches 2015-08-04 Changes: * fix semihosting for microMIPS R6 * fix an abort when booting mips64 kernel with --enable-tcg-debug # gpg: Signature made Tue 04 Aug 2015 12:32:17 BST using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 8DD3 2F98 5495 9D66 35D4 4FC0 5211 8E3C 0B29 DA6B * remotes/lalrae/tags/mips-20150804: target-mips: Copy restrictions from ext/ins to dext/dins target-mips: fix semihosting for microMIPS R6 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b7f26e523914b982a1c1bfa8295f77ff9787c33c Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 3 12:35:53 2015 -0700 target-mips: Copy restrictions from ext/ins to dext/dins The checks in dins is required to avoid triggering an assertion in tcg_gen_deposit_tl. The check in dext is just for completeness. Fold the other D cases in via fallthru. In this case the errant dins appears to be data, not code, as translation failed to stop after a break insn. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 060ebfef1a09b58fb219b3769b72efb407515bf1 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Mon Aug 3 13:01:19 2015 +0100 target-mips: fix semihosting for microMIPS R6 In semihosting mode the SDBBP 1 instructions should trigger UHI syscall, but in QEMU this does not happen for recently added microMIPS R6. Consequently bare metal microMIPS R6 programs supporting UHI will not run. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 8887f84c54f6e74124544d1700a205e5b6821b3d Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Jul 17 15:25:54 2015 +0800 tests: test rx recovery from cont Rx should be recovered after cont. Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1437117954-16342-2-git-send-email-jasowang@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 2af40254bf0cb49c50656eb8be172e111c9c70c6 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Jul 17 15:25:53 2015 +0800 tests: introduce basic pci test for virtio-net Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1437117954-16342-1-git-send-email-jasowang@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b9f7c377df4f04e9119cb0e917438dd37ef34029 Author: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 28 21:44:50 2015 +0300 net/vmxnet3: Fix incorrect debug message From: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> In commit 80da311d81, "net/vmxnet3: Fix RX TCP/UDP checksum on partially summed packets" a debug message was introduced in vmxnet3_rx_need_csum_calculate() for an unlikely input condition. The message accidentally printed 'len' variable instead of 'pkt_len'. Fix, providing the correct argument. Signed-off-by: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> Signed-off-by: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Message-id: 1438109090-18957-1-git-send-email-shmulik.ladkani@xxxxxxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 260425ab405ea76c44dd59744d05176d4f579a52 Merge: e95edef 6cd3878 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Aug 3 18:52:55 2015 +0100 Merge remote-tracking branch 'remotes/sstabellini/tags/cve-2015-5166-tag' into staging cve-2015-5166 # gpg: Signature made Mon 03 Aug 2015 15:27:44 BST using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>" * remotes/sstabellini/tags/cve-2015-5166-tag: Fix release_drive on unplugged devices (pci_piix3_xen_ide_unplug) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e95edefbd0559e1d0aa09549641b5d9af1f96fac Merge: f60c871 8c6dc68 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Aug 3 17:33:35 2015 +0100 Merge remote-tracking branch 'remotes/sstabellini/tags/xen-migration-2.4-tag' into staging xen-migration-2.4 # gpg: Signature made Mon 03 Aug 2015 17:18:36 BST using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>" * remotes/sstabellini/tags/xen-migration-2.4-tag: migration: Fix regression for xenfv and pc,accel=xen machine. migration: Fix global state with Xen. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8c6dc68f4cff9eef870497a19a5373dde9dbdcc2 Author: Anthony PERARD <anthony.perard@xxxxxxxxxx> Date: Mon Aug 3 15:29:21 2015 +0100 migration: Fix regression for xenfv and pc,accel=xen machine. This fix migration from the same QEMU version and from previous QEMU version. >From the global state section, we don't need runstate with Xen. Right now, the way the Xen toolstack knows when QEMU is ready is when QEMU reach "running" runstate. The configuration section and the section footers are not going to be present in previous version of QEMU with xenfv machine, so we skip them. The Xen toolstack libxenlight does not specify a particular version of the 'pc' machine, so migration from older version of QEMU used by Xen to newer one would break due to missing "configuration" section and section footers. Signed-off-by: Anthony PERARD <anthony.perard@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit c69adea462a97c02001b2dd1edd2a0692d27f5a2 Author: Anthony PERARD <anthony.perard@xxxxxxxxxx> Date: Mon Aug 3 15:29:19 2015 +0100 migration: Fix global state with Xen. When doing migration via the QMP command xen_save_devices_state, the current runstate is not store into the global state section. Also the current runstate is not the one we want on the receiver side. During migration, the Xen toolstack paused QEMU before save the devices state. Also, the toolstack expect QEMU to autostart when the migration is finished. So this patch store "running" as it's current runstate. Signed-off-by: Anthony PERARD <anthony.perard@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit f60c87154ac722c528fd5582f7137914a93c5eec Author: Andreas Färber <afaerber@xxxxxxx> Date: Fri Jul 24 16:47:37 2015 +0200 configure: Drop vnc-ws feature from help text Commit 8e9b0d2 (ui: convert VNC websockets to use crypto APIs) dropped the --enable-vnc-ws option but forgot to update the help text. Fix this. Cc: Daniel P. Berrange <berrange@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1437749257-3313-1-git-send-email-afaerber@xxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6cd387833d05e8ad31829d97e474dc420625aed9 Author: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Date: Mon Aug 3 13:56:57 2015 +0000 Fix release_drive on unplugged devices (pci_piix3_xen_ide_unplug) pci_piix3_xen_ide_unplug should completely unhook the unplugged IDEDevice from the corresponding BlockBackend, otherwise the next call to release_drive will try to detach the drive again. Suggested-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 2a3612ccc1fa9cea77bd193afbfe21c77e7e91ef Merge: bd80b59 8357946 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Aug 3 13:09:10 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/rtl8139-cplus-tx-input-validation-pull-request' into staging Pull request # gpg: Signature made Mon Aug 3 13:08:25 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/rtl8139-cplus-tx-input-validation-pull-request: rtl8139: check TCP Data Offset field (CVE-2015-5165) rtl8139: skip offload on short TCP header (CVE-2015-5165) rtl8139: check IP Total Length field (CVE-2015-5165) rtl8139: check IP Header Length field (CVE-2015-5165) rtl8139: skip offload on short Ethernet/IP header (CVE-2015-5165) rtl8139: drop tautologous if (ip) {...} statement (CVE-2015-5165) rtl8139: avoid nested ifs in IP header parsing (CVE-2015-5165) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8357946b15f0a31f73dd691b7da95f29318ed310 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 15 17:39:29 2015 +0100 rtl8139: check TCP Data Offset field (CVE-2015-5165) The TCP Data Offset field contains the length of the header. Make sure it is valid and does not exceed the IP data length. Reported-by: æ?±ä¸?æµ·(å?¯è·¯) <donghai.zdh@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 4240be45632db7831129f124bcf53c1223825b0f Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 15 17:36:15 2015 +0100 rtl8139: skip offload on short TCP header (CVE-2015-5165) TCP Large Segment Offload accesses the TCP header in the packet. If the packet is too short we must not attempt to access header fields: tcp_header *p_tcp_hdr = (tcp_header*)(eth_payload_data + hlen); int tcp_hlen = TCP_HEADER_DATA_OFFSET(p_tcp_hdr); Reported-by: æ?±ä¸?æµ·(å?¯è·¯) <donghai.zdh@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c6296ea88df040054ccd781f3945fe103f8c7c17 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 15 17:34:40 2015 +0100 rtl8139: check IP Total Length field (CVE-2015-5165) The IP Total Length field includes the IP header and data. Make sure it is valid and does not exceed the Ethernet payload size. Reported-by: æ?±ä¸?æµ·(å?¯è·¯) <donghai.zdh@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 03247d43c577dfea8181cd40177ad5ba77c8db76 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 15 17:32:32 2015 +0100 rtl8139: check IP Header Length field (CVE-2015-5165) The IP Header Length field was only checked in the IP checksum case, but is used in other cases too. Reported-by: æ?±ä¸?æµ·(å?¯è·¯) <donghai.zdh@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e1c120a9c54872f8a538ff9129d928de4e865cbd Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 15 14:30:37 2015 +0100 rtl8139: skip offload on short Ethernet/IP header (CVE-2015-5165) Transmit offload features access Ethernet and IP headers the packet. If the packet is too short we must not attempt to access header fields: int proto = be16_to_cpu(*(uint16_t *)(saved_buffer + 12)); ... eth_payload_data = saved_buffer + ETH_HLEN; ... ip = (ip_header*)eth_payload_data; if (IP_HEADER_VERSION(ip) != IP_HEADER_VERSION_4) { Reported-by: æ?±ä¸?æµ·(å?¯è·¯) <donghai.zdh@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d6812d60e7932de3cd0f602c0ee63dd3d09f1847 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 15 17:17:28 2015 +0100 rtl8139: drop tautologous if (ip) {...} statement (CVE-2015-5165) The previous patch stopped using the ip pointer as an indicator that the IP header is present. When we reach the if (ip) {...} statement we know ip is always non-NULL. Remove the if statement to reduce nesting. Reported-by: æ?±ä¸?æµ·(å?¯è·¯) <donghai.zdh@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 39b8e7dcaf04cbdb926b478f825b160d852752b5 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 15 17:13:32 2015 +0100 rtl8139: avoid nested ifs in IP header parsing (CVE-2015-5165) Transmit offload needs to parse packet headers. If header fields have unexpected values the offload processing is skipped. The code currently uses nested ifs because there is relatively little input validation. The next patches will add missing input validation and a goto label is more appropriate to avoid deep if statement nesting. Reported-by: æ?±ä¸?æµ·(å?¯è·¯) <donghai.zdh@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit bd80b5963f58c601f31d3186b89887bf8e182fb5 Merge: ff90f84 c99d696 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Aug 3 11:44:07 2015 +0100 Merge remote-tracking branch 'remotes/aurel/tags/pull-tcg-mips-s390-20150803' into staging TCG MIPS and S390 fixes for 2.4. # gpg: Signature made Mon Aug 3 09:09:59 2015 BST using RSA key ID 1DDD8C9B # gpg: Good signature from "Aurelien Jarno <aurelien@xxxxxxxxxxx>" # gpg: aka "Aurelien Jarno <aurelien@xxxxxxxx>" # gpg: aka "Aurelien Jarno <aurel32@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 7746 2642 A9EF 94FD 0F77 196D BA9C 7806 1DDD 8C9B * remotes/aurel/tags/pull-tcg-mips-s390-20150803: tcg/mips: fix add2 tcg/s390x: Mask TCGMemOp appropriately for indexing tcg/mips: Mask TCGMemOp appropriately for indexing tcg/mips: fix TLB loading for BE host with 32-bit guests Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ff90f84e74d7c8641a493585ba9ea8d6e0d19855 Merge: cb48f67 91ced51 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Aug 3 10:44:23 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Fri Jul 31 23:24:06 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/ide-pull-request: ahci: fix ICC mask definition macio: re-add TRIM support Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c99d69694af4ed15b33e3f7c2e3ef6972c14358d Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Fri Jul 31 16:38:25 2015 +0200 tcg/mips: fix add2 The add2 code in the tcg_out_addsub2 function doesn't take into account the case where rl == al == bl. In that case we can't compute the carry after the addition. As it corresponds to a multiplication by 2, the carry bit is the bit 31. While this is a corner case, this prevents x86-64 guests to boot on a MIPS host. Cc: qemu-stable@xxxxxxxxxx Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 3c8691f568f49bf623dcb2850464d4156d95e61b Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jul 30 22:13:26 2015 +0200 tcg/s390x: Mask TCGMemOp appropriately for indexing Commit 2b7ec66f fixed TCGMemOp masking following the MO_AMASK addition, but two cases were forgotten in the TCG S390 backend. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 4214a8cb7c15ec43d4b2a43ebf248b273a0f4d45 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jul 30 22:11:51 2015 +0200 tcg/mips: Mask TCGMemOp appropriately for indexing Commit 2b7ec66f fixed TCGMemOp masking following the MO_AMASK addition, but two cases were forgotten in the TCG MIPS backend. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit e72c4fb81db52be881c9356f1c60e0a7817d2d32 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jul 30 23:39:34 2015 +0200 tcg/mips: fix TLB loading for BE host with 32-bit guests For 32-bit guest, we load a 32-bit address from the TLB, so there is no need to compensate for the low or high part. This fixes 32-bit guests on big-endian hosts. Cc: qemu-stable@xxxxxxxxxx Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 91ced514461e1a533bfb9e2eea32bd7df678b1cd Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Jul 21 14:02:01 2015 -0400 ahci: fix ICC mask definition There are likely others that could be updated, but we'll go with a light touch for 2.4 for now. Without the Unsigned specifier, this shifts bits into the signed bit, which makes clang unhappy and could cause unwanted behavior. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1437501721-24495-1-git-send-email-jsnow@xxxxxxxxxx commit 0e826a061a3e8e8485488a7da02cc139fc07d620 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jul 29 21:27:48 2015 +0200 macio: re-add TRIM support Commit bd4214fc dropped TRIM support by mistake. Given it is still advertised to the host when using a drive with discard=on, this cause the IDE bus to hang when the host issues a TRIM command. This patch fixes that by re-adding the TRIM code, ported to the new new DMA implementation. Cc: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-id: 1438198068-32428-1-git-send-email-aurelien@xxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit af103c9310b7ab56a2552965d9d1274b0024f27b Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Thu Jul 30 15:29:59 2015 +0200 vhost/scsi: call vhost_dev_cleanup() at unrealize() time vhost-scsi calls vhost_dev_init() at realize() time but forgets to call it's counterpart vhost_dev_cleanup() at unrealize() time. Calling it should fix leaking of memory table and mem_sections table in vhost device. And also unregister vhost's memory listerner to prevent access from memory core to freed memory. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Message-Id: <1438262999-287627-1-git-send-email-imammedo@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 975b66555cb56af453c6852e7e821e2451700527 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 29 16:45:12 2015 +0800 virtio-scsi-test: Add test case for tail unaligned WRITE SAME Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1438159512-3871-3-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit a56537a12757a8cdee24ad8c83e5af7a9833ea70 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 29 16:45:11 2015 +0800 scsi-disk: Fix assertion failure on WRITE SAME The last portion of an unaligned WRITE SAME command could fail the assertion in bdrv_aligned_pwritev: assert(!qiov || bytes == qiov->size); Because we updated data->iov.iov_len right above this if block, but data->qiov still has the old size. Reinitialize the qiov to make them equal and keep block layer happy. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1438159512-3871-2-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 4bb7b0daf8ea34bcc582642d35a2e4902f7841db Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Jul 30 14:16:13 2015 +0100 tests: virtio-scsi: clear unit attention after reset The unit attention after reset (power on) prevents normal commands from running. The unaligned WRITE SAME test never executed its command! Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1438262173-11546-4-git-send-email-stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c85a7a0057ca454607a40cde991d495e0deec34d Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Jul 30 14:16:12 2015 +0100 scsi-disk: fix cmd.mode field typo The cmd.xfer field is the data length. The cmd.mode field is the data transfer direction. scsi_handle_rw_error() was using the wrong error policy for read requests. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1438262173-11546-3-git-send-email-stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 1cc933453bf2baae1feb7c8e757bdfd0ef639002 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Jul 30 14:16:11 2015 +0100 virtio-scsi: use virtqueue_map_sg() when loading requests The VirtQueueElement struct is serialized during migration but the in_sg[]/out_sg[] iovec arrays are not usable on the destination host because the pointers are meaningless. Use virtqueue_map_sg() to refresh in_sg[]/out_sg[] to valid pointers based on in_addr[]/out_addr[] hwaddrs. Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1438262173-11546-2-git-send-email-stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit cb48f67ad8c7b33c617d4f8144a27706e69fd688 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Jul 29 11:40:52 2015 -0700 bsd-user: Fix operand to cpu_x86_exec Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1438195252-21968-1-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7008d580acad326148a725bd20695882ba10247a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 29 18:50:11 2015 +0100 Update version for v2.4.0-rc3 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 46739a2d7ace71b43cacf73ea71c10429db0d5e8 Merge: b83d017 ca96ac4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 29 17:08:38 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging Pull request These fixes make dataplane work again after the notify_me optimization was added. They also solve QEMUBH memory leaks and fix a bug in dataplane's cleanup code. # gpg: Signature made Wed Jul 29 14:50:26 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: AioContext: force event loop iteration using BH AioContext: avoid leaking BHs on cleanup virtio-blk-dataplane: delete bottom half before the AioContext is freed Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ca96ac44dcd290566090b2435bc828fded356ad9 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Jul 28 18:34:09 2015 +0200 AioContext: force event loop iteration using BH The notify_me optimization introduced in commit eabc97797310 ("AioContext: fix broken ctx->dispatching optimization") skips event_notifier_set() calls when the event loop thread is not blocked in ppoll(2). This optimization causes a deadlock if two aio_context_acquire() calls race. notify_me = 0 during the race so the winning thread can enter ppoll(2) unaware that the other thread is waiting its turn to acquire the AioContext. This patch forces ppoll(2) to return by scheduling a BH instead of calling aio_notify(). The following deadlock with virtio-blk dataplane is fixed: qemu ... -object iothread,id=iothread0 \ -drive if=none,id=drive0,file=test.img,... \ -device virtio-blk-pci,iothread=iothread0,drive=drive0 This command-line results in a hang early on without this patch. Thanks to Paolo Bonzini <pbonzini@xxxxxxxxxx> for investigating this bug with me. Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1438101249-25166-4-git-send-email-pbonzini@xxxxxxxxxx Message-Id: <1438014819-18125-3-git-send-email-stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a076972a4d36381d610a854f0c336507650a1d34 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Jul 28 18:34:08 2015 +0200 AioContext: avoid leaking BHs on cleanup BHs are freed during aio_bh_poll(). This leads to memory leaks if there is no aio_bh_poll() between qemu_bh_delete() and aio_ctx_finalize(). Suggested-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1438101249-25166-3-git-send-email-pbonzini@xxxxxxxxxx Message-Id: <1438014819-18125-2-git-send-email-stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit fed105e2756dde98efa5e80baca02ae516dd1e51 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 28 18:34:07 2015 +0200 virtio-blk-dataplane: delete bottom half before the AioContext is freed Other uses of aio_bh_new are safe as long as all scheduled bottom halves are run before an iothread is destroyed, which bdrv_drain will ensure: - archipelago_finish_aiocb: BH deletes itself - inject_error: BH deletes itself - blkverify_aio_bh: BH deletes itself - abort_aio_request: BH deletes itself - curl_aio_readv: BH deletes itself - gluster_finish_aiocb: BH deletes itself - bdrv_aio_rw_vector: BH deletes itself - bdrv_co_maybe_schedule_bh: BH deletes itself - iscsi_schedule_bh, iscsi_co_generic_cb: BH deletes itself - laio_attach_aio_context: deleted in laio_detach_aio_context, called through bdrv_detach_aio_context before deleting the iothread - nfs_co_generic_cb: BH deletes itself - null_aio_common: BH deletes itself - qed_aio_complete: BH deletes itself - rbd_finish_aiocb: BH deletes itself - dma_blk_cb: BH deletes itself - virtio_blk_dma_restart_cb: BH deletes itself - qemu_bh_new: main loop AioContext is never destroyed - test-aio.c: bh_delete_cb deletes itself, otherwise deleted in the same function that calls aio_bh_new Reported-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1438101249-25166-2-git-send-email-pbonzini@xxxxxxxxxx Message-Id: <1438086628-13000-1-git-send-email-pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b83d017d88b2c4710c7a4614ecf9f845e4db80ba Merge: 170f209 7bba83b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 28 19:02:04 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging Pull request These two .can_receive() are now reviewed. The net subsystem queue for 2.4 is now empty. # gpg: Signature made Tue Jul 28 13:26:03 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: xen: Drop net_rx_ok hw/net: handle flow control in mcf_fec driver receiver Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 170f209d7848dc2f14b3f3dccc34a49558680d4d Merge: 8b89b3a c147b51 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 28 17:09:56 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio fixes for 2.4 Mostly virtio 1 spec compliance fixes. We are unlikely to make it perfectly compliant in the first release, but it seems worth it to try. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Mon Jul 27 21:55:48 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: virtio: minor cleanup acpi: fix pvpanic device is not shown in ui virtio-blk: only clear VIRTIO_F_ANY_LAYOUT for legacy device virtio-blk: fail get_features when both scsi and 1.0 were set virtio: get_features() can fail virtio-pci: fix memory MR cleanup for modern virtio: set any_layout in virtio core virtio-9p: fix any_layout virtio-serial: fix ANY_LAYOUT virtio: hide legacy features from modern guests Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8b89b3a8df0a7d1ddbc9744f66a495986af667ca Merge: 5e868d2 52579c6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 28 15:25:24 2015 +0100 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150728' into staging MIPS patches 2015-07-28 Changes: * net/dp8393x fixes * Vectored Interrupts bug fix * fix for a bug in machine.c which was provoking a warning on FreeBSD # gpg: Signature made Tue Jul 28 10:47:19 2015 BST using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 8DD3 2F98 5495 9D66 35D4 4FC0 5211 8E3C 0B29 DA6B * remotes/lalrae/tags/mips-20150728: net/dp8393x: do not use memory_region_init_rom_device with NULL net/dp8393x: remove check of runt packets net/dp8393x: disable user creation target-mips: fix offset calculation for Interrupts target-mips: fix passing incompatible pointer type in machine.c Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5e868d2e5e4aff76bdef787e44bc2d1eca18901f Merge: 9f8c5b6 52c91da Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 28 14:19:16 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * crypto fixes * megasas SIGSEGV fix * memory refcount change to fix virtio hot-unplug # gpg: Signature made Tue Jul 28 08:29:07 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: memory: do not add a reference to the owner of aliased regions megasas: Add write function to handle write access to PCI BAR 3 crypto: extend unit tests to cover decryption too crypto: fix built-in AES decrypt function Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9f8c5b69c2b9ca8b9c3e569b0f41bd60a0b9e9fe Merge: 776f878 325e390 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 28 13:22:57 2015 +0100 Merge remote-tracking branch 'remotes/cody/tags/jtc-for-upstream-pull-request' into staging # gpg: Signature made Tue Jul 28 05:22:29 2015 BST using RSA key ID C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@xxxxxxxxxx>" # gpg: aka "Jeffrey Cody <jeff@xxxxxxxxxxxxx>" # gpg: aka "Jeffrey Cody <codyprime@xxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 9957 4B4D 3474 90E7 9D98 D624 BDBE 7B27 C0DE 3057 * remotes/cody/tags/jtc-for-upstream-pull-request: block/ssh: Avoid segfault if inet_connect doesn't set errno. sheepdog: serialize requests to overwrapping area Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7bba83bf80eae9c9e323319ff40d0ca477b0a77a Author: Fam Zheng <famz@xxxxxxxxxx> Date: Tue Jul 28 17:52:56 2015 +0800 xen: Drop net_rx_ok Let net_rx_packet() (which checks the same conditions) drops the packet if the device is not ready. Drop net_xen_info.can_receive and update the return value for the buffer full case. We rely on the qemu_flush_queued_packets() in net_event() to wake up the peer when the buffer becomes available again. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1438077176-378-1-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 776f87845137a9b300a4815ba6bf6879310795aa Merge: 84a29c7 226d007 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 28 11:28:44 2015 +0100 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-07-27' into staging trivial patches for 2015-07-27 # gpg: Signature made Mon Jul 27 20:50:14 2015 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-07-27: gdbstub: Set current CPU on interruptions qapi: add missing @ Fix Cortex-A9 global timer gitignore: Ignore shader generated files vmstate: remove unused declaration make: Clean build messages qemu-common.h: Document cutils.c string functions device_tree: Fix a typo hw/acpi/ich9: clean up stale comment about KVM not supporting SMM hw/acpi/ich9: clear smi_en on reset Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ff1d2ac949dc94d8a0e71fd46939fb69c2ef075b Author: Greg Ungerer <gerg@xxxxxxxxxxx> Date: Tue Jul 28 11:02:54 2015 +1000 hw/net: handle flow control in mcf_fec driver receiver The network mcf_fec driver emulated receive side method is not dealing with network queue flow control properly. Modify the receive side to check if we have enough space in the descriptors to store the current packet. If not we process none of it and return 0. When the guest frees up some buffers through its descriptors we signal the qemu net layer to send more packets. [Fixed coding style: 4-space indent and curly braces on if statement. --Stefan] Signed-off-by: Greg Ungerer <gerg@xxxxxxxxxxx> Message-id: 1438045374-10358-1-git-send-email-gerg@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 52579c681cb12bf64de793e85edc50d990f4d42f Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Sun Jul 26 22:32:55 2015 +0200 net/dp8393x: do not use memory_region_init_rom_device with NULL Replace memory_region_init_rom_device() with memory_region_init_ram() and memory_region_set_readonly(). This fixes a guest-triggerable QEMU crash when guest tries to write to PROM. Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> [leon.alrae@xxxxxxxxxx: shorten subject length] Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 30dfa9a46cd845db3f43f5c11b129f4a50941b02 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Fri Jul 24 20:42:23 2015 +0200 net/dp8393x: remove check of runt packets Ethernet requires that messages are at least 64 bytes on the wire. This limitation does not exist on emulation (no wire message), so remove the check. Netcard is now able to receive small network packets. Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit f6351288b65130deb8102b17143f5d84f817a02a Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Fri Jul 24 20:42:21 2015 +0200 net/dp8393x: disable user creation Netcard needs an address space to write data to, which can't be specified on command line. This fixes a crash when user starts QEMU with "-device dp8393x" Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 84a29c7efd02baa97b0d60d1e59e8357f7a5e0f1 Merge: f8787f8 77c102c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 28 09:11:48 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches for 2.4.0-rc3 # gpg: Signature made Mon Jul 27 16:19:17 2015 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: block: qemu-iotests - add check for multiplication overflow in vpc block: vpc - prevent overflow if max_table_entries >= 0x40000000 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit da52a4dfcc4864fd2260ec4eab331f75b1f0240b Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Fri Jul 10 12:10:02 2015 +0100 target-mips: fix offset calculation for Interrupts Correct computation of vector offsets for EXCP_EXT_INTERRUPT. For instance, if Cause.IV is 0 the vector offset should be 0x180. Simplify the finding vector number logic for the Vectored Interrupts. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> [leon.alrae@xxxxxxxxxx: cosmetic changes] Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 8bcbb834a015432bfb4d09a883c21f017eadd978 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Wed Jul 22 14:59:23 2015 +0100 target-mips: fix passing incompatible pointer type in machine.c Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 325e3904210c779a13fbbc9ee156056d045d7eee Author: Richard W.M. Jones <rjones@xxxxxxxxxx> Date: Wed Jul 22 14:27:47 2015 +0100 block/ssh: Avoid segfault if inet_connect doesn't set errno. On some (but not all) systems: $ qemu-img create -f qcow2 overlay -b ssh://xen/ Segmentation fault It turns out this happens when inet_connect returns -1 in the following code, but errno == 0. s->sock = inet_connect(s->hostport, errp); if (s->sock < 0) { ret = -errno; goto err; } In the test case above, no host called "xen" exists, so getaddrinfo fails. On Fedora 22, getaddrinfo happens to set errno = ENOENT (although it is *not* documented to do that), so it doesn't segfault. On RHEL 7, errno is not set by the failing getaddrinfo, so ret = -errno = 0, so the caller doesn't know there was an error and continues with a half-initialized BDRVSSHState struct, and everything goes south from there, eventually resulting in a segfault. Fix this by setting ret to -EIO (same as block/nbd.c and block/sheepdog.c). The real error is saved in the Error** errp struct, so it is printed correctly: $ ./qemu-img create -f qcow2 overlay -b ssh://xen/ qemu-img: overlay: address resolution failed for xen:22: No address associated with hostname Signed-off-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Reported-by: Jun Li BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1147343 Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 6a55c82cece217ab99ed95a412fa7ddf5d5f257b Author: Hitoshi Mitake <mitake.hitoshi@xxxxxxxxxxxxx> Date: Sat Jul 18 01:44:24 2015 +0900 sheepdog: serialize requests to overwrapping area Current sheepdog driver only serializes create requests in oid unit. This mechanism isn't enough for handling requests to overwrapping area spanning multiple oids, so it can result bugs like below: https://bugs.launchpad.net/sheepdog-project/+bug/1456421 This patch adds a new serialization mechanism for the problem. The difference from the old one is: 1. serialize entire aiocb if their targetting areas overwrap 2. serialize all requests (read, write, and discard), not only creates This patch also removes the old mechanism because the new one can be an alternative. Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Cc: Teruaki Ishizaki <ishizaki.teruaki@xxxxxxxxxxxxx> Cc: Vasiliy Tolstov <v.tolstov@xxxxxxxxx> Signed-off-by: Hitoshi Mitake <mitake.hitoshi@xxxxxxxxxxxxx> Tested-by: Vasiliy Tolstov <v.tolstov@xxxxxxxxx> Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 52c91dac6bd891656f297dab76da51fc8bc61309 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Jul 27 16:29:56 2015 +0200 memory: do not add a reference to the owner of aliased regions Very often the owner of the aliased region is the same as the owner of the alias region itself. When this happens, the reference count can never go back to 0 and the owner is leaked. This is for example breaking hot-unplug of virtio-pci devices (the device cannot be plugged back again with the same id). Another common use for alias is to transform the system I/O address space into an MMIO regions; in this case the aliased region never dies, so there is no problem. Otherwise the owner is always the same for aliasing and aliased region. I checked all calls to memory_region_init_alias introduced after commit dfde4e6 (memory: add ref/unref calls, 2013-05-06) and they do not need the reference in order to keep the owner of the aliased region alive. Reported-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 55875fc4ca45a35e36134663ade946d86fe7bfcd Author: Salva Peiró <speirofr@xxxxxxxxx> Date: Mon Jul 27 10:51:52 2015 +0200 megasas: Add write function to handle write access to PCI BAR 3 This patch fixes a QEMU SEGFAULT when a write operation is performed on the memory region of the PCI BAR 3 (base address space). When a writeb(0xe0000000) is performed the .write function is invoked to handle the write access, however, since the .write is not initialised, the call to 0, causes QEMU to SEGFAULT. Signed-off-by: Salva Peiró <speirofr@xxxxxxxxx> Acked-by: Hannes Reinecke <hare@xxxxxxxx> Message-Id: <1437987112-24744-1-git-send-email-speirofr@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c147b5153e733a14fc65d2098e7036754c185ad1 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Jul 27 18:39:37 2015 +0300 virtio: minor cleanup There's no need for blk to set ANY_LAYOUT, it's done by virtio core as necessary. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8ef3ea253b5aaaa00f3b9999f3ff19e74cfa26f8 Author: Gal Hammer <ghammer@xxxxxxxxxx> Date: Sun Jul 26 11:00:51 2015 +0300 acpi: fix pvpanic device is not shown in ui Commit 2332333c added a _STA method that hides the device. The fact that the device is not shown in the gui make it harder to install its Windows' device. https://bugzilla.redhat.com/show_bug.cgi?id=1238141 Signed-off-by: Gal Hammer <ghammer@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit 226d007dbd75ec8d0f12d0f9e1ce66caf55d49e4 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Fri Jul 24 18:52:31 2015 +0200 gdbstub: Set current CPU on interruptions gdb expects that the thread ID for c and g-class operations is set to the CPU we provide when reporting VM stop conditions. If the stub is still tuned to a different CPU, the wrong information is delivered to the gdb frontend. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 801db5ecdac7575a1b0250243eea1767da553e50 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Jul 3 11:51:01 2015 +0200 qapi: add missing @ Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 786f9ce20382704249883d7052f6869011d44281 Author: Johannes Schlatow <schlatow@xxxxxxxxxxxxxxxx> Date: Mon Jun 29 17:45:41 2015 +0200 Fix Cortex-A9 global timer The auto increment bit of the timer control register was wrongly defined. See Cortex-A9 MPcore Technical Reference Manual, Section 4.4.2. Signed-off-by: Johannes Schlatow <schlatow@xxxxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 7e71e111e0544ec35af40c3dc29f21697c8f17bf Author: Michal Privoznik <mprivozn@xxxxxxxxxx> Date: Tue Jun 23 14:30:20 2015 +0200 gitignore: Ignore shader generated files As of d98bc0b65 there are two files that are automatically generated: ui/shader/texture-blit-frag.h and /ui/shader/texture-blit-vert.h. None of them is wanted to be tracked by git. Put them into the ignore file then. Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 7155f2ca9d66f5598fd8d071e71d6758019a6e48 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Date: Tue Jun 23 18:41:27 2015 +0200 vmstate: remove unused declaration Since 38e0735e, register_device_unmigratable() has been removed Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f6288b9c88bae7d76d8bfe17e672976d79079296 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Sat Jul 18 16:54:32 2015 +0200 make: Clean build messages We want to have uniform build messages, so fix some messages which did not follow the standard pattern. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ab6036630865eff8bb12dd51dfa6921b4607fc81 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Jul 19 21:34:22 2015 +0100 qemu-common.h: Document cutils.c string functions Add documentation comments for various utility string functions which we have implemented in util/cutils.c: pstrcpy() strpadcpy() pstrcat() strstart() stristart() qemu_strnlen() qemu_strsep() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit cc47a16bcbbc2d1f79511799ca3625c6522f5838 Author: Kamalesh Babulal <kamalesh@xxxxxxxxxxxxxxxxxx> Date: Fri Jul 24 13:48:13 2015 +0530 device_tree: Fix a typo Fix spelling of 'allocting' -> 'allocating'. Signed-off-by: Kamalesh Babulal <kamalesh@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f3c30aeaa7888aee96a1fa28f259fb8312d47ab2 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jul 24 20:16:01 2015 +0200 hw/acpi/ich9: clean up stale comment about KVM not supporting SMM Commit fba72476c6 ("ich9: add smm_enabled field and arguments") detached SMM availability from kvm_enabled(). However, the comment in pm_reset() was not updated; let's do it now. Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Igor Mammedov <imammedo@xxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: qemu-trivial@xxxxxxxxxx Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit be66680e8320d612f1c96096a217e642e458f47b Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jul 24 20:16:00 2015 +0200 hw/acpi/ich9: clear smi_en on reset Otherwise on reboot firmware might think (due to APMC_EN remaining set from the previous boot) that SMI support is absent. Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Igor Mammedov <imammedo@xxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: qemu-trivial@xxxxxxxxxx Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f8787f8723eaca1be99e3b1873e54de163fffa93 Merge: edec47c bbeb823 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 27 19:37:09 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150727' into staging Fix buglets for 2.4 # gpg: Signature made Mon Jul 27 15:26:48 2015 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20150727: tcg: mark temps as mem_coherent = 0 for mov with a constant tcg: correctly mark dead inputs for mov with a constant Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit edec47cfef96209987cb7922286cb384916aae02 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Jul 24 13:42:55 2015 +0200 main-loop: fix qemu_notify_event for aio_notify optimization aio_notify can be optimized away, and in fact almost always will. However, qemu_notify_event is used in places where this is incorrect---most notably, when handling SIGTERM. When aio_notify is optimized away, it is possible that QEMU enters a blocking ppoll immediately afterwards and stays there, without reaching main_loop_should_exit(). Fix this by using a bottom half. The bottom half can be optimized too, but scheduling it is enough for the ppoll not to block. The hang is thus avoided. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1437738175-23624-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 77c102c26ead946fe7589d4bddcdfa5cb431ebfe Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Fri Jul 24 10:26:52 2015 -0400 block: qemu-iotests - add check for multiplication overflow in vpc This checks that VPC is able to successfully fail (without segfault) on an image file with a max_table_entries that exceeds 0x40000000. This table entry is within the valid range for VPC (although too large for this sample image). Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b15deac79530d818092cb49a8021bcce83d71b5b Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Fri Jul 24 10:26:51 2015 -0400 block: vpc - prevent overflow if max_table_entries >= 0x40000000 When we allocate the pagetable based on max_table_entries, we multiply the max table entry value by 4 to accomodate a table of 32-bit integers. However, max_table_entries is a uint32_t, and the VPC driver accepts ranges for that entry over 0x40000000. So during this allocation: s->pagetable = qemu_try_blockalign(bs->file, s->max_table_entries * 4); The size arg overflows, allocating significantly less memory than expected. Since qemu_try_blockalign() size argument is size_t, cast the multiplication correctly to prevent overflow. The value of "max_table_entries * 4" is used elsewhere in the code as well, so store the correct value for use in all those cases. We also check the Max Tables Entries value, to make sure that it is < SIZE_MAX / 4, so we know the pagetable size will fit in size_t. Cc: qemu-stable@xxxxxxxxxx Reported-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 3737129917c918767cdb8acd8ca6b342c45fa154 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 18:28:08 2015 +0100 configure: Work around broken static pkg-config info for Ubuntu gnutls Unfortunately Ubuntu's pkg-config information for gnutls is broken for the static linking case, and outputs --libs options which the compiler does not recognize. Work around this problem by testing that the --cflags/--libs output will at least allow compilation before enabling gnutls support. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1437758888-22486-1-git-send-email-peter.maydell@xxxxxxxxxx commit c9b11f971cfa1fd3eed716f62f4b835553b75490 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Mon Jul 27 17:49:21 2015 +0800 virtio-blk: only clear VIRTIO_F_ANY_LAYOUT for legacy device Chapter 6.3 of spec said " Transitional devices MUST offer, and if offered by the device transitional drivers MUST accept the following: VIRTIO_F_ANY_LAYOUT (27) " So this patch only clear VIRTIO_F_LAYOUT for legacy device. Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: qemu-block@xxxxxxxxxx Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit efb8206ca7f19f5a6ece1f2851a73a29de309b1e Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Mon Jul 27 17:49:20 2015 +0800 virtio-blk: fail get_features when both scsi and 1.0 were set SCSI passthrough was no longer supported in virtio 1.0, so this patch fail the get_features() when both 1.0 and scsi is set. And also only advertise VIRTIO_BLK_F_SCSI for legacy virtio-blk device. Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9d5b731dd2d64deb3bc798ef4e3c08603d54ae02 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Mon Jul 27 17:49:19 2015 +0800 virtio: get_features() can fail Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 27462695cde2a2208b1ff8074c2e917b8203590b Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Jul 27 11:06:17 2015 +0300 virtio-pci: fix memory MR cleanup for modern Each memory_region_add_subregion must be paired with memory_region_del_subregion. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bbeb82395eaca0e3c38b433b2d2a5bad4a5fbd81 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:55:58 2015 +0200 tcg: mark temps as mem_coherent = 0 for mov with a constant When a constant has to be loaded in a mov op, we fail to set mem_coherent = 0. This patch fixes that. Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1437994568-7825-3-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 7df69deadf2f25c19b3ac121404ee31f71dce845 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:55:57 2015 +0200 tcg: correctly mark dead inputs for mov with a constant When tcg_reg_alloc_mov propagate a constant, we failed to correctly mark a temp as dead if the liveness analysis hints so. This fixes the following assert when configure with --enable-debug-tcg: qemu-x86_64: tcg/tcg.c:1827: tcg_reg_alloc_bb_end: Assertion `ts->val_type == TEMP_VAL_DEAD' failed. Cc: Richard Henderson <rth@xxxxxxxxxxx> Reported-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1437994568-7825-2-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 122e7dab8ac549c8c5a9e1e13aa2464190e888de Merge: e40db4c f9f7492 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 27 14:53:42 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging Pull request Here are NIC fixes from Fam Zheng that prevent rx hangs (caused by NIC models where .can_receive() stops rx but qemu_flush_queued_packets() isn't called). # gpg: Signature made Mon Jul 27 14:51:48 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: axienet: Flush queued packets when rx is done dp8393x: Flush packets when link comes up stellaris_enet: Flush queued packets when read done mipsnet: Flush queued packets when receiving is enabled milkymist-minimac2: Flush queued packets when link comes up mcf_fec: Drop mcf_fec_can_receive etsec: Flush queue when rx buffer is consumed etsec: Move etsec_can_receive into etsec_receive usbnet: Drop usbnet_can_receive eepro100: Drop nic_can_receive pcnet: Drop pcnet_can_receive xgmac: Drop packets with eth_can_rx is false. hw/net: fix mcf_fec driver receiver hw/net: add simple phy support to mcf_fec driver hw/net: add ANLPAR bit definitions to generic mii hw/net: create common collection of MII definitions Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f9f7492ea4a9dda538fedeec31399fb940533a16 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:13 2015 +0800 axienet: Flush queued packets when rx is done eth_can_rx checks s->rxsize and returns false if it is non-zero. Because of the .can_receive semantics change, this will make the incoming queue disabled by peer, until it is explicitly flushed. So we should flush it when s->rxsize is becoming zero. Squash eth_can_rx semantics into etx_rx and drop .can_receive() callback, also add flush when rx buffer becomes available again after a packet gets queued. The other conditions, "!axienet_rx_resetting(s) && axienet_rx_enabled(s)" are OK because enet_write already calls qemu_flush_queued_packets when the register bits are changed. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1436955553-22791-13-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 4594f93a732f1f5936c3a5225481586e24bffa9e Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:12 2015 +0800 dp8393x: Flush packets when link comes up .can_receive callback changes semantics that once return 0, backend will try sending again until explicitly flushed, change the device to meet that. dp8393x_can_receive checks SONIC_CR_RXEN bit in SONIC_CR register and SONIC_ISR_RBE bit in SONIC_ISR register, try flushing the queue when either bit is being updated. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-12-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1ef4a6069f8b4c09c3383cd4b8e27b6ff25b2d41 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:11 2015 +0800 stellaris_enet: Flush queued packets when read done If s->np reaches 31, the queue will be disabled by peer when it sees stellaris_enet_can_receive() returns false, until we explicitly flushes it which notifies the peer. Do this when guest is done reading all existing data. Move the semantics to stellaris_enet_receive, by returning 0 when the buffer is full, so that new packets will be queued. In stellaris_enet_read, flush and restart the queue when guest has done reading. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-11-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1dd58ae0583c3d3fb15fa1d563d6b497558d3ad0 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:10 2015 +0800 mipsnet: Flush queued packets when receiving is enabled Drop .can_receive and move the semantics to mipsnet_receive, by returning 0. After 0 is returned, we must flush the queue explicitly to restart it: Call qemu_flush_queued_packets when s->busy or s->rx_count is being updated. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-10-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 3b7031e9609baf710823aa7880fd9802b39c4563 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:09 2015 +0800 milkymist-minimac2: Flush queued packets when link comes up Drop .can_receive and move the semantics into minimac2_rx, by returning 0. That is once minimac2_rx returns 0, incoming packets will be queued until the queue is explicitly flushed. We do this when s->regs[R_STATE0] or s->regs[R_STATE1] is changed in minimac2_write. Also drop the unused trace point. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1436955553-22791-9-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e813f0d8813944061fa9bde861cf6899379843e6 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:08 2015 +0800 mcf_fec: Drop mcf_fec_can_receive The semantics of .can_receive requires us to flush the queue explicitly when s->rx_enabled becomes true after it returns 0, but the packet being queued is not meaningful since the guest hasn't activated the card. Let's just drop the packet in this case. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-8-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 575bafd1f387c5f06b59cf2515f6bb1eff9d119d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:07 2015 +0800 etsec: Flush queue when rx buffer is consumed The BH will be scheduled when etsec->rx_buffer_len is becoming 0, which is the condition of queuing. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1436955553-22791-7-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b6cb6610c27c5b0773a340499f19c3477bf45aeb Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:06 2015 +0800 etsec: Move etsec_can_receive into etsec_receive When etsec_reset returns 0, peer would queue the packet as if .can_receive returns false. Drop etsec_can_receive and let etsec_receive carry the semantics. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-6-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 913440249ea2e697177e9d43167ac325a8dfe907 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:05 2015 +0800 usbnet: Drop usbnet_can_receive usbnet_receive already drops packet if rndis_state is not RNDIS_DATA_INITIALIZED, and queues packet if in buffer is not available. The only difference is s->dev.config but that is similar to rndis_state. Drop usbnet_can_receive and move these checks to usbnet_receive, so that we don't need to explicitly flush the queue when s->dev.config changes value. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-5-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 363db4b249244f31d3c47fbd5a8b128c95ba8fe7 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:04 2015 +0800 eepro100: Drop nic_can_receive nic_receive already checks the conditions and drop packets if false. Due to the new semantics since 6e99c63 ("net/socket: Drop net_socket_can_send"), having .can_receive returning 0 requires us to explicitly flush the queued packets when the conditions are becoming true, but queuing the packets when guest driver is not ready doesn't make much sense. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-4-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b0ba0b9b6b402d738f11f27eea6c94d97bf84cbf Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:03 2015 +0800 pcnet: Drop pcnet_can_receive pcnet_receive already checks the conditions and drop packets if false. Due to the new semantics since 6e99c63 ("net/socket: Drop net_socket_can_send"), having .can_receive returning 0 requires us to explicitly flush the queued packets when the conditions are becoming true, but queuing the packets when guest driver is not ready doesn't make much sense. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-3-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 8c8c460c5f38f878675631a66286a6e87bb4d111 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:02 2015 +0800 xgmac: Drop packets with eth_can_rx is false. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-2-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 491a1f494ed4c0d1a8593dd04b645f8e63c4cfae Author: Greg Ungerer <gerg@xxxxxxxxxxx> Date: Fri Jun 26 15:27:16 2015 +1000 hw/net: fix mcf_fec driver receiver The network mcf_fec driver emulated receive side method is returning a result of 0 causing the network layer to disable receive for this emulated device. This results in the guest only ever receiving one packet. Fix the recieve side processing to return the number of bytes that we passed back through to the guest. Signed-off-by: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435296436-12152-5-git-send-email-gerg@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 299f7bec5a109db7563e1286cedf1f4d84e69e6d Author: Greg Ungerer <gerg@xxxxxxxxxxx> Date: Fri Jun 26 15:27:15 2015 +1000 hw/net: add simple phy support to mcf_fec driver The Linux fec driver needs at least basic phy support to probe and work. The current qemu mcf_fec emulation has no support for the reading or writing of the MDIO lines to access an attached phy. This code adds a very simple set of register results for a fixed phy setup - very similar to that used on an m5208evb board. This is enough to probe and identify an emulated attached phy. Signed-off-by: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435296436-12152-4-git-send-email-gerg@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 3634869b27b6b2ff538bcc5bf8dfd1235ede7034 Author: Greg Ungerer <gerg@xxxxxxxxxxx> Date: Fri Jun 26 15:27:14 2015 +1000 hw/net: add ANLPAR bit definitions to generic mii Add a base set of bit definitions for the standard MII phy "Auto-Negotiation Link Partner Ability Register" (ANLPAR). The original definitions moved into mii.h from the allwinner_emac driver did not define these. Signed-off-by: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435296436-12152-3-git-send-email-gerg@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 3e230569bf16aa36562967cd76b742c6824481b1 Author: Greg Ungerer <gerg@xxxxxxxxxxx> Date: Fri Jun 26 15:27:13 2015 +1000 hw/net: create common collection of MII definitions Create a common set of definitions of address and register values for ethernet MII phys. A few of the current ethernet drivers have at least a partial set of these definitions. Others just use hard coded raw constant numbers. This initial set is copied directly from the allwinner_emac code. Signed-off-by: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435296436-12152-2-git-send-email-gerg@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e40db4c6d391419c0039fe274c74df32a6ca1a28 Merge: f793d97 cb72cba Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 27 13:10:00 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/cve-2015-5154-pull-request' into staging # gpg: Signature made Mon Jul 27 13:01:10 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/cve-2015-5154-pull-request: ide: Clear DRQ after handling all expected accesses ide/atapi: Fix START STOP UNIT command completion ide: Check array bounds before writing to io_buffer (CVE-2015-5154) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 019c2ab8623daee210df8b1085a33b1e83c9ee11 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Jul 21 09:55:02 2015 +0100 crypto: extend unit tests to cover decryption too The current unit test only verifies the encryption API, resulting in us missing a recently introduced bug in the decryption API from commit d3462e3. It was fortunately later discovered & fixed by commit bd09594, thanks to the QEMU I/O tests for qcow2 encryption, but we should really detect this directly in the crypto unit tests. Also remove an accidental debug message and simplify some asserts. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1437468902-23230-1-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6775e2c4298618828de9bb3c5584d4de20120e46 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Jul 24 13:23:54 2015 +0100 crypto: fix built-in AES decrypt function The qcrypto_cipher_decrypt_aes method was using the wrong key material, and passing the wrong mode. This caused it to incorrectly decrypt ciphertext. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1437740634-6261-1-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 09999a5f7fc8e3636feda4358a79a25a09467594 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Jul 22 12:32:25 2015 +0300 virtio: set any_layout in virtio core Exceptions: - virtio-blk - compat machine types Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit cd4bfbb20d957a480032e2626ef1188b62c74d00 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jul 23 20:57:53 2015 +0300 virtio-9p: fix any_layout virtio pci allows any device to have a modern interface, this in turn requires ANY_LAYOUT support. Fix up ANY_LAYOUT for virtio-9p. Reported-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> commit 7882080388be5088e72c425b02223c02e6cb4295 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jul 23 17:52:02 2015 +0300 virtio-serial: fix ANY_LAYOUT Don't assume a specific layout for control messages. Required by virtio 1. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> commit 5f456073aa9ba54e421aa82dd38e4d40d0a0af85 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Jul 22 13:09:25 2015 +0300 virtio: hide legacy features from modern guests NOTIFY_ON_EMPTY, ANY_LAYOUT and BAD are only valid on the legacy interface. Hide them from modern guests. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit cb72cba83021fa42719e73a5249c12096a4d1cfc Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Sun Jul 26 23:42:53 2015 -0400 ide: Clear DRQ after handling all expected accesses This is additional hardening against an end_transfer_func that fails to clear the DRQ status bit. The bit must be unset as soon as the PIO transfer has completed, so it's better to do this in a central place instead of duplicating the code in all commands (and forgetting it in some). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> commit 03441c3a4a42beb25460dd11592539030337d0f8 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Sun Jul 26 23:42:53 2015 -0400 ide/atapi: Fix START STOP UNIT command completion The command must be completed on all code paths. START STOP UNIT with pwrcnd set should succeed without doing anything. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> commit d2ff85854512574e7209f295e87b0835d5b032c6 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Sun Jul 26 23:42:53 2015 -0400 ide: Check array bounds before writing to io_buffer (CVE-2015-5154) If the end_transfer_func of a command is called because enough data has been read or written for the current PIO transfer, and it fails to correctly call the command completion functions, the DRQ bit in the status register and s->end_transfer_func may remain set. This allows the guest to access further bytes in s->io_buffer beyond s->data_end, and eventually overflowing the io_buffer. One case where this currently happens is emulation of the ATAPI command START STOP UNIT. This patch fixes the problem by adding explicit array bounds checks before accessing the buffer instead of relying on end_transfer_func to function correctly. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> commit f793d97e454a56d17e404004867985622ca1a63b Merge: 30fdfae 178846b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 13:07:10 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * qemu-char fixes * SCSI fixes (including CVE-2015-5158) * RCU fixes * Framebuffer logic to set DIRTY_MEMORY_VGA * Fix compiler warning for --disable-vnc * qemu-doc fixes * x86 TCG pasto fix # gpg: Signature made Fri Jul 24 12:57:52 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: target-i386/FPU: a misprint in helper_fistll_ST0 qemu-doc: fix typos framebuffer: set DIRTY_MEMORY_VGA on RAM that is used for the framebuffer memory: count number of active VGA logging clients vl: Fix compiler warning for builds without VNC scsi: Handle no media case for scsi_get_configuration rcu: actually register threads that have RCU read-side critical sections scsi: fix buffer overflow in scsi_req_parse_cdb (CVE-2015-5158) vnc: fix memory leak qemu-char: Fix missed data on unix socket qemu-char: handle EINTR for TCP character devices exec.c: Use atomic_rcu_read() to access dispatch in memory_region_section_get_iotlb() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 178846bdd93994c1acafe4423f99ead8bb24cf38 Author: Dmitry Poletaev <poletaev-qemu@xxxxxxxxx> Date: Wed Jul 8 12:48:40 2015 +0300 target-i386/FPU: a misprint in helper_fistll_ST0 There is a cut-and-paste mistake in the patch https://lists.gnu.org/archive/html/qemu-devel/2014-11/msg01657.html . It cause errors in guest work. Here is the bugfix. Signed-off-by: Dmitry Poletaev <poletaev-qemu@xxxxxxxxx> Reported-by: Kirill Batuzov <batuzovk@xxxxxxxxx> Message-Id: <2692911436348920@xxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d274e07c6df4cc8207b01892ff6f81118ea6083c Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Fri Jul 3 17:50:57 2015 +0800 qemu-doc: fix typos Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Message-Id: <1435917057-9396-1-git-send-email-arei.gonglei@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c1076c3e13a86140cc2ba29866512df8460cc7c2 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Jul 13 12:00:29 2015 +0200 framebuffer: set DIRTY_MEMORY_VGA on RAM that is used for the framebuffer The MemoryRegionSection contains enough information to access the RAM region underlying the framebuffer, and can be cached inside the display device. By doing this, the new framebuffer_update_memory_section function can enable dirty memory logging on the relevant RAM region. The function must be called whenever the stride or base of the framebuffer changes; a simple way to cover these cases is to call it on every full frame invalidation, which is a rare case. framebuffer_update_display now works entirely on a MemoryRegionSection, without going through cpu_physical_memory_map/unmap. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit deb809edb85334c8e90530e1071b98f4da25ebaa Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 14 13:56:53 2015 +0200 memory: count number of active VGA logging clients For a board that has multiple framebuffer devices, both of them might want to use DIRTY_MEMORY_VGA on the same memory region. The lack of reference counting in memory_region_set_log makes this very awkward to implement. Suggested-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fb4309695905de889d318caec8eb13d3b2c118d5 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Wed Jul 22 19:53:30 2015 +0200 vl: Fix compiler warning for builds without VNC This regression was caused by commit 70b94331. CC vl.o vl.c: In function â??select_displayâ??: vl.c:2064:12: error: unused variable â??errâ?? [-Werror=unused-variable] Error *err = NULL; ^ Reported-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Message-Id: <1437587610-26433-1-git-send-email-sw@xxxxxxxxxxx> Reviewed-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7d99f4c1b5d12de7644a5bd8c3d46bff05c9ca7c Author: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Date: Wed Jul 15 14:52:32 2015 -0400 scsi: Handle no media case for scsi_get_configuration Currently, scsi_get_configuration always returns a current profile (DVD or CD), even when there is actually no media present. By comparison, ide/atapi uses a default profile of 0 (MMC_PROFILE_NONE) for this case and checks for tray_open, so let's do the same for scsi. This fixes a problem I'm seeing with Fedora 22 guests where systemd cdrom_id fails to unmount after a QEMU-initiated eject against a scsi cdrom device because it believes the media is still present (but unreadable). Signed-off-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Message-Id: <1436986352-10695-1-git-send-email-mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ab28bd23125fb4a0411c3a3f01c4edacbc261486 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jul 9 08:55:38 2015 +0200 rcu: actually register threads that have RCU read-side critical sections Otherwise, grace periods are detected too early! Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c170aad8b057223b1139d72e5ce7acceafab4fa9 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 21 08:59:39 2015 +0200 scsi: fix buffer overflow in scsi_req_parse_cdb (CVE-2015-5158) This is a guest-triggerable buffer overflow present in QEMU 2.2.0 and newer. scsi_cdb_length returns -1 as an error value, but the caller does not check it. Luckily, the massive overflow means that QEMU will just SIGSEGV, making the impact much smaller. Reported-by: Zhu Donghai (æ?±ä¸?æµ·) <donghai.zdh@xxxxxxxxxxxxxxx> Fixes: 1894df02811f6b79ea3ffbf1084599d96f316173 Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 60928458e5eea3c77a7eb0a4194927872f463947 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed Jul 22 17:08:53 2015 +0800 vnc: fix memory leak If vnc's password is configured, it will leak memory which cipher variable pointed on every vnc connection. Cc: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Message-Id: <1437556133-11268-1-git-send-email-arei.gonglei@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 30fdfae49d53cfc678859095e49ac60b79562d6f Merge: f75b709 9615212 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 11:11:30 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150723' into staging Last minute fixes for 2.4. # gpg: Signature made Fri Jul 24 04:42:31 2015 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20150723: tcg/optimize: fix tcg_opt_gen_movi tcg/aarch64: use 32-bit offset for 32-bit softmmu emulation tcg/aarch64: use 32-bit offset for 32-bit user-mode emulation tcg/aarch64: add ext argument to tcg_out_insn_3310 tcg/i386: Extend addresses for 32-bit guests Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f75b709853d2b2b0f2a8e149229aa1c7c1ee1c60 Merge: 12e21eb 759b484 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 09:17:44 2015 +0100 Merge remote-tracking branch 'remotes/awilliam/tags/vfio-fixes-20150723.0' into staging VFIO fixes for v2.4.0-rc3 - Fix Realtek NIC quirk (Alex Williamson) - Restore bootindex functionality (Alex Williamson) # gpg: Signature made Thu Jul 23 19:51:23 2015 BST using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex@xxxxxxxxxxx>" # gpg: aka "Alex Williamson <alwillia@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex.l.williamson@xxxxxxxxx>" * remotes/awilliam/tags/vfio-fixes-20150723.0: vfio/pci: Fix bootindex vfio/pci: Fix RTL8168 NIC quirks Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 961521261a3d600b0695b2e6d2b0f490076f7e90 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Fri Jul 10 18:03:30 2015 +0200 tcg/optimize: fix tcg_opt_gen_movi Due to a copy&paste, the new op value is tested against mov_i32 instead of movi_i32. The test is therefore always false. Fix that. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1436544211-2769-1-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 80adb8fcad4778376a11d394a9e01516819e2327 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Jul 23 18:04:52 2015 -0400 tcg/aarch64: use 32-bit offset for 32-bit softmmu emulation Similar to the same fix for user-mode, except this instance occurs on the softmmu path. Again, the tlb addend must be the base register, while the guest address is the index. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit ffc6372851d8631a9f9fa56ec613b3244dc635b9 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jul 15 17:27:01 2015 +0200 tcg/aarch64: use 32-bit offset for 32-bit user-mode emulation Thanks to the previous patch, it is now easy for tcg_out_qemu_ld and tcg_out_qemu_st to use a 32-bit zero extended offset. However, the guest base register x28 must be the base and addr_reg must be the index. Reported-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1436974021-28978-3-git-send-email-pbonzini@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 6c0f0c0f124718650a8d682ba275044fc02f6fe2 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jul 15 17:27:00 2015 +0200 tcg/aarch64: add ext argument to tcg_out_insn_3310 The new argument lets you pick uxtw or uxtx mode for the offset register. For now, all callers pass TCG_TYPE_I64 so that uxtx is generated. The bits for uxtx are removed from I3312_TO_I3310. Reported-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1436974021-28978-2-git-send-email-pbonzini@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit ee8ba9e4d8458b8bba5455a7ae704620c4f2ef4b Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Jul 16 22:25:49 2015 +0100 tcg/i386: Extend addresses for 32-bit guests Removing the ??? comment explaining why it (mostly) worked. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-Id: <1437081950-7206-2-git-send-email-rth@xxxxxxxxxxx> commit 12e21eb088a51161c78ee39ed54ac56ebcff4243 Merge: b69b305 6b26996 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 23 12:54:53 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging NUMA queue, 2015-07-22 # gpg: Signature made Wed Jul 22 19:11:04 2015 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/numa-pull-request: hostmem: Fix qemu_opt_get_bool() crash in host_memory_backend_init() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4bf1cb03fbc43b0055af60d4ff093d6894aa4338 Author: Nils Carlson <pyssling@xxxxxxxxxxx> Date: Sun Jul 19 20:39:56 2015 +0000 qemu-char: Fix missed data on unix socket Commit 812c1057 introduced HUP detection on unix and tcp sockets prior to a read in tcp_chr_read. This unfortunately broke CloudStack 4.2 which relied on the old behaviour where data on a socket was readable even if a HUP was present. A working solution is to properly check the return values from recv, handling a closed socket once there is no more data to read. Also enable polling for G_IO_NVAL to ensure the callback is called for all possible events as these should now be possible to handle with the improved error detection. Signed-off-by: Nils Carlson <pyssling@xxxxxxxxxxx> Message-Id: <1437338396-22336-1-git-send-email-pyssling@xxxxxxxxxxx> [Do not handle EINTR; use socket_error(). - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9172f428afc1461b1d9b33ebca3a679b9adf7c3a Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 21 09:25:54 2015 +0200 qemu-char: handle EINTR for TCP character devices Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0b8e2c1002afddc8ef3d52fa6fc29e4768429f98 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 20 12:27:16 2015 +0100 exec.c: Use atomic_rcu_read() to access dispatch in memory_region_section_get_iotlb() When accessing the dispatch pointer in an AddressSpace within an RCU critical section we should always use atomic_rcu_read(). Fix an access within memory_region_section_get_iotlb() which was incorrectly doing a direct pointer access. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1437391637-31576-1-git-send-email-peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 759b484c5d7f92bd01f98797c07e8543ee187888 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Jul 22 14:56:01 2015 -0600 vfio/pci: Fix bootindex bootindex was incorrectly changed to a device Property during the platform code split, resulting in it no longer working. Remove it. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx # v2.3+ commit 69970fcef937bddd7f745efe39501c7716fdfe56 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Jul 22 14:56:01 2015 -0600 vfio/pci: Fix RTL8168 NIC quirks The RTL8168 quirk correctly describes using bit 31 as a signal to mark a latch/completion, but the code mistakenly uses bit 28. This causes the Realtek driver to spin on this register for quite a while, 20k cycles on Windows 7 v7.092 driver. Then it gets frustrated and tries to set the bit itself and spins for another 20k cycles. For some this still results in a working driver, for others not. About the only thing the code really does in its current form is protect the guest from sneaking in writes to the real hardware MSI-X table. The fix is obviously to use bit 31 as we document that we should. The other problem doesn't seem to affect current drivers as nobody seems to use these window registers for writes to the MSI-X table, but we need to use the stored data when a write is triggered, not the value of the current write, which only provides the offset. Note that only the Windows drivers from Realtek seem to use these registers, the Microsoft drivers provided with Windows 8.1 do not access them, nor do Linux in-kernel drivers. Link: https://bugs.launchpad.net/qemu/+bug/1384892 Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx # v2.1+ commit 6b2699672d5b56f8c2902fb9db9879e8cafb2afe Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Jul 16 17:29:12 2015 -0300 hostmem: Fix qemu_opt_get_bool() crash in host_memory_backend_init() This fixes the following crash, introduced by commit 49d2e648e8087d154d8bf8b91f27c8e05e79d5a6: $ gdb --args qemu-system-x86_64 -machine pc,mem-merge=off -object memory-backend-ram,id=ram-node0,size=1024 [...] Program received signal SIGABRT, Aborted. (gdb) bt #0 0x00007ffff253b8c7 in raise () at /lib64/libc.so.6 #1 0x00007ffff253d52a in abort () at /lib64/libc.so.6 #2 0x00007ffff253446d in __assert_fail_base () at /lib64/libc.so.6 #3 0x00007ffff2534522 in () at /lib64/libc.so.6 #4 0x00005555558bb80a in qemu_opt_get_bool_helper (opts=0x55555621b650, name=name@entry=0x5555558ec922 "mem-merge", defval=defval@entry=true, del=del@entry=false) at qemu/util/qemu-option.c:388 #5 0x00005555558bbb5a in qemu_opt_get_bool (opts=<optimized out>, name=name@entry=0x5555558ec922 "mem-merge", defval=defval@entry=true) at qemu/util/qemu-option.c:398 #6 0x0000555555720a24 in host_memory_backend_init (obj=0x5555562ac970) at qemu/backends/hostmem.c:226 Instead of using qemu_opt_get_bool(), that didn't work with qemu_machine_opts for a long time, we can use the corresponding MachineState fields. Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit b69b30532e0a80e25449244c01b0cbed000c99a3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 22 18:17:19 2015 +0100 Update version for v2.4.0-rc2 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3edf6b3f1e68104dba692337fdcecdba39e73c59 Merge: dc94bd9 a52b2cb Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 22 16:22:49 2015 +0100 Merge remote-tracking branch 'remotes/elmarco/tags/for-upstream' into staging qxl: build fix for 2.4 # gpg: Signature made Wed Jul 22 15:55:00 2015 BST using DSA key ID F43F0992 # gpg: Good signature from "Marc-André Lureau <marcandre.lureau@xxxxxxxxxx>" # gpg: aka "Marc-Andre Lureau <marcandre.lureau@xxxxxxxxx>" # gpg: aka "Marc-Andre Lureau <marc-andre.lureau@xxxxxxxxx>" # gpg: aka "Marc-André Lureau <marc-andre.lureau@xxxxxxxxx>" # gpg: aka "Marc-André Lureau (elmarco) <marcandre.lureau@xxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 7346 2483 9404 4E20 ABFF 7D48 D864 9487 F43F 0992 * remotes/elmarco/tags/for-upstream: qxl: Fix new function name for spice-server library Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a52b2cbf218d52f9e357961acb271a98a2bdff71 Author: Frediano Ziglio <fziglio@xxxxxxxxxx> Date: Mon Jul 20 09:43:23 2015 +0100 qxl: Fix new function name for spice-server library The new spice-server function to limit the number of monitors (0.12.6) changed while development from spice_qxl_set_monitors_config_limit to spice_qxl_max_monitors (accepted upstream). By mistake I post patch with former name. This patch fix the function name. Signed-off-by: Frediano Ziglio <fziglio@xxxxxxxxxx> Acked-by: Christophe Fergeau <cfergeau@xxxxxxxxxx> Acked-by: Martin Kletzander <mkletzan@xxxxxxxxxx> Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit dc94bd9166af5236a56bd5bb06845911915a925c Merge: b9c4630 05e514b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 22 12:52:34 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Wed Jul 22 12:43:35 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: AioContext: optimize clearing the EventNotifier AioContext: fix broken placement of event_notifier_test_and_clear AioContext: fix broken ctx->dispatching optimization aio-win32: reorganize polling loop tests: remove irrelevant assertions from test-aio qemu-timer: initialize "timers_done_ev" to set mirror: Speed up bitmap initial scanning Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 05e514b1d4d5bd4209e2c8bbc76ff05c85a235f3 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 21 16:07:53 2015 +0200 AioContext: optimize clearing the EventNotifier It is pretty rare for aio_notify to actually set the EventNotifier. It can happen with worker threads such as thread-pool.c's, but otherwise it should never be set thanks to the ctx->notify_me optimization. The previous patch, unfortunately, added an unconditional call to event_notifier_test_and_clear; now add a userspace fast path that avoids the call. Note that it is not possible to do the same with event_notifier_set; it would break, as proved (again) by the included formal model. This patch survived over 3000 reboots on aarch64 KVM. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Message-id: 1437487673-23740-7-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 21a03d17f2edb1e63f7137d97ba355cc6f19d79f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 21 16:07:52 2015 +0200 AioContext: fix broken placement of event_notifier_test_and_clear event_notifier_test_and_clear must be called before processing events. Otherwise, an aio_poll could "eat" the notification before the main I/O thread invokes ppoll(). The main I/O thread then never wakes up. This is an example of what could happen: i/o thread vcpu thread worker thread --------------------------------------------------------------------- lock_iothread notify_me = 1 ... unlock_iothread bh->scheduled = 1 event_notifier_set lock_iothread notify_me = 3 ppoll notify_me = 1 aio_dispatch aio_bh_poll thread_pool_completion_bh bh->scheduled = 1 event_notifier_set node->io_read(node->opaque) event_notifier_test_and_clear ppoll *** hang *** "Tracing" with qemu_clock_get_ns shows pretty much the same behavior as in the previous bug, so there are no new tricks here---just stare more at the code until it is apparent. One could also use a formal model, of course. The included one shows this with three processes: notifier corresponds to a QEMU thread pool worker, temporary_waiter to a VCPU thread that invokes aio_poll(), waiter to the main I/O thread. I would be happy to say that the formal model found the bug for me, but actually I wrote it after the fact. This patch is a bit of a big hammer. The next one optimizes it, with help (this time for real rather than a posteriori :)) from another, similar formal model. Reported-by: Richard W. M. Jones <rjones@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Message-id: 1437487673-23740-6-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit eabc977973103527bbb8fed69c91cfaa6691f8ab Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 21 16:07:51 2015 +0200 AioContext: fix broken ctx->dispatching optimization This patch rewrites the ctx->dispatching optimization, which was the cause of some mysterious hangs that could be reproduced on aarch64 KVM only. The hangs were indirectly caused by aio_poll() and in particular by flash memory updates's call to blk_write(), which invokes aio_poll(). Fun stuff: they had an extremely short race window, so much that adding all kind of tracing to either the kernel or QEMU made it go away (a single printf made it half as reproducible). On the plus side, the failure mode (a hang until the next keypress) made it very easy to examine the state of the process with a debugger. And there was a very nice reproducer from Laszlo, which failed pretty often (more than half of the time) on any version of QEMU with a non-debug kernel; it also failed fast, while still in the firmware. So, it could have been worse. For some unknown reason they happened only with virtio-scsi, but that's not important. It's more interesting that they disappeared with io=native, making thread-pool.c a likely suspect for where the bug arose. thread-pool.c is also one of the few places which use bottom halves across threads, by the way. I hope that no other similar bugs exist, but just in case :) I am going to describe how the successful debugging went... Since the likely culprit was the ctx->dispatching optimization, which mostly affects bottom halves, the first observation was that there are two qemu_bh_schedule() invocations in the thread pool: the one in the aio worker and the one in thread_pool_completion_bh. The latter always causes the optimization to trigger, the former may or may not. In order to restrict the possibilities, I introduced new functions qemu_bh_schedule_slow() and qemu_bh_schedule_fast(): /* qemu_bh_schedule_slow: */ ctx = bh->ctx; bh->idle = 0; if (atomic_xchg(&bh->scheduled, 1) == 0) { event_notifier_set(&ctx->notifier); } /* qemu_bh_schedule_fast: */ ctx = bh->ctx; bh->idle = 0; assert(ctx->dispatching); atomic_xchg(&bh->scheduled, 1); Notice how the atomic_xchg is still in qemu_bh_schedule_slow(). This was already debated a few months ago, so I assumed it to be correct. In retrospect this was a very good idea, as you'll see later. Changing thread_pool_completion_bh() to qemu_bh_schedule_fast() didn't trigger the assertion (as expected). Changing the worker's invocation to qemu_bh_schedule_slow() didn't hide the bug (another assumption which luckily held). This already limited heavily the amount of interaction between the threads, hinting that the problematic events must have triggered around thread_pool_completion_bh(). As mentioned early, invoking a debugger to examine the state of a hung process was pretty easy; the iothread was always waiting on a poll(..., -1) system call. Infinite timeouts are much rarer on x86, and this could be the reason why the bug was never observed there. With the buggy sequence more or less resolved to an interaction between thread_pool_completion_bh() and poll(..., -1), my "tracing" strategy was to just add a few qemu_clock_get_ns(QEMU_CLOCK_REALTIME) calls, hoping that the ordering of aio_ctx_prepare(), aio_ctx_dispatch, poll() and qemu_bh_schedule_fast() would provide some hint. The output was: (gdb) p last_prepare $3 = 103885451 (gdb) p last_dispatch $4 = 103876492 (gdb) p last_poll $5 = 115909333 (gdb) p last_schedule $6 = 115925212 Notice how the last call to qemu_poll_ns() came after aio_ctx_dispatch(). This makes little sense unless there is an aio_poll() call involved, and indeed with a slightly different instrumentation you can see that there is one: (gdb) p last_prepare $3 = 107569679 (gdb) p last_dispatch $4 = 107561600 (gdb) p last_aio_poll $5 = 110671400 (gdb) p last_schedule $6 = 110698917 So the scenario becomes clearer: iothread VCPU thread -------------------------------------------------------------------------- aio_ctx_prepare aio_ctx_check qemu_poll_ns(timeout=-1) aio_poll aio_dispatch thread_pool_completion_bh qemu_bh_schedule() At this point bh->scheduled = 1 and the iothread has not been woken up. The solution must be close, but this alone should not be a problem, because the bottom half is only rescheduled to account for rare situations (see commit 3c80ca1, thread-pool: avoid deadlock in nested aio_poll() calls, 2014-07-15). Introducing a third thread---a thread pool worker thread, which also does qemu_bh_schedule()---does bring out the problematic case. The third thread must be awakened *after* the callback is complete and thread_pool_completion_bh has redone the whole loop, explaining the short race window. And then this is what happens: thread pool worker -------------------------------------------------------------------------- <I/O completes> qemu_bh_schedule() Tada, bh->scheduled is already 1, so qemu_bh_schedule() does nothing and the iothread is never woken up. This is where the bh->scheduled optimization comes into play---it is correct, but removing it would have masked the bug. So, what is the bug? Well, the question asked by the ctx->dispatching optimization ("is any active aio_poll dispatching?") was wrong. The right question to ask instead is "is any active aio_poll *not* dispatching", i.e. in the prepare or poll phases? In that case, the aio_poll is sleeping or might go to sleep anytime soon, and the EventNotifier must be invoked to wake it up. In any other case (including if there is *no* active aio_poll at all!) we can just wait for the next prepare phase to pick up the event (e.g. a bottom half); the prepare phase will avoid the blocking and service the bottom half. Expressing the invariant with a logic formula, the broken one looked like: !(exists(thread): in_dispatching(thread)) => !optimize or equivalently: !(exists(thread): in_aio_poll(thread) && in_dispatching(thread)) => !optimize In the correct one, the negation is in a slightly different place: (exists(thread): in_aio_poll(thread) && !in_dispatching(thread)) => !optimize or equivalently: (exists(thread): in_prepare_or_poll(thread)) => !optimize Even if the difference boils down to moving an exclamation mark :) the implementation is quite different. However, I think the new one is simpler to understand. In the old implementation, the "exists" was implemented with a boolean value. This didn't really support well the case of multiple concurrent event loops, but I thought that this was okay: aio_poll holds the AioContext lock so there cannot be concurrent aio_poll invocations, and I was just considering nested event loops. However, aio_poll _could_ indeed be concurrent with the GSource. This is why I came up with the wrong invariant. In the new implementation, "exists" is computed simply by counting how many threads are in the prepare or poll phases. There are some interesting points to consider, but the gist of the idea remains: 1) AioContext can be used through GSource as well; as mentioned in the patch, bit 0 of the counter is reserved for the GSource. 2) the counter need not be updated for a non-blocking aio_poll, because it won't sleep forever anyway. This is just a matter of checking the "blocking" variable. This requires some changes to the win32 implementation, but is otherwise not too complicated. 3) as mentioned above, the new implementation will not call aio_notify when there is *no* active aio_poll at all. The tests have to be adjusted for this change. The calls to aio_notify in async.c are fine; they only want to kick aio_poll out of a blocking wait, but need not do anything if aio_poll is not running. 4) nested aio_poll: these just work with the new implementation; when a nested event loop is invoked, the outer event loop is never in the prepare or poll phases. The outer event loop thus has already decremented the counter. Reported-by: Richard W. M. Jones <rjones@xxxxxxxxxx> Reported-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Message-id: 1437487673-23740-5-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6493c975af75be5b8d9ade954239bdf5492b7911 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 21 16:07:50 2015 +0200 aio-win32: reorganize polling loop Preparatory bugfixes and tweaks to the loop before the next patch: - disable dispatch optimization during aio_prepare. This fixes a bug. - do not modify "blocking" until after the first WaitForMultipleObjects call. This is needed in the next patch. - change the loop to do...while. This makes it obvious that the loop is always entered at least once. In the next patch this is important because the first iteration undoes the ctx->notify_me increment that happened before entering the loop. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Message-id: 1437487673-23740-4-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 12d69ac03b45156356b240424623719f15d8143e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 21 16:07:49 2015 +0200 tests: remove irrelevant assertions from test-aio In these tests, the purpose of the initial calls to aio_poll and g_main_context_iteration is simply to put the AioContext in a known state; the return value of the function does not really matter. The next patch will change those return values; change the assertions to a while loop which expresses the intention better. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Message-id: 1437487673-23740-3-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e4efd8a488d0a68b0af34d8ee245463df7c8bdf4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 21 16:07:48 2015 +0200 qemu-timer: initialize "timers_done_ev" to set The normal value for the event is to be set. If we do not do this, pause_all_vcpus (through qemu_clock_enable) hangs unless timerlist_run_timers has been run at least once for the timerlist. This can happen with the following patches, that make aio_notify do nothing most of the time. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Message-id: 1437487673-23740-2-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 999006975840f8cdf2038a587d852a6cbfe58e3b Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jul 9 11:47:58 2015 +0800 mirror: Speed up bitmap initial scanning Limiting to sectors_per_chunk for each bdrv_is_allocated_above is slow, because the underlying protocol driver would issue much more queries than necessary. We should coalesce the query. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: <1436413678-7114-4-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b9c46307996856d03ddc1527468ff5401ac03a79 Merge: 774ee47 5f8343d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 21 20:56:20 2015 +0100 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-07-21-tag' into staging tag for qga-pull-2015-07-21 Small fix to correct schema versioning annotations for recently-added GuestDiskBusType enum values. Not the end of the world, but ideally this inconsistency would be corrected prior to 2.4 release. # gpg: Signature made Tue Jul 21 20:43:24 2015 BST using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: CEAC C9E1 5534 EBAB B82D 3FA0 3353 C9CE F108 B584 * remotes/mdroth/tags/qga-pull-2015-07-21-tag: qga: fixed versions for guest bus types in qapi-schema Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5f8343d0670e91adadb7898304c8ed4355af05a2 Author: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Date: Tue Jul 21 15:25:08 2015 +0300 qga: fixed versions for guest bus types in qapi-schema Signed-off-by: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Eric Blake <eblake@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> *added semi-colon to better delineate 2.2 vs. 2.4 versioning Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 774ee4772b6838b78741ea52d4bf26b8922244c5 Merge: a1bc040 57b7309 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 21 12:21:08 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150721' into staging target-arm queue: * don't sync CNTVCT with kernel all the time (fixes VM time weirdnesses) * fix a warning compiling disas/arm-a64 with -Wextra # gpg: Signature made Tue Jul 21 12:15:33 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150721: disas/arm-a64: Add missing compiler attribute GCC_FMT_ATTR target-arm: kvm: Differentiate registers based on write-back levels Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 57b73090e041ece40cc619a3c43a6fafcb3dd647 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Tue Jul 21 11:18:45 2015 +0100 disas/arm-a64: Add missing compiler attribute GCC_FMT_ATTR Type fprintf_function which fits here was defined with this attribute. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1437208027-14584-1-git-send-email-sw@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4b7a6bf402bd064605c287eecadc493ccf2d4897 Author: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Date: Tue Jul 21 11:18:45 2015 +0100 target-arm: kvm: Differentiate registers based on write-back levels Some registers like the CNTVCT register should only be written to the kernel as part of machine initialization or on vmload operations, but never during runtime, as this can potentially make time go backwards or create inconsistent time observations between VCPUs. Introduce a list of registers that should not be written back at runtime and check this list on syncing the register state to the KVM state. Signed-off-by: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Message-id: 1437046488-10773-1-git-send-email-christoffer.dall@xxxxxxxxxx [PMM: tweaked a few comments, added the new argument to the stub write_list_to_kvmstate() in target-arm/kvm-stub.c] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a1bc040dabc12039944e22d9529f20d6132400dd Merge: bd03a38 47c7199 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 21 10:04:32 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Mon Jul 20 19:27:04 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/ide-pull-request: tests: Fix broken targets check-report-qtest-* ahci: Force ICC bits in PxCMD to zero qtest/ide: add another short PRDT test flavor Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 47c719964a8240c99d4b7a2b4695ae026c619b83 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Mon Jul 20 12:21:18 2015 -0400 tests: Fix broken targets check-report-qtest-* They need QTEST_QEMU_IMG. Without it, the tests raise an assertion: $ make -C bin check-report-qtest-i386.xml make: Entering directory 'bin' GTESTER check-report-qtest-i386.xml blkdebug: Suspended request 'A' blkdebug: Resuming request 'A' ahci-test: tests/libqos/libqos.c:162: mkimg: Assertion `qemu_img_path' failed. main-loop: WARNING: I/O thread spun for 1000 iterations Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1437231284-17455-1-git-send-email-sw@xxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit bd03a38fdf85fb1d4f0c9f59bbc154b516f66360 Merge: 13566fe 625de44 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 20 18:26:53 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Mon Jul 20 18:25:14 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: net: Flush queued packets when guest resumes lan9118: Drop lan9118_can_receive etraxfs_eth: Drop eth_can_receive musicpal: Drop eth_can_receive net/vmxnet3: Fix RX TCP/UDP checksum on partially summed packets net/vmxnet3: Refactor 'vmxnet_rx_pkt_attach_data' socket: pass correct size in net_socket_send() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 625de449fc5597f2e1aff9cb586e249e198f03c9 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Tue Jul 7 09:21:07 2015 +0800 net: Flush queued packets when guest resumes Since commit 6e99c63 "net/socket: Drop net_socket_can_send" and friends, net queues need to be explicitly flushed after qemu_can_send_packet() returns false, because the netdev side will disable the polling of fd. This fixes the case of "cont" after "stop" (or migration). Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1436232067-29144-1-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b49b8c572f885ea2b16fc744e8837e974df34401 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 1 15:10:47 2015 +0800 lan9118: Drop lan9118_can_receive True is the default. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1435734647-8371-4-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit da69028261abd12dbf974754e69d017f6e8710b5 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 1 15:10:46 2015 +0800 etraxfs_eth: Drop eth_can_receive True is the default. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1435734647-8371-3-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit f63eab8becf92b18c18b6c31950f99f764848902 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 1 15:10:45 2015 +0800 musicpal: Drop eth_can_receive True is the default. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1435734647-8371-2-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 80da311d81c389860bc387fbe6677c71f7a3c596 Author: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 14 11:55:16 2015 +0300 net/vmxnet3: Fix RX TCP/UDP checksum on partially summed packets Convert partially summed packets to be fully checksummed. In case csum offloaded packet, vmxnet3 implementation always passes an RxCompDesc with the "Checksum calculated and found correct" notification to the OS. This emulates the observed ESXi behavior. Therefore, if packet has the NEEDS_CSUM bit set, we must calculate and place a fully computed checksum into the tcp/udp header. Otherwise, the OS driver will receive a checksum-correct indication but with the actual tcp/udp checksum field having just the pseudo header csum value. If host OS performs forwarding, it will forward an incorrectly checksummed packet. Signed-off-by: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> Signed-off-by: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Message-id: 1436864116-19154-3-git-send-email-shmulik.ladkani@xxxxxxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit fcf0cdc362dd96cb8d2935b892d3dd9ab73ad393 Author: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 14 11:55:15 2015 +0300 net/vmxnet3: Refactor 'vmxnet_rx_pkt_attach_data' Separate RX packet protocol parsing out of 'vmxnet_rx_pkt_attach_data'. Signed-off-by: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Message-id: 1436864116-19154-2-git-send-email-shmulik.ladkani@xxxxxxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 091f1f52963d7093ea578e4a05e67bc015b21192 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Tue Jul 7 17:00:56 2015 +0800 socket: pass correct size in net_socket_send() We should pass the size of packet instead of the remaining to qemu_send_packet_async(). Fixes: 6e99c631f116221d169ea53953d91b8aa74d297a ("net/socket: Drop net_socket_can_send") Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1436259656-24263-1-git-send-email-jasowang@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 09b61db7c140c5a71bfde36614c5a1f4f0d382a6 Author: Stefan Fritsch <sf@xxxxxxxxxxx> Date: Mon Jul 20 12:21:18 2015 -0400 ahci: Force ICC bits in PxCMD to zero The AHCI spec requires that the HBA sets the ICC bits to zero after the ICC change is done. Since we don't do any ICC change, force the bits to zero all the time. This fixes delays with some OSs (e.g. OpenBSD) waiting for the ICC bits to change to 0. Signed-off-by: Stefan Fritsch <sf@xxxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: E1ZFpg7-00027N-HW@xxxxxxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 58732810230719765a6618004be8f0070c9f3d31 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Jul 20 12:21:18 2015 -0400 qtest/ide: add another short PRDT test flavor The existing short PRDT test case does not transfer any data because the first PRD is less than 1 sector. This patch adds another short PRDT test case where the first sector can be read but the PRDT is still smaller than the requested number of sectors. This exercises a different code path in ide_dma_cb(). Cc: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1435770571-9906-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 13566fe3e584e7b14a6f45246976b91677dc2a77 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 8 15:10:09 2015 +0100 timer: rename NSEC_PER_SEC due to Mac OS X header clash Commit e0cf11f31c24cfb17f44ed46c254d84c78e7f6e9 ("timer: Use a single definition of NSEC_PER_SEC for the whole codebase") renamed NANOSECONDS_PER_SECOND to NSEC_PER_SEC. On Mac OS X there is a <dispatch/time.h> system header which also defines NSEC_PER_SEC. This causes compiler warnings. Let's use the old name instead. It's longer but it doesn't clash. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1436364609-7929-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dcc8a3ab632d0f11a1bf3b08381cf0f93e616b9f Merge: f73ca73 bd09594 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 20 16:01:31 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches for 2.4.0-rc2 # gpg: Signature made Mon Jul 20 15:48:56 2015 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: crypto: Fix aes_decrypt_wrapper() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f73ca7363440240b7ee5ee7f7ddb1c64751efb54 Merge: 7135847 f9d6dbf Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 20 13:25:28 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio, vhost, pc fixes for 2.4 The only notable thing here is vhost-user multiqueue revert. We'll work on making it stable in 2.5, reverting now means we won't have to maintain bug for bug compability forever. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Mon Jul 20 12:24:00 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: virtio-net: remove virtio queues if the guest doesn't support multiqueue virtio-net: Flush incoming queues when DRIVER_OK is being set pci_add_capability: remove duplicate comments virtio-net: unbreak any layout Revert "vhost-user: add multi queue support" ich9: fix skipped vmstate_memhp_state subsection Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bd09594603f1498e7623f0030988b62e2052f7da Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Fri Jul 17 19:44:10 2015 +0200 crypto: Fix aes_decrypt_wrapper() Commit d3462e3 broke qcow2's encryption functionality by using encrypt instead of decrypt in the wrapper function it introduces. This was found by qemu-iotests case 134. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit f9d6dbf0bf6e91b8ed896369ab1b7e91e5a1a4df Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Wed Jul 15 17:20:59 2015 +0800 virtio-net: remove virtio queues if the guest doesn't support multiqueue commit da51a335 adds all queues in .realize(). But if the guest doesn't support multiqueue, we forget to remove them. And we cannot handle the ctrl vq corretly. The guest will hang. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Jason Wang <jasowang@xxxxxxxxxx> commit 38705bb57bf1cd9e3f837cf11bcdee3876786c07 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 11:02:27 2015 +0800 virtio-net: Flush incoming queues when DRIVER_OK is being set This patch fixes network hang after "stop" then "cont", while network packets keep arriving. Tested both manually (tap, host pinging guest) and with Jason's qtest series (plus his "[PATCH 2.4] socket: pass correct size in net_socket_send()" fix). As virtio_net_set_status is called when guest driver is setting status byte and when vm state is changing, it is a good opportunity to flush queued packets. This is necessary because during vm stop the backend (e.g. tap) would stop rx processing after .can_receive returns false, until the queue is explicitly flushed or purged. The other interesting condition in .can_receive, virtio_queue_ready(), is handled by virtio_net_handle_rx() when guest kicks; the 3rd condition is invalid queue index which doesn't need flushing. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 9a2a66238e3bf2b681d6321c4667a2d589c8ebed Author: Chen Hanxiao <chenhanxiao@xxxxxxxxxxxxxx> Date: Tue Jul 14 16:16:11 2015 +0800 pci_add_capability: remove duplicate comments Signed-off-by: Chen Hanxiao <chenhanxiao@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit feb93f361739071778ca2d23df3876db399548f7 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Jul 17 15:19:18 2015 +0800 virtio-net: unbreak any layout Commit 032a74a1c0fcdd5fd1c69e56126b4c857ee36611 ("virtio-net: byteswap virtio-net header") breaks any layout by requiring out_sg[0].iov_len >= n->guest_hdr_len. Fixing this by copying header to temporary buffer if swap is needed, and then use this buffer as part of out_sg. Fixes 032a74a1c0fcdd5fd1c69e56126b4c857ee36611 ("virtio-net: byteswap virtio-net header") Cc: qemu-stable@xxxxxxxxxx Cc: clg@xxxxxxxxxx Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit d345ed2da3279b015605823397235b8c5ca5251f Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Jul 15 13:47:31 2015 +0300 Revert "vhost-user: add multi queue support" This reverts commit 830d70db692e374b55555f4407f96a1ceefdcc97. The interface isn't fully backwards-compatible, which is bad. Let's redo this properly after 2.4. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 75d663611e81c748522d9cdcb5230bd02db86d05 Author: Paulo Alcantara <pcacjr@xxxxxxxxx> Date: Mon Jul 13 17:45:42 2015 -0300 ich9: fix skipped vmstate_memhp_state subsection By declaring another .subsections array for vmstate_tco_io_state made vmstate_memhp_state not registered anymore. There must be only one .subsections array for all subsections. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Amit Shah <amit.shah@xxxxxxxxxx> Reported-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Paulo Alcantara <pcacjr@xxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> commit 71358470eec668f5dc53def25e585ce250cea9bf Merge: 5b5e8cd 621a20e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 17 15:22:45 2015 +0100 Merge remote-tracking branch 'remotes/amit-virtio-rng/tags/vrng-2.4' into staging Fire timer only when required. Brings down wakeups by a big number. # gpg: Signature made Fri Jul 17 14:41:40 2015 BST using RSA key ID 854083B6 # gpg: Good signature from "Amit Shah <amit@xxxxxxxxxxxx>" # gpg: aka "Amit Shah <amit@xxxxxxxxxx>" # gpg: aka "Amit Shah <amitshah@xxxxxxx>" * remotes/amit-virtio-rng/tags/vrng-2.4: virtio-rng: trigger timer only when guest requests for entropy Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 621a20e08155179b1902c428361e80f41429f50d Author: Pankaj Gupta <pagupta@xxxxxxxxxx> Date: Wed Jul 15 17:46:47 2015 +0530 virtio-rng: trigger timer only when guest requests for entropy This patch triggers timer only when guest requests for entropy. As soon as first request from guest for entropy comes we set the timer. Timer bumps up the quota value when it gets triggered. Signed-off-by: Pankaj Gupta <pagupta@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Message-Id: <1436962608-9961-2-git-send-email-pagupta@xxxxxxxxxx> [Re-worded patch subject, removed extra whitespace -- Amit] Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit 5b5e8cdd7da7a2214dd062afff5b866234aab228 Merge: fd1a9ef 92fdfa4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 17 12:39:12 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20150717-1' into staging usb: fixes for 2.4 (ccid, xhci and usb-host) # gpg: Signature made Fri Jul 17 12:21:42 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-usb-20150717-1: Revert "xhci: set timer to retry xfers" usb-ccid: add missing wakeup calls usb-ccid: fix 61b4887b41b270bc837ead57bc502d904af023bb Re-attach usb device to kernel while usb_host_open fails Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 92fdfa4bef9c92addcc009dd3e0131172b4fdc78 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jul 17 10:12:55 2015 +0200 Revert "xhci: set timer to retry xfers" This reverts commit 4e8cfbe1143d8384387595b500212d7a7f11aeae. We should not poll via timer, and with ccid being fixed to properly notify us about pending transfers we don't have to. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 86d7e214c224f939c897cfa3b6d597f7af4b5bba Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jul 16 16:33:07 2015 +0200 usb-ccid: add missing wakeup calls Properly notify the host adapter that we have data pending, so it doesn't has to poll us. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit cfda2cef3d0320d7a133600ffdb6e33547aaba8f Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jul 17 11:34:11 2015 +0200 usb-ccid: fix 61b4887b41b270bc837ead57bc502d904af023bb QOMification dropped the parent device lookup, fix it. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit fd1a9ef9c2493b5bc98e8e041333a57b635c5d71 Merge: b4329bf 562f937 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 17 10:52:12 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20150717-1' into staging input: fixes for 2.4 # gpg: Signature made Fri Jul 17 07:45:17 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-input-20150717-1: hid: clarify hid_keyboard_process_keycode virtio-input: move sys/ioctl.h include virtio-input: fix segfault in virtio_input_hid_properties Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 562f93754b95fd6dc65ad9a2aa15a90b2da7e8a4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 14 11:18:06 2015 +0200 hid: clarify hid_keyboard_process_keycode Coverity thinks the fallthroughs are smelly. They are correct, but everything else in this function is like "wut?". Refer explicitly to bits 8 and 9 of hs->kbd.modifiers instead of shifting right first and using (1 << 7). Document what the scancode is when hid_code is 0xe0. And add plenty of comments. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit b4329bf41c86bac8b56cadb097081960cc4839a0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 16 20:32:20 2015 +0100 Update version for v2.4.0-rc1 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b92304ee814f0fe8109c8946dfb4dd4b63e89871 Merge: 67ff64e d3462e3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 16 19:18:15 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * MIPS-KVM fixes. * Coverity fixes. * Nettle function prototype fixes. * Memory API refcount fix. # gpg: Signature made Thu Jul 16 19:01:27 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: crypto: avoid undefined behavior in nettle calls crypto: fix build with nettle >= 3.0.0 memory: fix refcount leak in memory_region_present RDMA: Fix error exits arm/xlnx-zynqmp: fix memory leak ppc/spapr_drc: fix memory leak mips/kvm: Sign extend registers written to KVM mips/kvm: Fix Big endian 32-bit register access Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d3462e378f40ba6838b6c42584c30769ca633e6f Author: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Date: Fri Jul 10 19:18:01 2015 +0200 crypto: avoid undefined behavior in nettle calls Calling a function pointer that was cast from an incompatible function results in undefined behavior. 'void *' isn't compatible with 'struct XXX *', so we can't cast to nettle_cipher_func, but have to provide a wrapper. (Conversion from 'void *' to 'struct XXX *' might require computation, which won't be done if we drop argument's true type, and pointers can have different sizes so passing arguments on stack would bug.) Having two different prototypes based on nettle version doesn't make this solution any nicer. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Message-Id: <1437062641-12684-3-git-send-email-rkrcmar@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit becaeb726ae7da4212a788773ebdfe87b4833f5c Author: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Date: Fri Jul 10 19:18:00 2015 +0200 crypto: fix build with nettle >= 3.0.0 In nettle 3, cbc_encrypt() accepts 'nettle_cipher_func' instead of 'nettle_crypt_func' and these two differ in 'const' qualifier of the first argument. The build fails with: In file included from crypto/cipher.c:71:0: ./crypto/cipher-nettle.c: In function â??qcrypto_cipher_encryptâ??: ./crypto/cipher-nettle.c:154:38: error: passing argument 2 of â??nettle_cbc_encryptâ?? from incompatible pointer type cbc_encrypt(ctx->ctx_encrypt, ctx->alg_encrypt, ^ In file included from ./crypto/cipher-nettle.c:24:0, from crypto/cipher.c:71: /usr/include/nettle/cbc.h:48:1: note: expected â??void (*)(const void *, size_t, uint8_t *, const uint8_t *) but argument is of type â??void (*)( void *, size_t, uint8_t *, const uint8_t *) To allow both versions, we switch to the new definition and #if typedef it for old versions. Signed-off-by: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Message-Id: <1436548682-9315-2-git-send-email-rkrcmar@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c6742b14fe7352059cd4954a356a8105757af31b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 14 13:45:34 2015 +0200 memory: fix refcount leak in memory_region_present memory_region_present() leaks a reference to a MemoryRegion in the case "mr == container". While fixing it, avoid reference counting altogether for memory_region_present(), by using RCU only. The return value could in principle be already invalid immediately after memory_region_present returns, but presumably the caller knows that and it's using memory_region_present to probe for devices that are unpluggable, or something like that. The RCU critical section is needed anyway, because it protects as->current_map. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 24b41d66c8ad8f77839fca777b92e365dad0cf5c Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Fri Jul 10 20:08:52 2015 +0100 RDMA: Fix error exits The error checks I added used 'break' after the error, but I'm in a switch inside the while loop, so they need to be 'goto out'. Spotted by coverity; entries 1311368 and 1311369 Fixes: afcddefd Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-Id: <1436555332-19076-1-git-send-email-dgilbert@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5348c62cab309b68ecd13a33c9f21e8d6071af72 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Fri Jul 10 08:51:29 2015 +0800 arm/xlnx-zynqmp: fix memory leak fix CID 1311372. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Message-Id: <1436489490-236-4-git-send-email-arei.gonglei@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 586d2142a9f1aa5a1dceb0941e7b3f0953974a8b Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Fri Jul 10 08:51:28 2015 +0800 ppc/spapr_drc: fix memory leak fix CID 1311373. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Message-Id: <1436489490-236-3-git-send-email-arei.gonglei@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 02dae26ac4ceb1e82c432cfca4d9b65ae82343c6 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Fri Apr 24 11:26:53 2015 +0100 mips/kvm: Sign extend registers written to KVM In case we're running on a 64-bit host, be sure to sign extend the general purpose registers and hi/lo/pc before writing them to KVM, so as to take advantage of MIPS32/MIPS64 compatibility. Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: kvm@xxxxxxxxxxxxxxx Cc: qemu-stable@xxxxxxxxxx Message-Id: <1429871214-23514-3-git-send-email-james.hogan@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f8b3e48b2d269551cd40f94770dc20da2f402325 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Fri Apr 24 11:26:52 2015 +0100 mips/kvm: Fix Big endian 32-bit register access Fix access to 32-bit registers on big endian targets. The pointer passed to the kernel must be for the actual 32-bit value, not a temporary 64-bit value, otherwise on big endian systems the kernel will only interpret the upper half. Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: kvm@xxxxxxxxxxxxxxx Cc: qemu-stable@xxxxxxxxxx Message-Id: <1429871214-23514-2-git-send-email-james.hogan@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 67ff64e08245a5b8de98d9b2acefb840a1fae340 Merge: 2d5ee9e 567161f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 16 16:55:00 2015 +0100 Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20150716-1' into staging qxl: allow to specify head limit to qxl driver # gpg: Signature made Thu Jul 16 16:31:40 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/spice/tags/pull-spice-20150716-1: qxl: allow to specify head limit to qxl driver Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6110ce59af199194ef63cb31ec722487df3f42fe Author: Lin Ma <lma@xxxxxxxx> Date: Wed Jun 24 13:40:11 2015 +0800 Re-attach usb device to kernel while usb_host_open fails Signed-off-by: Lin Ma <lma@xxxxxxxx> Reviewed-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e2f6bac3010419426b636d2b307f66deecd60813 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Jul 14 13:44:12 2015 +0200 virtio-input: move sys/ioctl.h include Drop from include/standard-headers/linux/input.h Add to hw/input/virtio-input-host.c instead. That allows to build virtio-input (except pass-through) on windows. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2a19b229f6c2f7288bb8c2498bffb01d67810dee Author: Lin Ma <lma@xxxxxxxx> Date: Tue Jul 14 19:27:30 2015 +0800 virtio-input: fix segfault in virtio_input_hid_properties commit 5cce173 introduced virtio-input segfault, This patch fixes it. Signed-off-by: Lin Ma <lma@xxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 567161fdd47aeb6987e700702f6bbfef04ae0236 Author: Frediano Ziglio <fziglio@xxxxxxxxxx> Date: Mon Jul 6 07:56:38 2015 +0100 qxl: allow to specify head limit to qxl driver This patch allow to limit number of heads using qxl driver. By default qxl driver is not limited on any kind on head use so can decide to use as much heads. libvirt has this as a video card parameter (actually set to 1 but not used). This parameter will allow to limit setting a use can do (which could be confusing). Signed-off-by: Frediano Ziglio <fziglio@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2d5ee9e7a7dd495d233cf9613a865f63f88e3375 Merge: 3749c11 908680c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 16 10:40:22 2015 +0100 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150716' into staging MIPS patches 2015-07-16 Changes: * bug fixes # gpg: Signature made Thu Jul 16 09:04:56 2015 BST using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 8DD3 2F98 5495 9D66 35D4 4FC0 5211 8E3C 0B29 DA6B * remotes/lalrae/tags/mips-20150716: target-mips: fix page fault address for LWL/LWR/LDL/LDR linux-user: Fix MIPS N64 trap and break instruction bug target-mips: fix resource leak reported by Coverity target-mips: fix logically dead code reported by Coverity target-mips: correct DERET instruction target-mips: fix ASID synchronisation for MIPS MT disas/mips: fix disassembling R6 instructions target-mips: fix to clear MSACSR.Cause target-mips: fix MIPS64R6-generic configuration Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3749c11a720689694101dcf2ebc43217a02f960f Merge: be0df8c 3046bb5 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 15 22:05:13 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 queue, 2015-07-15 Two bug fixes: * Memory leak due to extra g_strdup() when registering X86CPU alias properties * Fix CPUID levels so that W10 insider can run as guest OS # gpg: Signature made Wed Jul 15 21:26:59 2015 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-pull-request: target-i386: emulate CPUID level of real hardware target-i386: Don't strdup() alias property name Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit be0df8cd1eb8e182a9b61a2b4d1c57824cffadc4 Merge: 7692401 672558d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 15 21:06:54 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging NUMA queue, 2015-07-15 # gpg: Signature made Wed Jul 15 21:01:37 2015 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/numa-pull-request: numa: Fix memory leak in numa_set_mem_node_id() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3046bb5debc8153a542acb1df93b2a1a85527a15 Author: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Date: Thu Jul 9 21:07:39 2015 +0200 target-i386: emulate CPUID level of real hardware W10 insider has a bug where it ignores CPUID level and interprets CPUID.(EAX=07H, ECX=0H) incorrectly, because CPUID in fact returned CPUID.(EAX=04H, ECX=0H); this resulted in execution of unsupported instructions. While it's a Windows bug, there is no reason to emulate incorrect level. I used http://instlatx64.atw.hu/ as a source of CPUID and checked that it matches Penryn Xeon X5472, Westmere Xeon W3520, SandyBridge i5-2540M, and Haswell i5-4670T. kvm64 and qemu64 were bumped to 0xD to allow all available features for them (and to avoid the same Windows bug). Signed-off-by: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit d461a44ca4b164549fe19b14d2cdf0524f778ce1 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Jul 9 12:24:43 2015 -0300 target-i386: Don't strdup() alias property name Now object_property_add_alias() calls g_strdup() on the target property name, so we don't need to call g_strdup() ourselves. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 672558d2ea8dd782d1d2adc6e16af3bc34029a36 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 9 20:57:36 2015 +0530 numa: Fix memory leak in numa_set_mem_node_id() Fix a memory leak in numa_set_mem_node_id(). Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxx> Reported-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 7692401a0826803522cfde533bdcc149932ddc6a Merge: 711dc6f 76e2aef Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 15 17:28:59 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150715' into staging target arm queue: * handle broken AArch64 kernels which assume DTB won't cross a 2MB boundary * correct broken SCTLR_EL3 reset value # gpg: Signature made Wed Jul 15 17:24:24 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150715: hw/arm/boot: Increase fdt alignment target-arm: Fix broken SCTLR_EL3 reset Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 76e2aef392629f2b2a468f5158d5c397cc5beed2 Author: Alexander Graf <agraf@xxxxxxx> Date: Wed Jul 15 17:16:26 2015 +0100 hw/arm/boot: Increase fdt alignment The Linux kernel on aarch64 creates a page table entry at early bootup that spans the 2MB range on memory spanning the fdt start address: [ ALIGN_DOWN(fdt, 2MB) ... ALIGN_DOWN(fdt, 2MB) + 2MB ] This means that when our current 4k alignment happens to fall at the end of the aligned region, Linux tries to access memory that is not mapped. The easy fix is to instead increase the alignment to 2MB, making Linux's logic always succeed. We leave the existing 4k alignment for 32bit kernels to not cause any regressions due to space constraints. Reported-by: Andreas Schwab <schwab@xxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e46e1a74ef482f1ef773e750df9654ef4442ca29 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 15 17:16:26 2015 +0100 target-arm: Fix broken SCTLR_EL3 reset The SCTLR_EL3 cpreg definition was implicitly resetting the register state to 0, which is both wrong and clashes with the reset done via the SCTLR definition (since sctlr[3] is unioned with sctlr_s). This went unnoticed until recently, when an unrelated change (commit a903c449b41f105aa) happened to perturb the order of enumeration through the cpregs hashtable for reset such that the erroneous reset happened after the correct one rather than before it. Fix this by marking SCTLR_EL3 as an alias, so its reset is left up to the AArch32 view. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 711dc6f36b74fe65a6e5a1847f1152717d887f8a Merge: f5dec79 796a060 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 15 14:23:58 2015 +0100 Merge remote-tracking branch 'remotes/cody/tags/jtc-for-upstream-pull-request' into staging # gpg: Signature made Wed Jul 15 03:25:16 2015 BST using RSA key ID C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@xxxxxxxxxx>" # gpg: aka "Jeffrey Cody <jeff@xxxxxxxxxxxxx>" # gpg: aka "Jeffrey Cody <codyprime@xxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 9957 4B4D 3474 90E7 9D98 D624 BDBE 7B27 C0DE 3057 * remotes/cody/tags/jtc-for-upstream-pull-request: block/curl: Don't lose original error when a connection fails. mirror: correct buf_size block: keep bitmap if incremental backup job is cancelled blockdev: no need to drain in qmp_block_commit block/mirror: Sleep periodically during bitmap scanning Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 908680c6441ac468f4871d513f42be396ea0d264 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Tue Jul 14 17:45:16 2015 +0200 target-mips: fix page fault address for LWL/LWR/LDL/LDR When a LWL, LWR, LDL or LDR instruction triggers a page fault, QEMU currently reports the aligned address in CP0 BadVAddr, while the Windows NT kernel expects the unaligned address. This patch adds a byte access with the unaligned address at the beginning of the LWL/LWR/LDL/LDR instructions to possibly trigger a page fault and fill the QEMU TLB. Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Reported-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Tested-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit f01a361bfcce4bd0c439b0e051ef2a1e56727a44 Author: Andrew Bennett <andrew.bennett@xxxxxxxxxx> Date: Mon Jun 29 10:20:07 2015 +0000 linux-user: Fix MIPS N64 trap and break instruction bug For the MIPS N64 ABI when QEMU reads the break/trap instruction so that it can inspect the break/trap code it reads 8 rather than 4 bytes which means it finds the code field from the instruction after the break/trap instruction. This then causes the break/trap handling code to fail because it does not understand the code number. The fix forces QEMU to always read 4 bytes of instruction data rather than deciding how much to read based on the ABI. Signed-off-by: Andrew Bennett <andrew.bennett@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 26e7e982b267e71d40cd20e9e234fedef6770a90 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Jul 14 11:08:15 2015 +0100 target-mips: fix resource leak reported by Coverity UHI assert and link operations call lock_user_string() twice to obtain two strings pointed by gpr[4] and gpr[5]. If the second lock_user_string() fails, then the first one won't get freed. Fix this by introducing another macro responsible for obtaining two strings and handling allocation failure. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 47ada0ad3431b39863918dc80386634693d317b5 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Jul 14 11:08:14 2015 +0100 target-mips: fix logically dead code reported by Coverity Make use of CMPOP in floating-point compare instructions. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit fe87c2b36ae9c1c9a5279f3891f3bce1b573baa0 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Jul 14 11:08:13 2015 +0100 target-mips: correct DERET instruction Fix Debug Mode flag clearing, and when DERET is placed between LL and SC do not make SC fail. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 6a973e6b6584221bed89a01e755b88e58b496652 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jul 1 15:59:13 2015 +0200 target-mips: fix ASID synchronisation for MIPS MT When syncing the task ASID with EntryHi, correctly or the value instead of assigning it. Reported-by: "Dr. David Alan Gilbert" <dgilbert@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 6b9c26fb5eed2345398daca4eef601da2f3d7867 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Tue Jun 30 16:33:15 2015 +0100 disas/mips: fix disassembling R6 instructions In the Release 6 of the MIPS Architecture, LL, SC, LLD, SCD, PREF and CACHE instructions have 9 bits offsets. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit d4f4f0d5d9e74c19614479592c8bc865d92773d0 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Tue Jun 30 15:44:28 2015 +0100 target-mips: fix to clear MSACSR.Cause MSACSR.Cause bits are needed to be cleared before a vector floating-point instructions. FEXDO.df, FEXUPL.df and FEXUPR.df were missed out. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 4dc89b782095d7a0b919fafd7b1322b3cb1279f1 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Mon Jun 29 10:11:23 2015 +0100 target-mips: fix MIPS64R6-generic configuration Fix core configuration for MIPS64R6-generic to make it as close as I6400. I6400 core has 48-bit of Virtual Address available (SEGBITS). MIPS SIMD Architecture is available. Rearrange order of bits to match the specification. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit f5dec79ee88034b2da52463145a2056500db9ff2 Merge: 661725d 560d027 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 15 12:22:31 2015 +0100 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20150715-1' into staging migration/next for 20150715 # gpg: Signature made Wed Jul 15 11:23:33 2015 BST using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20150715-1: migration: We also want to store the global state for savevm migration: reduce the count of strlen call migration: Register global state section before loadvm migration: Write documetation for events capabilites migration: Trace event and migration event are different things migration: Only change state after migration has finished Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 560d027b54067ffa4e79c6f7c0a499abb0d749a3 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Jul 15 09:53:46 2015 +0200 migration: We also want to store the global state for savevm Commit df4b1024526cae3479da3492d6371fd4a7324a03 introduced global_state section. But it only filled the state while doing migration. While doing a savevm, we stored an empty string as state. So when we did a loadvm, it complained that state was invalid. Fedora 21, 4.1.1, qemu 2.4.0-rc0 > ../../configure --target-list="x86_64-softmmu" 068 2s ... - output mismatch (see 068.out.bad) --- /home/bos/jhuston/src/qemu/tests/qemu-iotests/068.out 2015-07-08 17:56:18.588164979 -0400 +++ 068.out.bad 2015-07-09 17:39:58.636651317 -0400 @@ -6,6 +6,8 @@ QEMU X.Y.Z monitor - type 'help' for more information (qemu) savevm 0 (qemu) quit +qemu-system-x86_64: Unknown savevm section or instance 'globalstate' 0 +qemu-system-x86_64: Error -22 while loading VM state QEMU X.Y.Z monitor - type 'help' for more information (qemu) quit *** done Failures: 068 Failed 1 of 1 tests Actually, there were two problems here: - we registered global_state too late for load_vm (fixed on another patch on the list) - we didn't store a valid state for savevm (fixed by this patch). Reported-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Tested-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 9f5f380b54d6ad80cf35d93c8cd71c8d7a1b52b7 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Jul 13 17:34:10 2015 +0800 migration: reduce the count of strlen call 'strlen' is called three times in 'save_page_header', it's inefficient. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 48212d87d6655b029231d830a77983c21552fe49 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Fri Jul 10 14:51:58 2015 +0200 migration: Register global state section before loadvm Otherwise, it is not found Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 72e72e1a71e5e67a11204606a5c09f6cc3089a53 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Jul 8 14:13:10 2015 +0200 migration: Write documetation for events capabilites Reported-by: Jiri Denemark <jdenemar@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 4ba4bc5e9bfab457a96ac56dc470730a330aded8 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Jul 8 13:58:27 2015 +0200 migration: Trace event and migration event are different things We can want the trace event even without migration events enabled. Reported-by: Wen Congyang <ghostwcy@xxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit 172c4356f38fbf91675256447a3bedd08220214f Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Jul 8 13:56:26 2015 +0200 migration: Only change state after migration has finished On previous change, we changed state at post load time if it was not running, special casing the "running" change. Now, we change any states at the end of the migration. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Tested-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 796a060bc0fab40953997976a2e30d9d6235bc7b Author: Richard W.M. Jones <rjones@xxxxxxxxxx> Date: Wed Jul 8 14:37:48 2015 +0100 block/curl: Don't lose original error when a connection fails. Currently if qemu is connected to a curl source (eg. web server), and the web server fails / times out / dies, you always see a bogus EIO "Input/output error". For example, choose a large file located on any local webserver which you control: $ qemu-img convert -p http://example.com/large.iso /tmp/test Once it starts copying the file, stop the webserver and you will see qemu-img fail with: qemu-img: error while reading sector 61440: Input/output error This patch does two things: Firstly print the actual error from curl so it doesn't get lost. Secondly, change EIO to EPROTO. EPROTO is a POSIX.1 compatible errno which more accurately reflects that there was a protocol error, rather than some kind of hardware failure. After this patch is applied, the error changes to: $ qemu-img convert -p http://example.com/large.iso /tmp/test qemu-img: curl: transfer closed with 469989 bytes remaining to read qemu-img: error while reading sector 16384: Protocol error Signed-off-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 48ac0a4df84662f23da25262443e1810b70c2228 Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Fri May 15 15:51:36 2015 +0800 mirror: correct buf_size If bus_size is less than 0, the command fails. If buf_size is 0, use DEFAULT_MIRROR_BUF_SIZE. If buf_size % granularity is not 0, mirror_free_init() will do dangerous things. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 5555A588.3080907@xxxxxxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 17d9716d7b5381c4b6566bb1a06267d2bfcd1821 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Jun 15 16:02:14 2015 +0100 block: keep bitmap if incremental backup job is cancelled Reclaim the dirty bitmap if an incremental backup block job is cancelled. The ret variable may be 0 when the job is cancelled so it's not enough to check ret < 0. Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1434380534-7680-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 299bf097375f9d148cda579ad85477304e38856b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu May 28 16:21:43 2015 +0200 blockdev: no need to drain in qmp_block_commit Draining is not necessary, I/O can happen as soon as the commit coroutine yields. Draining can be necessary before reopening the file for read/write, or while modifying the backing file chain, but that is done separately in bdrv_reopen_multiple or bdrv_close; this particular bdrv_drain_all does nothing for that. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1432822903-25821-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 4c0cbd6fec7db182a6deb52d5a8a8e7b0c5cbe64 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed May 13 11:11:13 2015 +0800 block/mirror: Sleep periodically during bitmap scanning Before, we only yield after initializing dirty bitmap, where the QMP command would return. That may take very long, and guest IO will be blocked. Add sleep points like the later mirror iterations. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1431486673-19280-1-git-send-email-famz@xxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 661725da09f47eb92d356fac10a4cf3b7ad1f61d Merge: f394798 2af9170 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 14 18:50:16 2015 +0100 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20150714' into staging s390x fixes for 2.4: - virtio migration regression - missing diag288 watchdog resets # gpg: Signature made Tue Jul 14 18:17:54 2015 BST using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20150714: s390/virtio-ccw: Fix migration watchdog/diag288: correctly register for system reset requests Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2af9170c8c269c4fba73e5271453ca15a57f5844 Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Tue Jul 7 13:47:23 2015 +0200 s390/virtio-ccw: Fix migration commit 213941d73b ("virtio-ccw: migrate ->revision") broke migration: 2015-07-07T11:22:55.570968Z qemu-system-s390x: VQ 39 address 0x0 inconsistent with Host index 0x100 2015-07-07T11:22:55.571008Z qemu-system-s390x: error while loading state for instance 0x0 of If thinint support is active, the config_load function returns early. Make sure to load the revision all the time. Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Fixes: 213941d73b ("virtio-ccw: migrate ->revision") Message-Id: <1436269643-66303-1-git-send-email-borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 0c7322cfd3fd382c0096c2a9f00775818a878e13 Author: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 08:21:10 2015 +0200 watchdog/diag288: correctly register for system reset requests The diag288 watchdog is no sysbus device, therefore it doesn't get triggered on resets automatically using dc->reset. Let's register the reset handler manually, so we get correctly notified again when a system reset was requested. Also reset the watchdog on subsystem resets that don't trigger a full system reset. Signed-off-by: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Tested-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> commit f3947986d9bbbae1087c4c33880d3f8dbf1f1384 Merge: 0030ff4 e34d8f2 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 14 16:51:44 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches for 2.4.0-rc1 # gpg: Signature made Tue Jul 14 16:15:35 2015 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: rbd: fix ceph settings precedence rbd: make qemu's cache setting override any ceph setting MAINTAINERS: update email address rbd: remove unused constants and fields block: Fix backing file child when modifying graph block: Reorder cleanups in bdrv_close() block: Introduce bdrv_unref_child() block: Introduce bdrv_open_child() block: Move bdrv_attach_child() calls up the call chain nvme: properly report volatile write caches nvme: implement the Flush command Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e34d8f297d51b7ffa5dce72df1e45fa94cff989c Author: Josh Durgin <jdurgin@xxxxxxxxxx> Date: Wed Jun 10 20:28:46 2015 -0700 rbd: fix ceph settings precedence Apply the ceph settings from a config file before any ceph settings from the command line. Since the ceph config file location may be specified on the command line, parse it once to read the config file, and do a second pass to apply the rest of the command line ceph options. Signed-off-by: Josh Durgin <jdurgin@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 99a3c89d5d538dc6c360e35dffb797cfe06e9cda Author: Josh Durgin <jdurgin@xxxxxxxxxx> Date: Wed Jun 10 20:28:45 2015 -0700 rbd: make qemu's cache setting override any ceph setting To be safe, when cache=none is used ceph settings should not be able to override it to turn on caching. This was previously possible with rbd_cache=true in the rbd device configuration or a ceph configuration file. Similarly, rbd settings could have turned off caching when qemu requested it, although this would just be a performance problem. Fix this by changing rbd's cache setting to match qemu after all other ceph settings have been applied. Signed-off-by: Josh Durgin <jdurgin@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5a8ac6d9d70e1a078d04ad75a5c055b00a041d70 Author: Josh Durgin <jdurgin@xxxxxxxxxx> Date: Wed Jun 10 20:28:44 2015 -0700 MAINTAINERS: update email address The old one still works for now, but will not work indefinitely. Signed-off-by: Josh Durgin <jdurgin@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 3dbf00e058e450173c6f892bb572df871eb4ea58 Author: Josh Durgin <jdurgin@xxxxxxxxxx> Date: Wed Jun 10 20:28:43 2015 -0700 rbd: remove unused constants and fields RBDAIOCB.status was only used for cancel, which was removed in 7691e24dbebb46658e89b3f950fda6ec78bbb823. RBDAIOCB.sector_num was never used. RADOSCB.done and rcbid were never used. RBD_FD* are obsolete since the pipe was removed in e04fb07fd1676e9facd7f3f878c1bbe03bccd26b. Signed-off-by: Josh Durgin <jdurgin@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 80a1e130917e0745625129553c943743eb663727 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Jun 17 15:52:09 2015 +0200 block: Fix backing file child when modifying graph This patch moves bdrv_attach_child() from the individual places that add a backing file to a BDS to bdrv_set_backing_hd(), which is called by all of them. It also adds bdrv_detach_child() there. For normal operation (starting with one backing file chain and not changing it until the topmost image is closed) and live snapshots, this constitutes no change in behaviour. For all other cases, this is a fix for the bug that the old backing file was still referenced as a child, and the new one wasn't referenced. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 9a7dedbc43c7c400663d2876a8ccb6d942a1429a Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Jun 16 10:58:20 2015 +0200 block: Reorder cleanups in bdrv_close() Block drivers may still want to access their child nodes in their .bdrv_close handler. If they unref and/or detach a child by themselves, this should not result in a double free. There is additional code for backing files, which are just a special case of child nodes. The same applies for them. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 33a604075c51e5528eed970eeaeefe609ea2337d Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Jun 15 13:51:04 2015 +0200 block: Introduce bdrv_unref_child() This is the counterpart for bdrv_open_child(). It decreases the reference count of the child BDS and removes it from the list of children of the given parent BDS. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit b4b059f628173dd1d722ee8a9c592a80aec1fc2f Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Jun 15 13:24:19 2015 +0200 block: Introduce bdrv_open_child() It is the same as bdrv_open_image(), except that it doesn't only return success or failure, but the newly created BdrvChild object for the new child node. As the BdrvChild object already contains a BlockDriverState pointer (and this is supposed to become the only pointer so that bdrv_append() and friends can just change a single pointer in BdrvChild), the pbs parameter is removed for bdrv_open_child(). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit df5817926790f6e84d1936eab523556f96fa577a Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Jun 15 11:53:47 2015 +0200 block: Move bdrv_attach_child() calls up the call chain Let the callers of bdrv_open_inherit() call bdrv_attach_child(). It needs to be called in all cases where bdrv_open_inherit() succeeds (i.e. returns 0) and a child_role is given. bdrv_attach_child() is moved upwards to avoid a forward declaration. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 30349fd038ffb26528fad21abe1e264031364449 Author: Christoph Hellwig <hch@xxxxxx> Date: Thu Jun 11 12:01:39 2015 +0200 nvme: properly report volatile write caches Implement support in Identify and Get/Set Features to properly report and allow to change the Volatile Write Cache status reported by the virtual NVMe device. Signed-off-by: Christoph Hellwig <hch@xxxxxx> Acked-by: Keith Busch <keith.busch@xxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8b9d74e0eebb2106b767d66355d38086be72ad2b Author: Christoph Hellwig <hch@xxxxxx> Date: Thu Jun 11 12:01:38 2015 +0200 nvme: implement the Flush command Implement a real flush instead of faking it. This is especially important as Qemu assume Write back cashing by default and thus requires a working cache flush operation for data integrity. Signed-off-by: Christoph Hellwig <hch@xxxxxx> Acked-by: Keith Busch <keith.busch@xxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 0030ff40472b9ebf0e0595afbc8d7e428218c5d7 Merge: f3a1b50 a169513 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 14 14:52:45 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-20150714-1' into staging vnc: fix vnc client authentication # gpg: Signature made Tue Jul 14 14:38:48 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vnc-20150714-1: vnc: fix vnc client authentication Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a16951375f7669b7faf27f72ca753e25325c5179 Author: Wolfgang Bumiller <w.bumiller@xxxxxxxxxxx> Date: Tue Jul 14 14:51:40 2015 +0200 vnc: fix vnc client authentication Commit 800567a61 updated the code to the generic crypto API and mixed up encrypt and decrypt functions in procotol_client_auth_vnc. (Used to be: deskey(key, EN0) which encrypts, and was changed to qcrypto_cipher_decrypt in 800567a61.) Changed it to qcrypto_cipher_encrypt now. Signed-off-by: Wolfgang Bumiller <w.bumiller@xxxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f3a1b5068cea303a55e2a21a97e66d057eaae638 Merge: 6e3c0c6 4421c6a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 13 13:35:51 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging pc,virtio: fixes for 2.4 pc and virtio changes, bugfixes only. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Mon Jul 13 13:03:38 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: pc: fix reuse of pc-i440fx-2.4 in pc-i440fx-2.3 Revert "virtio-net: enable virtio 1.0" virtio-pci: don't crash on illegal length qdev: fix 64 bit properties Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4421c6a38a37d558b8e6f82d2d54aee30350f57f Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Tue Jun 23 14:00:51 2015 -0300 pc: fix reuse of pc-i440fx-2.4 in pc-i440fx-2.3 commit fddd179ab962f6f78a8493742e1068d6a620e059, "pc: Convert *_MACHINE_OPTIONS macros into functions" broke the chaining of *_machine_options() functions on pc-i440fx-2.3, at: -#define PC_I440FX_2_3_MACHINE_OPTIONS \ - PC_I440FX_2_4_MACHINE_OPTIONS, \ - .alias = NULL, \ - .is_default = 0 +static void pc_i440fx_2_3_machine_options(QEMUMachine *m) +{ + pc_i440fx_machine_options(m); + m->alias = NULL; + m->is_default = 0; +} I have replaced PC_I440FX_2_4_MACHINE_OPTIONS with a pc_i440fx_machine_options() call, instead of calling pc_i440fx_2_4_machine_options(). This broke the setting of default_machine_opts and default_display on pc-i440fx-{2.0,2,1,2.2,2.3}. Fix this by making pc_i440fx_2_3_machine_options() reuse pc_i440fx_2_4_machine_options(). Reported-by: "Dr. David Alan Gilbert" <dgilbert@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 06c4670ff6d4acdc5a24e3d25748ee4a489d5869 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Mon Jul 13 13:46:50 2015 +0800 Revert "virtio-net: enable virtio 1.0" This reverts commit df91055db5c9cee93d70ca8c08d72119a240b987. This is because: - vhost support virtio 1.0 now - transport code (e.g virtio-pci) set this feature when modern is enabled, setting this unconditionally will break disable-modern=on. Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 2a6391232fa58f32469fb61d55343eff32a91083 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Jul 13 10:32:50 2015 +0300 virtio-pci: don't crash on illegal length Some guests seem to access cfg with an illegal length value. It's worth fixing them but debugging is easier if qemu does not crash. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8aedc369c6ae4fb4c4c6920f703b000015df3d8d Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jul 9 13:01:14 2015 +0200 qdev: fix 64 bit properties 64 bit props used 32 bit callbacks in two places, leading to broken feature bits on virtio (example: got 0x31000000000006d4 which is obviously bogus). Fix this. Fixes: fdba6d96 ("qdev: add 64bit properties") Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6e3c0c6edbdddb8dd676bec1ac51b5faffc19a77 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Fri Jul 10 21:22:39 2015 +0200 tci: Fix regression with INDEX_op_qemu_st_i32, INDEX_op_qemu_st_i64 Commit 59227d5d45bb3c31dc2118011691c35b3c00879c did not update the code in tcg/tci/tcg-target.c for those two cases. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Message-id: 1436556159-3002-1-git-send-email-sw@xxxxxxxxxxx Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6169b60285fe1ff730d840a49527e721bfb30899 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 9 17:56:56 2015 +0100 Update version for v2.4.0-rc0 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 16c1321bd78ad79a7252b714184ee2a0b5944c56 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 9 17:46:24 2015 +0100 tci: Fix compile failure by including qemu-common.h Compilation of TCI was accidentally broken by the recent disassembler changes: CC x86_64-softmmu/arch_init.o In file included from target-i386/cpu-qom.h:23:0, from target-i386/cpu.h:986, from include/qemu-common.h:122, from include/disas/bfd.h:12, from disas/tci.c:20: include/qom/cpu.h:178:43: error: unknown type name â??disassemble_infoâ?? void (*disas_set_info)(CPUState *cpu, disassemble_info *info); ^ include/qom/cpu.h:179:1: error: no semicolon at end of struct or union [-Werror] } CPUClass; ^ cc1: all warnings being treated as errors The underlying cause of this is an include loop: bfd.h -> qemu-common.h -> target-arm/cpu.h -> target-arm/cpu-qom.h -> qom/cpu.h -> bfd.h which means that if bfd.h is included first then qom/cpu.h doesn't get the definition of the disassemble_info type that it wanted. The easiest fix for this is to include qemu-common.h from tci.c before including disas/bfd.h. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a9dc4cf94c182f03c0061483891f53d1d21e5e68 Merge: 0326248 4f4f697 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 9 16:22:37 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging Fixes for two bad bugs. For 2.4-rc0. # gpg: Signature made Thu Jul 9 15:54:19 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: crypto: fix builtin qcrypto_cipher_free migration: fix RCU deadlock Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4f4f6976d80614e2d81cea4385885876f24bb257 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jul 9 16:52:48 2015 +0200 crypto: fix builtin qcrypto_cipher_free This was dereferencing a pointer before checking if it was NULL. Reported-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reported-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 032624868df264d395ee9900331f08bad1431022 Merge: 5a2db89 6b625fd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 9 15:00:37 2015 +0100 Merge remote-tracking branch 'remotes/afaerber/tags/qom-cpu-for-peter' into staging QOM CPUState and X86CPU * Further QOM'ification of CPU initialization * Propagation of CPUState arguments and elimination of ENV_GET_CPU() usage * cpu_set_pc() abstraction * CPUClass::disas_set_info() hook # gpg: Signature made Thu Jul 9 14:23:12 2015 BST using RSA key ID 3E7E013F # gpg: Good signature from "Andreas Färber <afaerber@xxxxxxx>" # gpg: aka "Andreas Färber <afaerber@xxxxxxxx>" * remotes/afaerber/tags/qom-cpu-for-peter: (22 commits) disas: cris: QOMify target specific disas setup disas: cris: Fix 0 buffer length case disas: microblaze: QOMify target specific disas setup disas: arm: QOMify target specific disas setup disas: arm-a64: Make printfer and stream variable disas: QOMify target specific setup disas: Add print_insn to disassemble info microblaze: boot: Use cpu_set_pc() hw/arm/boot: Use cpu_set_pc() gdbstub: Use cpu_set_pc() helper cpu: Add wrapper for the set_pc() hook cpu-exec: Purge all uses of ENV_GET_CPU() cpu: Change cpu_exec_init() arg to cpu, not env cpu: Change tcg_cpu_exec() arg to cpu, not env gdbstub: Change gdbserver_fork() to accept cpu instead of env translate-all: Change tb_flush() env argument to cpu target-ppc: Move cpu_exec_init() call to realize function cpu: Convert cpu_index into a bitmap cpu: Add Error argument to cpu_exec_init() cpu: Reorder cpu->as, cpu->thread_id, cpu->memory_dispatch init ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6b625fde5eb8d1c969969392f1c92b58beed2183 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:57:38 2015 -0700 disas: cris: QOMify target specific disas setup Move the target_disas() cris specifics to the QOM disas_set_info() hook and delete the cris specific code in disas.c. This also now adds support for monitor_disas() to cris. E.g. (qemu) xp 0x40004000 0000000040004000: 0x1e6f25f0 And before this patch: (qemu) xp/i 0x40004000 0x40004000: Asm output not supported on this arch After: (qemu) xp/i 0x40004000 0x40004000: di (qemu) xp/i 0x40004002 0x40004002: move.d 0xb003c004,$r1 Note: second example is 6-byte misaligned instruction! Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 51d373cf5f5a39fa315342d12ec910fe59d87090 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:57:37 2015 -0700 disas: cris: Fix 0 buffer length case Cris has the complication of variable length instructions and has a check in place to clamp memory reads in case the disas request doesn't have enough bytes for the instruction being disas'd. This breaks down in the case where disassembling for the monitor where the buffer length is defaulted to 0. The buffer length should never be zero for a regular target_disas, so we can safely assume the 0 case is for the monitor in which case consider the buffer length to be the max for cris instructions. Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit efc6674be845e40d443b62e80eb9ea9a9adfee3c Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:57:36 2015 -0700 disas: microblaze: QOMify target specific disas setup Move the target_disas() MB specifics to the QOM disas_set_info hook and delete the MB specific code in disas.c. This also now adds support for monitor_disas() to Microblaze. E.g. (qemu) xp 0x90000000 0000000090000000: 0x94208001 And before this patch: (qemu) xp/i 0x90000000 0x90000000: Asm output not supported on this arch After: (qemu) xp/i 0x90000000 0x90000000: mfs r1, rmsr Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 484406200e51eac023b346fdf987f86af1f6fe75 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:57:35 2015 -0700 disas: arm: QOMify target specific disas setup Move the target_disas() ARM specifics to the QOM disas_set_info hook and delete the ARM specific code in disas.c. This has the extra advantage of the more fully featured target_disas() implementation now applying to monitor_disas(). Currently, target_disas() has multi-endian, thumb and AArch64 support whereas the existing monitor_disas() support only has vanilla AA32 support. E.G. Running an AA64 linux kernel the following -d in_asm disas happens (taget_disas()): IN: 0x0000000040000000: 580000c0 ldr x0, pc+24 (addr 0x40000018) 0x0000000040000004: aa1f03e1 mov x1, xzr However before this patch, disasing the same from the monitor: (qemu) xp/i 0x40000000 0x0000000040000000: 580000c0 stmdapl r0, {r6, r7} After this patch: (qemu) xp/i 0x40000000 0x0000000040000000: 580000c0 ldr x0, pc+24 (addr 0x40000018) Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit fb200d5f003118f63205f34bbe553efcf3a66a81 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:57:34 2015 -0700 disas: arm-a64: Make printfer and stream variable In a normal disassembly flow, the printf() and stream being used varies from disas job to job. In particular it varies if mixing monitor_disas and target_disas. Make both the printf() function and target stream settable in the QEMUDisassmbler class. Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> Tested-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 37b9de463bff4fc786bb5f0778829e68d2c97bd0 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:57:33 2015 -0700 disas: QOMify target specific setup Add a QOM function hook for target-specific disassembly setup. This allows removal of the #ifdeffery currently implementing target specific disas setup from disas.c. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 2de295c544dda8680a82fe465c92d236d49c4d4f Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:57:32 2015 -0700 disas: Add print_insn to disassemble info Add the print_insn pointer to the disassemble info structure. This is to prepare for QOMification support, where a QOM CPU hook function will be responsible for setting the print_insn() function. Add this function to the existing struct to consolidate such that only the one struct needs to be passed to the new QOM API. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 691b9572e337f2d74b4b527c3dc76f542c6a5734 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:19:23 2015 -0700 microblaze: boot: Use cpu_set_pc() Use cpu_set_pc() for setting program counters when bootloading. This removes an instance of system level code having to reach into the CPU env. Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> [AF: Avoid duplicated CPU() casts through local variable] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 4df81c6ed1eddcbbb920a977e76f599e05b39b77 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:19:22 2015 -0700 hw/arm/boot: Use cpu_set_pc() Use cpu_set_pc() across the board for setting program counters. This removes instances of system level code having to reach into the CPU env. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> [AF: Avoid repeated casts with local variables] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 4a2b24edb73f98fa58fd8965db5b312617de7a02 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:19:21 2015 -0700 gdbstub: Use cpu_set_pc() helper Use the cpu_set_pc() helper which will take care of CPUClass retrieval for us. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 2991b8904730d663f12ad42e35798ecc22fe151c Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:19:20 2015 -0700 cpu: Add wrapper for the set_pc() hook Add a wrapper around the CPUClass::set_pc() hook. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit ea3e9847408131abc840240bd61e892d28459452 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Jun 18 10:24:55 2015 -0700 cpu-exec: Purge all uses of ENV_GET_CPU() Remove un-needed usages of ENV_GET_CPU() by converting the APIs to use CPUState pointers and retrieving the env_ptr as minimally needed. Scripted conversion for target-* change: for I in target-*/cpu.h; do sed -i \ 's/\(^int cpu_[^_]*_exec(\)[^ ][^ ]* \*s);$/\1CPUState *cpu);/' \ $I; done Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 4bad9e392e788a218967167a38ce2ae7a32a6231 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 19:31:18 2015 -0700 cpu: Change cpu_exec_init() arg to cpu, not env The callers (most of them in target-foo/cpu.c) to this function all have the cpu pointer handy. Just pass it to avoid an ENV_GET_CPU() from core code (in exec.c). Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Cc: "Edgar E. Iglesias" <edgar.iglesias@xxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Cc: Michael Walle <michael@xxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Anthony Green <green@xxxxxxxxxxxxxx> Cc: Jia Liu <proljc@xxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Cc: Blue Swirl <blauwirbel@xxxxxxxxx> Cc: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Cc: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Cc: Guan Xuetao <gxt@xxxxxxxxxxxxxxx> Cc: Max Filippov <jcmvbkbc@xxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 3d57f7893c90d911d786cb2c622b0926fc808b57 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 19:31:17 2015 -0700 cpu: Change tcg_cpu_exec() arg to cpu, not env The sole caller of this function navigates the cpu->env_ptr only for this function to take it back the cpu pointer straight away. Pass in cpu pointer instead and grab the env pointer locally in the function. Removes a core code usage of ENV_GET_CPU(). Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit f7ec7f7b269813603b1d64bb9833f9e711f0115c Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 19:31:16 2015 -0700 gdbstub: Change gdbserver_fork() to accept cpu instead of env All callsites to this function navigate the cpu->env_ptr only for the function to take the env ptr back to the original cpu ptr. Change the function to just pass in the CPU pointer instead. Removes a core code usage of ENV_GET_CPU() (in gdbstub.c). Cc: Riku Voipio <riku.voipio@xxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit bbd77c180d7ff1b04a7661bb878939b2e1d23798 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 19:31:15 2015 -0700 translate-all: Change tb_flush() env argument to cpu All of the core-code usages of this API have the cpu pointer handy so pass it in. There are only 3 architecture specific usages (2 of which are commented out) which can just use ENV_GET_CPU() locally to get the cpu pointer. The reduces core code usage of the CPU env, which brings us closer to common-obj'ing these core files. Cc: Riku Voipio <riku.voipio@xxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Acked-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 6dd0f8342ddfbd8db3e3de1a17686cedbc14e9f1 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Tue Jun 23 19:31:14 2015 -0700 target-ppc: Move cpu_exec_init() call to realize function Move cpu_exec_init() call from instance_init to realize. This allows any failures from cpu_exec_init() to be handled appropriately. Also add corresponding cpu_exec_exit() call from unrealize. cpu_dt_id assignment from instance_init is no longer needed since correct assignment for cpu_dt_id is already present in realizefn. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> [AF: Keep calling cpu_exec_init() for CONFIG_USER_ONLY] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit b7bca7333411bd19c449147e8202ae6b0e4a8e09 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Tue Jun 23 19:31:13 2015 -0700 cpu: Convert cpu_index into a bitmap Currently CPUState::cpu_index is monotonically increasing and a newly created CPU always gets the next higher index. The next available index is calculated by counting the existing number of CPUs. This is fine as long as we only add CPUs, but there are architectures which are starting to support CPU removal, too. For an architecture like PowerPC which derives its CPU identifier (device tree ID) from cpu_index, the existing logic of generating cpu_index values causes problems. With the currently proposed method of handling vCPU removal by parking the vCPU fd in QEMU (Ref: http://lists.gnu.org/archive/html/qemu-devel/2015-02/msg02604.html), generating cpu_index this way will not work for PowerPC. This patch changes the way cpu_index is handed out by maintaining a bit map of the CPUs that tracks both addition and removal of CPUs. The CPU bitmap allocation logic is part of cpu_exec_init(), which is called by instance_init routines of various CPU targets. Newly added cpu_exec_exit() API handles the deallocation part and this routine is called from generic CPU instance_finalize. Note: This new CPU enumeration is for !CONFIG_USER_ONLY only. CONFIG_USER_ONLY continues to have the old enumeration logic. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> [AF: max_cpus -> MAX_CPUMASK_BITS] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 5a790cc4b942e651fec7edc597c19b637fad5a76 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Tue Jun 23 19:31:12 2015 -0700 cpu: Add Error argument to cpu_exec_init() Add an Error argument to cpu_exec_init() to let users collect the error. This is in preparation to change the CPU enumeration logic in cpu_exec_init(). With the new enumeration logic, cpu_exec_init() can fail if cpu_index values corresponding to max_cpus have already been handed out. Since all current callers of cpu_exec_init() are from instance_init, use error_abort Error argument to abort in case of an error. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 291135b5da228e58900c120e12354cc0a23608e3 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Apr 27 17:00:33 2015 -0300 cpu: Reorder cpu->as, cpu->thread_id, cpu->memory_dispatch init Instead of initializing cpu->as, cpu->thread_id, and reloading memory map while holding cpu_list_lock(), do it earlier, before locking the CPU list and initializing cpu_index. This allows the code handling cpu_index and global CPU list to be isolated from the rest. Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 7c39163e389e6e6e16965606fb5a26abcdb6ad73 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Apr 27 17:00:32 2015 -0300 cpu: Initialize breakpoint/watchpoint lists in cpu_common_initfn() One small step in the simplification of cpu_exec_init(). Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 199fc85acd0571902eeefef6ea861b8ba4c8201f Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Apr 27 17:00:31 2015 -0300 cpu: No need to zero-initialize CPUState::numa_node QOM objects are already zero-filled when instantiated, there's no need to explicitly set numa_node to 0. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 5a2db89615c8efabbeca74fe5e0f14f312d3bbe3 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Thu Jul 9 10:17:15 2015 +0100 mips/kvm: Sync with newer MIPS KVM headers The KVM_REG_MIPS_COUNT_* definitions are now included in linux-headers/asm-mips/kvm.h since commit b061808d39fa ("linux-headers: update linux headers to kvm/next"), therefore the duplicate definitions in target-mips/kvm.c can now be dropped (the definitions were tweaked slightly in commit 7a52ce8a1607 ("linux-headers: update") which triggered the following build warnings turned errors): target-mips/kvm.c:232:0: error: "KVM_REG_MIPS_COUNT_CTL" redefined [-Werror] linux-headers/asm/kvm.h:129:0: note: this is the location of the previous definition target-mips/kvm.c:236:0: error: "KVM_REG_MIPS_COUNT_RESUME" redefined [-Werror] linux-headers/asm/kvm.h:141:0: note: this is the location of the previous definition target-mips/kvm.c:239:0: error: "KVM_REG_MIPS_COUNT_HZ" redefined [-Werror] linux-headers/asm/kvm.h:147:0: note: this is the location of the previous definition Also update the MIPS_C0_{32,64} macros to utilise definitions more recently added to the asm-mips/kvm.h header. Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Message-id: 1436433435-24898-3-git-send-email-james.hogan@xxxxxxxxxx Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: kvm@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a8f13961fdcff3a5969b9884368e875aa068f1c9 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Thu Jul 9 10:17:14 2015 +0100 tcg/mips: Fix build error from merged memop+mmu_idx parameter Commit 3972ef6f830d ("tcg: Push merged memop+mmu_idx parameter to softmmu routines") caused the following build errors when building TCG for MIPS: In file included from tcg/tcg.c:258:0: tcg/mips/tcg-target.c In function â??tcg_out_qemu_ld_slow_pathâ??: tcg/mips/tcg-target.c:1015:22: error: â??lbâ?? undeclared (first use in this function) tcg/mips/tcg-target.c In function â??tcg_out_qemu_st_slow_pathâ??: tcg/mips/tcg-target.c:1058:22: error: â??lbâ?? undeclared (first use in this function) It looks like lb was meant to refer to the TCGLabelQemuLdst *l parameter, so fix both references to lb to refer to just l. Fixes: 3972ef6f830d ("tcg: Push merged memop+mmu_idx parameter to softmmu routines") Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Message-id: 1436433435-24898-2-git-send-email-james.hogan@xxxxxxxxxx Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d09a6fde1590ca3a45b608b6873a680f208dfeb5 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jul 9 08:47:58 2015 +0200 migration: fix RCU deadlock migration_end calls synchronize_rcu() within a critical section. That causes a deadlock; move the call after rcu_read_unlock(). Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit acf7b7fdf31fa76b53803790917c8acf23a2badb Merge: c8e8428 2828a30 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 8 20:46:35 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging Bugfixes and Daniel Berrange's crypto library. # gpg: Signature made Wed Jul 8 12:12:29 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: ossaudio: fix memory leak ui: convert VNC to use generic cipher API block: convert qcow/qcow2 to use generic cipher API ui: convert VNC websockets to use crypto APIs block: convert quorum blockdrv to use crypto APIs crypto: add a nettle cipher implementation crypto: add a gcrypt cipher implementation crypto: introduce generic cipher API & built-in implementation crypto: move built-in D3DES implementation into crypto/ crypto: move built-in AES implementation into crypto/ crypto: introduce new module for computing hash digests vl: move rom_load_all after machine init done Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c8e84287da7dd6a46c0bb0e53190e79ba4eedf24 Merge: d09952e 702c8c8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 8 19:44:28 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Wed Jul 8 19:08:28 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/ide-pull-request: ahci: Fix CD-ROM signature libqos/ahci: fix ahci_write_fis for ncq on ppc64 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 702c8c8be2f3317c81fff83f82d8a5f1d50d41b8 Author: Hannes Reinecke <hare@xxxxxxx> Date: Mon Jul 6 17:49:51 2015 -0400 ahci: Fix CD-ROM signature The CD-ROM signature is 0xeb140101, not 0xeb140000. Without this change OVMF/Duet runs into a timeout trying to detect a SATA cdrom. Signed-off-by: Hannes Reinecke <hare@xxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1436219392-31915-2-git-send-email-jsnow@xxxxxxxxxx commit 9ab9993f71b7eac6788deae2fbb7ec659ceb4a1e Author: John Snow <jsnow@xxxxxxxxxx> Date: Mon Jul 6 15:17:09 2015 -0400 libqos/ahci: fix ahci_write_fis for ncq on ppc64 Don't try to correct the endianness of NCQ commands, which do not use any fields wider than a single byte. This corrects the /x86_64/ahci/io/ncq/simple test (and others) for ppc64 BE hosts. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Tested-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1436210229-4118-2-git-send-email-jsnow@xxxxxxxxxx commit d09952ee8caeea928695d5a3dc3ec50d8afb98c6 Author: Paul Durrant <paul.durrant@xxxxxxxxxx> Date: Tue Jul 7 14:32:38 2015 +0100 Fix the compatibility typedef of ioservid_t to match the Xen headers There is a mismatch between the definition of ioservid_t in xen_common.h and the definition in the Xen public headers. This patch corrects the definition in xen_common.h. Signed-off-by: Paul Durrant <paul.durrant@xxxxxxxxxx> Tested-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1436275958-25174-1-git-send-email-paul.durrant@xxxxxxxxxx Cc: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c8232b39bb18a91cde39b8e0b60e731a4ce782b1 Merge: 62a3864 c4fc82b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 8 13:36:19 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging pc,virtio,pci: fixes and updates Most notably, this includes the TCO support for ICH: the last feature for 2.4 as we are entering the hard freeze. Bugfixes only from now on. virtio pci also gained cfg access capability - arguably a bugfix since virtio spec makes it mandatory, but it's a big patch. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Wed Jul 8 10:40:07 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: tco-test: fix up config accesses and re-enable virtio fix cfg endian-ness for BE targets virtio-pci: implement cfg capability virtio: define virtio_pci_cfg_cap in header. pcie: Set the "link active" in the link status register pci_regs.h: import from linux virtio_net: reuse constants from linux hw/i386/pc: don't carry FDC from pc_basic_device_init() to pc_cmos_init() hw/i386/pc: reflect any FDC @ ioport 0x3f0 in the CMOS hw/i386/pc: factor out pc_cmos_init_floppy() ich9: implement strap SPKR pin logic tests: add testcase for TCO watchdog emulation ich9: add TCO interface emulation acpi: split out ICH ACPI support Revert "dataplane: allow virtio-1 devices" dataplane: fix cross-endian issues Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 62a3864eb09414d3cee94a2a592ecd414200912f Merge: 59dc0a1 c54e1eb Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 8 12:35:14 2015 +0100 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-07-06-v3-tag' into staging tag for qga-pull-2015-07-06-v3 v3: - fix missing <windows.h> in configure test program. v2: - added configure check for guest-get-fs-info to avoid breakage on older MinGWs - removed extraneous include of ws2ipdef.h in w32 guest-network-get-interfaces. ws2tcpip.h already provides those definitions, and older MinGWs don't have it. - rebased on latest master # gpg: Signature made Wed Jul 8 03:01:18 2015 BST using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: CEAC C9E1 5534 EBAB B82D 3FA0 3353 C9CE F108 B584 * remotes/mdroth/tags/qga-pull-2015-07-06-v3-tag: qga: added GuestPCIAddress information qga: added bus type and disk location path configure: add configure check for ntdddisk.h qga: added mountpoint and filesystem type for single volume qga: added empty qmp_quest_get_fsinfo functionality. qga: fail early for invalid time qga: win32 qmp_guest_network_get_interfaces implementation qga: add win32 library iphlpapi Revert "guest agent: remove g_strcmp0 usage" qga/qmp_guest_fstrim: Return per path fstrim result qga/commands-posix: Fix bug in guest-fstrim Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2828a307232ffceeddec9feb6a87ac660b68b693 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue Jun 23 09:01:10 2015 +0800 ossaudio: fix memory leak Variable "conf" going out of scope leaks the storage it points to in line 856. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Message-Id: <1435021270-7768-1-git-send-email-arei.gonglei@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 800567a613510c77a55decac4d25fea154d1ee22 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:38 2015 +0100 ui: convert VNC to use generic cipher API Switch the VNC server over to use the generic cipher API, this allows it to use the pluggable DES implementations, instead of being hardcoded to use QEMU's built-in impl. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-11-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f6fa64f6d22b0ed53fb3be5883cd9719d17cb4f0 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:37 2015 +0100 block: convert qcow/qcow2 to use generic cipher API Switch the qcow/qcow2 block driver over to use the generic cipher API, this allows it to use the pluggable AES implementations, instead of being hardcoded to use QEMU's built-in impl. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-10-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8e9b0d24fb986d4241ae3b77752eca5dab4cb486 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:36 2015 +0100 ui: convert VNC websockets to use crypto APIs Remove the direct use of gnutls for hash processing in the websockets code, in favour of using the crypto APIs. This allows the websockets code to be built unconditionally removing countless conditional checks from the VNC code. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-9-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 488981a4af396551a3178d032cc2b41d9553ada2 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:35 2015 +0100 block: convert quorum blockdrv to use crypto APIs Get rid of direct use of gnutls APIs in quorum blockdrv in favour of using the crypto APIs. This avoids the need to do conditional compilation of the quorum driver. It can simply report an error at file open file instead if the required hash algorithm isn't supported by QEMU. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-8-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ed754746fea55df726f4de3dadb5bea0b6aa7409 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:34 2015 +0100 crypto: add a nettle cipher implementation If we are linking to gnutls already and gnutls is built against nettle, then we should use nettle as a cipher backend in preference to our built-in backend. This will be used when linking against some GNUTLS 2.x versions and all GNUTLS 3.x versions. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-7-git-send-email-berrange@xxxxxxxxxx> [Change "#elif" to "#elif defined". - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 62893b67cd82bbd48b013c1cec25f0d863612c80 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:33 2015 +0100 crypto: add a gcrypt cipher implementation If we are linking to gnutls already and gnutls is built against gcrypt, then we should use gcrypt as a cipher backend in preference to our built-in backend. This will be used when linking against GNUTLS 1.x and many GNUTLS 2.x versions. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-6-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ca38a4cc9e36647437b837b346a41981fb8880cd Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:32 2015 +0100 crypto: introduce generic cipher API & built-in implementation Introduce a generic cipher API and an implementation of it that supports only the built-in AES and DES-RFB algorithms. The test suite checks the supported algorithms + modes to validate that every backend implementation is actually correctly complying with the specs. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-5-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c4fc82bf1ad088a84ccedf779f6aa928e4fadb5f Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Jul 8 10:06:15 2015 +0300 tco-test: fix up config accesses and re-enable The mistake that made the test fail was that it tried to use a BAR address as an offset for config accesses to LPC. Config accesses don't need a BAR, and LPC does not have one. Don't attempt to map it. With this change applied, TCO test passes, so re-enable it. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1e40356ce5f6ccfa0bb57104a533c62952c560ce Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Sun Jul 5 15:08:09 2015 +0200 virtio fix cfg endian-ness for BE targets address_space_rw assumes data is in target format and byte-swaps it if target is BE and device is LE. Use fixed-endian LE APIs instead. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ada434cd0b44ce984318621e4bb79e067360d737 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jul 2 14:59:49 2015 +0200 virtio-pci: implement cfg capability spec says we must, so let's do it! Note: the implementation is incorrect for BE targets. Will fix with a patch on top, not a big deal now as the only user is seabios, used on x86 only. Tested-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c36f24a2045d7a002b767ce023acfd9be63df692 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jul 2 12:52:44 2015 +0200 virtio: define virtio_pci_cfg_cap in header. Update virtio pci header from linux-next virtio maintainer tree. We already have VIRTIO_PCI_CAP_PCI_CFG, let's define the structure that goes with it. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b2101eae63ea57b571cee4a9075a4287d24ba4a4 Author: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Date: Sun Jul 5 09:26:03 2015 +1000 pcie: Set the "link active" in the link status register Some firmwares can test that and assume the device hasn't come up if that bit isn't set Signed-off-by: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 412a82457ef54821362ba27804e24a92fce09761 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Jul 1 11:42:18 2015 +0200 pci_regs.h: import from linux It seems to make sense to import pci_regs.h from linux: why maintain our own? As a first step, move the header to standard-headers, and add it to the update script. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit f56fc2d319b18d5e510988374929188867a5f930 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Jul 1 11:36:57 2015 +0200 virtio_net: reuse constants from linux VIRTIO_NET_F_CTRL_GUEST_OFFLOADS now appears in the linux header, let's reuse it. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 220a8846429ac954932e16010efb07af0aba4529 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu Jun 25 15:35:07 2015 +0200 hw/i386/pc: don't carry FDC from pc_basic_device_init() to pc_cmos_init() Thanks to the last patch, pc_cmos_init() doesn't need the (optional) board-default FDC any longer as an input parameter. Update pc_basic_device_init() not to hand it back to pc_init1() / pc_q35_init(), and update the latter not to carry the FDC to pc_cmos_init(). This simplifies the code. pc_init1() | pc_q35_init() pc_basic_device_init() pc_cmos_init() Cc: Jan Tomko <jtomko@xxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b86f46132cd86b03f9e4a1cf6295f8b416e16afa Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu Jun 25 15:35:06 2015 +0200 hw/i386/pc: reflect any FDC @ ioport 0x3f0 in the CMOS With the pc-q35-2.4 machine type, if the user creates an ISA FDC manually: -device isa-fdc,driveA=drive-fdc0-0-0 \ -drive file=...,if=none,id=drive-fdc0-0-0,format=raw then the board-default FDC will be skipped, and only the explicitly requested FDC will exist. qtree-wise, this is correct; however such an FDC is currently not registered in the CMOS, because that code is only reached for the board-default FDC. The pc_cmos_init_late() one-shot reset handler -- one-shot because the CMOS is not reprogrammed during warm reset -- should search for any ISA FDC devices, created implicitly (by board code) or explicitly, and set the CMOS accordingly to the ISA FDC(s) with iobase=0x3f0: - if there is no such FDC, report both drives absent, - if there is exactly one such FDC, report its drives in the CMOS, - if there are more than one such FDCs, then pick one (it is not specified which one), and print a warning about the ambiguity. Cc: Jan Tomko <jtomko@xxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reported-by: Jan Tomko <jtomko@xxxxxxxxxx> Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 7444ca4ee2382170774ae201c473270d65620d75 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu Jun 25 15:35:05 2015 +0200 hw/i386/pc: factor out pc_cmos_init_floppy() Extract the pc_cmos_init_floppy() function from pc_cmos_init(). The function sets two RTC registers: floppy drive types (0x10), overwriting the earlier value in there), and REG_EQUIPMENT_BYTE (0x14), setting bits in the prior value. Cc: Jan Tomko <jtomko@xxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 5add35bec1e249bb5345a47008c8f298d4760be4 Author: Paulo Alcantara <pcacjr@xxxxxxxxx> Date: Sun Jun 28 14:58:58 2015 -0300 ich9: implement strap SPKR pin logic If the signal is sampled high, this indicates that the system is strapped to the "No Reboot" mode (ICH9 will disable the TCO Timer system reboot feature). The status of this strap is readable via the NO_REBOOT bit (CC: offset 0x3410:bit 5). The NO_REBOOT bit is set when SPKR pin on ICH9 is sampled high. This bit may be set or cleared by software if the strap is sampled low but may not override the strap when it indicates "No Reboot". This patch implements the logic where hardware has ability to set SPKR pin through a property named "noreboot" and it's sampled high by default. Signed-off-by: Paulo Alcantara <pcacjr@xxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 45dcdb9da632b5a5e7639707e12b1b17029c5a1e Author: Paulo Alcantara <pcacjr@xxxxxxxxx> Date: Sun Jun 28 14:58:57 2015 -0300 tests: add testcase for TCO watchdog emulation This patch adds a testcase that covers the following: 1) TCO default values 2) first and second TCO timeout 3) watch and validate ticks counter through TCO_RLD register 4) maximum supported TCO timeout (0x3ff) 5) watchdog actions (pause/reset/shutdown/none) upon second TCO timeout 6) set and get of TCO control and status bits MST: The test does not pass yet, so it's disabled by default. Signed-off-by: Paulo Alcantara <pcacjr@xxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c54e1eb4928d4e6762c7100d1d1ef5f08ddf922b Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 7 19:12:18 2015 -0500 qga: added GuestPCIAddress information PCIAddress inforfation is obtained via SetupApi, which provides the information about address, bus, etc. We look throught entire device tree in the system and try to find device object for given volume. For this PDO SetupDiGetDeviceRegistryProperty is called, which reads PCI configuration for a given devicei if it is possible. This is the most convinient way for a userspace service. The lookup is performed for every volume available. However, this information is not mandatory for vss-provider. In order to use SetupApi we need to notify linker about it. We do not need to install additional libs, so we do not make separate configuration option to use libsetupapi.su SetupApi gives as the same information as kernel driver with IRP_MN_QUERY_INTERFACE. https://support.microsoft.com/en-us/kb/253232 Signed-off-by: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Eric Blake <eblake@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> * stub out get_pci_info if !CONFIG_QGA_NTDDSCSI Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit a3ef3b2272d8349c932f8c440bcaa31d8518b1c0 Author: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Date: Tue Jun 30 13:25:22 2015 +0300 qga: added bus type and disk location path According to Microsoft disk location path can be obtained via IOCTL_SCSI_GET_ADDRESS. Unfortunately this ioctl can not be used for all devices. There are certain bus types which could be obtained with this API. Please, refer to the following link for more details https://technet.microsoft.com/en-us/library/ee851589(v=ws.10).aspx Bus type could be obtained using IOCTL_STORAGE_QUERY_PROPERTY. Enum STORAGE_BUS_TYPE describes all buses supported by OS. Windows defines more bus types than Linux. Thus some values have been added to GuestDiskBusType. Signed-off-by: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Eric Blake <eblake@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> * fixed warning in CreateFile due to use of NULL instead of 0 * only provide disk info when CONFIG_QGA_NTDDSCSI=y Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 50cbebb9a339f43cda2005785010361497151882 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 7 18:10:09 2015 -0500 configure: add configure check for ntdddisk.h This header file provides w32 ioctl definitions for working with disk devices. Older versions of mingw do not expose this in a useable way, so add a configure check and report it via CONFIG_QGA_NTDDSCSI. Subsequent patches will use this macro to stub out functionality that relies on this in cases where it's not available. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit d2b3f390d4e4b5d9dd74ae703d365a7b75a234ea Author: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Date: Tue Jun 30 13:25:21 2015 +0300 qga: added mountpoint and filesystem type for single volume We should use GetVolumeXXX api to work with volumes. This will help us to resolve the situation with volumes without drive letter, i.e. when the volume is mounted as a folder. Such volume is called mounted folder. This volume is a regular mounted volume from all other points of view. The information about non mounted volume is reported as System Reserved. This volume is not mounted and thus it is not writable. GuestDiskAddressList API is not used because operations are performed with volumes but no with disks. This means that spanned disk will be counted and handled as a single volume. It is worth mentioning that the information about every disk in the volume can be queried via IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS. Signed-off-by: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Eric Blake <eblake@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit ef0a03f23061b9994fe5b2c3a208bc9fcba0099d Author: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Date: Tue Jun 30 13:25:20 2015 +0300 qga: added empty qmp_quest_get_fsinfo functionality. We need qmp_quest_get_fsinfo togather with vss-provider, which works with volumes. The call to this function is implemented via FindFirst/NextVolumes. Moreover, volumes in Windows OS are filesystem unit, so it will be more effective to work with them rather with devices. Signed-off-by: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Eric Blake <eblake@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 00d2f3707a63881a0cec8d00cbd467f9b2d8af41 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Sun Jul 5 16:28:58 2015 +0200 qga: fail early for invalid time It's possible to set system time with dates after 2070, however, it's not possible to set the RTC. It has limitation to up to year 2070 (1970+100). In order to keep both clock in sync and before the kernel complains on invalid values, bail out early. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit d6c5528b0ce91667714b8c7dabaf4fbf8a898a9c Author: Kirk Allan <kallan@xxxxxxxx> Date: Tue Jun 2 11:41:07 2015 -0600 qga: win32 qmp_guest_network_get_interfaces implementation By default, IPv4 prefixes will be derived by matching the address to those returned by GetAdaptersInfo. IPv6 prefixes can not be matched this way due to the unpredictable order of entries. In Windows Vista/2008 guests and newer, both IPv4 and IPv6 prefixes can be retrieved from OnLinkPrefixLength. Setting --extra-cflags in the build configuration to "-D_WIN32_WINNT=0x600" or greater makes OnLinkPrefixLength available. Setting --extra-cflags is not required and if not set, the default approach to get the prefix will be taken. Signed-off-by: Kirk Allan <kallan@xxxxxxxx> * drop ws2ipdef.h, it's missing on old mingw, and ws2tcpip.h already includes it automatically on new builds Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 601e5a0618ef3238e18fc38ece55ea4260910d5f Author: Kirk Allan <kallan@xxxxxxxx> Date: Tue Jun 2 11:41:06 2015 -0600 qga: add win32 library iphlpapi Add the iphlpapi library to use APIs such as GetAdaptersInfo and GetAdaptersAddresses. Signed-off-by: Kirk Allan <kallan@xxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit f300414cfe9bb9e7b86411a670b68c1aa8edbd35 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed May 27 19:53:49 2015 +0200 Revert "guest agent: remove g_strcmp0 usage" Since we now require GLib 2.22+ (commit f40685c), we don't have to work around lack of g_strcmp0() anymore. This reverts commit 8f4774789947bc4bc4c8d026a289fe980d3d2ee1. Conflicts: qemu-ga.c Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit e82855d9aa4580620773b1b145ecab6ca1f2578c Author: Justin Ossevoort <justin@xxxxxxxxxxxxxxxxx> Date: Mon May 11 08:58:45 2015 +0200 qga/qmp_guest_fstrim: Return per path fstrim result The current guest-fstrim support only returns an error if some mountpoint was unable to be trimmed, skipping any possible additional mountpoints. The result of the TRIM operation itself is also discarded. This change returns a per mountpoint result of the TRIM operation. If an error occurs on some mountpoints that error is returned and the guest-fstrim continue with any additional mountpoints. The returned values for errors, minimum and trimmed are dependant on the filesystem, storage stacks and kernel version. Signed-off-by: Justin Ossevoort <justin@xxxxxxxxxxxxxxxxx> * s/type/struct/ in schema type definitions * moved version annotation for new guest-fstrim return field to the field itself rather than applying to the entire command Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 73a652a1b08445e8d91e50cdbb2da50e571c61b3 Author: Justin Ossevoort <justin@xxxxxxxxxxxxxxxxx> Date: Mon May 11 08:58:44 2015 +0200 qga/commands-posix: Fix bug in guest-fstrim The FITRIM ioctl updates the fstrim_range structure it receives. This way the caller can determine how many bytes were trimmed. The guest-fstrim logic reuses the same fstrim_range for each filesystem, effectively limiting each filesystem to trim at most as much as the previous was able to trim. If a previous filesystem would have trimmed 0 bytes, than the next filesystem would report an error 'Invalid argument' because a FITRIM request with length 0 is not valid. This change resets the fstrim_range structure for each filesystem. Signed-off-by: Justin Ossevoort <justin@xxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 59dc0a1e9b4ccd9d8d7366fdc31acd5c1fbb240a Merge: 7ce0f7d cd3b29b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 7 23:16:42 2015 +0100 Merge remote-tracking branch 'remotes/agraf/tags/signed-s390-for-upstream' into staging Patch queue for s390 - 2015-07-07 A few last minute fixes for 2.4. All of them are s390 TCG bug fixes. # gpg: Signature made Tue Jul 7 16:52:22 2015 BST using RSA key ID 03FEDC60 # gpg: Good signature from "Alexander Graf <agraf@xxxxxxx>" # gpg: aka "Alexander Graf <alex@xxxxxxxxx>" * remotes/agraf/tags/signed-s390-for-upstream: tcg/s390: fix branch target change during code retranslation target-s390x: fix CONVERT TO BINARY (CVD, CVDY) target-s390x: fix EXECUTE instruction executing TRT target-s390x: fix MOVE LONG instruction Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7ce0f7dc87e50ebf58ac756ff6be17ec97d3ba4e Merge: 1a63203 6319b1d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 7 21:16:06 2015 +0100 Merge remote-tracking branch 'remotes/agraf/tags/signed-ppc-for-upstream' into staging Patch queue for ppc - 2015-07-07 A few last minute PPC changes for 2.4: - spapr: Update SLOF - spapr: Fix a few bugs - spapr: Preparation for hotplug - spapr: Minor code cleanups - linux-user: Add mftb handling - kvm: Enable hugepage support with memory-backend-file - mac99: Remove nonexistent interrupt pin (Mac OS 9 fix) # gpg: Signature made Tue Jul 7 16:48:41 2015 BST using RSA key ID 03FEDC60 # gpg: Good signature from "Alexander Graf <agraf@xxxxxxx>" # gpg: aka "Alexander Graf <alex@xxxxxxxxx>" * remotes/agraf/tags/signed-ppc-for-upstream: (30 commits) sPAPR: Clear stale MSIx table during EEH reset sPAPR: Reenable EEH functionality on reboot sPAPR: Don't enable EEH on emulated PCI devices spapr-vty: Use TYPE_ definition instead of hardcoding spapr_vty: lookup should only return valid VTY objects spapr_pci: drop redundant args in spapr_[populate, create]_pci_child_dt spapr_pci: populate ibm,loc-code spapr_pci: enumerate and add PCI device tree xics_kvm: Don't enable KVM_CAP_IRQ_XICS if already enabled ppc: Update cpu_model in MachineState spapr: Consolidate cpu init code into a routine spapr: Reorganize CPU dt generation code cpus: Add a macro to walk CPUs in reverse spapr: Support ibm, lrdr-capacity device tree property spapr: Consider max_cpus during xics initialization Revert "hw/ppc/spapr_pci.c: Avoid functions not in glib 2.12 (g_hash_table_iter_*)" spapr_iommu: translate sPAPRTCEAccess to IOMMUAccessFlags spapr_iommu: drop erroneous check in h_put_tce_indirect() spapr_pci: set device node unit address as hex spapr_pci: encode class code including Prog IF register ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1a632032d1ea09a09dc424ac2b10a4a11cd52ab9 Merge: 30c6672 06ef227 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 7 20:12:55 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 queue, 2015-07-07 Patch "target-i386: emulate CPUID level of real hardware" was removed after the 2015-07-03 pull request. # gpg: Signature made Tue Jul 7 15:46:23 2015 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-pull-request: target-i386: avoid overflow in the tsc-frequency property i386: Introduce ARAT CPU feature Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 30c6672aa4b4bc9bdba3a7e46c49bba191660143 Merge: 9861b71 9703116 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 7 19:12:45 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging Pull request v2: * Drop block/nfs patch since it exposes an unfinished QAPI interface [kwolf] # gpg: Signature made Tue Jul 7 14:29:47 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: blockjob: add block_job_release function block/raw-posix: Don't think /dev/fd/<NN> is a floppy drive. block: Use bdrv_drain to replace uncessary bdrv_drain_all block: Initialize local_err in bdrv_append_temp_snapshot block: update bdrv_drain_all()/bdrv_drain() comments qcow2: remove unnecessary check Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9861b71fd63f04175fddd1e93a417bae4a7808d7 Merge: f2562fb dd63169 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 7 17:19:59 2015 +0100 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20150707' into staging migration/next for 20150707 # gpg: Signature made Tue Jul 7 13:56:30 2015 BST using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20150707: (28 commits) migration: extend migration_bitmap migration: protect migration_bitmap check_section_footers: Check the correct section_id migration: Add migration events on target side migration: Make events a capability migration: create migration event migration: No need to call trace_migrate_set_state() migration: Use always helper to set state migration: ensure we start in NONE state migration: Use cmpxchg correctly migration: Add configuration section vmstate: Create optional sections global_state: Make section optional migration: create new section to store global state runstate: migration allows more transitions now runstate: Add runstate store Fix older machine type compatibility on power with section footers Fail more cleanly in mismatched RAM cases Sanity check RDMA remote data Sort destination RAMBlocks to be the same as the source ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cd3b29b745b0ff393b2d37317837bc726b8dacc8 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Tue Jun 16 07:11:41 2015 +0200 tcg/s390: fix branch target change during code retranslation Make sure to not modify the branch target. This ensure that the branch target is not corrupted during partial retranslation. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Tested-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 92f2b4e71e988ad2751c71717e9fe3387753442a Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jun 25 21:16:58 2015 +0200 target-s390x: fix CONVERT TO BINARY (CVD, CVDY) current_number being shift left by more than 32 bits, we can't use a simple int. Similarly use an int64_t type for the input binary value, to not get the -2^31 case wrong. Finally don't initialize shift to 4, it's already done in the for loop. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit c9c19b493286db7358f9ee26401b927bbbd21604 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Jun 21 18:51:08 2015 +0200 target-s390x: fix EXECUTE instruction executing TRT A break is missing in the EXECUTE instruction, when executing the TRANSLATE AND TEST instruction. Reported-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-By: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit b5edcddda31b464e73cc0a79e88457e603c3b247 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Tue Jun 16 22:57:47 2015 +0200 target-s390x: fix MOVE LONG instruction The MOVE LONG instruction should pad the destination operand with the byte from bit positions 32-39 of the source length (r2 + 1), not with the same byte in the source address. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 6319b1dad04e66f450fb3ac6c31d2bf3940068b8 Author: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:28 2015 +1000 sPAPR: Clear stale MSIx table during EEH reset The PCI device MSIx table is cleaned out in hardware after EEH PE reset. However, we still hold the stale MSIx entries in QEMU, which should be cleared accordingly. Otherwise, we will run into another (recursive) EEH error and the PCI devices contained in the PE have to be offlined exceptionally. The patch introduces function spapr_phb_vfio_eeh_pre_reset(), which is called by sPAPR when asserting hot or fundamental reset, to clear stale MSIx table for VFIO PCI devices before EEH PE reset so that MSIx table could be restored properly after EEH PE reset. Signed-off-by: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit aef87d1b879416909a4ac73e6fe2cea4a5630f40 Author: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:27 2015 +1000 sPAPR: Reenable EEH functionality on reboot When rebooting the guest, some PEs might be in frozen state. The contained PCI devices won't work properly if their frozen states aren't cleared in time. One case running into this situation would be maximal EEH error times encountered in the guest. The patch reenables the EEH functinality on PEs on PHB's reset callback, which will clear their frozen states if needed. Signed-off-by: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 7cb180079e245024cf92ca218ca58858b679a7d6 Author: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:26 2015 +1000 sPAPR: Don't enable EEH on emulated PCI devices There might have emulated PCI devices, together with VFIO PCI devices under one PHB. The EEH capability shouldn't enabled on emulated PCI devices. The patch returns error when enabling EEH capability on emulated PCI devices by RTAS call "ibm,set-eeh-option". Signed-off-by: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit e275934d2dd44e38e0c6d53f9c22383d2ba57c17 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:25 2015 +1000 spapr-vty: Use TYPE_ definition instead of hardcoding There's a call to object_dynamic_cast() in spapr_vty which uses the type name "spapr-vty" directly, instead of the usual idiom of using the #defined TYPE_VIO_SPAPR_VTY_DEVICE. Fix it. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 0f888bfaddfc5f55b0d82cde2e1164658a672375 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:24 2015 +1000 spapr_vty: lookup should only return valid VTY objects If a guest passes the reg property of a valid VIO object that is not a VTY to either H_GET_TERM_CHAR or H_PUT_TERM_CHAR, QEMU hits a dynamic cast assertion and aborts. PAPR+ says "Hypervisor checks the termno parameter for validity against the Vterm IOA unit addresses assigned to the partition, else return H_Parameter." This patch adds a type check to ensure vty_lookup() either returns a pointer to a valid VTY object or NULL. H_GET_TERM_CHAR and H_PUT_TERM_CHAR will now return H_PARAMETER to the guest instead of crashing. The patch has no effect on the reg == 0 hack used to implement the RTAS call display-character. Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit e634b89c6ed2309814de7a89bd7c5ced96f59291 Author: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:23 2015 +1000 spapr_pci: drop redundant args in spapr_[populate, create]_pci_child_dt * phb_index is not being used and if required can be obtained from sphb * use helper to get drc_index in spapr_populate_pci_child_dt() * Check if drc_index is zero Suggested-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 16b0ea1d852873cf17630133d86df6a68e23f38c Author: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:22 2015 +1000 spapr_pci: populate ibm,loc-code Each hardware instance has a platform unique location code. The OF device tree that describes a part of a hardware entity must include the â??ibm,loc-codeâ?? property with a value that represents the location code for that hardware entity. Populate ibm,loc-code. 1) PCI passthru devices need to identify with its own ibm,loc-code available on the host. In failure cases use: vfio_<name>:<phb-index>:<bus>:<slot>.<fn> 2) Emulated devices encode as following: qemu_<name>:<phb-index>:<bus>:<slot>.<fn> Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 1d2d974244c6f1629ca83f1de293eaa557634627 Author: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:21 2015 +1000 spapr_pci: enumerate and add PCI device tree All the PCI enumeration and device node creation was off-loaded to SLOF. With PCI hotplug support, code needed to be added to add device node. This creates multiple copy of the code one in SLOF and other in hotplug code. To unify this, the patch adds the pci device node creation in Qemu. For backward compatibility, a flag "qemu,phb-enumerated" is added to the phb, suggesting to SLOF to not do device node creation. Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> [ Squashed Michael's drc_index changes ] Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a45863bda90daa8ec39e5a312b9734fd4665b016 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:20 2015 +1000 xics_kvm: Don't enable KVM_CAP_IRQ_XICS if already enabled When supporting CPU hot removal by parking the vCPU fd and reusing it during hotplug again, there can be cases where we try to reenable KVM_CAP_IRQ_XICS CAP for the vCPU for which it was already enabled. Introduce a boolean member in ICPState to track this and don't reenable the CAP if it was already enabled earlier. Re-enabling this CAP should ideally work, but currently it results in kernel trying to create and associate ICP with this vCPU and that fails since there is already an ICP associated with it. Hence this patch is needed to work around this problem in the kernel. This change allows CPU hot removal to work for sPAPR. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 19fb2c36e2475a2c68e7287e0e089d858dd7cc50 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:19 2015 +1000 ppc: Update cpu_model in MachineState Keep cpu_model field in MachineState uptodate so that it can be used from the CPU hotplug path. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit bab99ea09897fb65255cc4e147d87c077fafcfe6 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:18 2015 +1000 spapr: Consolidate cpu init code into a routine Factor out bits of sPAPR specific CPU initialization code into a separate routine so that it can be called from CPU hotplug path too. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 0da6f3fef9ae52127c14dfad1fdf1781e33ec5ec Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:17 2015 +1000 spapr: Reorganize CPU dt generation code Reorganize CPU device tree generation code so that it be reused from hotplug path. CPU dt entries are now generated from spapr_finalize_fdt() instead of spapr_create_fdt_skel(). Note: This is how the split-up looks like now: Boot path --------- spapr_finalize_fdt spapr_populate_cpus_dt_node spapr_populate_cpu_dt spapr_fixup_cpu_numa_dt spapr_fixup_cpu_smt_dt ibm,cas path ------------ spapr_h_cas_compose_response spapr_fixup_cpu_dt spapr_fixup_cpu_numa_dt spapr_fixup_cpu_smt_dt Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 8487d1231830917099c801e4f2f0e698e8535063 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:16 2015 +1000 cpus: Add a macro to walk CPUs in reverse Add CPU_FOREACH_REVERSE that walks CPUs in reverse. Needed for PowerPC CPU device tree reorganization. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit db4ef288f4a6d285b39dc8ac477092d76971a300 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:15 2015 +1000 spapr: Support ibm, lrdr-capacity device tree property Add support for ibm,lrdr-capacity since this is needed by the guest kernel to know about the possible hot-pluggable CPUs and Memory. With this, pseries kernels will start reporting correct maxcpus in /sys/devices/system/cpu/possible. Also define the minimum hotpluggable memory size as 256MB. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> [agraf: Fix compile error on 32bit hosts] Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 9e734e3deefd460188ea9bd107b65a528ccb7255 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:14 2015 +1000 spapr: Consider max_cpus during xics initialization Use max_cpus instead of smp_cpus when intializating xics system. Also report max_cpus in ibm,interrupt-server-ranges device tree property of interrupt controller node. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 708414f03c3bebbd7ba8e4e98fb92602d2af8d0c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Jul 2 16:23:13 2015 +1000 Revert "hw/ppc/spapr_pci.c: Avoid functions not in glib 2.12 (g_hash_table_iter_*)" Since we now require GLib 2.22+ (commit f40685c), we don't have to work around lack of g_hash_table_iter_init() & friends anymore. This reverts commit f8833a37c0c6b22ddd57b45e48cfb0f97dbd5af4. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 5709af3b9520c6912fc909128ae284512b127600 Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:12 2015 +1000 spapr_iommu: translate sPAPRTCEAccess to IOMMUAccessFlags The fact that these enums have matching values is pure coincidence. We actually need to translate from the PAPR definition to the QEMU one. This patch doesn't fix any bug, it is only code cleanup. Suggested-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 4d9ab7d4ed46c63d047862d11946996005742a09 Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:11 2015 +1000 spapr_iommu: drop erroneous check in h_put_tce_indirect() The tce_list variable is not a TCE but the address to a TCE: we shouldn't clear permission bits as we do now. And this is dead code anyway since we check tce_list is 4K aligned a few lines above. This patch doesn't fix any bug, it is only code cleanup. Suggested-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 9b7d9284c3b114112a7759ce0a885df0767fe8d9 Author: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:10 2015 +1000 spapr_pci: set device node unit address as hex Device node names should encode the unit address as hex, while the code was encodind it as integers. Also, use FDT_NAME_MAX macro for allocating and composing the name. Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 4a7c34741584e91aa838a9e45b8ec5cdc65a343b Author: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:09 2015 +1000 spapr_pci: encode class code including Prog IF register Current code missed the Prog IF register. All Class Code, Subclass, and Prog IF registers are needed to identify the accurate device type. For example: USB controllers use the PROG IF for denoting: USB FullSpeed, HighSpeed or SuperSpeed. Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 72187935b475454792512d44782a33f112b120e6 Author: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:08 2015 +1000 spapr_pci: encode missing 64-bit memory address space The properties reg/assigned-resources need to encode 64-bit memory address space as part of phys.hi dword. 00 if configuration space 01 if IO region, 10 if 32-bit MEM region 11 if 64-bit MEM region Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 183930c0d753e53d22c27d573b1803b04f8d68ac Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:07 2015 +1000 spapr: Add sPAPRMachineClass Currently although we have an sPAPRMachineState descended from MachineState we don't have an sPAPRMAchineClass descended from MachineClass. So far it hasn't been needed, but several upcoming features are going to want it, so this patch creates a stub implementation. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 1b71890729953825c57d52ace48a7671c295e899 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:06 2015 +1000 spapr: Remove obsolete entry_point field from sPAPRMachineState The sPAPRMachineState structure includes an entry_point field containing the initial PC value for starting the machine, even though this always has the value 0x100. I think this is a hangover from very early versions which bypassed the firmware when using -kernel. In any case it has no function now, so remove it. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit fb16499418aa7d71d2a4f2e3d79de444c4d054c0 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:05 2015 +1000 spapr: Remove obsolete ram_limit field from sPAPRMachineState The ram_limit field was imported from sPAPREnvironment where it predates the machine's ram size being available generically from machine->ram_size. Worse, the existing code was inconsistent about where it got the ram size from. Sometimes it used spapr->ram_limit, sometimes the global 'ram_size' and sometimes a local 'ram_size' masking the global. This cleans up the code to consistently use machine->ram_size, eliminating spapr->ram_limit in the process. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 28e0204254c3f03e77106056a3a5730c4b8a2ac6 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:04 2015 +1000 spapr: Merge sPAPREnvironment into sPAPRMachineState The code for -machine pseries maintains a global sPAPREnvironment structure which keeps track of general state information about the guest platform. This predates the existence of the MachineState structure, but performs basically the same function. Now that we have the generic MachineState, fold sPAPREnvironment into sPAPRMachineState, the pseries specific subclass of MachineState. This is mostly a matter of search and replace, although a few places which relied on the global spapr variable are changed to find the structure via qdev_get_machine(). Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 780184aae65d72378737e9cdb8fb61b0121e1e21 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu Jul 2 16:23:03 2015 +1000 pseries: Update SLOF firmware image to qemu-slof-20150429 The changelog is: > version: update to 20150429 > pci: Use QEMU created PCI device nodes > usb: support 64-bit pci bars > pci: Support 64-bit address translation > pci: program correct bridge limit registers during probe > scsi: handle report-luns failure > Fix "key?" Forth word when using USB keyboards > Remove bulk.fs package > Include make.rules in the library Makefiles Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit f303f117fec32c0705f88860e3eadf94135211c9 Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:02 2015 +1000 spapr: ensure we have at least one XICS server XICS needs to know the upper value for cpu_index as it is used to compute the number of servers: smp_cpus * kvmppc_smt_threads() / smp_threads When passing -smp cpus=1,threads=9 on a POWER8 host, we end up with: 1 * 8 / 9 = 0 ... which leads to an assertion in both emulated: Number of servers needs to be greater 0 Aborted (core dumped) ... and in-kernel XICS: xics_kvm_realize: Assertion `icp->nr_servers' failed. Aborted (core dumped) With this patch, we are sure that nr_servers > 0. Passing the same bogus -smp option then leads to: qemu-system-ppc64: Cannot support more than 8 threads on PPC with KVM ... which is a lot more explicit than the XICS errors. Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 2d103aae876518a91636ad6f4a4d866269c0d953 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 15:46:14 2015 -0500 target-ppc: fix hugepage support when using memory-backend-file Current PPC code relies on -mem-path being used in order for hugepage support to be detected. With the introduction of MemoryBackendFile we can now handle this via: -object memory-file-backend,mem-path=...,id=hugemem0 \ -numa node,id=mem0,memdev=hugemem0 Management tools like libvirt treat the 2 approaches as interchangeable in some cases, which can lead to user-visible regressions even for previously supported guest configurations. Fix these by also iterating through any configured memory backends that may be backed by hugepages. Since the old code assumed hugepages always backed the entirety of guest memory, play it safe an pick the minimum across the max pages sizes for all backends, even ones that aren't backed by hugepages. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 5c464f66f5696724c892339de242fac41f4d57a6 Author: Cormac O'Brien <i.am.cormac.obrien@xxxxxxxxx> Date: Wed Jun 17 17:04:11 2015 -0500 macio: remove nonexistent interrupt on pin 1 The current macio implementation declares an interrupt that doesn't appear to exist in the hardware or any other emulator implementation. OpenBIOS detects this interrupt and generates an 'interrupts' property in the macio device tree entry. Mac OS 9 halts boot when it detects this interrupt, so it has been removed to permit further progress in the boot process. Signed-off-by: Cormac O'Brien <i.am.cormac.obrien@xxxxxxxxx> Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 7d6b1daedd00b35e50ce87ea835f662b36a23160 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Tue Jun 30 11:49:54 2015 +0200 linux-user, ppc: mftbl can be used by user application In qemu-linux-user, when calling gethostbyname2(), it was hanging in .__res_nmkquery. (gdb) bt 0 in .__res_nmkquery () from /lib64/libresolv.so.2 1 in .__libc_res_nquery () from /lib64/libresolv.so.2 2 in .__libc_res_nsearch () from /lib64/libresolv.so.2 3 in ._nss_dns_gethostbyname3_r () from /lib64/libnss_dns.so.2 4 in ._nss_dns_gethostbyname2_r () from /lib64/libnss_dns.so.2 5 in .gethostbyname2_r () from /lib64/libc.so.6 6 in .gethostbyname2 () from /lib64/libc.so.6 .__res_nmkquery() is: ... do { RANDOM_BITS (randombits); } while ((randombits & 0xffff) == 0); ... <.__res_nmkquery+112>: mftbl r11 <.__res_nmkquery+116>: clrlwi r10,r11,16 <.__res_nmkquery+120>: cmpwi cr7,r10,0 <.__res_nmkquery+124>: beq cr7,<.__res_nmkquery+112> but as mftbl (Move From Time Base Lower) is not implemented, r11 is always 0, so we have an infinite loop. This patch fills the Time Base register with cpu_get_real_ticks(). Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit f2562fbb7ac54d597cfe05f613d30296d1850d1b Merge: aeb7218 849729b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 7 15:48:49 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Tue Jul 7 13:38:13 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: rocker: tests: don't need to specify master/self when setting vlans rocker: mark copy-to-cpu pkts as forwarding offloaded rocker: return -1 when dropping packet on ingress rocker: fix missing break statements rocker: fix misplaced break statement rocker: don't queue receive pkts when port is disabled vmxnet3: Fix incorrect small packet padding e1000: flush packets when link comes up rocker: fix memory leak Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 06ef227e5158cca6710e6c268d6a7f65a5e2811b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jun 24 14:11:27 2015 +0200 target-i386: avoid overflow in the tsc-frequency property The TSC frequency fits comfortably in an int when expressed in kHz, but it may overflow when converted to Hz. In this case, tsc-frequency returns a negative value because x86_cpuid_get_tsc_freq does a 32-bit multiplication before assigning to int64_t. For simplicity just make tsc_khz a 64-bit value. Spotted by Coverity. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 28b8e4d0bf93ba176b4b7be819d537383c5a9060 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Sun Jun 7 11:15:08 2015 +0200 i386: Introduce ARAT CPU feature ARAT signals that the APIC timer does not stop in power saving states. As our APICs are emulated, it's fine to expose this feature to guests, at least when asking for KVM host features or with CPU types that include the flag. The exact model number that introduced the feature is not known, but reports can be found that it's at least available since Sandy Bridge. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit aeb72188e073d515e1f5a80f6b603692a396477b Merge: 1452673 501eea4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 7 14:44:19 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20150707-1' into staging virtio-gpu property fixes, add testcase # gpg: Signature made Tue Jul 7 10:24:16 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vga-20150707-1: virtio-gpu: add to display-vga test virtio-gpu: use virtio_instance_init_common, fixup properties virtio-gpu: update console device property. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 970311646a701eecb103eb28093e8924d2fa6861 Author: Ting Wang <kathy.wangting@xxxxxxxxxx> Date: Fri Jun 26 17:37:35 2015 +0800 blockjob: add block_job_release function There is job resource leak in function mirror_start_job, although bdrv_create_dirty_bitmap is unlikely failed. Add block_job_release for each release when needed. Signed-off-by: Ting Wang <kathy.wangting@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1435311455-56048-1-git-send-email-kathy.wangting@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 25d9747b6427de8253221d544b45e50888d4cef7 Author: Richard W.M. Jones <rjones@xxxxxxxxxx> Date: Wed Jul 1 15:40:14 2015 +0100 block/raw-posix: Don't think /dev/fd/<NN> is a floppy drive. In libguestfs we use /dev/fd/<NN> to pass pre-opened file descriptors to qemu-img. Lately I've discovered that although this works, qemu believes that these are floppy disk images. That in itself isn't much of a problem, but now qemu prints a warning about host floppy pass-thru being deprecated. Extend the existing test so that it ignores /dev/fd/ as well as /dev/fdset/ A simple test of this, if you are using the bash shell, is: qemu-img info <( cat /dev/null ) without this patch: $ qemu-img info <( cat /dev/null ) qemu-img: Host floppy pass-through is deprecated Support for it will be removed in a future release. qemu-img: Could not open '/dev/fd/63': Could not refresh total sector count: Illegal seek with this patch: $ qemu-img info <( cat /dev/null ) qemu-img: Could not open '/dev/fd/63': Could not refresh total sector count: Illegal seek Signed-off-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-id: 1435761614-31358-1-git-send-email-rjones@xxxxxxxxxx Fixes: https://bugs.launchpad.net/qemu/+bug/1470536 Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 53ec73e264f481b79b52efcadc9ceb8f8996975c Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri May 29 18:53:14 2015 +0800 block: Use bdrv_drain to replace uncessary bdrv_drain_all There callers work on a single BlockDriverState subtree, where using bdrv_drain() is more accurate. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c2e0dbbfd7265eb9a7170ab195d8f9f8a1cbd1af Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jul 6 12:24:44 2015 +0800 block: Initialize local_err in bdrv_append_temp_snapshot Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1436156684-16526-1-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit dd63169766abd2b8dc33f4451dac5e778458a47c Author: Li Zhijian <lizhijian@xxxxxxxxxxxxxx> Date: Thu Jul 2 20:18:06 2015 +0800 migration: extend migration_bitmap Prevously, if we hotplug a device(e.g. device_add e1000) during migration is processing in source side, qemu will add a new ram block but migration_bitmap is not extended. In this case, migration_bitmap will overflow and lead qemu abort unexpectedly. Signed-off-by: Li Zhijian <lizhijian@xxxxxxxxxxxxxx> Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 2ff64038a59e8de2baa485806be0838f49f70b79 Author: Li Zhijian <lizhijian@xxxxxxxxxxxxxx> Date: Thu Jul 2 20:18:05 2015 +0800 migration: protect migration_bitmap Signed-off-by: Li Zhijian <lizhijian@xxxxxxxxxxxxxx> Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 59f39a47411ab6007a592555dc639aa9753f8d23 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jul 2 09:22:03 2015 +0100 check_section_footers: Check the correct section_id The section footers check was incorrectly checking the section_id in the SaveStateEntry not the LoadStateEntry. These can validly be different if the two QEMU instances have instantiated their devices in a different order. The test only cares that we're finishing the same section we started, and hence it's the LoadStateEntry that we care about. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reported-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 7cf1fe6d68eb2ad3b77e2a89f097354db5d627e2 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed May 20 17:15:42 2015 +0200 migration: Add migration events on target side We reuse the migration events from the source side, sending them on the appropiate place. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit b05dc72342b27585909d9e99d95d17fd3dfbb269 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Tue Jul 7 14:44:05 2015 +0200 migration: Make events a capability Make check fails with events. THis is due to the parser/lexer that it uses. Just in case that they are more broken parsers, just only send events when there are capabilities. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit 598cd2bda0845096d2f06500e45b4d0d399b384a Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed May 20 12:16:15 2015 +0200 migration: create migration event We have one argument that tells us what event has happened. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit f2bb932491185a39922dff0514c4b08c092f3c35 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Jun 17 01:38:25 2015 +0200 migration: No need to call trace_migrate_set_state() We now use the helper everywhere, so no need to call this on this two places. See on previous commit that there were a place where we missed to mark the trace. Now all tracing is done in migrate_set_state(). Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit 7844337d1efb2c47dc3f306d7621e1cafca8ba67 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Jun 17 01:36:40 2015 +0200 migration: Use always helper to set state There were three places that were not using the migrate_set_state() helper, just fix that. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit 656a233440e552230f9d1da016b94a81b86658dc Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Jul 1 09:32:29 2015 +0200 migration: ensure we start in NONE state Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit a5c17b5f68ff7e37ce6e6e1f5457307fe07629e7 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Jun 17 02:06:20 2015 +0200 migration: Use cmpxchg correctly cmpxchg returns the old value Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit 61964c23e5ddd5a33f15699e45ce126f879e3e33 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed May 13 18:17:43 2015 +0200 migration: Add configuration section It needs to be the first one and it is not optional, that is the reason why it is opencoded. For new machine types, it is required that machine type name is the same in both sides. It is just done right now for pc's. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit df8961522a3d6bc7bb60c2830ef59e7c6c67a928 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Oct 15 09:39:14 2014 +0200 vmstate: Create optional sections To make sections optional, we need to do it at the beggining of the code. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit 13d16814d2058f10461e6987c8216950389c1310 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Oct 8 13:58:24 2014 +0200 global_state: Make section optional This section would be sent: a- for all new machine types b- for old machine types if section state is different form {running,paused} that were the only giving us troubles. So, in new qemus: it is alwasy there. In old qemus: they are only there if it an error has happened, basically stoping on target. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit df4b1024526cae3479da3492d6371fd4a7324a03 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Oct 8 10:58:10 2014 +0200 migration: create new section to store global state This includes a new section that for now just stores the current qemu state. Right now, there are only one way to control what is the state of the target after migration. - If you run the target qemu with -S, it would start stopped. - If you run the target qemu without -S, it would run just after migration finishes. The problem here is what happens if we start the target without -S and there happens one error during migration that puts current state as -EIO. Migration would ends (notice that the error happend doing block IO, network IO, i.e. nothing related with migration), and when migration finish, we would just "continue" running on destination, probably hanging the guest/corruption data, whatever. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit ca3fc39ea9045188e37b84c4f92ee79c7ed4b1c3 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Oct 8 12:47:08 2014 +0200 runstate: migration allows more transitions now Next commit would allow to move from incoming migration to error happening on source. Should we add more states to this transition? Luiz? Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit 5e0f1940caf49f56e3bee123aa92e42a3f7fad20 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Oct 8 11:53:22 2014 +0200 runstate: Add runstate store This allows us to store the current state to send it through migration. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit ff14e817f6c5f110b77e22185b256a17a96aa881 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Fri Jun 12 18:37:52 2015 +0100 Fix older machine type compatibility on power with section footers I forgot to add compatibility for Power when adding section footers. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Fixes: 37fb569c0198cba58e3e Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit ef4b722d19cab845eaa0d1f912018b09a9d8288b Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:28 2015 +0100 Fail more cleanly in mismatched RAM cases If the number of RAMBlocks was different on the source from the destination, QEMU would hang waiting for a disconnect on the source and wouldn't release from that hang until the destination was manually killed. Mark the stream as being in error, this causes the destination to die and the source to carry on. (It still gets a whole bunch of warnings on the destination, and I've not managed to complete another migration after the 1st one, still progress). Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit afcddefdbe75d0c20bf6e11b5512ba768ce0700c Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:27 2015 +0100 Sanity check RDMA remote data Perform some basic (but probably not complete) sanity checking on requests from the RDMA source. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Michael R. Hines <mrhines@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit e4d633207c129dc5b7d145240ac4a1997ef3902f Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:26 2015 +0100 Sort destination RAMBlocks to be the same as the source Use the order of incoming RAMBlocks from the source to record an index number; that then allows us to sort the destination local RAMBlock list to match the source. Now that the RAMBlocks are known to be in the same order, this simplifies the RDMA Registration step which previously tried to match RAMBlocks based on offset (which isn't guaranteed to match). Looking at the existing compress code, I think it was erroneously relying on an assumption of matching ordering, which this fixes. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 760ff4bebc86d08b252809e0da7261c986d022ff Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:25 2015 +0100 Rework ram block hash RDMA uses a hash from block offset->RAM Block; this isn't needed on the destination, and it becomes harder to maintain after the next patch in the series that sorts the block list. Split the hash so that it's only generated on the source. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 03fcab38617ac9bcd6ed28cb1b6a0ecd8fb3bc82 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:24 2015 +0100 Allow rdma_delete_block to work without the hash In the next patch we remove the hash on the destination, rdma_delete_block does two things with the hash which can be avoided: a) The caller passes the offset and rdma_delete_block looks it up in the hash; fixed by getting the caller to pass the block b) The hash gets recreated after deletion; fixed by making that conditional on the hash being initialised. While this function is currently only used during cleanup, Michael asked that we keep it general for future dynamic block registration work. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 632e3a5cd812d6bbd38fd2f3ffc189ff5ea51926 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:23 2015 +0100 Rework ram_control_load_hook to hook during block load We need the names of RAMBlocks as they're loaded for RDMA, reuse a slightly modified ram_control_load_hook: a) Pass a 'data' parameter to use for the name in the block-reg case b) Only some hook types now require the presence of a hook function. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit b12f7777981953b7d939496283014740bdd6de64 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:22 2015 +0100 Translate offsets to destination address space The 'offset' field in RDMACompress and 'current_addr' field in RDMARegister are commented as being offsets within a particular RAMBlock, however they appear to actually be offsets within the ram_addr_t space. The code currently assumes that the offsets on the source/destination match, this change removes the need for the assumption for these structures by translating the addresses into the ram_addr_t space of the destination host. Note: An alternative would be to change the fields to actually take the data they're commented for; this would potentially be simpler but would break stream compatibility for those cases that currently work. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 4fb5364b9096d6110c46604dbf1e19b7e766e757 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:21 2015 +0100 Store block name in local blocks structure In a later patch the block name will be used to match up two views of the block list. Keep a copy of the block name with the local block list. (At some point it could be argued that it would be best just to let migration see the innards of RAMBlock and avoid the need to use foreach). Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Michael R. Hines <mrhines@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 24ec68ef84fdacd5dddb83f3b341165c4815e6d6 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:20 2015 +0100 rdma typos A couple of typo fixes. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 1aca9a5f7d5a1ef9ee0233eac0fccc77ea6f0626 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Tue Jun 23 17:34:35 2015 +0100 Only try and read a VMDescription if it should be there The VMDescription section maybe after the EOF mark, the current code does a 'qemu_get_byte' and either gets the header byte identifying the description or an error (which it ignores). Doing the 'get' upsets RDMA which hangs on old machine types without the VMDescription. Just avoid reading the VMDescription if we wouldn't send it. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 728470bea15b11ba7b3e3db54f0d9939908e0e65 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue Jun 23 15:56:38 2015 +0800 rdma: fix memory leak Variable "r" going out of scope leaks the storage it points to in line 3268. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 849729bb796e0ecbb3f370f119682f2821dd1441 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Wed Jul 1 03:33:12 2015 -0700 rocker: tests: don't need to specify master/self when setting vlans 4.1 Linux kernel doesn't require specifying "master" or "self" when setting vlans on a port, so clean these up from the tests that use vlans. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Message-id: 1435746792-41278-6-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d0d2555852c5e684a97dce787d3c2a65b9a6d64c Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Wed Jul 1 03:33:11 2015 -0700 rocker: mark copy-to-cpu pkts as forwarding offloaded For pkts copied to the CPU (to be processed by guest driver), mark the Rx descriptor with flag "OFFLOAD_FWD" to indicate device has already forwarded pkt. The guest driver will use this indicator to avoid duplicate forwarding in the guest OS. Examples include bcast/mcast/unknown ucast pkts flooded to bridged ports. We want to avoid both the device and the guest bridge driver flooding these pkts, which would result in duplicates pkts on the wire. Packet sampling, such as sFlow, can also use this technique to mark pkts for the guest OS to record but otherwise drop. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Message-id: 1435746792-41278-5-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 96497af0afd60e57749316f1bc196b417055c585 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Wed Jul 1 03:33:10 2015 -0700 rocker: return -1 when dropping packet on ingress Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Message-id: 1435746792-41278-4-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit f211fcd75fec96ec9850885622ed028c6f7ebdf4 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Wed Jul 1 03:33:09 2015 -0700 rocker: fix missing break statements Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Reported-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1435746792-41278-3-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d1a88c96b7f94c8e12c07518f55fce8873e814d0 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Wed Jul 1 03:33:08 2015 -0700 rocker: fix misplaced break statement Premature break in switch case block. This particular case (group L2 rewrite) will be used for L2 LAG and L3 ECMP support, neither of which are enabled in the guest driver at this time, but are under development. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Reported-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1435746792-41278-2-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 66851f640b73a5a84160ee6ab19ab429f68bbb9f Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Tue Jun 30 19:25:53 2015 -0700 rocker: don't queue receive pkts when port is disabled Commit 6e99c63 ("net/socket: Drop net_socket_can_send") changed the semantics around .can_receive for sockets to now require the device to flush queued pkts when transitioning to a .can_receive=true state. Rocker device was not flushing the queue on .can_receive=true transition, so the receiver was stuck. But, turns out we really don't want any queuing at all on the port when the port is disabled, otherwise when the port transitions to enabled, we'd receive and forward stale pkts that really should have been dropped. So, let's remove .can_receive so avoid queuing and drop the pkt in .receive if the port is disabled. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1435717553-36187-1-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b83b5f2ef9753713c2fb64ff4cae7cb1e080624e Author: Brian Kress <kressb@xxxxxxxxx> Date: Tue Jun 23 11:49:25 2015 -0400 vmxnet3: Fix incorrect small packet padding When running ESXi under qemu there is an issue with the ESXi guest discarding packets that are too short. The guest discards any packets under the normal minimum length for an ethernet packet (60). This results in odd behaviour where other hosts or VMs on other hosts can communicate with the ESXi guest just fine (since there's a physical NIC somewhere doing padding), but VMs on the host and the host itself cannot because the ARP request packets are too small for the ESXi host to accept. Someone in the past thought this was worth fixing, and added code to the vmxnet3 qemu emulation such that if it is receiving packets smaller than 60 bytes to pad the packet out to 60. Unfortunately this code is wrong (or at least in the wrong place). It does so BEFORE before taking into account the vnet_hdr at the front of the packet added by the tap device. As a result, it might add padding, but it never adds enough. Specifically it adds 10 less (the length of the vnet_hdr) than it needs to. The following (hopefully "obviously correct") patch simply swaps the order of processing the vnet header and the padding. With this patch an ESXi guest is able to communicate with the host or other local VMs. Signed-off-by: Brian Kress <kressb@xxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Dmitry Fleytman <dmitry@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5df6a1855b62dc653515d919e48c5b6f00c48f32 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Jun 25 10:18:05 2015 +0100 e1000: flush packets when link comes up e1000_can_receive() checks the link up status register bit. If the bit is clear, packets will be queued and the peer may disable receive to avoid wasting CPU reading packets that cannot be delivered. The queue must be flushed once the link comes back up again. This patch fixes broken e1000 receive with Mac OS X Snow Leopard guests and tap networking. Flushing the queue invokes the async send callback, which re-enables tap fd read. Reported-by: Jonathan Liu <net147@xxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1435223885-12745-1-git-send-email-stefanha@xxxxxxxxxx commit ec50dd4634ae06091e61f42b7ba975f9ed510ad0 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Thu Jun 25 14:24:10 2015 +0800 rocker: fix memory leak Meanwhile, using g_new0 instead of g_malloc0, refer to commit 5839e53. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Message-id: 1435213450-6700-1-git-send-email-arei.gonglei@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 920557971b60e53c2f3f22e5d6c620ab1ed411fd Author: Paulo Alcantara <pcacjr@xxxxxxxxx> Date: Sun Jun 28 14:58:56 2015 -0300 ich9: add TCO interface emulation This interface provides some registers within a 32-byte range and can be acessed through PCI-to-LPC bridge interface (PMBASE + 0x60). It's commonly used as a watchdog timer to detect system lockups through SMIs that are generated -- if TCO_EN bit is set -- on every timeout. If NO_REBOOT bit is not set in GCS (General Control and Status register), the system will be resetted upon second timeout if TCO_RLD register wasn't previously written to prevent timeout. This patch adds support to TCO watchdog logic and few other features like mapping NMIs to SMIs (NMI2SMI_EN bit), system intruder detection, etc. are not implemented yet. Signed-off-by: Paulo Alcantara <pcacjr@xxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 71ba2f0af398f616e154137d9fdda25c2da01324 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Jul 7 13:00:56 2015 +0300 acpi: split out ICH ACPI support MIPS doesn't need it, and including it creates problem as we are adding dependency on ISA LPC bridge. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 9fd72468dfe40532df7c64d35054994058106c42 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:31 2015 +0100 crypto: move built-in D3DES implementation into crypto/ To prepare for a generic internal cipher API, move the built-in D3DES implementation into the crypto/ directory. This is not in fact a normal D3DES implementation, it is D3DES with double & triple length modes removed, and the key bytes in reversed bit order. IOW it is crippled specifically for the "benefit" of RFB, so call the new files desrfb.c instead of d3des.c to make it clear that it isn't a generally useful impl. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-4-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6f2945cde60545aae7f31ab9d5ef29531efbc94f Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:30 2015 +0100 crypto: move built-in AES implementation into crypto/ To prepare for a generic internal cipher API, move the built-in AES implementation into the crypto/ directory Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-3-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ddbb0d09661f5fce21b335ba9aea8202d189b98e Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:29 2015 +0100 crypto: introduce new module for computing hash digests Introduce a new crypto/ directory that will (eventually) contain all the cryptographic related code. This initially defines a wrapper for initializing gnutls and for computing hashes with gnutls. The former ensures that gnutls is guaranteed to be initialized exactly once in QEMU regardless of CLI args. The block quorum code currently fails to initialize gnutls so it only works by luck, if VNC server TLS is not requested. The hash APIs avoids the need to litter the rest of the code with preprocessor checks and simplifies callers by allocating the correct amount of memory for the requested hash. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-2-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7a63f3cdc44230109c91cdc0ee912c3cc7837141 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Jul 2 17:24:41 2015 +0100 block: update bdrv_drain_all()/bdrv_drain() comments The doc comments for bdrv_drain_all() and bdrv_drain() are outdated: * The bdrv_drain() comment is a poor man's bdrv_lock()/bdrv_unlock() which Fam Zheng is currently developing. Unfortunately this warning was never really enough because devices keep submitting I/O and op blockers don't prevent that. * The bdrv_drain_all() comment is still partially correct but reflects the nature of the implementation rather than API documentation. Do make it clear that bdrv_drain() is only appropriate within an AioContext. For anything spanning AioContexts you need bdrv_drain_all(). Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1435854281-6078-1-git-send-email-stefanha@xxxxxxxxxx commit 1bd84ee717bf146c19281cce48a36a2f4d71748d Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Thu Jul 2 11:06:11 2015 +0300 qcow2: remove unnecessary check The value of 'i' is guaranteed to be >= 0 Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1435824371-2660-1-git-send-email-berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 501eea4f4187b6c62b6cf348ab0b100d57d8c56b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Mon Apr 28 11:10:12 2014 +0200 virtio-gpu: add to display-vga test Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit b3409a31001e86d48221ea967b1c696c6497f318 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jun 24 12:22:09 2015 +0200 virtio-gpu: use virtio_instance_init_common, fixup properties Switch over to virtio_instance_init_common. Drop duplicate properties in virtio-gpu-pci and virtio-vga as they are properly aliased now. Also drop the indirection via DEFINE_VIRTIO_GPU_PROPERTIES, we don't need it any more as the properties are defined in a single place now. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e18882952e46634ab7f53ef018a5e2e980996d48 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jun 24 12:19:42 2015 +0200 virtio-gpu: update console device property. Update the device link of the QemuConsole, so it points to the virtio-gpu-pci or virtio-vga device instead of virtio-gpu-device. This is needed because we want to find the device by id, for example for input routing, and the id specified on the command line is attached to the pci proxy, not the virtio device. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 6b3f7f639ed8861cd034292f9bb85b00c73658a6 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Tue Jun 16 17:07:54 2015 +0100 vl: move rom_load_all after machine init done On ARM, commit ac9d32e39664e060cd1b538ff190980d57ad69e4 postponed the memory preparation for boot until the machine init done notifier. This has for consequence to insert ROM at machine init done time. However the rom_load_all function stayed called before the ROM are inserted. As a consequence the rom_load_all function does not do everything it is expected to do, on ARM. It currently registers the ROM reset notifier but does not iterate through the registered ROM list. the isrom field is not set properly. This latter is used to report info in the monitor and also to decide whether the rom->data can be freed on ROM reset notifier. To fix that regression the patch moves the rom_load_all call after machine init done. We also take the opportunity to rename the rom_load_all function into rom_check_and_resgister_reset() and integrate the rom_load_done in it. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reported-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-Id: <1434470874-22573-1-git-send-email-eric.auger@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 1452673888f6d7f0454276d049846c9bec659233 Merge: f6e3035 4330296 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 7 09:22:40 2015 +0100 Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150706.0' into staging VFIO updates for 2.4-rc0 - "real" host page size API (Peter Crosthwaite) - platform device irqfd support (Eric Auger) - spapr container disconnect fix (Alexey Kardashevskiy) - quirk for broken Chelsio hardware (Gabriel Laupre) - coverity fix (Paolo Bonzini) # gpg: Signature made Mon Jul 6 19:23:49 2015 BST using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex@xxxxxxxxxxx>" # gpg: aka "Alex Williamson <alwillia@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex.l.williamson@xxxxxxxxx>" * remotes/awilliam/tags/vfio-update-20150706.0: vfio/pci : Add pba_offset PCI quirk for Chelsio T5 devices vfio: Unregister IOMMU notifiers when container is destroyed hw/vfio/platform: add irqfd support kvm: some fixes to kvm_resamplefds_allowed sysbus: add irq_routing_notifier intc: arm_gic_kvm: set the qemu_irq/gsi mapping kvm-all.c: add qemu_irq/gsi hash table and utility routines kvm: rename kvm_irqchip_[add,remove]_irqfd_notifier with gsi suffix vfio: cpu: Use "real" page size API cpu-all: complete "real" host page size API vfio: fix return type of pread Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Conflicts: kvm-all.c commit f329c74c1e7f08399f0d237f78571eb0ca6a89dd Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Jun 23 15:52:56 2015 +0200 Revert "dataplane: allow virtio-1 devices" This reverts commit f5a5628cf0b65b223fa0c9031714578dfac4cf04. This was an old patch that had been already superseded by b0e5d90eb ("dataplane: endianness-aware accesses"). Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit be1e50a27d5b6845729ae0854f57f3816cf47edb Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Fri Jun 26 09:32:28 2015 +0200 dataplane: fix cross-endian issues Accesses to vring_avail_event and vring_used_event must honor the queue endianness. This patch allows cross-endian setups to use dataplane (tested with ppc64 on ppc64le, and vice-versa). Suggested-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit f6e3035f75e5c6a73485335765ae070304c7a110 Merge: 7edd8e4 355023f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 6 23:37:53 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream-smm' into staging This series implements KVM support for SMM, and lets you enable/disable it through the "smm" property of x86 machine types. # gpg: Signature made Mon Jul 6 17:41:05 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream-smm: pc: add SMM property ich9: add smm_enabled field and arguments pc_piix: rename kvm_enabled to smm_enabled target-i386: register a separate KVM address space including SMRAM regions kvm-all: kvm_irqchip_create is not expected to fail kvm-all: add support for multiple address spaces kvm-all: make KVM's memory listener more generic kvm-all: move internal types to kvm_int.h kvm-all: remove useless typedef kvm-all: put kvm_mem_flags to more work target-i386: add support for SMBASE MSR and SMIs piix4/ich9: do not raise SMI on ACPI enable/disable commands linux-headers: Update to 4.2-rc1 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 43302969966bc3a95470bfc300289a83068ef5d9 Author: Gabriel Laupre <glaupre@xxxxxxxxxxx> Date: Mon Jul 6 12:15:15 2015 -0600 vfio/pci : Add pba_offset PCI quirk for Chelsio T5 devices Fix pba_offset initialization value for Chelsio T5 Virtual Function device. The T5 hardware has a bug in it where it reports a Pending Interrupt Bit Array Offset of 0x8000 for its SR-IOV Virtual Functions instead of the 0x1000 that the hardware actually uses internally. As the hardware doesn't return the correct pba_offset value, add a quirk to instead return a hardcoded value of 0x1000 when a Chelsio T5 VF device is detected. This bug has been fixed in the Chelsio's next chip series T6 but there are no plans to respin the T5 ASIC for this bug. It is just documented in the T5 Errata and left it at that. Signed-off-by: Gabriel Laupre <glaupre@xxxxxxxxxxx> Reviewed-by: Bandan Das <bsd@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit f8d8a944009b7e836c718a05590ea6b36146978f Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Mon Jul 6 12:15:15 2015 -0600 vfio: Unregister IOMMU notifiers when container is destroyed On systems with guest visible IOMMU, adding a new memory region onto PCI bus calls vfio_listener_region_add() for every DMA window. This installs a notifier for IOMMU memory regions. The notifier is supposed to be removed vfio_listener_region_del(), however in the case of mixed PHB (emulated + VFIO devices) when last VFIO device is unplugged and container gets destroyed, all existing DMA windows stay alive altogether with the notifiers which are on the linked list which head was in the destroyed container. This unregisters IOMMU memory region notifier when a container is destroyed. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit fb5f816499a5184a1336d72db030b8419b523082 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jul 6 12:15:14 2015 -0600 hw/vfio/platform: add irqfd support This patch aims at optimizing IRQ handling using irqfd framework. Instead of handling the eventfds on user-side they are handled on kernel side using - the KVM irqfd framework, - the VFIO driver virqfd framework. the virtual IRQ completion is trapped at interrupt controller This removes the need for fast/slow path swap. Overall this brings significant performance improvements. Signed-off-by: Alvise Rigo <a.rigo@xxxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Tested-by: Vikram Sethi <vikrams@xxxxxxxxxxxxxx> Acked-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 879904e8635b316de18393222f02d46d2d1f7f4e Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jul 6 12:15:14 2015 -0600 kvm: some fixes to kvm_resamplefds_allowed Commit f41389ae3c54b introduced kvm_resamplefds_enabled() and associated kvm_resamplefds_allowed boolean. This patch adds non-KVM version for kvm_resamplefds_enabled and also declares kvm_resamplefds_allowed in kvm-stub as it is done for fellow kvm_irqfds_allowed. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 715ca691daca081108b33306faa6fa102f0df8d8 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jul 6 12:15:14 2015 -0600 sysbus: add irq_routing_notifier Add a new connect_irq_notifier notifier in the SysBusDeviceClass. This notifier, if populated, is called after sysbus_connect_irq. This mechanism is used to setup VFIO signaling once VFIO platform devices get attached to their platform bus, on a machine init done notifier. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Tested-by: Vikram Sethi <vikrams@xxxxxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 6a1a9cfa1c4a3e5b521d82e6adb94311fc5b9f8b Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jul 6 12:15:13 2015 -0600 intc: arm_gic_kvm: set the qemu_irq/gsi mapping The arm_gic_kvm now calls kvm_irqchip_set_qemuirq_gsi to build the hash table storing qemu_irq/gsi mappings. From that point on irqfd can be setup directly from the qemu_irq using kvm_irqchip_add_irqfd_notifier. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Tested-by: Vikram Sethi <vikrams@xxxxxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 197e35249a7360534e1aea0f2268ad0e1aa27121 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jul 6 12:15:13 2015 -0600 kvm-all.c: add qemu_irq/gsi hash table and utility routines VFIO platform device needs to setup irqfd but it does not know the gsi corresponding to the device qemu_irq. This patch proposes to store a hash table in kvm_state using the qemu_irq as key and the gsi as a value. kvm_irqchip_set_qemuirq_gsi allows to insert such a pair. The interrupt controller is supposed to use it. kvm_irqchip_[add, remove]_irqfd_notifier allows to setup/tear down irqfd directly from the qemu_irq. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Tested-by: Vikram Sethi <vikrams@xxxxxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 1c9b71a7311ed99635a2d007fc8a856879537a05 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jul 6 12:15:13 2015 -0600 kvm: rename kvm_irqchip_[add,remove]_irqfd_notifier with gsi suffix Anticipating for the introduction of new add/remove functions taking a qemu_irq parameter, let's rename existing ones with a gsi suffix. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Tested-by: Vikram Sethi <vikrams@xxxxxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit f7ceed190d7dcd907afe4b46b23809aaad09a619 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Mon Jul 6 12:15:12 2015 -0600 vfio: cpu: Use "real" page size API This is system level code, and should only depend on the host page size, not the target page size. Note that HOST_PAGE_SIZE is misleadingly lead and is really aligning to both host and target page size. Hence it's replacement with REAL_HOST_PAGE_SIZE. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Tested-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 4e51361d79289aee2985dfed472f8d87bd53a8df Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Mon Jul 6 12:15:12 2015 -0600 cpu-all: complete "real" host page size API Currently the "host" page size alignment API is really aligning to both host and target page sizes. There is the qemu_real_page_size which can be used for the actual host page size but it's missing a mask and ALIGN macro as provided for qemu_page_size. Complete the API. This allows system level code that cares about the host page size to use a consistent alignment interface without having to un-needingly align to the target page size. This also reduces system level code dependency on the cpu specific TARGET_PAGE_SIZE. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Tested-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 7d489dcdf5fd71b5052ffd401b869a627e1c751f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Jul 6 12:15:12 2015 -0600 vfio: fix return type of pread size_t is an unsigned type, thus the error case is never reached in the below call to pread. If bytes is negative, it will be seen as a very high positive value. Spotted by Coverity. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 355023f2010c4df619d88a0dd7012b4b9c74c12c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:30:52 2015 +0200 pc: add SMM property The property can take values on, off or auto. The default is "off" for KVM and pre-2.4 machines, otherwise "auto" (which makes it available on TCG or on new-enough kernels). Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fba72476c6b7be60ac74c5bcdc06c61242d1fe4f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:30:51 2015 +0200 ich9: add smm_enabled field and arguments Q35's ACPI device is hard-coding SMM availability to KVM. Place the logic where the board is created instead, so that it will be possible to override it. Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 61e66c6237a0ca3eac35cf3145ccbb3ab5b6354c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:30:17 2015 +0200 pc_piix: rename kvm_enabled to smm_enabled We will enable SMM even if KVM is in use. Rename the field and arguments. Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6410848bec38089424d54a6a8f10d4cf77182b5d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:30:16 2015 +0200 target-i386: register a separate KVM address space including SMRAM regions Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8db4936bb648e15173d687bc162be14fd0d4260c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:30:15 2015 +0200 kvm-all: kvm_irqchip_create is not expected to fail KVM_CREATE_IRQCHIP should never fail, and so should its userspace wrapper kvm_irqchip_create. The function does not do anything if the irqchip capability is not available, as is the case for PPC. With this patch, kvm_arch_init can allocate memory and it will not be leaked. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 38bfe69180f99d05611a14bab4bb72c95e755b58 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:30:14 2015 +0200 kvm-all: add support for multiple address spaces Make kvm_memory_listener_register public, and assign a kernel address space id to each KVMMemoryListener. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7bbda04c8d13d0a599b31ed1c10dc76a62f9d4dc Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:30:13 2015 +0200 kvm-all: make KVM's memory listener more generic No semantic change, but s->slots moves into a new struct KVMMemoryListener. KVM's memory listener becomes a member of struct KVMState, and becomes of type KVMMemoryListener. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8571ed35cfa50ed6b2aaee484dfa4f58176ebe00 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:28:45 2015 +0200 kvm-all: move internal types to kvm_int.h i386 code will have to define a different KVMMemoryListener. Create an internal header so that KVMSlot is not exposed outside. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 714f78c587ba628169b8ae6f91866c52fe6a799f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:28:44 2015 +0200 kvm-all: remove useless typedef Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d6ff5cbc1231a5aec997abf3a809c7013e60472f Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Thu Jun 18 18:28:43 2015 +0200 kvm-all: put kvm_mem_flags to more work Currently kvm_mem_flags just translates bools to bits, let's make it also determine the bools first. This avoids its parameter list growing each time we add a flag. Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fc12d72e10828ca6ff75f2ad432b741f07a10cef Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:28:42 2015 +0200 target-i386: add support for SMBASE MSR and SMIs Apart from the MSR, the smi field of struct kvm_vcpu_events has to be translated into the corresponding CPUX86State fields. Also, memory transaction flags depend on SMM state, so pull it from struct kvm_run on every exit from KVM to userspace. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit afd6895b45f20eb43b7ff95f7a76cc5af8d36cd7 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:28:41 2015 +0200 piix4/ich9: do not raise SMI on ACPI enable/disable commands These commands are handled entirely by QEMU. Do not raise an SMI when they happen, because Windows (at least 2008r2) expects these commands to work and (depending on the value of APMC_EN at startup) the firmware might not have installed an SMI handler. When this happens (e.g. the kernel supports SMIs, or you are using TCG, but you have used "-machine smm=off") RIP is moved to 0x38000 where there is no code to execute. Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 25b8b39b6d7de95d0dd5ae7b66b3ac4b9b83e060 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Mon Jul 6 12:10:57 2015 +1000 linux-headers: Update to 4.2-rc1 This updates linux-headers against master 4.2-rc1 (commit d770e558e21961ad6cfdf0ff7df0eb5d7d4f0754). This is the result of ./scripts/update-linux-headers.sh work. Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7edd8e4660beb301d527257f8e04ebec0f841cb0 Merge: 3fa18bc b242e0e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 6 14:03:44 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * more of Peter Crosthwaite's multiarch preparation patches * unlocked MMIO support in KVM * support for compilation with ICC # gpg: Signature made Mon Jul 6 13:59:20 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: exec: skip MMIO regions correctly in cpu_physical_memory_write_rom_internal Stop including qemu-common.h in memory.h kvm: Switch to unlocked MMIO acpi: mark PMTIMER as unlocked kvm: Switch to unlocked PIO kvm: First step to push iothread lock out of inner run loop memory: let address_space_rw/ld*/st* run outside the BQL exec: pull qemu_flush_coalesced_mmio_buffer() into address_space_rw/ld*/st* memory: Add global-locking property to memory regions main-loop: introduce qemu_mutex_iothread_locked main-loop: use qemu_mutex_lock_iothread consistently Fix irq route entries exceeding KVM_MAX_IRQ_ROUTES cpu-defs: Move out TB_JMP defines include/exec: Move tb hash functions out include/exec: Move standard exceptions to cpu-all.h cpu-defs: Move CPU_TEMP_BUF_NLONGS to tcg memory_mapping: Rework cpu related includes cutils: allow compilation with icc qemu-common: add VEC_OR macro Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b242e0e0e2969c044a318e56f7988bbd84de1f63 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Sat Jul 4 00:24:51 2015 +0200 exec: skip MMIO regions correctly in cpu_physical_memory_write_rom_internal Loading the BIOS in the mac99 machine is interesting, because there is a PROM in the middle of the BIOS region (from 16K to 32K). Before memory region accesses were clamped, when QEMU was asked to load a BIOS from 0xfff00000 to 0xffffffff it would put even those 16K from the BIOS file into the region. This is weird because those 16K were not actually visible between 0xfff04000 and 0xfff07fff. However, it worked. After clamping was added, this also worked. In this case, the cpu_physical_memory_write_rom_internal function split the write in three parts: the first 16K were copied, the PROM area (second 16K) were ignored, then the rest was copied. Problems then started with commit 965eb2f (exec: do not clamp accesses to MMIO regions, 2015-06-17). Clamping accesses is not done for MMIO regions because they can overlap wildly, and MMIO registers can be expected to perform full-width accesses based only on their address (with no respect for adjacent registers that could decode to completely different MemoryRegions). However, this lack of clamping also applied to the PROM area! cpu_physical_memory_write_rom_internal thus failed to copy the third range above, i.e. only copied the first 16K of the BIOS. In effect, address_space_translate is expecting _something else_ to do the clamping for MMIO regions if the incoming length is large. This "something else" is memory_access_size in the case of address_space_rw, so use the same logic in cpu_physical_memory_write_rom_internal. Reported-by: Alexander Graf <agraf@xxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> Tested-by: Laurent Vivier <lvivier@xxxxxxxxxx> Fixes: 965eb2f Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fba0a593b2809ecdda68650952cf3d3332ac1990 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 3 15:18:24 2015 +0100 Stop including qemu-common.h in memory.h Including qemu-common.h from other header files is generally a bad idea, because it means it's very easy to end up with a circular dependency. For instance, if we wanted to include memory.h from qom/cpu.h we'd end up with this loop: memory.h -> qemu-common.h -> cpu.h -> cpu-qom.h -> qom/cpu.h -> memory.h Remove the include from memory.h. This requires us to fix up a few other files which were inadvertently getting declarations indirectly through memory.h. The biggest change is splitting the fprintf_function typedef out into its own header so other headers can get at it without having to include qemu-common.h. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1435933104-15216-1-git-send-email-peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3fa18bc9a55e067ba3012ab1d394f5d5a7e51419 Merge: 261ccf4 1479073 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 6 12:51:51 2015 +0100 Merge remote-tracking branch 'remotes/xtensa/tags/20150706-xtensa' into staging Xtensa fixes: - add 64-bit floating point registers; - fix gdb register map construction. # gpg: Signature made Mon Jul 6 11:27:45 2015 BST using RSA key ID F83FA044 # gpg: Good signature from "Max Filippov <max.filippov@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Max Filippov <jcmvbkbc@xxxxxxxxx>" * remotes/xtensa/tags/20150706-xtensa: target-xtensa: fix gdb register map construction target-xtensa: add 64-bit floating point registers Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1479073b7e849fa03e5892eea0e0b5dadde1a98a Author: Max Filippov <jcmvbkbc@xxxxxxxxx> Date: Wed Jul 1 13:00:29 2015 +0300 target-xtensa: fix gdb register map construction Due to different gdb overlay organization between windowed/call0 configurations core import script doesn't always work correctly. Simplify the script: always copy complete gdb register map from overlay, count registers at core registerstion time. Update existing cores. Signed-off-by: Max Filippov <jcmvbkbc@xxxxxxxxx> commit ddd44279fdbc545a9182cb642645af8a4672c267 Author: Max Filippov <jcmvbkbc@xxxxxxxxx> Date: Mon Jun 29 10:50:03 2015 +0300 target-xtensa: add 64-bit floating point registers Xtensa ISA got specification for 64-bit floating point registers and opcodes, see ISA, 4.3.11 "Floating point coprocessor option". Add 64-bit FP registers. Although 64-bit floating point is currently not supported by xtensa translator, these registers need to be reported to gdb with proper size, otherwise it wouldn't find other registers. Signed-off-by: Max Filippov <jcmvbkbc@xxxxxxxxx> commit 261ccf426a6df854ba398be92413476919dd67f9 Merge: f50a164 257621a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 6 11:04:54 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150706' into staging target-arm queue: * TLBI ALLEI1IS should operate on all CPUs, not just this one * Fix interval interrupt of cadence ttc in decrement mode * Implement YIELD insn to yield in ARM and Thumb translators * ARM GIC: reset all registers * arm_mptimer: fix timer shutdown and mode change * arm_mptimer: respect IT bit state # gpg: Signature made Mon Jul 6 10:58:27 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150706: arm_mptimer: Respect IT bit state arm_mptimer: Fix timer shutdown and mode change hw/intc/arm_gic_common.c: Reset all registers target-arm: Implement YIELD insn to yield in ARM and Thumb translators target-arm: Split DISAS_YIELD from DISAS_WFE Fix interval interrupt of cadence ttc when timer is in decrement mode target-arm: fix write helper for TLBI ALLE1IS Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 257621a9566054472d1d55a819880d0f9da02bda Author: Dmitry Osipenko <digetx@xxxxxxxxx> Date: Mon Jul 6 04:27:12 2015 +0300 arm_mptimer: Respect IT bit state The timer should fire the interrupt only if the IT (interrupt enable) bit state of the control register is enabled. Signed-off-by: Dmitry Osipenko <digetx@xxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8a52340cbaf60d4dd0a78bbfe12632639fe3da6d Author: Dmitry Osipenko <digetx@xxxxxxxxx> Date: Mon Jul 6 01:47:47 2015 +0300 arm_mptimer: Fix timer shutdown and mode change The running timer can't be stopped because timer control code just doesn't handle disabling the timer. Fix it by deleting the timer if the enable bit is cleared. The timer won't start periodic ticking if a ONE-SHOT -> PERIODIC mode change happens after a one-shot tick was completed. Fix it by re-starting ticking if the timer isn't ticking right now. To avoid code churning, these two fixes are squashed in one commit. Signed-off-by: Dmitry Osipenko <digetx@xxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 12dc273e98e4e111880b25c12bf671dc8951b8e6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 29 19:25:45 2015 +0100 hw/intc/arm_gic_common.c: Reset all registers The arm_gic_common reset function was missing reset code for several of the GIC's state fields: * bpr[] * abpr[] * priority1[] * priority2[] * sgi_pending[] * irq_target[] (SMP configurations only) These probably went unnoticed because most guests will either never touch them, or will write to them in the process of configuring the GIC before enabling interrupts. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1435602345-32210-1-git-send-email-peter.maydell@xxxxxxxxxx Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit c87e5a61c2b3024116f52f7e68273f864ff7ab82 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 6 10:05:44 2015 +0100 target-arm: Implement YIELD insn to yield in ARM and Thumb translators Implement the YIELD instruction in the ARM and Thumb translators to actually yield control back to the top level loop rather than being a simple no-op. (We already do this for A64.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1435672316-3311-3-git-send-email-peter.maydell@xxxxxxxxxx commit 049e24a191c212d9468db84169197887f2c91586 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 6 10:05:44 2015 +0100 target-arm: Split DISAS_YIELD from DISAS_WFE Currently we use DISAS_WFE for both WFE and YIELD instructions. This is functionally correct because at the moment both of them are implemented as "yield this CPU back to the top level loop so another CPU has a chance to run". However it's rather confusing that YIELD ends up calling HELPER(wfe), and if we ever want to implement real behaviour for WFE and SEV it's likely to trip us up. Split out the yield codepath to use DISAS_YIELD and a new HELPER(yield) function, and have HELPER(wfe) call HELPER(yield). Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1435672316-3311-2-git-send-email-peter.maydell@xxxxxxxxxx Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> commit a7ffaf5c96e26820edffa94eeac766fe60bfdd31 Author: Johannes Schlatow <schlatow@xxxxxxxxxxxxxxxx> Date: Mon Jul 6 10:05:44 2015 +0100 Fix interval interrupt of cadence ttc when timer is in decrement mode The interval interrupt is not set if the timer is in decrement mode. This is because x >=0 and x < interval after leaving the while-loop. Signed-off-by: Johannes Schlatow <schlatow@xxxxxxxxxxxxxxxx> Message-id: 20150630135821.51f3b4fd@johanness-latitude Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2a6332d968297266dbabf9d33f959e3a5efdd0f9 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Mon Jul 6 10:05:43 2015 +0100 target-arm: fix write helper for TLBI ALLE1IS TLBI ALLE1IS is an operation that does invalidate TLB entries on all PEs in the same Inner Sharable domain, not just on the current CPU. So we must use tlbiall_is_write() here. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1435676538-31345-1-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f50a1640fb82708a5d528dee1ace42a224b95b15 Merge: 63a9294 7c649ac Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Jul 5 20:35:47 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Sat Jul 4 07:06:08 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/ide-pull-request: (35 commits) ahci: fix sdb fis semantics qtest/ahci: halted ncq migration test ahci: Do not map cmd_fis to generate response ahci: ncq migration ahci: add get_cmd_header helper ahci: add cmd header to ncq transfer state qtest/ahci: halted NCQ test ahci: correct ncq sector count ahci: correct types in NCQTransferState ahci: add rwerror=stop support for ncq ahci: factor ncq_finish out of ncq_cb ahci: refactor process_ncq_command ahci: assert is_ncq for process_ncq ahci: stash ncq command ide: add limit to .prepare_buf() qtest/ahci: ncq migration test qtest/ahci: simple ncq data test libqos/ahci: Force all NCQ commands to be LBA48 libqos/ahci: set the NCQ tag on command_commit libqos/ahci: adjust expected NCQ interrupts ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 63a9294ddc9cf4f2bdcd0179324fedcbb6fae59f Merge: 3536064 e75e2a1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Jul 5 19:33:51 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging NUMA queue, 2015-07-03 # gpg: Signature made Fri Jul 3 21:49:58 2015 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/numa-pull-request: numa: API to lookup NUMA node by address numa: Store boot memory address range in node_info numa,pc-dimm: Store pc-dimm memory information in numa_info pc: Abort if HotplugHandlerClass::plug() fails pc,pc-dimm: Factor out reusable parts in pc_dimm_plug to a separate routine pc,pc-dimm: Extract hotplug related fields in PCMachineState to a structure Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7c649ac5b607e2339fb54fc0fc01311ba5eacadd Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 ahci: fix sdb fis semantics There are two things to fix here: The first one is subtle: the PxSACT register in the AHCI HBA has different semantics from the field it is shadowing, the ACT field in the Set Device Bits FIS. In the HBA register, PxSACT acts as a bitfield indicating outstanding NCQ commands where a set bit indicates a pending NCQ operation. The FIS field however operates as an RWC register update to PxSACT, where a set bit indicates a *successfully* completed command. Correct the FIS semantics. At the same time, move the "clear finished" action to the SDB FIS generation instead of the register read to mimick how the other shadow registers work, which always just report the last reported value from a FIS, and not the most current values which may not have been reported by a FIS yet. Lastly and more simply, SATA 3.2 section 13.6.4.2 (and later sections) all specify that the Interrupt bit for the SDB FIS should always be set to one for NCQ commands. That's currently the only time we generate this FIS, so set it on all the time. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-16-git-send-email-jsnow@xxxxxxxxxx commit 8146d7dc2756138bd4011e8d882ead929f25f2d0 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 qtest/ahci: halted ncq migration test Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-15-git-send-email-jsnow@xxxxxxxxxx commit dd6282217d8fee36e3854eab2635bec9cc5d5236 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 ahci: Do not map cmd_fis to generate response The Register D2H FIS should copy the current values of the registers instead of just parroting back the same values the guest sent back to it. In this case, the SECTOR COUNT variables are actually not generally meaningful in terms of standard commands (See ATA8-AC3 Section 9.2 Normal Outputs), so it actually probably doesn't matter what we put in here. Meanwhile, we do need to use the Register update FIS from the NCQ pathways (in error cases), so getting rid of references to cur_cmd here is a win for AHCI concurrency. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-14-git-send-email-jsnow@xxxxxxxxxx commit 684d50132fdd68f4c2cba9e65b50f9b8ef4c5164 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 ahci: ncq migration Migrate the NCQ queue. This is solely for the benefit of halted commands, since anything else should have completed and had any relevant status flushed to the HBA registers already. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-13-git-send-email-jsnow@xxxxxxxxxx commit ee364416c1b5ed1adc779ca7197451a131666236 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 ahci: add get_cmd_header helper cur_cmd is an internal bookmark that points to the current AHCI Command Header being processed by the AHCI state machine. With NCQ needing to occasionally rely on some of the same AHCI helpers, we cannot use cur_cmd and will need to grab explicit pointers instead. In an attempt to begin relying on the cur_cmd pointer less, add a helper to let us specifically get the pointer to the command header of particular interest. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-12-git-send-email-jsnow@xxxxxxxxxx commit c82bd3c893825fc76af3634f5461f5eabd94e9df Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 ahci: add cmd header to ncq transfer state While the rest of the AHCI device can rely on a single bookmarked pointer for the AHCI Command Header currently being processed, NCQ is asynchronous and may have many commands in flight simultaneously. Add a cmdh pointer to the ncq_tfs object and make the sglist prepare function take an AHCICmdHeader pointer so we can be explicit about where we'd like to build SGlists from. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-11-git-send-email-jsnow@xxxxxxxxxx commit 7f6cf5ee1236d94fc25830a47438e57aa294d9fe Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 qtest/ahci: halted NCQ test Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-10-git-send-email-jsnow@xxxxxxxxxx commit e08a98357b5811e7933ff077f6da4b85175caf8a Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 ahci: correct ncq sector count uint16_t isn't enough to hold the real sector count, since a value of zero implies a full 64K sectors, so we need a uint32_t here. We *could* cheat and pretend that this value is 0-based and fit it in a uint16_t, but I'd rather waste 2 bytes instead of a future dev's 10 minutes when they forget to +1/-1 accordingly somewhere. See SATA 3.2, section 13.6.4.1 "READ FPDMA QUEUED". Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-9-git-send-email-jsnow@xxxxxxxxxx commit 9364384de0e3b8a5bdea67ba49bee9ea7f1b8f26 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 ahci: correct types in NCQTransferState Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-8-git-send-email-jsnow@xxxxxxxxxx commit 7c03a691077e71a08bbca06568cd97f09537458c Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 ahci: add rwerror=stop support for ncq Handle NCQ failures for cases where we want to halt the VM on IO errors. Upon a VM state change, retry the halted NCQ commands. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-7-git-send-email-jsnow@xxxxxxxxxx commit 54f3223730736fca1e6e89bb7f99c4f8432fdabb Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 ahci: factor ncq_finish out of ncq_cb When we add werror=stop or rerror=stop support to NCQ, we'll want to take a codepath where we don't actually complete the command, so factor that out into a new routine. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-6-git-send-email-jsnow@xxxxxxxxxx commit 631ddc22cbb401f2777dc8b117196f0988df4eea Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 ahci: refactor process_ncq_command Split off execute_ncq_command so that we can call it separately later if we desire. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-5-git-send-email-jsnow@xxxxxxxxxx commit 922f893e57da24bc80db3e79bea56485d1c111fa Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 ahci: assert is_ncq for process_ncq We already checked this in the handle_cmd phase, so just change this to an assertion and simplify the error logic. (Also, fix the switch indent, because checkpatch.pl yelled.) ((Sorry for churn.)) Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-4-git-send-email-jsnow@xxxxxxxxxx commit 4614619ee4ad96d2715dc41f9430fb43335c15d2 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 ahci: stash ncq command For migration and werror=stop/rerror=stop resume purposes, it will be convenient to have the command handy inside of ncq_tfs. Eventually, we'd like to avoid reading from the FIS entirely after the initial read, so this is a byte (hah!) sized step in that direction. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-3-git-send-email-jsnow@xxxxxxxxxx commit a718978ed58abc1ad92567a9c17525136be02a71 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 ide: add limit to .prepare_buf() prepare_buf should not always grab as many descriptors as it can, sometimes it should self-limit. For example, an NCQ transfer of 1 sector with a PRDT that describes 4GiB of data should not copy 4GiB of data, it should just transfer that first 512 bytes. PIO is not affected, because the dma_buf_rw dma helpers already have a byte limit built-in to them, but DMA/NCQ will exhaust the entire list regardless of requested size. AHCI 1.3 specifies in section 6.1.6 Command List Underflow that NCQ is not required to detect underflow conditions. Non-NCQ pathways signal underflow by writing to the PRDBC field, which will already occur by writing the actual transferred byte count to the PRDBC, signaling the underflow. Our NCQ pathways aren't required to detect underflow, but since our DMA backend uses the size of the PRDT to determine the size of the transer, if our PRDT is bigger than the transaction (the underflow condition) it doesn't cost us anything to detect it and truncate the PRDT. This is a recoverable error and is not signaled to the guest, in either NCQ or normal DMA cases. For BMDMA, the existing pathways should see no guest-visible difference, but any bytes described in the overage will no longer be transferred before indicating to the guest that there was an underflow. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-2-git-send-email-jsnow@xxxxxxxxxx commit 07a1ee7958cc3433706ab0d3a07c42fdd9d98fe6 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 qtest/ahci: ncq migration test Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-17-git-send-email-jsnow@xxxxxxxxxx commit 26ad004585835e7c126bb94fd5161db1c60169f3 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 qtest/ahci: simple ncq data test Test the NCQ pathways for a simple IO RW test. Also, test that libqos doesn't explode when running NCQ commands :) Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-16-git-send-email-jsnow@xxxxxxxxxx commit e38cc93aca5d40a58e65bb0dfa23eaf3290bbf76 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 libqos/ahci: Force all NCQ commands to be LBA48 NCQ commands are LBA48 by definition. See SATA 3.2 13.6.4.1 "READ FPDMA QUEUED", or SATA 3.2 13.6.5.1 "WRITE FPDMA QUEUED." Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-15-git-send-email-jsnow@xxxxxxxxxx commit a8973ff50a04f96c3ce5c803c8fd3ec16ed8d6c5 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 libqos/ahci: set the NCQ tag on command_commit NCQ commands have the concept of a "TAG" that they need to set, but in the AHCI world, it is mandated that the TAG always match the command slot that you executed the NCQ from. See AHCI 9.3.1.1.5.2 "Native Queued Commands". Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-14-git-send-email-jsnow@xxxxxxxxxx commit 359790c2542a8c4da3d4c8fb626ca2675a417d51 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 libqos/ahci: adjust expected NCQ interrupts NCQ commands will expect the SDBS interrupt, and in the normative case, do not expect to see a D2H Register FIS unless something went wrong. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-13-git-send-email-jsnow@xxxxxxxxxx commit 4de484698bdda6c5e093dfbe4368cdb364fdf87f Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 libqos/ahci: edit wait to be ncq aware The wait command should check to make sure SACT is clear as well as the Command Issue register. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-12-git-send-email-jsnow@xxxxxxxxxx commit cb45304108ab733aaf2e4351e77cb6d07ac88fd5 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 libqos/ahci: add NCQ frame support NCQ frames are generated a little differently than their non-NCQ cousins. Add support for them. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-11-git-send-email-jsnow@xxxxxxxxxx commit 40d29928caa6db154182f5314f497020f81e640e Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 libqos/ahci: fix cmd_sanity for ncq NCQ commands should not / do not update the byte count in the command header post command, so this field is meaningless for NCQ tests. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-10-git-send-email-jsnow@xxxxxxxxxx commit 34475239b8f1fff0b715cb20f8b534b9d07a897e Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 ahci/qtest: Execute IDENTIFY prior to data commands If you try to execute an NCQ command before trying to engage with the device by issuing an IDENTIFY command, the error bits that are part of the signature will fool the test suite into thinking there was a failure. Issue IDENTIFY first on "boot", which will clear the signature out of the registers for us. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-9-git-send-email-jsnow@xxxxxxxxxx commit 0437d32ae232af37d3b94064a563eb51d4eedd62 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 ahci: ncq sector count correction This value should not be size-corrected, 0 sectors does not imply 1 sector(s). This is just debug information, but it's misleading! Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-8-git-send-email-jsnow@xxxxxxxxxx commit 5d5f89212f19e3d7d3da1328137ca9e33eead7bf Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 ahci: add ncq debug checks Most of the time, these bits can be safely ignored. For the purposes of debugging however, it's nice to know that they're not being used. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-7-git-send-email-jsnow@xxxxxxxxxx commit d56f4d6965ebcf8f3c496845c286e3a66496fdff Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 ahci: separate prdtl from opts There's no real reason to have it bundled together, and this way is a little nicer to follow if you have the AHCI spec pulled up. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-6-git-send-email-jsnow@xxxxxxxxxx commit 3bcbe4aa803c1a41e5392ecac7b4fc3c99a42f89 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 ahci: check for ncq prdtl overflow Don't attempt the NCQ transfer if the PRDT we were given is not big enough to perform the entire transfer. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-5-git-send-email-jsnow@xxxxxxxxxx commit a55c8231d04e3023bc5c3da9290f01e7d6989a94 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 ahci: add ncq_err helper Set some appropriate error bits for NCQ for us. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-4-git-send-email-jsnow@xxxxxxxxxx commit b6fe41fa6dbdf7b92b76cd4848ef442de18e03d3 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 ahci: use shorter variables Trivial cleanup that I didn't want to tack-on to anything else. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-3-git-send-email-jsnow@xxxxxxxxxx commit 7763ed1506a9ffe74a80332182cc4f229251f998 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 ahci: Rename NCQFIS structure fields Several fields of the NCQFIS structure are ambiguously named. This patch clarifies the intended (if unsupported) usage of the NCQ fields to aid in creating more meaningful debug messages through the NCQ codepaths. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-2-git-send-email-jsnow@xxxxxxxxxx commit d31a3ebc28bf401cc5cce43f36068697d670c3f9 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:02 2015 -0400 qtest/ahci: add port_reset test Test that we can survive a couple of cycles of running a basic identify test, some IO, and resetting the HBA. Ensures that we can bring the HBA back to compliant spec during the lifecycle of the VM. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1434470575-21625-5-git-send-email-jsnow@xxxxxxxxxx commit 95ea663693fdf4f39976f9aadb004fc77c2058ee Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:02 2015 -0400 libqos/ahci: fix memory management bugs There's a handful of trivial bugs in the libqos/ahci functions, squish them together. - Zero cached pointers after freeing them - The Command List Buffer is an array of 32x 32 byte structures, not 32x 8 byte pointers -- it's 1MiB, not 256 bytes. Zero it ALL. - Free the correct command in ahci_pick_cmd. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1434470575-21625-4-git-send-email-jsnow@xxxxxxxxxx commit 0d3e9d1f598e803a02c9bf43ec0b053e873ca79a Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:02 2015 -0400 qtest/ahci: add test_max Test that the FIS delivered after a nondata command has appropriately updated registers, just as we'd expect a data command to do. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1434470575-21625-3-git-send-email-jsnow@xxxxxxxxxx commit e9ebb2f76778d19227476e34c3d7aa6b8975c1b6 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:02 2015 -0400 ahci: Do not ignore memory access read size The only guidance the AHCI specification gives on memory access is: "Register accesses shall have a maximum size of 64-bits; 64-bit access must not cross an 8-byte alignment boundary." I interpret this to mean that aligned or unaligned 1, 2 and 4 byte accesses should work, as well as aligned 8 byte accesses. In practice, a real Q35/ICH9 responds to 1, 2, 4 and 8 byte reads regardless of alignment. Windows 7 can be observed making 1 byte reads to the middle of 32 bit registers to fetch error codes. Introduce a wrapper to support unaligned accesses to AHCI. This wrapper will support aligned 8 byte reads, but will make no effort to support unaligned 8 byte reads, which although they will work on real hardware, are not guaranteed to work and do not appear to be used by either Windows or Linux. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1434470575-21625-2-git-send-email-jsnow@xxxxxxxxxx commit e75e2a14d5c13ad38dcf72b69922dee2dafbb0d0 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 13:50:27 2015 +0530 numa: API to lookup NUMA node by address Introduce an API numa_get_node(ram_addr_t addr, Error **errp) that returns the NUMA node to which the given address belongs to. This API works uniformly for both boot time as well as hotplugged memory. This API is needed by sPAPR PowerPC to support ibm,dynamic-reconfiguration-memory device tree node which is needed for memory hotplug. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Tested-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit abafabd8c982e875d60a10d37f0b91cff1003c55 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 13:50:26 2015 +0530 numa: Store boot memory address range in node_info Store memory address range information of boot memory in address range list of numa_info. This helps to have a common NUMA node lookup by address function that works for both boot-time memory and hotplugged memory. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Tested-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit fa9ea81d15d459f6c4a39d77ae680af94cebd65e Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 13:50:25 2015 +0530 numa,pc-dimm: Store pc-dimm memory information in numa_info Start storing the (start_addr, end_addr) of the pc-dimm memory in corresponding numa_info[node] so that this information can be used to lookup node by address. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Tested-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 8e23184b6b2f8426041854b18fb56a3ff197d5a0 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 13:50:24 2015 +0530 pc: Abort if HotplugHandlerClass::plug() fails HotplugHandlerClass::plug() shouldn't fail and hence use error_abort to abort if it fails. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Tested-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 43bbb49ef7032a8bfdafbd02d0286512af161089 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 13:50:23 2015 +0530 pc,pc-dimm: Factor out reusable parts in pc_dimm_plug to a separate routine pc_dimm_plug() has code that will be needed for memory plug handlers in other archs too. Extract code from pc_dimm_plug() into a generic routine pc_dimm_memory_plug() that resides in pc-dimm.c. Also correspondingly refactor re-usable unplug code into pc_dimm_memory_unplug(). Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Tested-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit a7d69ff10b085ba6f8236600829532984cdea714 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 13:50:22 2015 +0530 pc,pc-dimm: Extract hotplug related fields in PCMachineState to a structure Move hotplug_memory_base and hotplug_memory fields of PCMachineState into a separate structure so that the same can be made use of from other architectures supporing memory hotplug. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Tested-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 35360642d043c2a5366e8a04a10e5545e7353bd5 Merge: 5317b0f 496eaca Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 3 12:05:31 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20150703-1' into staging virtio-input: add input routing support, update multiseat docs. # gpg: Signature made Fri Jul 3 11:22:33 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-input-20150703-1: update pci-bridge-seat section in docs/multiseat.txt virtio-input: add input routing support Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 496eacaa67653023540e090fb70b7caba429bbc0 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jul 1 10:59:47 2015 +0200 update pci-bridge-seat section in docs/multiseat.txt Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 5cce173323cfe1bb22f7a10f9b73ac7796909cef Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jun 24 11:59:16 2015 +0200 virtio-input: add input routing support Add display and head properties for input routing to virtio-input devices, update multiseat documentation. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 5317b0f6d4bb581c5c8f88f31138ee301ad2b7e5 Merge: 6686ce3 c4d3c0a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 2 15:20:55 2015 +0100 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20150702-v3' into staging Several s390x patches including: - missing virtio-1 related code for virtio-ccw - bugfixes in ipl device, gdb, virtio-ccw - bugfix in s390-ccw bios + rebuild - introduce versioned machines for s390-ccw-virtio # gpg: Signature made Thu Jul 2 15:05:34 2015 BST using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20150702-v3: s390x/migration: Introduce 2.4 machine s390x/gdb: synchronize cpu state after modifying acrs s390x/ipl: Fix boot if no bootindex was specified virtio-ccw: migrate ->revision s390x/virtio-ccw: support virtio-1 set_vq format s390x/virtio-ccw: add virtio set-revision call s390x/css: Add a callback for when subchannel gets disabled s390-ccw.img: update s390-ccw.img: Consume service interrupts css: mss/mcss-e vs. migration virtio-ccw: complete handling of guest-initiated resets Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c4d3c0a2696c09a884b680d15b03325e46656a6c Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Wed Jul 1 11:16:57 2015 +0200 s390x/migration: Introduce 2.4 machine The section footer changes commit f68945d42bab ("Add a protective section footer") and commit 37fb569c0198 ("Disable section footers on older machine types") broke migration for any non-versioned machines. This pinpoints a problem of s390-ccw machines: it needs to be versioned to be compatible with future changes in common code data structures such as section footers. Let's introduce a version scheme for s390-ccw-virtio machines. We will use the old s390-ccw-virtio name as alias to the latest version as all existing libvirt XML for the ccw type were expanded by libvirt to that name. The only downside of this patch is, that the old alias s390-ccw will no longer be available as machines can have only one alias, but it should not really matter. Cc: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Cc: Juan Quintela <quintela@xxxxxxxxxx> Cc: Boris Fiuczynski <fiuczy@xxxxxxxxxxxxxxxxxx> Cc: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Message-Id: <1435742217-62246-1-git-send-email-borntraeger@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 55b1b753dff022dcc95123bed35946b4977d31fa Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Tue Jun 23 09:10:51 2015 +0200 s390x/gdb: synchronize cpu state after modifying acrs Whenever we touch the access control registers, we have to make sure that the values will make it into kvm. Otherwise the change will simply be lost. When synchronizing qemu and kvm, a normal KVM_PUT_RUNTIME_STATE does not take care of these registers. Let's simply trigger a KVM_PUT_FULL_STATE sync, so the values will directly be written to kvm. The performance overhead can be ignored and this is much cleaner than manually writing these registers to kvm via our two supported ways. Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 6efd2c2a125b4369b8def585b0dac35c849b5eb3 Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Thu Jun 18 16:37:39 2015 +0200 s390x/ipl: Fix boot if no bootindex was specified commit fa92e218df1d ("s390x/ipl: avoid sign extension") introduced a regression: qemu-system-s390x -drive file=image.qcow,format=qcow2 does not boot, the bios states "No virtio-blk device found!" adding bootindex=1 does boot. The reason is that the uint32_t as return value will not do the right thing for the return -1 (default without bootindex). The bios itself, will interpret a 64bit -1 as autodetect (but it will interpret 32bit -1 as ccw device address ff.ff.ffff) Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx # v2.3.0 Tested-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 213941d73baf8ba7ec5381c8402fed7925d613d4 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 25 12:20:08 2015 +0200 virtio-ccw: migrate ->revision We need to migrate the revision field as well. No compatibility concerns as we already introduced migration of ->config_vector in this release. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 0db87e0d1763d3fb4039c2cffb0f3264da88ab30 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Dec 11 14:25:13 2014 +0100 s390x/virtio-ccw: support virtio-1 set_vq format Support the new CCW_CMD_SET_VQ format for virtio-1 devices. While we're at it, refactor the code a bit and enforce big endian fields (which had always been required, even for legacy). Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c42767f2bbd18d4ec895395c01c64bbec16b5b84 Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Thu Dec 11 14:25:12 2014 +0100 s390x/virtio-ccw: add virtio set-revision call Handle the virtio-ccw revision according to what the guest sets. When revision 1 is selected, we have a virtio-1 standard device with byteswapping for the virtio rings. When a channel gets disabled, we have to revert to the legacy behavior in case the next user of the device does not negotiate the revision 1 anymore (e.g. the boot firmware uses revision 1, but the operating system only uses the legacy mode). Note that revisions > 0 are still disabled. [CH: assure memory accesses are always BE] Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 6686ce3f1628f045035d58db8890d20705fd5c34 Merge: d2966f8 764ba3a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 2 10:44:34 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Thu Jul 2 10:10:39 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: block: remove redundant check before g_slist_find() block/nfs: limit maximum readahead size to 1MB block/iscsi: restore compatiblity with libiscsi 1.9.0 iotests: Use event_wait in wait_ready qemu-iotests: Add test case for mirror with unmap qemu-iotests: Make block job methods common block: Remove bdrv_reset_dirty block: Fix dirty bitmap in bdrv_co_discard mirror: Do zero write on target if sectors not allocated qmp: Add optional bool "unmap" to drive-mirror block: Add bdrv_get_block_status_above timer: Use a single definition of NSEC_PER_SEC for the whole codebase timer: Move NANOSECONDS_PER_SECONDS to timer.h blockdev: no need to drain+flush in hmp_drive_del qapi: Rename 'dirty-bitmap' mode to 'incremental' qcow2: Handle EAGAIN returned from update_refcount block/iscsi: add support for request timeouts Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 764ba3ae511adddfa750db290ac8375d660ca5b9 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 29 16:12:13 2015 +0300 block: remove redundant check before g_slist_find() An empty GSList is represented by a NULL pointer, therefore it's a perfectly valid argument for g_slist_find() and there's no need to make any additional check. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1435583533-5758-1-git-send-email-berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 29c838cdc96c4d117f00c75bbcb941e1be9590fb Author: Peter Lieven <pl@xxxxxxx> Date: Fri Jun 26 13:14:01 2015 +0200 block/nfs: limit maximum readahead size to 1MB a malicious caller could otherwise specify a very large value via the URI and force libnfs to allocate a large amount of memory for the readahead buffer. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1435317241-25585-1-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 9049736ec70fdc886ac0df521fdd8b2886b2cb63 Author: Peter Lieven <pl@xxxxxxx> Date: Fri Jun 26 12:18:01 2015 +0200 block/iscsi: restore compatiblity with libiscsi 1.9.0 RHEL7 and others are stuck with libiscsi 1.9.0 since there unfortunately was an ABI breakage after that release. Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1435313881-19366-1-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d7b25297920d18fa2a2cde1ed21fde38a88c935f Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jun 8 13:56:14 2015 +0800 iotests: Use event_wait in wait_ready Only poll the specific type of event we are interested in, to avoid stealing events that should be consumed by someone else. Suggested-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c615091793f53ff33b8f6c1b1ba711cf7c93e97b Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jun 8 13:56:13 2015 +0800 qemu-iotests: Add test case for mirror with unmap This checks that the discard on mirror source that effectively zeroes data is also reflected by the data of target. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 866323f39d5c7bb053f5e5bf753908ad9f5abec7 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jun 8 13:56:12 2015 +0800 qemu-iotests: Make block job methods common Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6e82e4bce127654b2dd42ef393587775be792334 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jun 8 13:56:11 2015 +0800 block: Remove bdrv_reset_dirty Using this function would always be wrong because a dirty bitmap must have a specific owner that consumes the dirty bits and calls bdrv_reset_dirty_bitmap(). Remove the unused function to avoid future misuse. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 508249952c0ea7472c62e17bf8132295dab4912d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jun 8 13:56:10 2015 +0800 block: Fix dirty bitmap in bdrv_co_discard Unsetting dirty globally with discard is not very correct. The discard may zero out sectors (depending on can_write_zeroes_with_unmap), we should replicate this change to destination side to make sure that the guest sees the same data. Calling bdrv_reset_dirty also troubles mirror job because the hbitmap iterator doesn't expect unsetting of bits after current position. So let's do it the opposite way which fixes both problems: set the dirty bits if we are to discard it. Reported-by: wangxiaolong@xxxxxxxxx Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit dcfb3beb5130694b76b57de109619fcbf9c7e5b5 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jun 8 13:56:09 2015 +0800 mirror: Do zero write on target if sectors not allocated If guest discards a source cluster, mirroring with bdrv_aio_readv is overkill. Some protocols do zero upon discard, where it's best to use bdrv_aio_write_zeroes, otherwise, bdrv_aio_discard will be enough. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 0fc9f8ea2800b76eaea20a8a3a91fbeeb4bfa81b Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jun 8 13:56:08 2015 +0800 qmp: Add optional bool "unmap" to drive-mirror If specified as "true", it allows discarding on target sectors where source is not allocated. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit ba3f0e2545c365ebe1dbddb0e53058710d41881e Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jun 8 13:56:07 2015 +0800 block: Add bdrv_get_block_status_above Like bdrv_is_allocated_above, this function follows the backing chain until seeing BDRV_BLOCK_ALLOCATED. Base is not included. Reimplement bdrv_is_allocated on top. [Initialized bdrv_co_get_block_status_above() ret to 0 to silence mingw64 compiler warning about the unitialized variable. assert(bs != base) prevents that case but I suppose the program could be compiled with -DNDEBUG. --Stefan] Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e0cf11f31c24cfb17f44ed46c254d84c78e7f6e9 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Fri Jun 12 16:01:30 2015 +0300 timer: Use a single definition of NSEC_PER_SEC for the whole codebase Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: c6e55468856ba0b8f95913c4da111cc0ef266541.1434113783.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 471fae3c98d4f44b1957eb09d51ace440c585a20 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Fri Jun 12 16:01:29 2015 +0300 timer: Move NANOSECONDS_PER_SECONDS to timer.h We want to be able to reuse this define by making it common to multiple QEMU modules. This also makes it an integer since there's no need for it to be a float. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 6375912849da2ab561046dd013684535ccecca44.1434113783.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 126b8bbdfe8bc4042f13f230a4b36f90646f47c6 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu May 28 16:17:09 2015 +0200 blockdev: no need to drain+flush in hmp_drive_del bdrv_close already does that, and in fact hmp_drive_del would need another drain after the flush (which bdrv_close does). So remove the duplication. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1432822629-25401-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 4b80ab2b7d950d5b22647b364e37eb81c756f061 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Jun 4 20:20:34 2015 -0400 qapi: Rename 'dirty-bitmap' mode to 'incremental' If we wish to make differential backups a feature that's easy to access, it might be pertinent to rename the "dirty-bitmap" mode to "incremental" to make it clear what /type/ of backup the dirty-bitmap is helping us perform. This is an API breaking change, but 2.4 has not yet gone live, so we have this flexibility. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1433463642-21840-2-git-send-email-jsnow@xxxxxxxxxx Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 3e5feb6202149e8a963a33b911216e40d790f1d7 Author: JindÅ?ich MakoviÄ?ka <makovick@xxxxxxxxx> Date: Wed Jun 24 07:05:25 2015 +0200 qcow2: Handle EAGAIN returned from update_refcount Fixes a crash during image compression Signed-off-by: JindÅ?ich MakoviÄ?ka <makovick@xxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5dd7a535b71a0f2f8e7af75c5d694174359ce323 Author: Peter Lieven <pl@xxxxxxx> Date: Tue Jun 16 13:45:07 2015 +0200 block/iscsi: add support for request timeouts libiscsi starting with 1.15 will properly support timeout of iscsi commands. The default will remain no timeout, but this can be changed via cmdline parameters, e.g.: qemu -iscsi timeout=30 -drive file=iscsi://... If a timeout occurs a reconnect is scheduled and the timed out command will be requeued for processing after a successful reconnect. The required API call iscsi_set_timeout is present since libiscsi 1.10 which was released in October 2013. However, due to some bugs in the libiscsi code the use is not recommended before version 1.15. Please note that this patch bumps the libiscsi requirement to 1.10 to have all function and macros defined. The patch fixes also a off-by-one error in the NOP timeout calculation which was fixed while touching these code parts. Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1434455107-19328-1-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit de7ea885c5394c1fba7443cbf33bd2745d32e6c2 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:47:26 2015 +0200 kvm: Switch to unlocked MMIO Do not take the BQL before dispatching MMIO requests of KVM VCPUs. Instead, address_space_rw will do it if necessary. This enables completely BQL-free MMIO handling in KVM mode for upcoming devices with fine-grained locking. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1434646046-27150-10-git-send-email-pbonzini@xxxxxxxxxx> commit 7070e085d490c396f9237c8f10bf8b6e69cd0066 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:47:25 2015 +0200 acpi: mark PMTIMER as unlocked Accessing QEMU_CLOCK_VIRTUAL is thread-safe. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1434646046-27150-9-git-send-email-pbonzini@xxxxxxxxxx> commit 80b7d2efb63c225797345c152cdd3392b9fe7b72 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Thu Jun 18 18:47:24 2015 +0200 kvm: Switch to unlocked PIO Do not take the BQL before dispatching PIO requests of KVM VCPUs. Instead, address_space_rw will do it if necessary. This enables completely BQL-free PIO handling in KVM mode for upcoming devices with fine-grained locking. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1434646046-27150-8-git-send-email-pbonzini@xxxxxxxxxx> commit 4b8523ee896750c37b4fa224a40d34703cbdf4c6 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Thu Jun 18 18:47:23 2015 +0200 kvm: First step to push iothread lock out of inner run loop This opens the path to get rid of the iothread lock on vmexits in KVM mode. On x86, the in-kernel irqchips has to be used because we otherwise need to synchronize APIC and other per-cpu state accesses that could be changed concurrently. Regarding pre/post-run callbacks, s390x and ARM should be fine without specific locking as the callbacks are empty. MIPS and POWER require locking for the pre-run callback. For the handle_exit callback, it is non-empty in x86, POWER and s390. Some POWER cases could do without the locking, but it is left in place for now. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1434646046-27150-7-git-send-email-pbonzini@xxxxxxxxxx> commit 4840f10eff37eebc609fcc933ab985dc66df95c6 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Thu Jun 18 18:47:22 2015 +0200 memory: let address_space_rw/ld*/st* run outside the BQL The MMIO case is further broken up in two cases: if the caller does not hold the BQL on invocation, the unlocked one takes or avoids BQL depending on the locking strategy of the target memory region and its coalesced MMIO handling. In this case, the caller should not hold _any_ lock (a friendly suggestion which is disregarded by virtio-scsi-dataplane). Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Cc: Frederic Konrad <fred.konrad@xxxxxxxxxxxxx> Message-Id: <1434646046-27150-6-git-send-email-pbonzini@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 125b3806668106667dd2ae049593852859e12b63 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:47:21 2015 +0200 exec: pull qemu_flush_coalesced_mmio_buffer() into address_space_rw/ld*/st* As memory_region_read/write_accessor will now be run also without BQL held, we need to move coalesced MMIO flushing earlier in the dispatch process. Cc: Frederic Konrad <fred.konrad@xxxxxxxxxxxxx> Message-Id: <1434646046-27150-5-git-send-email-pbonzini@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 196ea13104f802c508e57180b2a0d2b3418989a3 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Thu Jun 18 18:47:20 2015 +0200 memory: Add global-locking property to memory regions This introduces the memory region property "global_locking". It is true by default. By setting it to false, a device model can request BQL-free dispatching of region accesses to its r/w handlers. The actual BQL break-up will be provided in a separate patch. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Cc: Frederic Konrad <fred.konrad@xxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1434646046-27150-4-git-send-email-pbonzini@xxxxxxxxxx> commit afbe70535ff1a8a7a32910cc15ebecc0ba92e7da Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:47:19 2015 +0200 main-loop: introduce qemu_mutex_iothread_locked This function will be used to avoid recursive locking of the iothread lock whenever address_space_rw/ld*/st* are called with the BQL held, which is almost always the case. Tracking whether the iothread is owned is very cheap (just use a TLS variable) but requires some care because now the lock must always be taken with qemu_mutex_lock_iothread(). Previously this wasn't the case. Outside TCG mode this is not a problem. In TCG mode, we need to be careful and avoid the "prod out of compiled code" step if already in a VCPU thread. This is easily done with a check on current_cpu, i.e. qemu_in_vcpu_thread(). Hopefully, multithreaded TCG will get rid of the whole logic to kick VCPUs whenever an I/O event occurs! Cc: Frederic Konrad <fred.konrad@xxxxxxxxxxxxx> Message-Id: <1434646046-27150-3-git-send-email-pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2e7f7a3c86f884a77296a137b7c730a4d580c5c9 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:47:18 2015 +0200 main-loop: use qemu_mutex_lock_iothread consistently The next patch will require the BQL to be always taken with qemu_mutex_lock_iothread(), while right now this isn't the case. Outside TCG mode this is not a problem. In TCG mode, we need to be careful and avoid the "prod out of compiled code" step if already in a VCPU thread. This is easily done with a check on current_cpu, i.e. qemu_in_vcpu_thread(). Hopefully, multithreaded TCG will get rid of the whole logic to kick VCPUs whenever an I/O event occurs! Cc: Frederic Konrad <fred.konrad@xxxxxxxxxxxxx> Message-Id: <1434646046-27150-2-git-send-email-pbonzini@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bdf026317daa3b9dfa281f29e96fbb6fd48394c8 Author: 马æ??é?? <kevinnma@xxxxxxxxxxx> Date: Wed Jul 1 15:41:41 2015 +0200 Fix irq route entries exceeding KVM_MAX_IRQ_ROUTES Last month, we experienced several guests crash(6cores-8cores), qemu logs display the following messages: qemu-system-x86_64: /build/qemu-2.1.2/kvm-all.c:976: kvm_irqchip_commit_routes: Assertion `ret == 0' failed. After analysis and verification, we can confirm it's irq-balance daemon(in guest) leads to the assertion failure. Start a 8 core guest with two disks, execute the following scripts will reproduce the BUG quickly: irq_affinity.sh ======================================================================== vda_irq_num=25 vdb_irq_num=27 while [ 1 ] do for irq in {1,2,4,8,10,20,40,80} do echo $irq > /proc/irq/$vda_irq_num/smp_affinity echo $irq > /proc/irq/$vdb_irq_num/smp_affinity dd if=/dev/vda of=/dev/zero bs=4K count=100 iflag=direct dd if=/dev/vdb of=/dev/zero bs=4K count=100 iflag=direct done done ======================================================================== QEMU setup static irq route entries in kvm_pc_setup_irq_routing(), PIC and IOAPIC share the first 15 GSI numbers, take up 23 GSI numbers, but take up 38 irq route entries. When change irq smp_affinity in guest, a dynamic route entry may be setup, the current logic is: if allocate GSI number succeeds, a new route entry can be added. The available dynamic GSI numbers is 1021(KVM_MAX_IRQ_ROUTES-23), but available irq route entries is only 986(KVM_MAX_IRQ_ROUTES-38), GSI numbers greater than route entries. irq-balance's behavior will eventually leads to total irq route entries exceed KVM_MAX_IRQ_ROUTES, ioctl(KVM_SET_GSI_ROUTING) fail and kvm_irqchip_commit_routes() trigger assertion failure. This patch fix the BUG. Signed-off-by: Wenshuang Ma <kevinnma@xxxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 62ac4a52e27c706c860403fd1d8535a9a1073a19 Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Thu Dec 11 14:25:11 2014 +0100 s390x/css: Add a callback for when subchannel gets disabled We need a possibility to run code when a subchannel gets disabled. This patch adds the necessary infrastructure. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 6e7cd94462d65405037c993fc4401d6fceed6660 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 25 13:48:58 2015 +0200 s390-ccw.img: update Update for "s390-ccw.img: Consume service interrupts". Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit bdc7fe3638fa7693eed5886b5b2afe0858d875fc Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Fri Jun 19 15:40:45 2015 +0200 s390-ccw.img: Consume service interrupts We have to consume the outstanding service interrupt after each service call, otherwise a correct implementation will return CC=2 on subsequent service calls. Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit ec7353a146bb39c3bb3e5ccc50ca585aed97b7cf Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Wed Jun 24 10:57:23 2015 +0200 css: mss/mcss-e vs. migration Our main channel_subsys structure is not a device (yet), but we need to setup mss/mcss-e again if the guest had enabled it before. Use a hack that should catch most configurations (assuming that the guest will have enabled at least one device in higher subchannel sets or channel subsystems if it enabled the functionality.) Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit fa8b0ca5d1b69975b715a259d3586cadf7a5280f Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Jun 23 15:46:31 2015 +0200 virtio-ccw: complete handling of guest-initiated resets For a guest-initiated reset, we need to not only reset the virtio device, but also reset the VirtioCcwDevice into a clean state. This includes resetting the indicators, or else a guest will not be able to e.g. switch from classic interrupts to adapter interrupts. Split off this routine into a new function virtio_ccw_reset_virtio() to make the distinction between resetting the virtio-related devices and the base subchannel device clear. CC: qemu-stable@xxxxxxxxxx Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit d2966f804d70a244f5dde395fc5d22a50ed3e74e Merge: 2b464e1 a435612 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 29 17:03:20 2015 +0100 Merge remote-tracking branch 'remotes/vivier/tags/pull-m68k-20150629' into staging Trivial m68k cleanup # gpg: Signature made Mon Jun 29 16:38:40 2015 BST using DSA key ID ABF36C53 # gpg: Good signature from "Laurent Vivier <laurent@xxxxxxxxx>" # gpg: aka "Laurent Vivier <Laurent@xxxxxxxxx>" # gpg: aka "Laurent Vivier <Laurent@xxxxxxxxxxxx>" # gpg: aka "Laurent Vivier (Red Hat) <lvivier@xxxxxxxxxx>" # gpg: aka "[jpeg image of size 3881]" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 9EC7 B78A C0AC E697 5E4B BDE3 34A4 F6C9 ABF3 6C53 * remotes/vivier/tags/pull-m68k-20150629: m68k: remove useless parameter op_size from gen_lea_indexed() m68k: remove useless file m68k-qreg.h m68k: is_mem is useless Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a435612616202c837d62626dbe3e33a4e9a95772 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Wed Jun 24 02:51:49 2015 +0200 m68k: remove useless parameter op_size from gen_lea_indexed() Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <huth@xxxxxxxxxxxxx> commit bb337ac978b6def085eabf17830d5cc2a1bce6a8 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Wed Jun 24 02:07:24 2015 +0200 m68k: remove useless file m68k-qreg.h Unused since: commit e1f3808e03f73e7a7fa966afbed2455dd052202e Author: pbrook <pbrook@c046a42c-6fe2-441c-8c8c-71466251a162> Date: Sat May 24 22:29:16 2008 +0000 Convert m68k target to TCG. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <huth@xxxxxxxxxxxxx> commit 805167adcb900fa7b2b114d639c418f5313d0b42 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Wed Jun 24 01:00:22 2015 +0200 m68k: is_mem is useless Remove is_mem as it is never tested anymore since: commit bfa50bc2638d877cf2900712b7503be22e8811cb Author: aliguori <aliguori@c046a42c-6fe2-441c-8c8c-71466251a162> Date: Tue Nov 18 20:26:41 2008 +0000 Remove premature memop TB terminations (Jan Kiszka) Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <huth@xxxxxxxxxxxxx> commit 2b464e13f0d30e6c0b8f69ec908fceab30aea986 Merge: dc1e135 5f37fd8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 29 13:26:43 2015 +0100 Merge remote-tracking branch 'remotes/bkoppelmann/tags/pull-tricore-20150629' into staging TriCore bugfixes # gpg: Signature made Mon Jun 29 13:08:17 2015 BST using RSA key ID 6B69CA14 # gpg: Good signature from "Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx>" * remotes/bkoppelmann/tags/pull-tricore-20150629: target-tricore: fix depositing bits from PCXI into ICR Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5f37fd8e2980818ab71bc4b4e21129e29acd73f7 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jun 24 14:01:10 2015 +0200 target-tricore: fix depositing bits from PCXI into ICR Spotted by Coverity, because (env->PCXI & MASK_PCXI_PCPN) >> 24 is always zero. The immediately preceding assignment is also wrong though. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Message-Id: <1435147270-1040-1-git-send-email-pbonzini@xxxxxxxxxx> commit dc1e1350f8061021df765b396295329797d66933 Merge: d14b9d7 d46f7c9 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 26 15:57:43 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio, pci fixes, enhancements Almost exclusively bugfixes, though in this case, we are adding functionality to the pxb in order to make OVMF work on it. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Fri Jun 26 14:43:27 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: Fix glib_subprocess test hw/pci-bridge: format special OFW unit address for PXB host hw/core: explicit OFW unit address callback for SysBusDeviceClass hw/pci-bridge: disable SHPC in PXB hw/pci-bridge: introduce "shpc" property hw/pci: introduce shpc_present() helper function hw/pci-bridge: add macro for "msi" property hw/pci-bridge: add macro for "chassis_nr" property hw/pci-bridge: expose _test parameter in SHPC_VMSTATE() migration: introduce VMSTATE_BUFFER_UNSAFE_INFO_TEST() add pci-bridge-seat pc: cleanup and convert TMP ACPI device description to AML API MAINTAINERS: add ACPI entry vhost: correctly pass error to caller in vhost_dev_enable_notifiers() balloon: add a feature bit to let Guest OS deflate balloon on oom qdev: fix OVERFLOW_BEFORE_WIDEN virito-pci: fix OVERRUN problem Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 41da4bd6420afd1209c408974920f63ff9c658e1 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat May 30 23:11:46 2015 -0700 cpu-defs: Move out TB_JMP defines These are not Architecture specific in any way so move them out of cpu-defs.h. tb-hash.h is an appropriate place as a leading user and their strong relationship to TB hashing and caching. Reviewed-by: Richard Henderson <rth@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <43ceca65a3fa240efac49aa0bf604ad0442e1710.1433052532.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e1b89321bafea9fb33d87852fc91fee579d17dfe Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat May 30 23:11:45 2015 -0700 include/exec: Move tb hash functions out This is one of very few things in exec-all with a genuine CPU architecture dependency. Move these hashing helpers to a new header to trim exec-all.h down to a near architecture-agnostic header. The defs are only used by cpu-exec and translate-all which are both arch-obj's so the new tb-hash.h has no core code usage. Reviewed-by: Richard Henderson <rth@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <9d048b96f7cfa64a4d9c0b88e0dd2877fac51d41.1433052532.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9e0dc48c9f05505b53cb28f860456a0648e56ddf Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat May 30 23:11:42 2015 -0700 include/exec: Move standard exceptions to cpu-all.h These exception indicies are generic and don't have any reliance on the per-arch cpu.h defs. Move them to cpu-all.h so they can be used by core code that does not have access to cpu-defs.h. Reviewed-by: Richard Henderson <rth@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <dbebd3062c7cd4332240891a3564e73f374ddfcd.1433052532.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6e0b07306d1793e8402dd218d2e38a7377b5fc27 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat May 30 23:11:34 2015 -0700 cpu-defs: Move CPU_TEMP_BUF_NLONGS to tcg The usages of this define are pure TCG and there is no architecture specific variation of the value. Localise it to the TCG engine to remove another architecture agnostic piece from cpu-defs.h. This follows on from a28177820a868eafda8fab007561cc19f41941f4 where temp_buf was moved out of the CPU_COMMON obsoleting the need for the super early definition. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <498e8e5325c1a1aff79e5bcfc28cb760ef6b214e.1433052532.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 94beb661bd90bcb477eed6d3b07aced988c40163 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Jun 7 14:59:09 2015 -0700 memory_mapping: Rework cpu related includes This makes it more consistent with all other core code files, which either just rely on qemu-common.h inclusion or precede cpu.h with qemu-common.h. cpu-all.h should not be included in addition to cpu.h. Remove it. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <1433714349-7262-1-git-send-email-crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 27e7755bea57c66097000f7612271ceefcbeb4a4 Author: Artyom Tarasenko <atar4qemu@xxxxxxxxx> Date: Tue Jun 23 14:30:18 2015 +0200 cutils: allow compilation with icc Use VEC_OR macro for operations on VECTYPE operands Signed-off-by: Artyom Tarasenko <atar4qemu@xxxxxxxxx> Message-Id: <3f62d7a3a265f7dd99e50d016a0333a99a4a082a.1435062067.git.atar4qemu@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 34664507c7f038842f20a2c787915680b1fabba2 Author: Artyom Tarasenko <atar4qemu@xxxxxxxxx> Date: Tue Jun 23 14:30:17 2015 +0200 qemu-common: add VEC_OR macro Intel C Compiler version 15.0.3.187 Build 20150407 doesn't support '|' function for non floating-point simd operands. Define VEC_OR macro which uses _mm_or_si128 supported both in icc and gcc on x86 platform. Signed-off-by: Artyom Tarasenko <atar4qemu@xxxxxxxxx> Message-Id: <54c804cdb3b3a93e93ef98f085dc57c4092580b7.1435062067.git.atar4qemu@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d14b9d79be8a424ebc66450d565b81eff2296d55 Merge: ccb0c7e 4e2c0b2 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 26 14:40:47 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150626' into staging target-arm queue: * Change the virt board's default interface type for block devices to virtio * Improve some error messages that will now be triggered by some incorrect but previously worked-by-accident command lines * Print ELR if we're doing debug logging of AArch64 exception entry * Handle the "completely empty semihosting commandline" correctly for softmmu (we already did for linux-user) * Add GICv2m description to ACPI tables for virt board * Fix some incorrect table revision entries in virt board ACPI tables # gpg: Signature made Fri Jun 26 14:29:39 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150626: hw/arm/virt: Make block devices default to virtio qdev-properties-system: Improve error message for drive assignment conflict qdev-properties-system: Change set_pointer's parse callback to use Error target-arm: A64: Print ELR when taking exceptions target-arm: default empty semihosting cmdline hw/arm/virt-acpi-build: Add GICv2m description in ACPI MADT table hw/arm/virt-acpi-build: Fix table revision and some comments Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4e2c0b2a4ab810c8989e181a010e75aeaa1c55f3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 26 14:22:37 2015 +0100 hw/arm/virt: Make block devices default to virtio Now we have virtio-pci, we can make the virt board's default block device type be IF_VIRTIO. This allows users to use simplified command lines that don't have to explicitly create virtio-pci-blk devices; the -hda &c very short options now also work. This means we also need to set no_cdrom to avoid getting a default cdrom device -- this is needed because the virtio-blk device will fail if it is connected to a block backend with no media, which is what the default cdrom device typically is. Providing a cdrom with media via -cdrom will succeed, but silently create a device with non-removable medium. this is probably not really what the user wants, but is the best we can do now. Note that this change means that some command lines which used to work (by accident) will stop working. Where a drive was connected manually to a device but without 'if=none' being specified, we used to treat this as an IDE drive, which we would then not autoplug because the board doesn't support IDE. Now we will treat it as a virtio disk and autoplug it, which means the attempt to use the drive manually will fail: qemu-system-arm: -drive file=img.qcow2,id=foo: Drive 'foo' is already in use because it has been automatically connected to another device (did you need 'if=none' in the drive options?) The command line will have to be changed to include 'if=none', as the error message suggests. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435068107-12594-4-git-send-email-peter.maydell@xxxxxxxxxx commit 62f7dbde4c75e48921fd1b773865250130c57bd8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 26 14:22:36 2015 +0100 qdev-properties-system: Improve error message for drive assignment conflict If the user forgot if=none on their drive specification they're likely to get an error message because the drive is assigned once automatically by QEMU and once by the manual id=/drive= user command line specification. Improve the error message produced in this case to explicitly guide the user towards if=none. We rephrase the "drive conflict but not for an if=something" error as well to keep the wording in line. The two cases that change are: (1) Drive specified as to be auto-connected and also manually connected (and the board does handle this if= type): qemu-system-x86_64 -nodefaults -display none \ -drive if=scsi,file=tmp.qcow2,id=foo -device ide-hd,drive=foo Previously: qemu-system-x86_64: -device ide-hd,drive=foo: Property 'ide-hd.drive' can't take value 'foo', it's in use Now: qemu-system-x86_64: -device ide-hd,drive=foo: Drive 'foo' is already in use because it has been automatically connected to another device (did you need 'if=none' in the drive options?) (2) Drive specified to be manually connected in two different ways: qemu-system-x86_64 -nodefaults -display none \ -drive if=none,file=tmp.qcow2,id=foo -device ide-hd,drive=foo \ -device ide-hd,drive=foo Previously: qemu-system-x86_64: -device ide-hd,drive=foo: Property 'ide-hd.drive' can't take value 'foo', it's in use Now: qemu-system-x86_64: -device ide-hd,drive=foo: Drive 'foo' is already in use by another device Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435068107-12594-3-git-send-email-peter.maydell@xxxxxxxxxx commit f1fb9f0dc087c02b230be4cc96c5c76521f188fa Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 26 14:22:36 2015 +0100 qdev-properties-system: Change set_pointer's parse callback to use Error Instead of having set_pointer() call a parse callback which returns an error number that we then convert to an Error string with error_set_from_qdev_prop_error(), make the parse callback take an Error** and set the error itself. This will allow parse routines to provide more helpful error messages than the generic ones. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435068107-12594-2-git-send-email-peter.maydell@xxxxxxxxxx commit b21ab1fc217b4a2b8f2f85d16bdd8510a7817a34 Author: Soren Brinkmann <soren.brinkmann@xxxxxxxxxx> Date: Fri Jun 26 14:22:36 2015 +0100 target-arm: A64: Print ELR when taking exceptions When taking an exception print the content of the exception link register. This is useful especially for synchronous exceptions because in that case this registers holds the address of the instruction that generated the exception. Signed-off-by: Soren Brinkmann <soren.brinkmann@xxxxxxxxxx> Message-id: 1435036655-16132-1-git-send-email-soren.brinkmann@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f3c2bda216a00676e40301b5843ac3d6c3b2537a Author: Liviu Ionescu <ilg@xxxxxxxxxx> Date: Fri Jun 26 14:22:36 2015 +0100 target-arm: default empty semihosting cmdline If neither explicit semihosting args nor -kernel are used, make SYS_GET_CMDLINE return an empty string. Signed-off-by: Liviu Ionescu <ilg@xxxxxxxxxx> Message-id: AC7B5AFC-06AE-4FAD-9852-B65708E80E09@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ca7937365305d144cf0c97b907dac6f70ea152ef Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri Jun 26 14:22:36 2015 +0100 hw/arm/virt-acpi-build: Add GICv2m description in ACPI MADT table Add GICv2m description in ACPI MADT table, so guest can use MSI when booting with ACPI. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Andrew Jones <drjones@xxxxxxxxxx> Tested-by: Andrew Jones <drjones@xxxxxxxxxx> Message-id: 1434676210-2276-1-git-send-email-shannon.zhao@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d0652b5765859049c96a13372bbe075be44e756b Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri Jun 26 14:22:36 2015 +0100 hw/arm/virt-acpi-build: Fix table revision and some comments The table revision is not the ACPI spec version. Fix the wrong revision and also some comments. Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1433820378-8336-1-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ccb0c7e122db72d3a5da798c6414d4912bba828f Merge: 0a4a031 4b3bcd0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 26 11:32:58 2015 +0100 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150626' into staging MIPS patches 2015-06-26 Changes: * MIPS UHI semihosting support * microMIPS32 R6 support # gpg: Signature made Fri Jun 26 10:42:33 2015 BST using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 8DD3 2F98 5495 9D66 35D4 4FC0 5211 8E3C 0B29 DA6B * remotes/lalrae/tags/mips-20150626: target-mips: add mips32r6-generic CPU definition target-mips: microMIPS32 R6 POOL16{A, C} instructions target-mips: microMIPS32 R6 Major instructions target-mips: microMIPS32 R6 POOL32{I, C} instructions target-mips: microMIPS32 R6 POOL32F instructions target-mips: microMIPS32 R6 POOL32A{XF} instructions target-mips: microMIPS32 R6 branches and jumps target-mips: add microMIPS32 R6 opcode enum target-mips: signal RI for removed instructions in microMIPS R6 target-mips: raise RI exceptions when FIR.PS = 0 target-mips: rearrange gen_compute_compact_branch target-mips: refactor {D}LSA, {D}ALIGN, {D}BITSWAP target-mips: remove an unused argument target-mips: add microMIPS TLBINV, TLBINVF target-mips: fix {RD, WR}PGPR in microMIPS target-mips: convert host to MIPS errno values when required target-mips: add Unified Hosting Interface (UHI) support target-mips: remove identical code in different branch hw/mips: Do not clear BEV for MIPS malta kernel load include/softmmu-semi.h: Make semihosting support 64-bit clean Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4b3bcd016d83cc75f6a495c1db54b6c77f037adc Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:27 2015 +0100 target-mips: add mips32r6-generic CPU definition Define a new CPU definition supporting MIPS32 Release 6 ISA and microMIPS32 Release 6 ISA. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit ed7ce6c0f9d4370826557ce33d652beb88ccb3e6 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:26 2015 +0100 target-mips: microMIPS32 R6 POOL16{A, C} instructions microMIPS32 Release 6 POOL16A/ POOL16C instructions Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit ab39ee452d74855adec91056812b8e1e5166302c Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:25 2015 +0100 target-mips: microMIPS32 R6 Major instructions Add new microMIPS32 Release 6 Major opcode instructions Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 3b4a5489447e7ed17cc504572cf729833853e7ab Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:24 2015 +0100 target-mips: microMIPS32 R6 POOL32{I, C} instructions Add new microMIPS32 Release 6 POOL32I/POOL32C type instructions Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 2a24a7badeb6ad3ba72e7984f299623035d564d6 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:23 2015 +0100 target-mips: microMIPS32 R6 POOL32F instructions Add new microMIPS32 Release 6 POOL32F instructions Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit e03320958305a68f2bc6a32c87d7ed48303438f9 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:22 2015 +0100 target-mips: microMIPS32 R6 POOL32A{XF} instructions Add new microMIPS32 Release 6 pool32a/pool32axf instructions. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 65935f070aa710cf340e96ae7ee36d2c1d5c8d15 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:21 2015 +0100 target-mips: microMIPS32 R6 branches and jumps Add new microMIPS32 Release 6 branch and jump instructions. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 3a1f426828cd8ffeec1a4fa8ca6ca3ed4f800edb Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:20 2015 +0100 target-mips: add microMIPS32 R6 opcode enum Add microMIPS32 Release 6 opcode enum. Remove RI checking for pre-R6 reserved opcode. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 9e8f441a7e094c0dc33a1c8f521d9e5bcfc1b4da Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:19 2015 +0100 target-mips: signal RI for removed instructions in microMIPS R6 Signal a Reserved Instruction exception for removed instruction encoding in microMIPS Release 6. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit e29c962804c4dd3fabd44e703aa87eec555ed910 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:18 2015 +0100 target-mips: raise RI exceptions when FIR.PS = 0 64-bit paired-single (PS) floating point data type is optional in the pre-Release 6. It has to raise RI exception when PS type is not implemented. (FIR.PS = 0) (The PS data type is removed in the Release 6.) Loongson-2E and Loongson-2F don't have any implementation field in FCSR0(FIR) but do support PS data format, therefore for these cores RI will not be signalled regardless of PS bit. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 6893f07466b045c5faf314ab9e57ef3b4a6f9e49 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:17 2015 +0100 target-mips: rearrange gen_compute_compact_branch The function will be also used for microMIPS Release 6. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 1f1b4c008e250f870719ed38fbd0bcc14322fc01 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:16 2015 +0100 target-mips: refactor {D}LSA, {D}ALIGN, {D}BITSWAP Refactor those instructions in order to reuse them for microMIPS32 Release 6. Rearrange gen_move_low32(). Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit f60eeb0c5ddd8ceb8ca6b3ba032159027afab67a Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:15 2015 +0100 target-mips: remove an unused argument Remove an unused argument from decode_micromips32_opc() Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit e60ec06357470db5a0f25901ca19b6237e6da927 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:14 2015 +0100 target-mips: add microMIPS TLBINV, TLBINVF Add microMIPS TLBINV, TLBINVF Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 1bf5902de03732d4067c4e90171a1741d6542c45 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:13 2015 +0100 target-mips: fix {RD, WR}PGPR in microMIPS rt, rs were swapped Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 2c44b19c199f4ce2f1721120744d3d6e5d01d274 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Fri Jun 19 11:08:44 2015 +0100 target-mips: convert host to MIPS errno values when required Convert only errno values which can be returned by system calls in mips-semi.c and are not generic to all archs. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 3b3c1694cfd394b73de426edebdbf90c28f664fd Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Fri Jun 19 11:08:43 2015 +0100 target-mips: add Unified Hosting Interface (UHI) support Add UHI semihosting support for MIPS. QEMU run with "-semihosting" option will alter the behaviour of SDBBP 1 instruction -- UHI operation will be called instead of generating a debug exception. Also tweak Malta's pseudo-bootloader. On CPU reset the $4 register is set to -1 if semihosting arguments are passed to indicate that the UHI operations should be used to obtain input arguments. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit ff334767728011218c62f7476232d260cb5b28e6 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Fri Jun 19 11:08:42 2015 +0100 target-mips: remove identical code in different branch Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit d6ca4277eee98b3c561e21ac105199891d346d79 Author: Matthew Fortune <matthew.fortune@xxxxxxxxxx> Date: Fri Jun 19 11:08:41 2015 +0100 hw/mips: Do not clear BEV for MIPS malta kernel load The BEV flag controls whether the boot exception vector is still in place when starting a kernel. When cleared the exception vector at EBASE (or hard coded address of 0x80000000) is used instead. The early stages of the linux kernel would benefit from BEV still being set to ensure any faults get handled by the boot rom exception handlers. This is a moot point for system qemu as there aren't really any BEV handlers, but there are other good reasons to change this... The UHI (semi-hosting interface) defines special behaviours depending on whether an application starts in an environment with BEV set or cleared. When BEV is set then UHI assumes that a bootloader is relatively dumb and has no advanced exception handling logic. However, when BEV is cleared then UHI assumes that the bootloader has the ability to handle UHI exceptions with its exception handlers and will unwind and forward UHI SYSCALL exceptions to the exception vector that was installed prior to running the application. Signed-off-by: Matthew Fortune <matthew.fortune@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 9f6f7ca1490563d98003149e6de32caf25c670da Author: Maciej W. Rozycki <macro@xxxxxxxxxxxxxxxx> Date: Fri Jun 19 11:08:40 2015 +0100 include/softmmu-semi.h: Make semihosting support 64-bit clean Correct addresses passed around in semihosting to use a data type suitable for both 32-bit and 64-bit targets. Signed-off-by: Maciej W. Rozycki <macro@xxxxxxxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 0a4a0312bf8b029cbd32a97db2cad669cf65ac49 Merge: 58e8b33 1e81aba Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 25 14:03:55 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Wed Jun 24 16:37:23 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: net: simplify net_client_init1() net: drop if expression that is always true net: raise an error if -net type is invalid net: replace net_client_init1() netdev whitelist with blacklist net: add missing "netmap" to host_net_devices[] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 58e8b33518fd2bb6dce0ba7b6347c3df85aea3c6 Merge: 355df30 1204854 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 25 11:19:46 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Wed Jun 24 16:27:53 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: virito-blk: drop duplicate check qemu-iotests: fix 051.out after qdev error message change iov: don't touch iov in iov_send_recv() raw-posix: Introduce hdev_is_sg() raw-posix: Use DPRINTF for DEBUG_FLOPPY raw-posix: DPRINTF instead of DEBUG_BLOCK_PRINT Fix migration in case of scsi-generic block: Use bdrv_is_sg() everywhere nvme: Fix memleak in nvme_dma_read_prp vvfat: add a label option util/hbitmap: Add an API to reset all set bits in hbitmap virtio-blk: Use blk_drain() to drain IO requests block-backend: Introduce blk_drain() throttle: Check current timers before updating any_timer_armed[] block: Let bdrv_drain_all() to call aio_poll() for each AioContext Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1e81aba5ac0b908ab859bf8ddf43ece33732d49c Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed May 27 17:16:52 2015 +0100 net: simplify net_client_init1() Drop the union and move the hubport creation into the !is_netdev case. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Message-id: 1432743412-15943-6-git-send-email-stefanha@xxxxxxxxxx commit 4ef0defbad9bc8b195f3392d1b7dcb42cd7ebe11 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed May 27 17:16:51 2015 +0100 net: drop if expression that is always true Both is_netdev and !is_netdev paths already check that net_client_init_func[opts->kind] is non-NULL so there is no need for the if statement. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Message-id: 1432743412-15943-5-git-send-email-stefanha@xxxxxxxxxx commit d139e9a6cf01b8c31f5904b4ba40521d7224f7de Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed May 27 17:16:50 2015 +0100 net: raise an error if -net type is invalid When a -net type is used that was not compiled into the binary there should be an error message. Note the special case for -net none, which is a no-op. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Message-id: 1432743412-15943-4-git-send-email-stefanha@xxxxxxxxxx commit 1322629b4f25730aed973d51983e7a3b021fe9c9 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed May 27 17:16:49 2015 +0100 net: replace net_client_init1() netdev whitelist with blacklist It's cumbersome to keep the whitelist up-to-date. New netdev backends should most likely be allowed so a blacklist makes more sense than a whitelist. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Message-id: 1432743412-15943-3-git-send-email-stefanha@xxxxxxxxxx commit 027a247bbf703e94258d07e38948946d7b85e91c Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed May 27 17:16:48 2015 +0100 net: add missing "netmap" to host_net_devices[] Although hmp-commands.hx lists "netmap" as a valid host_net_add type, the command rejects it because it's missing from the list. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1432743412-15943-2-git-send-email-stefanha@xxxxxxxxxx commit 12048545019cd1d64c8147ea9277648e685fa489 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed Jun 24 17:29:24 2015 +0800 virito-blk: drop duplicate check in_num = req->elem.in_num, and req->elem.in_num is checked in line 489, so the check about in_num variable is superflous, let's drop it. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1435138164-11728-1-git-send-email-arei.gonglei@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a30c4eb2ce7b2c15ab556be3cfe2340c17271ddd Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Jun 23 15:56:09 2015 +0100 qemu-iotests: fix 051.out after qdev error message change Commit f006cf7fa9a63ba8e4ccf57d46231ce594301727 ("qdev-monitor: Propagate errors through qdev_device_add()") dropped a meaningless error message. This change in output caused qemu-iotests 051 to fail: QEMU_PROG: -device ide-drive,drive=disk: Device initialization failed. -QEMU_PROG: -device ide-drive,drive=disk: Device 'ide-drive' could not be initialized Update 051.out so the test passes again. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1435071369-30936-1-git-send-email-stefanha@xxxxxxxxxx commit d46f7c9e648d8098ac73b36834ac81237b8c2c2d Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Jun 24 10:45:42 2015 +0100 Fix glib_subprocess test A typo means that the tests dependent on glib with subprocess support are never run. Fixes: 9d41401b90fa10b335d2e739149d36437cfbf622 Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 48ea3dedc54dbcb3c738ddef02a336739910ecfd Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:17 2015 +0200 hw/pci-bridge: format special OFW unit address for PXB host We have agreed that OpenFirmware device paths in the "bootorder" fw_cfg file should follow the pattern /pci@i0cf8,%x/... for devices that live behind an extra root bus. The extra root bus in question is the %x'th among the extra root buses. (In other words, %x gives the position of the affected extra root bus relative to the other extra root buses, in bus_nr order.) %x starts at 1, and is formatted in hex. The portion of the unit address that comes before the comma is dynamically taken from the main host bridge, similarly to sysbus_get_fw_dev_path(). Cc: Kevin O'Connor <kevin@xxxxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 0b336b3b98d8983d821ef9b0f159acc7c77cbac7 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:16 2015 +0200 hw/core: explicit OFW unit address callback for SysBusDeviceClass The sysbus_get_fw_dev_path() function formats OpenFirmware device path nodes ("driver-name@unit-address") for sysbus devices. The first choice for "unit-address" is the base address of the device's first MMIO region. The second choice is its first IO port. However, if two sysbus devices with the same "driver-name" lack both MMIO and PIO resources, then there is no good way to distinguish them based on their OFW nodes, because in this case unit-address is omitted completely for both devices. An example is TYPE_PXB_HOST ("pxb-host"). For the sake of such devices, introduce the explicit_ofw_unit_address() "virtual member function". With this function, each sysbus device in the same SysBusDeviceClass can state its own address. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d10dda2d60c8c225a89a53d53add799b69f6bb46 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:14 2015 +0200 hw/pci-bridge: disable SHPC in PXB OVMF downloads the ACPI linker/loader script from QEMU when the edk2 PCI Bus driver globally signals the firmware that PCI enumeration and resource allocation have completed. At this point QEMU regenerates the ACPI payload in an fw_cfg read callback, and this is when the PXB's _CRS gets populated. Unfortunately, when this happens, the PCI_COMMAND_MEMORY bit is clear in the root bus's command register, *unlike* under SeaBIOS. The consequences unfold as follows: - When build_crs() fetches dev->io_regions[i].addr, it is all-bits-one, because pci_update_mappings() --> pci_bar_address() calculated it as PCI_BAR_UNMAPPED, due to the PCI_COMMAND_MEMORY bit being clear. - Consequently, the SHPC MMIO BAR (bar 0) of the bridge is not added to the _CRS, *despite* having been programmed in PCI config space. - Similarly, the SHPC MMIO BAR of the PXB is not removed from the main root bus's DWordMemory descriptor. - Guest OSes (Linux and Windows alike) notice the pre-programmed SHPC BAR within the PXB's config space, and notice that it conflicts with the main root bus's memory resource descriptors. Linux reports pci 0000:04:00.0: BAR 0: can't assign mem (size 0x100) pci 0000:04:00.0: BAR 0: trying firmware assignment [mem 0x88200000-0x882000ff 64bit] pci 0000:04:00.0: BAR 0: [mem 0x88200000-0x882000ff 64bit] conflicts with PCI Bus 0000:00 [mem 0x88200000-0xfebfffff] While Windows Server 2012 R2 reports https://technet.microsoft.com/en-us/library/cc732199%28v=ws.10%29.aspx This device cannot find enough free resources that it can use. If you want to use this device, you will need to disable one of the other devices on this system. (Code 12) This issue was apparently encountered earlier, see the "hack" in: https://lists.nongnu.org/archive/html/qemu-devel/2015-01/msg02983.html and the current hole-punching logic in build_crs() and build_ssdt() is probably supposed to remedy exactly that problem -- however, for OVMF they don't work, because at the end of the PCI enumeration and resource allocation, which cues the ACPI linker/loader client, the command register is clear. The "shpc" property of "pci-bridge", introduced in the previous patches, allows us to disable the standard hotplug controller cleanly, eliminating the SHPC bar and the conflict. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4e5c9bfecf5da13e8e0f790002a55bb1cc0437b1 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:13 2015 +0200 hw/pci-bridge: introduce "shpc" property In the PCI expander bridge, we will want to disable those features of pci-bridge that relate to SHPC (standard hotplug controller): - SHPC bar and underlying MemoryRegion - interrupt (INTx or MSI) - effective hotplug callbacks - other SHPC hooks (initialization, cleanup, migration etc) Introduce a new feature request bit in the PCIBridgeDev.flags field, and turn off the above if the bit is explicitly cleared. Suggested-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 23ab143dcce8d7f758eb6946ebf68d8689018a9c Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:12 2015 +0200 hw/pci: introduce shpc_present() helper function It follows msi_present() in "include/hw/pci/msi.h". Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 7a7c6a41c5583b24f6a35b02c7f68c84ebd7e177 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:11 2015 +0200 hw/pci-bridge: add macro for "msi" property This should help catch property name typos at compile time. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 3cf0ecb3c4f9bb6a7a58a62c0209509b4c9d13c6 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:10 2015 +0200 hw/pci-bridge: add macro for "chassis_nr" property This should help catch property name typos at compile time. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 0034e56209c1333bfca53356ce82663d801a15c5 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:09 2015 +0200 hw/pci-bridge: expose _test parameter in SHPC_VMSTATE() Change the signature of the function-like macro SHPC_VMSTATE(), so that we can produce and expect this field conditionally in the migration stream, starting with an upcoming patch. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 9df0b0e09c48ad543e6d12ee0c17d1857f83d3ca Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:08 2015 +0200 migration: introduce VMSTATE_BUFFER_UNSAFE_INFO_TEST() There is no _TEST() variant of VMSTATE_BUFFER_UNSAFE_INFO() yet, but we'll soon need it. Introduce it and rebase the original VMSTATE_BUFFER_UNSAFE_INFO() on top. The parameter order of the new function-like macro follows that of VMSTATE_SINGLE_TEST(): "_test" is introduced between "_state" and "_version". Cc: Juan Quintela <quintela@xxxxxxxxxx> Cc: Amit Shah <amit.shah@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 355df30554445c043a12168e9c5f912742050548 Merge: 000d604 3de3d69 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 23 18:25:55 2015 +0100 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-06-23' into staging trivial patches for 2015-06-23 # gpg: Signature made Tue Jun 23 18:23:45 2015 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-06-23: (21 commits) util/qemu-sockets: improve ai_flag hints for ipv6 hosts hw/display/tcx.c: Fix memory leak hw/display/cg3.c: Fix memory leak Makefile: Add "make ctags" Makefile: Fix "make cscope TAGS" qemu-options: Use @itemx where appropriate qemu-options: Improve -global documentation throttle: Fix typo in the documentation of block_set_io_throttle hw/display/qxl-logger.c: Constify some variable configure: rearrange --help and consolidate enable/disable together libcacard: pkgconfig: tidy dependent libs vt82c686: QOMify xen_pt: QOMify wdt_i6300esb: QOMify piix4: QOMify piix: piix3 QOMify pci-assign: QOMify Print error when failing to load PCI config data Grammar: 'as to'->'as for' remove libdecnumber/dpd/decimal128Local.h ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3de3d698d942d1116152417f882c897b26b44e41 Author: Wolfgang Bumiller <w.bumiller@xxxxxxxxxxx> Date: Thu May 21 14:33:29 2015 +0200 util/qemu-sockets: improve ai_flag hints for ipv6 hosts *) Do not use AI_ADDRCONFIG on listening sockets, because this flag makes it impossible to explicitly listen on '127.0.0.1' if no global ipv4 address is configured additionally, making this a very uncomfortable option. *) Add AI_V4MAPPED hint for connecting sockets. If your system is globally only connected via ipv6 you often still want to be able to use '127.0.0.1' and 'localhost' (even if localhost doesn't also have an ipv6 entry). For example, PVE - unless explicitly asking for insecure mode - uses ipv4 loopback addresses with QEMU for live migrations tunneled over SSH. These fail to start because AI_ADDRCONFIG makes getaddrinfo refuse to work with '127.0.0.1'. As for the AI_V4MAPPED flag: glibc uses it by default, and providing non-0 flags removes it. I think it makes sense to use it. I also want to point out that glibc explicitly sidesteps POSIX standards when passing 0 as hints by then assuming both AI_V4MAPPED and AI_ADDRCONFIG (the latter being a rather weird choice IMO), while according to POSIX.1-2001 it should be assumed 0. (glibc considers its choice an improvement.) Since either AI_CANONNAME or AI_PASSIVE are passed in our cases, glibc's default flags in turn are disabled again unless explicitly added, which I do with this patch. Signed-off-by: Wolfgang Bumiller <w.bumiller@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 8684e85ca911b41d6a82ac5bcc5a0bfaba5eb7da Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Thu May 28 19:13:45 2015 +0800 hw/display/tcx.c: Fix memory leak Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 22b2aeb82c811b227862c21e7a607087efbe5563 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Thu May 28 19:13:42 2015 +0800 hw/display/cg3.c: Fix memory leak Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ae5fdc81a16534ea04fc475f8723e81857c46ad4 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri May 22 13:35:08 2015 +0800 Makefile: Add "make ctags" This generates ctags file Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit eaa2ddbb76798ec70d12351c0db43a7728d29150 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri May 22 13:35:07 2015 +0800 Makefile: Fix "make cscope TAGS" Cscope and TAGS files work in source directory rather than the build directory, also, don't ask users to run configure first, because they may have an out of tree build. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f9cfd6555a3afb142a74a68438c6f4ee4c127e66 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Jun 15 14:35:59 2015 +0200 qemu-options: Use @itemx where appropriate Doesn't appear to make a difference, but let's use it consistently. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ae08fd5a365e650d70acfe1d9027501707041b52 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Jun 15 14:35:58 2015 +0200 qemu-options: Improve -global documentation Recent commit 3751d7c "vl: allow full-blown QemuOpts syntax for -global" overloaded its existing argument syntax DRIVER.PROP=VALUE with QemuOpts syntax. Unambigious as long as no DRIVER contains '='. Its documentation claims that "the two syntaxes are equivalent." Improve it to spell out how exactly the old syntax gets desugared into the new one. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 6b932c0a5f951f1cfd3c459d8946074b9df8b829 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 15 16:12:52 2015 +0300 throttle: Fix typo in the documentation of block_set_io_throttle Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a91e21186f81f712af8c02c7eec996ce25fb391f Author: Frediano Ziglio <fziglio@xxxxxxxxxx> Date: Thu Jun 11 14:17:56 2015 +0100 hw/display/qxl-logger.c: Constify some variable Signed-off-by: Frediano Ziglio <fziglio@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit c23f23b970ae8ce75d2254c64cf23d95a757811e Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Wed Jun 17 22:19:26 2015 +0300 configure: rearrange --help and consolidate enable/disable together This is an attempt to rearrange configure --help output a bit and consolidate pairs of --enable/disable into its own section. After this, help text is easier to sort, manage and read. More descriptive text can be added as well, since we now have more space. While at it, mention en/dis-able-vte. Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 1e4db0595777b9b9a5a6a9f49ac3d187dda341f9 Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Wed Jun 17 21:02:03 2015 +0300 libcacard: pkgconfig: tidy dependent libs libcacard.pc file lists only one package in Requires field, which is nss, while glib-2.0 is also a requiriment. Furthermore, for libraries used internally by the library (this is the way nss and glib are used by libcacard), Requires.private shold be used instead of Requires. Fix both issues. This does not affect linking of qemu because it links with objects from libcacard directly. Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 417349e6e95d9aa4e0fbc01434de30e8d405ab56 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 13 08:43:27 2015 +0800 vt82c686: QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f9b9d292afcb55f23b8863c0388a4b3e42c79747 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 13 08:43:26 2015 +0800 xen_pt: QOMify Cc: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Tested-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 41fc9050fed524d300062fd8fe7aecd5c7adf5ac Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 13 08:43:25 2015 +0800 wdt_i6300esb: QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit acff3e48b7e1ac18e034cc612346bdc38ad96ee1 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 13 08:43:24 2015 +0800 piix4: QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b7c69719d21bea305b7cff6ecde0974edc5ff4b8 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 13 08:43:23 2015 +0800 piix: piix3 QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 1ea6305a834a01bba55309d012ee1fdc46c3eff2 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 13 08:43:22 2015 +0800 pci-assign: QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 7c59364d0329d36a7759033962a469ca714f884d Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Jun 3 17:58:01 2015 +0100 Print error when failing to load PCI config data When loading migration fails due to a disagreement about PCI config data we don't currently get any errors explaining that was the cause of the problem or which byte in the config data was at fault. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 4aab6282f8e1f7652b0470b078a08ab5678fb929 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Jun 3 19:43:56 2015 +0100 Grammar: 'as to'->'as for' Fixup migrate-incoming text as requested by Eric in: http://lists.nongnu.org/archive/html/qemu-devel/2015-03/msg03362.html Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit bfa3ab619731653e752c7cf0ab3395ec8e70fe79 Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Wed Jun 3 17:37:27 2015 +0300 remove libdecnumber/dpd/decimal128Local.h Commit 72ac97cdfc added two equivalent versions of decimal128Local.h, one in libdecnumber/dpd/ and another in include/libdecnumber/dpd/. Being identical by the code, the two files however differs in the licensing terms. The one in libdecnumber/dpd/ (which is being removed by this patch) is licensed as GPL3.1 (plus gcc runtime exception), which, as far as I know, is not compatible with GPL-2. This file is not used (it is included from include/libdecnumber/dpd/decimal128.h, so version in include/ is used). More, the version in include/ can also be removed, since none of the 3 defines from that file are actually used by the code. Even more, one of the defines from there, decimal128SetSign, is redefined (to equivalent value) in libdecnumber/dpd/decimal128.c, but again, never used. What a mess... Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a4969e90b8110d6880d1a7fcb3cab27c316a0d3e Author: Alex Bennée <alex.bennee@xxxxxxxxxx> Date: Wed Jun 3 14:22:41 2015 +0100 configure: append --extra-ldflags to LDFLAGS The help text says --extra-ldflags is appended to LDFLAGS so make it so. Signed-off-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 000d6042da0d73e5a71318b5fa96e5a084534d12 Merge: 6966b2a ffffbb3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 23 17:46:20 2015 +0100 Merge remote-tracking branch 'remotes/sstabellini/tags/xen-220615-3' into staging xen-220615, more SOB lines # gpg: Signature made Tue Jun 23 17:19:08 2015 BST using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>" * remotes/sstabellini/tags/xen-220615-3: Revert "xen-hvm: increase maxmem before calling xc_domain_populate_physmap" xen/pass-through: constify some static data xen/pass-through: log errno values rather than function return ones xen/pass-through: ROM BAR handling adjustments xen/pass-through: fold host PCI command register writes Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ffffbb369f3ed9bca5ff2867143f76d0c6e069c0 Author: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Date: Mon Jun 22 13:00:42 2015 +0000 Revert "xen-hvm: increase maxmem before calling xc_domain_populate_physmap" This reverts commit c1d322e6048796296555dd36fdd102d7fa2f50bf. The original commit fixes a bug when assigning a large number of devices which require option roms to a guest. (One known configuration that needs extra memory is having more than 4 emulated NICs assigned. Three or fewer NICs seems to work without this functionality.) However, by unilaterally increasing maxmem, it introduces two problems. First, now libxl's calculation of the required maxmem during migration is broken -- any guest which exercised this functionality will fail on migration. (Guests which have the default number of devices are not affected.) Secondly, it makes it impossible for a higher-level toolstack or administer to predict how much memory a VM will actually use, making it much more difficult to effectively use all of the memory on a machine. Signed-off-by: George Dunlap <george.dunlap@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 74526eb01886ca45774c1e9c736f61536fa2bda1 Author: Jan Beulich <JBeulich@xxxxxxxx> Date: Fri Jun 5 13:04:55 2015 +0100 xen/pass-through: constify some static data This is done indirectly by adjusting two typedefs and helps emphasizing that the respective tables aren't supposed to be modified at runtime (as they may be shared between devices). Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 3782f60d2047cb86567889307ce78baacf518635 Author: Jan Beulich <JBeulich@xxxxxxxx> Date: Fri Jun 5 13:04:18 2015 +0100 xen/pass-through: log errno values rather than function return ones Functions setting errno commonly return just -1, which is of no particular use in the log file. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 69976894c1d91c4b0c985fa05936cb6b8d01382b Author: Jan Beulich <JBeulich@xxxxxxxx> Date: Mon Jun 8 14:11:51 2015 +0100 xen/pass-through: ROM BAR handling adjustments Expecting the ROM BAR to be written with an all ones value when sizing the region is wrong - the low bit has another meaning (enable/disable) and bits 1..10 are reserved. The PCI spec also mandates writing all ones to just the address portion of the register. Use suitable constants also for initializing the ROM BAR register field description. Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> commit 950fe0aa3f55ad6bb135fc9cde9ebf4df05f62fc Author: Jan Beulich <JBeulich@xxxxxxxx> Date: Fri May 15 13:46:11 2015 +0100 xen/pass-through: fold host PCI command register writes The code introduced to address XSA-126 allows simplification of other code in xen_pt_initfn(): All we need to do is update "cmd" suitably, as it'll be written back to the host register near the end of the function anyway. Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> commit eb6c6a604890201e321a6ace32973d10dc033245 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 18 12:17:29 2015 +0200 add pci-bridge-seat Simplifies multiseat configuration, see docs/multiseat.txt update for details. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 72d97b3a543a9c2c820bd463ba24751ae4247ac3 Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Tue Jun 9 05:31:53 2015 +0200 pc: cleanup and convert TMP ACPI device description to AML API remove some code duplication in acpi-build.c and drop 5 ASL and binary blobs files with TPM ACPI device description, replacing them with 1 small hunk written in AML API. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 0e0b3592f6cfc56b3a4cc2c040552b7caaf2329f Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Jun 23 08:09:34 2015 +0200 MAINTAINERS: add ACPI entry Igor agreed to help review ACPI patches, add an entry to MAINTAINERS with all ACPI stuff I could think of. Note: I listed ARM ACPI files here just to make sure we are Cc'd, no plan to maintain ACPI for ARM through my tree :) Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 16617e36b02ebdc83f215d89db9ac00f7d6d6d83 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:13:14 2015 +0800 vhost: correctly pass error to caller in vhost_dev_enable_notifiers() We override the error value r in fail_vq, this will cause the caller can't detect the failure which may cause the caller may disable the notifiers twice if vhost is failed to start. Fix this by using another variable to keep track the return value of set_host_notifier(). Fixes b0b3db79559e57db340b292621c397e7a6cdbdc5 ("vhost-net: cleanup host notifiers at last step") Cc: qemu-stable@xxxxxxxxxx Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit e3816255bf4b6377bb405331e2ee0dc14d841b80 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Mon Jun 15 13:52:52 2015 +0300 balloon: add a feature bit to let Guest OS deflate balloon on oom Excessive virtio_balloon inflation can cause invocation of OOM-killer, when Linux is under severe memory pressure. Various mechanisms are responsible for correct virtio_balloon memory management. Nevertheless it is often the case that these control tools does not have enough time to react on fast changing memory load. As a result OS runs out of memory and invokes OOM-killer. The balancing of memory by use of the virtio balloon should not cause the termination of processes while there are pages in the balloon. Now there is no way for virtio balloon driver to free memory at the last moment before some process get killed by OOM-killer. This does not provide a security breach as balloon itself is running inside Guest OS and is working in the cooperation with the host. Thus some improvements from Guest side should be considered as normal. To solve the problem, introduce a virtio_balloon callback which is expected to be called from the oom notifier call chain in out_of_memory() function. If virtio balloon could release some memory, it will make the system return and retry the allocation that forced the out of memory killer to run. This behavior should be enabled if and only if appropriate feature bit is set on the device. It is off by default. This functionality was recently merged into vanilla Linux. commit 5a10b7dbf904bfe01bb9fcc6298f7df09eed77d5 Author: Raushaniya Maksudova <rmaksudova@xxxxxxxxxxxxx> Date: Mon Nov 10 09:36:29 2014 +1030 This patch adds respective control bits into QEMU. It introduces deflate-on-oom option for balloon device which does the trick. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Raushaniya Maksudova <rmaksudova@xxxxxxxxxxxxx> CC: Anthony Liguori <aliguori@xxxxxxxxxx> CC: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: James Bottomley <JBottomley@xxxxxxxx> Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 6b64640dd25846c4de42aa433db56e0ff975993a Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Thu May 21 09:50:10 2015 +0800 iov: don't touch iov in iov_send_recv() Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Message-id: 555D39D2.4000705@xxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 3307ed7b3fac5ba99eb3b84904b0b7cdc3592a61 Author: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Date: Tue Jun 23 13:45:00 2015 +0300 raw-posix: Introduce hdev_is_sg() Until now, an SG device was identified only by checking if its path started with "/dev/sg". Then, hdev_open() would set the bs->sg flag accordingly. The patch relies on the actual properties of the device instead of the specified file path. To this end, test for an SG device (e.g. /dev/sg0) by ensuring that all of the following holds: - The specified file name corresponds to a character device - The device supports the SG_GET_VERSION_NUM ioctl - The device supports the SG_GET_SCSI_ID ioctl Signed-off-by: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Message-id: 1435056300-14924-6-git-send-email-dimara@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a93a3982a6645463fa822131d38b17284edd5633 Author: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Date: Tue Jun 23 13:44:59 2015 +0300 raw-posix: Use DPRINTF for DEBUG_FLOPPY Get rid of several #ifdef DEBUG_FLOPPY and substitute them with DPRINTF. Signed-off-by: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435056300-14924-5-git-send-email-dimara@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit bcb225550dcc0d6fcef8e97012bae572ba78f73a Author: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Date: Tue Jun 23 13:44:58 2015 +0300 raw-posix: DPRINTF instead of DEBUG_BLOCK_PRINT Building the QEMU tools fails if we #define DEBUG_BLOCK inside block/raw-posix.c. Here instead of adding qemu-log.o in block-obj-y so that DEBUG_BLOCK_PRINT can be used, we substitute the latter with a simple DPRINTF() (that does not cause bit-rot). Signed-off-by: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435056300-14924-4-git-send-email-dimara@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1b6bc94d5d43ff3e39abadae19f2dbcb0954eb93 Author: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Date: Tue Jun 23 13:44:57 2015 +0300 Fix migration in case of scsi-generic During migration, QEMU uses fsync()/fdatasync() on the open file descriptor for read-write block devices to flush data just before stopping the VM. However, fsync() on a scsi-generic device returns -EINVAL which causes the migration to fail. This patch skips flushing data in case of an SG device, since submitting SCSI commands directly via an SG character device (e.g. /dev/sg0) bypasses the page cache completely, anyway. Note that fsync() not only flushes the page cache but also the disk cache. The scsi-generic device never sends flushes, and for migration it assumes that the same SCSI device is used by the destination host, so it does not issue any SCSI SYNCHRONIZE CACHE (10) command. Finally, remove the bdrv_is_sg() test from iscsi_co_flush() since this is now redundant (we flush the underlying protocol at the end of bdrv_co_flush() which, with this patch, we never reach). Signed-off-by: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435056300-14924-3-git-send-email-dimara@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b192af8acc597a6e8068873434e56e0c7de1b7d3 Author: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Date: Tue Jun 23 13:44:56 2015 +0300 block: Use bdrv_is_sg() everywhere Instead of checking bs->sg use bdrv_is_sg() consistently throughout the code. Signed-off-by: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435056300-14924-2-git-send-email-dimara@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 25940fa7e57ffce9d495b4c2aadc39790535856d Author: Lu Lina <lina.lulina@xxxxxxxxxx> Date: Fri Jun 19 14:27:34 2015 +0800 nvme: Fix memleak in nvme_dma_read_prp Signed-off-by: Lu Lina <lina.lulina@xxxxxxxxxx> Acked-by: Keith Busch <keith.busch@xxxxxxxxx> Message-id: 1434695254-69808-1-git-send-email-kathy.wangting@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d5941ddae82a35771656d7e35f64f7f8f19c5627 Author: Wolfgang Bumiller <w.bumiller@xxxxxxxxxxx> Date: Fri Jun 19 11:35:29 2015 +0200 vvfat: add a label option Until now the vvfat volume label was hardcoded to be "QEMU VVFAT", now you can pass a file.label=labelname option to the -drive to change it. The FAT structure defines the volume label to be limited to 11 bytes and is filled up spaces when shorter than that. The trailing spaces however aren't exposed to the user by operating systems. [Added missing comment '#' characters in block-core.json to fix build errors. --Stefan] Signed-off-by: Wolfgang Bumiller <w.bumiller@xxxxxxxxxxx> Message-id: 1434706529-13895-2-git-send-email-w.bumiller@xxxxxxxxxxx Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c6a8c3283f1d53e360073bdb32f87a97e78e2880 Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Fri May 22 09:29:46 2015 +0800 util/hbitmap: Add an API to reset all set bits in hbitmap The function bdrv_clear_dirty_bitmap() is updated to use faster hbitmap_reset_all() call. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Signed-off-by: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 555E868A.60506@xxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6e40b3bfc7e82823cf4df5f0bf668f56db41e53a Author: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 17 13:37:20 2015 +0300 virtio-blk: Use blk_drain() to drain IO requests Each call of the virtio_blk_reset() function calls blk_drain_all(), which works for all existing BlockDriverStates, while draining only one is needed. This patch replaces blk_drain_all() by blk_drain() in virtio_blk_reset(). virtio_blk_data_plane_stop() should be called after draining because it restores vblk->complete_request. Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Message-id: 1434537440-28236-3-git-send-email-yarygin@xxxxxxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 97b0385a346829cf03efe131a26a4b6a4cd0a21f Author: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 17 13:37:19 2015 +0300 block-backend: Introduce blk_drain() This patch introduces the blk_drain() function which allows to replace blk_drain_all() when only one BlockDriverState needs to be drained. Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1434537440-28236-2-git-send-email-yarygin@xxxxxxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 2f388b93a147258f9dbc83ebe63365edac4aa7a2 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 15 18:41:15 2015 +0300 throttle: Check current timers before updating any_timer_armed[] Calling throttle_group_config() cancels all timers from a particular BlockDriverState, so any_timer_armed[] should be updated accordingly. However, with the current code it may happen that a timer is armed in a different BlockDriverState from the same group, so any_timer_armed[] would be set to false in a situation where there is still a timer armed. The consequence is that we might end up with two timers armed. This should not have any noticeable impact however, since all accesses to the ThrottleGroup are protected by a lock, and the situation would become normal again shortly thereafter as soon as all timers have been fired. The correct way to solve this is to check that we're actually cancelling a timer before updating any_timer_armed[]. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1434382875-3998-1-git-send-email-berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit f406c03c093f1451ac0ba7fde31eeb78e5e5e417 Author: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 10 14:38:17 2015 +0300 block: Let bdrv_drain_all() to call aio_poll() for each AioContext After the commit 9b536adc ("block: acquire AioContext in bdrv_drain_all()") the aio_poll() function got called for every BlockDriverState, in assumption that every device may have its own AioContext. If we have thousands of disks attached, there are a lot of BlockDriverStates but only a few AioContexts, leading to tons of unnecessary aio_poll() calls. This patch changes the bdrv_drain_all() function allowing it find shared AioContexts and to call aio_poll() only for unique ones. Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Tested-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Message-id: 1433936297-7098-4-git-send-email-yarygin@xxxxxxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6966b2a07190004e18ede33ce50a65009b36f3a6 Merge: a320697 a5d4d7b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 23 13:32:50 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20150623-1' into staging virtio-input: property fixes, add evdev passthrough # gpg: Signature made Tue Jun 23 09:33:29 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-input-20150623-1: Add MAINTAINERS entry for virtio-input virtio-input: evdev passthrough virtio-input: move properties, use virtio_instance_init_common Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a3206972a9eab65ec8e8f9ae320ad628ba4b58f1 Merge: 0c8ff72 a0b1a66 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 23 10:38:00 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-06-22' into staging Monitor patches # gpg: Signature made Mon Jun 22 18:56:18 2015 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-monitor-2015-06-22: (24 commits) Include monitor/monitor.h exactly where needed Include qapi/qmp/qerror.h exactly where needed qerror: Move #include out of qerror.h qerror: Finally unused, clean up qmp: Wean off qerror_report() tpm: Avoid qerror_report() outside QMP command handlers qerror: Clean up QERR_ macros to expand into a single string qerror: Eliminate QERR_DEVICE_NOT_FOUND vl: Use error_report() for --display errors vl: Avoid qerror_report() outside QMP command handlers QemuOpts: Wean off qerror_report_err() qdev-monitor: Propagate errors through qdev_device_add() qdev-monitor: Propagate errors through set_property() qdev-monitor: Convert qbus_find() to Error qdev-monitor: Fix check for full bus qdev-monitor: Stop error avalanche in qbus_find_recursive() disas: Remove uses of CPU env monitor: Split mon_get_cpu fn to remove ENV_GET_CPU monitor: Fix failure path for "S" argument monitor: Point to "help" command on syntax error ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a5d4d7b580f42c47d240a2068c810e4147147f6e Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jun 19 10:25:34 2015 +0200 Add MAINTAINERS entry for virtio-input Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 006a5edebe656114e0e0a6fb24b8aae6401c1cf4 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Mar 28 09:18:47 2014 +0100 virtio-input: evdev passthrough This allows to assign host input devices to the guest: qemu -device virtio-input-host-pci,evdev=/dev/input/event<nr> The guest gets exclusive access to the input device, so be careful with assigning the keyboard if you have only one connected to your machine. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 6f2b9a5b24c488d38ace01910c684749ff922e26 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 18 17:45:47 2015 +0200 virtio-input: move properties, use virtio_instance_init_common Move properties from virtio-*-pci to virtio-*-device. Also make better use of QOM and attach common properties to the abstract parent classes (virtio-input-device and virtio-input-pci-device). Switch the hid device instance init functions over to use virtio_instance_init_common, so we get the properties of the virtio device aliased properly to the virtio pci proxy. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 1fa795a853255fcc93e5d3e2a92d161a2ed96eb8 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue Jun 23 09:53:05 2015 +0800 qdev: fix OVERFLOW_BEFORE_WIDEN Potentially overflowing expression "1 << prop->bitnr" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned). Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 3750dabc69d76f0938cc726a64a70e4ae2fe21df Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue Jun 23 09:53:04 2015 +0800 virito-pci: fix OVERRUN problem Overrunning array "proxy->guest_features" of 2 4-byte elements at element index 2 (byte offset 8) using index "proxy->gfselect" (which evaluates to 2). Normally, the Linux kernel driver just read/write '0' or '1' as the "proxy->gfselect" values, so using '<' instead of '=<' to make coverity happy and avoid potential harm. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit a0b1a66ea39bca011108734147a72232a4d08c7a Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Mar 17 18:16:21 2015 +0100 Include monitor/monitor.h exactly where needed In particular, don't include it into headers. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit cc7a8ea740ec74a144e866a1d24aa6b490e31923 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Mar 17 17:22:46 2015 +0100 Include qapi/qmp/qerror.h exactly where needed In particular, don't include it into headers. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit d49b68364414d649b8e26232f2a600d415611662 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Mar 17 18:29:20 2015 +0100 qerror: Move #include out of qerror.h Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 4629ed1e98961bbe678db68ef5f4342ff174a6c3 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Mar 17 14:29:59 2015 +0100 qerror: Finally unused, clean up Remove it except for two things in qerror.h: * Two #include to be cleaned up separately to avoid cluttering this patch. * The QERR_ macros. Mark as obsolete. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 485febc6d1382a82e4e1640729fffbf0c1392a44 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 13 17:25:50 2015 +0100 qmp: Wean off qerror_report() The traditional QMP command handler interface int qmp_FOO(Monitor *mon, const QDict *params, QObject **ret_data); doesn't provide for returning an Error object. Instead, the handler is expected to stash it in the monitor with qerror_report(). When we rebased QMP on top of QAPI, we didn't change this interface. Instead, commit 776574d introduced "middle mode" as a temporary aid for converting existing QMP commands to QAPI one by one. More than three years later, we're still using it. Middle mode has two effects: * Instead of the native input marshallers static void qmp_marshal_input_FOO(QDict *, QObject **, Error **) it generates input marshallers conforming to the traditional QMP command handler interface. * It suppresses generation of code to register them with qmp_register_command() This permits giving them internal linkage. As long as we need qmp-commands.hx, we can't use the registry behind qmp_register_command(), so the latter has to stay for now. The former has to go to get rid of qerror_report(). Changing all QMP commands to fit the QAPI mold in one go was impractical back when we started, but by now there are just a few stragglers left: do_qmp_capabilities(), qmp_qom_set(), qmp_qom_get(), qmp_object_add(), qmp_netdev_add(), do_device_add(). Switch middle mode to generate native input marshallers, and adapt the stragglers. Simplifies both the monitor code and the stragglers. Rename do_qmp_capabilities() to qmp_capabilities(), and do_device_add() to qmp_device_add, because that's how QMP command handlers are named today. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 8b53a19675d2329695179e47aa3797692fb0d9ba Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Mar 17 12:09:02 2015 +0100 tpm: Avoid qerror_report() outside QMP command handlers qerror_report() is a transitional interface to help with converting existing monitor commands to QMP. It should not be used elsewhere. Replace by error_report(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit c6bd8c706a799eb0fece99f468aaa22b818036f3 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Mar 17 11:54:50 2015 +0100 qerror: Clean up QERR_ macros to expand into a single string These macros expand into error class enumeration constant, comma, string. Unclean. Has been that way since commit 13f59ae. The error class is always ERROR_CLASS_GENERIC_ERROR since the previous commit. Clean up as follows: * Prepend every use of a QERR_ macro by ERROR_CLASS_GENERIC_ERROR, and delete it from the QERR_ macro. No change after preprocessing. * Rewrite error_set(ERROR_CLASS_GENERIC_ERROR, ...) into error_setg(...). Again, no change after preprocessing. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 75158ebbe259f0bd8bf435e8f4827a43ec89c877 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Mar 16 08:57:47 2015 +0100 qerror: Eliminate QERR_DEVICE_NOT_FOUND Error classes other than ERROR_CLASS_GENERIC_ERROR should not be used in new code. Hiding them in QERR_ macros makes new uses hard to spot. Fortunately, there's just one such macro left. Eliminate it with this coccinelle semantic patch: @@ expression EP, E; @@ -error_set(EP, QERR_DEVICE_NOT_FOUND, E) +error_set(EP, ERROR_CLASS_DEVICE_NOT_FOUND, "Device '%s' not found", E) Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit c6bf0f7ffa90c720377eb6bddd27037041acbc5b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Feb 13 18:23:45 2015 +0100 vl: Use error_report() for --display errors Results in nicer error messages. Before this patch: Invalid GTK option string: gtk,lirum-larum After: qemu-system-x86_64: -display gtk,lirum-larum: Invalid GTK option string Of course, the thing ought to use QemuOpts instead of parsing by hand. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 1459407e88632e6d66cd6b71326eaf78e0a80772 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Feb 27 09:47:12 2015 +0100 vl: Avoid qerror_report() outside QMP command handlers qerror_report() is a transitional interface to help with converting existing monitor commands to QMP. It should not be used elsewhere. Replace by error_report() in initial startup helpers parse_sandbox() and parse_add_fd(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 70b9433109ed99217b812f19800de550e2e0ecd5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Feb 13 12:50:26 2015 +0100 QemuOpts: Wean off qerror_report_err() qerror_report_err() is a transitional interface to help with converting existing monitor commands to QMP. It should not be used elsewhere. The only remaining user in qemu-option.c is qemu_opts_parse(). Is it used in QMP context? If not, we can simply replace qerror_report_err() by error_report_err(). The uses in qemu-img.c, qemu-io.c, qemu-nbd.c and under tests/ are clearly not in QMP context. The uses in vl.c aren't either, because the only QMP command handlers there are qmp_query_status() and qmp_query_machines(), and they don't call it. Remaining uses: * drive_def(): Command line -drive and such, HMP drive_add and pci_add * hmp_chardev_add(): HMP chardev-add * monitor_parse_command(): HMP core * tmp_config_parse(): Command line -tpmdev * net_host_device_add(): HMP host_net_add * net_client_parse(): Command line -net and -netdev * qemu_global_option(): Command line -global * vnc_parse_func(): Command line -display, -vnc, default display, HMP change, QMP change. Bummer. * qemu_pci_hot_add_nic(): HMP pci_add * usb_net_init(): Command line -usbdevice, HMP usb_add Propagate errors through qemu_opts_parse(). Create a convenience function qemu_opts_parse_noisily() that passes errors to error_report_err(). Switch all non-QMP users outside tests to it. That leaves vnc_parse_func(). Propagate errors through it. Since I'm touching it anyway, rename it to vnc_parse(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit f006cf7fa9a63ba8e4ccf57d46231ce594301727 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 12 14:00:41 2015 +0100 qdev-monitor: Propagate errors through qdev_device_add() Also polish an error message while I'm touching the line anyway, Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> commit 4caa489d1337c1a72d2e36185e4586ad246b98e1 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 12 13:58:02 2015 +0100 qdev-monitor: Propagate errors through set_property() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> commit d282842999b914c38c8be4659012aa619c22af8b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Mar 11 19:16:04 2015 +0100 qdev-monitor: Convert qbus_find() to Error As usual, the conversion breaks printing explanatory messages after the error: actual printing of the error gets delayed, so the explanations precede rather than follow it. Pity. Disable them for now. See also commit 7216ae3. While there, eliminate QERR_BUS_NOT_FOUND, and clean up unusual spelling in the error message. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit ed238ba2a0239368dd0cec9bfaf3300a5bd303ce Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Mar 11 18:39:16 2015 +0100 qdev-monitor: Fix check for full bus Property bus has always been too screwed up to be really usable for values other than plain bus IDs. This just fixes a bug that crept in in commit 1395af6 "qdev: add a maximum device allowed field for the bus." It doesn't always fail when it should: $ qemu-system-x86_64 -nodefaults -device virtio-serial-pci -device virtio-rng-device,bus=pci.0/virtio-serial-pci/virtio-bus Happily plugs the virtio-rng-device into the virtio-bus provided by virtio-serial-pci, even though its only slot is already occupied by a virtio-serial-device. And sometimes fails when it shouldn't: $ qemu-system-x86_64 -nodefaults -device virtio-serial-pci -device virtserialport,bus=virtio-bus/virtio-serial-device Yes, the virtio-bus is full, but the virtio-serial-bus provided by virtio-serial-device isn't, and that's the one we're trying to use. Root cause: we check "bus full" when we resolve the first element of the path. That's the correct one only when it's also the last one. Fix by moving the "bus full" check to right before we return a bus. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit a5ec494e274ddcad6d487e3872e16964ef57e0de Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Mar 11 17:26:31 2015 +0100 qdev-monitor: Stop error avalanche in qbus_find_recursive() Reproducer: $ qemu-system-x86_64 -nodefaults -device virtio-rng-pci -device virtio-rng-pci -device virtio-rng-device,bus=virtio-bus qemu-system-x86_64: -device virtio-rng-device,bus=virtio-bus: Bus 'virtio-bus' is full qemu-system-x86_64: -device virtio-rng-device,bus=virtio-bus: Bus 'virtio-bus' is full qemu-system-x86_64: -device virtio-rng-device,bus=virtio-bus: Bus 'virtio-bus' not found qbus_find_recursive() reports the "is full" error itself, and leaves reporting "not found" to its caller. The result is confusion. Write it a function contract that permits leaving all error reporting to the caller, and implement it. Update callers to detect and report "is full". Screwed up when commit 1395af6 added the max_dev limit and the "is full" error condition to enforce it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit d49190c4208f2c556c3a01962a81f8a85d522bb1 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 24 14:20:41 2015 -0700 disas: Remove uses of CPU env disas does not need to access the CPU env for any reason. Change the APIs to accept CPU pointers instead. Small change pattern needs to be applied to all target translate.c. This brings us closer to making disas.o a common-obj and less architecture specific in general. Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Cc: "Edgar E. Iglesias" <edgar.iglesias@xxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Cc: Michael Walle <michael@xxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Jia Liu <proljc@xxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Cc: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Cc: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Cc: Guan Xuetao <gxt@xxxxxxxxxxxxxxx> Cc: Max Filippov <jcmvbkbc@xxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 5bcda5f7349da01aded719b595f32ce2b9d396db Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 24 14:20:40 2015 -0700 monitor: Split mon_get_cpu fn to remove ENV_GET_CPU The monitor currently has one helper, mon_get_cpu() which will return an env pointer. The target specific users of this API want an env, but all the target agnostic users really just want the cpu pointer. These users then need to use the target-specifically defined ENV_GET_CPU to navigate back up to the CPU from the ENV. Split the API for the two uses cases to remove all need for ENV_GET_CPU. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit e549d2aaeba1cfac207c9a9675cc203e6372a22e Author: Bandan Das <bsd@xxxxxxxxxx> Date: Wed Jun 3 18:38:10 2015 -0400 monitor: Fix failure path for "S" argument Since the "S" argument type is only used with the "?" flag, the bug can't bite. Signed-off-by: Bandan Das <bsd@xxxxxxxxxx> Acked-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit dd41eea77129a4cd8ae5170b02e0fee175af314e Author: Bandan Das <bsd@xxxxxxxxxx> Date: Wed Jun 3 18:38:09 2015 -0400 monitor: Point to "help" command on syntax error When a command fails due to incorrect syntax or input, suggest using the "help" command to get more information about the command. This is only applicable for HMP. Signed-off-by: Bandan Das <bsd@xxxxxxxxxx> Acked-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ae50212ff717f3d295ebff352eb7d6cc08332b7e Author: Bandan Das <bsd@xxxxxxxxxx> Date: Wed Jun 3 18:38:08 2015 -0400 monitor: cleanup parsing of cmd name and cmd arguments There's too much going on in monitor_parse_command(). Split up the arguments parsing bits into a separate function monitor_parse_arguments(). Let the original function check for command validity and sub-commands if any and return data (*cmd) that the newly introduced function can process and return a QDict. Also, pass a pointer to the cmdline to track current parser location. Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Bandan Das <bsd@xxxxxxxxxx> Acked-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 19f2db5c84e563597bd8b3c3190aef591060dec2 Author: Bandan Das <bsd@xxxxxxxxxx> Date: Wed Jun 3 18:38:07 2015 -0400 monitor: remove debug prints The preferred solution is to use tracepoints and there is good chance of bitrot with the debug prints not being enabled at compile time. Remove them. Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Bandan Das <bsd@xxxxxxxxxx> Acked-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 34acbc95229f9f841bde83691a5af949c15e105b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Fri May 15 16:25:00 2015 -0600 qobject: Use 'bool' inside qdict Now that qbool is fixed, let's fix getting and setting a bool value to a qdict member to also use C99 bool rather than int. I audited all callers to ensure that the changed return type will not cause any changed semantics. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Acked-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit fc48ffc39ed1060856475e4320d5896f26c945e8 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Fri May 15 16:24:59 2015 -0600 qobject: Use 'bool' for qbool We require a C99 compiler, so let's use 'bool' instead of 'int' when dealing with boolean values. There are few enough clients to fix them all in one pass. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Acked-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 0c8ff723bd29e5c8b2ca989f857ae5c37ec49c4e Author: Greg Ungerer <gerg@xxxxxxxxxxx> Date: Fri Jun 19 23:43:26 2015 +1000 m68k: fix usp processing on interrupt entry and exception exit The action to potentially switch sp register is not occurring at the correct point in the interrupt entry or exception exit sequences. For the interrupt entry case the sp on entry is used to create the stack exception frame - but this may well be the user stack pointer, since we haven't done the switch yet. Re-order the flow to switch the sp regs then use the current sp to create the exception frame. For the return from exception case the code is unwinding the sp after switching sp registers. But it should always unwind the supervisor sp first, then carry out any required sp switch. Note that these problems don't effect operation unless the user sp bit is set in the CACR register. Only a single sp is used in the default power up state. Previously Linux only used this single sp mode. But modern versions of Linux use the user sp mode now, so we need correct behavior for Linux to work. Signed-off-by: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Reviewed-by: Laurent Vivier <laurent@xxxxxxxxx> Tested-by: Laurent Vivier <laurent@xxxxxxxxx> Message-id: 1434721406-25288-4-git-send-email-gerg@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2a8327e8a8288e301a2f01bc3ca2d465a3a4ca78 Author: Greg Ungerer <gerg@xxxxxxxxxxx> Date: Fri Jun 19 23:43:25 2015 +1000 m68k: implement move to/from usp register instruction Fill out the code support for the move to/from usp instructions. They are being decoded, but there is no code to support there actions. So add it. Current versions of Linux running on the ColdFire 5208 use these instructions. Signed-off-by: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Laurent Vivier <laurent@xxxxxxxxx> Tested-by: Laurent Vivier <laurent@xxxxxxxxx> Message-id: 1434721406-25288-3-git-send-email-gerg@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8c52f0cbba76310ad626e54996dbce08c7a8a820 Author: Greg Ungerer <gerg@xxxxxxxxxxx> Date: Fri Jun 19 23:43:24 2015 +1000 m68k: implement more ColdFire 5208 interrupt controller functionality Implement the SIMR and CIMR registers of the 5208 interrupt controller. These are used by modern versions of Linux running on ColdFire (not sure of the exact version they were introduced, but they have been in for quite a while now). Without this change when attempting to run a linux-3.5 kernel you will see: qemu: hardware error: mcf_intc_write: Bad write offset 28 and execution will stop and dump out. Signed-off-by: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Tested-by: Laurent Vivier <laurent@xxxxxxxxx> Message-id: 1434721406-25288-2-git-send-email-gerg@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0a3346f5dea0a679322df804e1e78d7c10d12a9f Merge: cb4e0f9 daeba96 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 22 12:50:30 2015 +0100 Merge remote-tracking branch 'remotes/afaerber/tags/qom-devices-for-peter' into staging QOM infrastructure fixes and device conversions * Changes to name string ownership for alias properties * Improvements around enum properties * Cleanups around -object handling * New helper functions * Cleanups of qdev init helper functions * Add path argument to qom-tree script * QTest cleanup to use new qtest_add_data_func() consistently # gpg: Signature made Fri Jun 19 18:14:38 2015 BST using RSA key ID 3E7E013F # gpg: Good signature from "Andreas Färber <afaerber@xxxxxxx>" # gpg: aka "Andreas Färber <afaerber@xxxxxxxx>" * remotes/afaerber/tags/qom-devices-for-peter: qdev: Un-deprecate qdev_init_nofail() qdev: Deprecated qdev_init() is finally unused, drop qom: Don't pass string table to object_get_enum() function qom: Add an object_property_add_enum() helper function qom: Make enum string tables const-correct qom: Add object_new_with_props() / object_new_withpropv() helpers qom: Add helper function for getting user objects root vl: Create (most) objects before creating chardev backends doc: Document user creatable object types in help text backends: Fix typename of 'policy' enum property in hostmem obj scripts: Add support for path as argument of qom-tree tests: Use qtest_add_data_func() consistently qdev: Free property names after registering gpio aliases qom: strdup() target property name on object_property_add_alias() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cb4e0f9ddf7d45de7e4716cbab661ea568bd0b6c Merge: ad7020a e4a511f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 22 11:50:07 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * i8254 security fix * Avoid long 100% CPU wait after restarting guests that use the periodic timer * Fixes for access clamping (WinXP, MIPS) * wixl/.msi support for qemu-ga on Windows # gpg: Signature made Fri Jun 19 11:30:53 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: exec: clamp accesses against the MemoryRegionSection exec: do not clamp accesses to MMIO regions mc146818rtc: Reset the periodic timer on load qemu-timer: Call clock reset notifiers on forward jumps tests: virtio-scsi: Add test for unaligned WRITE SAME tests: virtio-scsi: Move start/stop to individual test functions libqos: Complete virtio device ID definition list libqos: Allow calling guest_free on NULL pointer tests: Link libqos virtio object to virtio-scsi-test i8254: fix out-of-bounds memory access in pit_ioport_read() qemu-ga: Building Windows MSI installation with configure/Makefile qemu-ga: Introduce Windows MSI script qemu-ga: debug printouts to help troubleshoot installation qemu-ga: adding vss-[un]install options qemu-log: Open file for logging when specified Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ad7020a7e7b27d468ecc2aacb04ba4eb09017074 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:52 2015 -0700 target-microblaze: Remove dead code This code is already being run in the mb_cpu_realizefn() function. As PVR registers are preserved on reset this code is not required. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 033af8e9aaba1994c4816cea5828aaddc383a907 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:48 2015 -0700 s3adsp1800: Remove the hardcoded values from the reset Remove the hardcoded values from the machine specific reset function, as the same values are already set in the standard MicroBlaze reset. This also allows the entire reset function to be deleted, as PVR registers are now preserved on reset. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit a87310a62d1885b8f6d6b5b30227cbd9792d2c3c Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:45 2015 -0700 ml605_mmu: Move the hardcoded values to the init function Move the hard coded register values to the init function. This also allows the entire reset function to be deleted, as PVR registers are now preserved on reset. The hardcoded PVR0 values can be removed as they are setting the endianness and stack protection, which is already done or invalid. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 6fad9e986b82c7c7ed7cfa0cc3ee38b3510a5432 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:42 2015 -0700 target-microblaze: Convert pvr-full to a CPU property Originally the pvr-full PVR bits were manually set for each machine. This is a hassle and difficult to read, instead set them based on the CPU properties. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 72e38754853443830152a3cfe586db1d9b15e8fe Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:38 2015 -0700 target-microblaze: Convert version_mask to a CPU property Originally the version_mask PVR bits were manually set for each machine. This is a hassle and difficult to read, instead set them based on the CPU properties. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit a88bbb006a523deabb90245a283d1914abd34e3e Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:35 2015 -0700 target-microblaze: Convert endi to a CPU property Originally the endi PVR bits were manually set for each machine. This is a hassle and difficult to read, instead set them based on the CPU properties. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit a6c3ed24748f06742413e174167b0faa7030c244 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:32 2015 -0700 target-microblaze: Convert dcache-writeback to a CPU property Originally the dcache-writeback PVR bits were manually set for each machine. This is a hassle and difficult to read, instead set them based on the CPU properties. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 714461237083c1eadcb9d686f8ce4088737c1d0a Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:29 2015 -0700 target-microblaze: Convert use-mmu to a CPU property Originally the use-mmu PVR bits were manually set for each machine. This is a hassle and difficult to read, instead set them based on the CPU properties. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit be67e9ab9740d5a80e5c37bfd35247a4e449bc5a Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:25 2015 -0700 target-microblaze: Rename the usefpu variable Rename the usefpu variable to use_fpu. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit f44c475cb6ded298486a589c4205ab70e485b48c Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Fri May 29 16:32:35 2015 +1000 target-microblaze: Disable stack protection by default Stack protection is not available when the MMU is enabled. As the MMU is enabled by default, disable stack protection by default. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 4e5d45ae5756123b3b7000c8b0b3d3a9ea4737da Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Fri May 29 16:31:58 2015 +1000 target-microblaze: Convert use-fpu to a CPU property Originally the use-fpu PVR bits were manually set for each machine. This is a hassle and difficult to read, instead set them based on the CPU properties. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit f27183abaaaf48e9d1f8469c7e99a987444f4410 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Fri May 29 16:31:20 2015 +1000 target-microblaze: Tidy up the base-vectors property Rename the "xlnx.base-vectors" string to "base-vectors" and move the base_vectors variable into the cfg struct. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 9aaaa181949e4a23ca298fb7006e2d8bac842e92 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Fri May 29 16:30:43 2015 +1000 target-microblaze: Allow the stack protection to be disabled Microblaze stack protection is configurable and isn't always enabled. This patch allows the stack protection to be disabled from the CPU properties. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 8bac22423e4c3b70082dd6c1b492ccf21f3b5a0c Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Fri May 29 16:30:05 2015 +1000 target-microblaze: Preserve the pvr registers during reset Move the Microblaze PVR registers to the end of the CPUMBState and preserve them during reset. This is similar to what the QEMU ARM model does with some of it's registers. This allows the Microblaze PVR registers to only be set once at realise instead of constantly at reset. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 53432dc9ea37d3be4c8efc3023c2382e9da5334a Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Fri May 29 16:29:28 2015 +1000 target-microblaze: Fix up indentation Fix up the incorrect indentation level in the helper_stackprot() function. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit d87636b18f8de901e76bedd9c7f55d3eaed924ee Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 24 20:31:40 2015 -0700 microblaze: s3adsp: Instantiate CPU using QOM Instantiate and realise the CPU directly, rather than using cpu_mb_init. Microblazes cpu_model argument is a dummy so remove the default cpu_model set logic. Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit daeba9699d41ad79e2f3d34acea9c85c5d67a2ac Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 19 16:17:23 2015 +0200 qdev: Un-deprecate qdev_init_nofail() It's a perfectly sensible helper function. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 0210afe6690be045cb849b2f16bffabda575a9bf Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 19 16:17:22 2015 +0200 qdev: Deprecated qdev_init() is finally unused, drop qdev_init() is a wrapper around setting property "realized" to true, plus error handling that passes errors to qerror_report_err(). qerror_report_err() is a transitional interface to help with converting existing monitor commands to QMP. It should not be used elsewhere. All code has been modernized to avoid qdev_init() and its inappropriate error handling. We can finally drop it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit a3590dacce94519c1747d8bf423744c6bb7d9941 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 27 16:07:56 2015 +0100 qom: Don't pass string table to object_get_enum() function Now that properties can be explicitly registered as an enum type, there is no need to pass the string table to the object_get_enum() function. The object property registration already has a pointer to the string table. In changing this method signature, the hostmem backend object has to be converted to use the new enum property registration code, which simplifies it somewhat. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit a8e3fbedc827f992657f5670212e854f62ec12ad Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 13 17:14:08 2015 +0100 qom: Add an object_property_add_enum() helper function A QOM property can be parsed as enum using the visit_type_enum() helper function, but this forces callers to use the more complex generic object_property_add() method when registering it. It also requires that users of that object have access to the string map when they want to read the property value. This patch introduces a specialized object_property_add_enum() method which simplifies the use of enum properties, so the setters/getters directly get passed the int value. typedef enum { MYDEV_TYPE_FROG, MYDEV_TYPE_ALLIGATOR, MYDEV_TYPE_PLATYPUS, MYDEV_TYPE_LAST } MyDevType; Then provide a table of enum <-> string mappings static const char *const mydevtypemap[MYDEV_TYPE_LAST + 1] = { [MYDEV_TYPE_FROG] = "frog", [MYDEV_TYPE_ALLIGATOR] = "alligator", [MYDEV_TYPE_PLATYPUS] = "platypus", [MYDEV_TYPE_LAST] = NULL, }; Assuming an object struct of typedef struct { Object parent_obj; MyDevType devtype; ...other fields... } MyDev; The property can then be registered as follows: static int mydev_prop_get_devtype(Object *obj, Error **errp G_GNUC_UNUSED) { MyDev *dev = MYDEV(obj); return dev->devtype; } static void mydev_prop_set_devtype(Object *obj, int value, Error **errp G_GNUC_UNUSED) { MyDev *dev = MYDEV(obj); dev->devtype = value; } object_property_add_enum(obj, "devtype", mydevtypemap, "MyDevType", mydev_prop_get_devtype, mydev_prop_set_devtype, NULL); Note there is no need to check the range of 'value' in the setter, because the string->enum conversion code will have already done that and reported an error as required. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 2e4450ff432daef524cb3557fca68a3b7b5c7823 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 13 17:14:07 2015 +0100 qom: Make enum string tables const-correct The enum string table parameters in various QOM/QAPI methods are declared 'const char *strings[]'. This results in const warnings if passed a variable that was declared as static const char * const strings[] = { .... }; Add the extra const annotation to the parameters, since neither the string elements, nor the array itself should ever be modified. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit a31bdae5a76ecc060c1eb8a66be1896072c1e8b2 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 13 17:14:06 2015 +0100 qom: Add object_new_with_props() / object_new_withpropv() helpers It is reasonably common to want to create an object, set a number of properties, register it in the hierarchy and then mark it as complete (if a user creatable type). This requires quite a lot of error prone, verbose, boilerplate code to achieve. First a pair of functions object_set_props() / object_set_propv() are added which allow for a list of objects to be set in one single API call. Then object_new_with_props() / object_new_with_propv() constructors are added which simplify the sequence of calls to create an object, populate properties, register in the object composition tree and mark the object complete, into a single method call. Usage would be: Error *err = NULL; Object *obj; obj = object_new_with_propv(TYPE_MEMORY_BACKEND_FILE, object_get_objects_root(), "hostmem0", &err, "share", "yes", "mem-path", "/dev/shm/somefile", "prealloc", "yes", "size", "1048576", NULL); Note all property values are passed in string form and will be parsed into their required data types, using normal QOM semantics for parsing from string format. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit bc2256c4ae86308a1521c89456b599d441119418 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 13 17:14:05 2015 +0100 qom: Add helper function for getting user objects root Add object_get_objects_root() function which is a convenience for obtaining the Object * located at /objects in the object composition tree. Convert existing code over to use the new API where appropriate. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit f08f9271bfe3f19a5eb3d7a2f48532065304d5c8 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 13 17:14:04 2015 +0100 vl: Create (most) objects before creating chardev backends Some types of object must be created before chardevs, other types of object must be created after chardevs. As such there is no option but to create objects in two phases. This takes the decision to create as many object types as possible right away before anyother backends are created, and only delay creation of those few which have an explicit dependency on the chardevs. Hopefully the set which need delaying will remain small over time. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit b9174d4f250cacb43b7cd9e07cf9f86818d62afd Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 13 17:14:03 2015 +0100 doc: Document user creatable object types in help text The QEMU help for -object is essentially useless, just giving users the generic syntax. Move it down into its own section and introduce a nested table where each user creatable object can be documented. The existing memory-backend-file, rng-random and rng-egd object types are documented. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit b1028b4e8683740cd257a9b77577734664e61511 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 13 17:14:02 2015 +0100 backends: Fix typename of 'policy' enum property in hostmem obj The 'policy' property was being registered with a typename of 'str', but it is in fact an enum of the 'HostMemPolicy' type. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 799810fb2810ec4cb82f12ec9b023e1bfe434d71 Merge: ffdb140 a59d31a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 19 17:05:15 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150619' into staging target-arm queue: * support --semihosting-config,arg=value * Cortex-R5 support (including implementing them on the Zynq board) * Cortex-M4 support (without FPU) * enable vfio-calxeda-xgmac * don't reset ALIAS sysregs # gpg: Signature made Fri Jun 19 14:41:54 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150619: semihosting: add --semihosting-config arg sub-argument semihosting: create SemihostingConfig structure and semihost.h arm: xlnx-zynqmp: Add 2xCortexR5 CPUs arm: xlnx-zynqmp: Add boot-cpu property arm: xlnx-zynqmp: Preface CPU variables with "apu" target-arm: Add support for Cortex-R5 target-arm: Implement PMSAv7 MPU target-arm: Add registers for PMSAv7 target-arm/helper.c: define MPUIR register target-arm: Do not reset sysregs marked as ALIAS hw/arm/sysbus-fdt: enable vfio-calxeda-xgmac dynamic instantiation target-arm: Add the Cortex-M4 CPU Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a59d31a1ebdce796a469242800db89bf09c94580 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Fri Jun 19 14:17:45 2015 +0100 semihosting: add --semihosting-config arg sub-argument Add new "arg" sub-argument to the --semihosting-config allowing the user to pass multiple input arguments separately. It is required for example by UHI semihosting to construct argc and argv. Also, update ARM semihosting to support new option (at the moment it is the only target which cares about arguments). If the semihosting is enabled and no semihosting args have been specified, then fall back to -kernel/-append. The -append string is split on whitespace before initializing semihosting.argv[1..n]; this is different from what QEMU MIPS machines' pseudo-bootloaders do (i.e. argv[1] contains the whole -append), but is more intuitive from UHI user's point of view and Linux kernel just does not care as it concatenates argv[1..n] into single cmdline string anyway. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Message-id: 1434643256-16858-3-git-send-email-leon.alrae@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cfe67cef48696e8b901aff38a82056ae64d69c98 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Fri Jun 19 14:17:45 2015 +0100 semihosting: create SemihostingConfig structure and semihost.h Remove semihosting_enabled and semihosting_target and replace them with SemihostingConfig structure containing equivalent fields. The structure is defined in vl.c where it is actually set. Also introduce separate header file include/exec/semihost.h allowing to access semihosting config related stuff from target specific semihosting code. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1434643256-16858-2-git-send-email-leon.alrae@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b58850e79d8df1185bd4999df81fbe6954cd2790 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Fri Jun 19 14:17:45 2015 +0100 arm: xlnx-zynqmp: Add 2xCortexR5 CPUs Add the 2xCortexR5 CPUs to zynqmp board. They are powered off on reset (this is true of real hardware) by default or selectable as the boot processor. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: da34128c73ca13fc4f8c3293e1a33d1e1e345655.1434501320.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6396a193d36e10ff38f26d4ef785aba97362f29e Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Fri Jun 19 14:17:45 2015 +0100 arm: xlnx-zynqmp: Add boot-cpu property Add a string property that specifies the primary boot cpu. All CPUs except the one selected will start-powered-off. This allows for elf boots on any CPU, which prepares support for booting R5 elfs directly on the R5 processors. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 53331c00d80c7ce9c6a83712348773f1b38fae2b.1434501320.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2e5577bc5563ccf453249e884be9a223deabab5b Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Fri Jun 19 14:17:45 2015 +0100 arm: xlnx-zynqmp: Preface CPU variables with "apu" The CPUs currently supported by zynqmp are the APU (application processing unit) CPUs. There are other CPUs in Zynqmp so unqualified "cpus" in ambiguous. Preface the variables with "APU" accordingly, to prepare support adding the RPU (realtime processing unit) processors. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: ce32287fc365aea898465e981da3546a227e0811.1434501320.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d6a6b13ea1dfeb25c43a648e94cfe4395906f1da Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Fri Jun 19 14:17:45 2015 +0100 target-arm: Add support for Cortex-R5 Introduce a CPU model for the Cortex R5 processor. ARMv7 with MPU, and both thumb and ARM div instructions. Also implement dummy ATCM and BTCM. These CPs are defined for R5 but don't have a lot of meaning in QEMU yet. Raz them so the guest can proceed if they are read. The TCM registers will return a size of 0, indicating no TCM. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: efe213163e6800578494aba864ac30329de4d396.1434501320.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f6bda88ff839e2adefe4959b7def420b90703855 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Fri Jun 19 14:17:45 2015 +0100 target-arm: Implement PMSAv7 MPU Unified MPU only. Uses ARM architecture major revision to switch between PMSAv5 and v7 when ARM_FEATURE_MPU is set. PMSA v6 remains unsupported and is asserted against. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: dcb03cda6dd754c5cc6a962fa11f25089811e954.1434501320.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6cb0b013a1fa421cdfb83257cd33f855cc90649a Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Fri Jun 19 14:17:44 2015 +0100 target-arm: Add registers for PMSAv7 Define the arm CP registers for PMSAv7 and their accessor functions. RGNR serves as a shared index that indexes into arrays storing the DRBAR, DRSR and DRACR registers. DRBAR and friends have to be VMSDd separately from the CP interface using a new PMSA specific VMSD subsection. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 172cf135fbd8f5cea413c00e71cc1c3cac704744.1434501320.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3281af8114c6b8ead02f08b58e3c36895c1ea047 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Fri Jun 19 14:17:44 2015 +0100 target-arm/helper.c: define MPUIR register Define the MPUIR register for MPU supporting ARMv6 and onwards. Currently we only support unified MPU. The size of the unified MPU is defined via the number of "dregions". So just a single config is added to specify this size. (When split MPU is implemented we will add an extra iregions config). Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 9f248950b803a08c8b3c978931663182f7e882e7.1434501320.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b061a82b8afcc45ce09d770d9c0acdf429401054 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Fri Jun 19 14:17:44 2015 +0100 target-arm: Do not reset sysregs marked as ALIAS cp_reg_reset() is called from g_hash_table_foreach() which does not define a specific ordering of the hash table iteration. Thus doing reset for registers marked as ALIAS would give an ambiguous result when resetvalue is different for original and alias registers. Exit cp_reg_reset() early when passed an alias register. Then clean up alias register definitions from needless resetvalue and resetfn. In particular, this fixes a bug in the handling of the PMCR register, which had different resetvalues for its 32 and 64-bit views. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1434554713-10220-1-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit decf4f807b4498ca35a87e9de82bc9a4e64cc29a Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Fri Jun 19 14:17:44 2015 +0100 hw/arm/sysbus-fdt: enable vfio-calxeda-xgmac dynamic instantiation This patch allows the instantiation of the vfio-calxeda-xgmac device from the QEMU command line (-device vfio-calxeda-xgmac,host="<device>"). A specialized device tree node is created for the guest, containing compat, dma-coherent, reg and interrupts properties. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Acked-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1434455898-17895-1-git-send-email-eric.auger@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ba890a9b2509a0087bb7eafddae02ea5ecbb7bb4 Author: Aurelio C. Remonda <aurelioremonda@xxxxxxxxx> Date: Fri Jun 19 14:17:44 2015 +0100 target-arm: Add the Cortex-M4 CPU This patch adds the Cortex-M4 CPU. The M4 is basically the same as the M3, the main differences being the DSP instructions and an optional FPU. Only no-FPU cortex-M4 is implemented here, cortex-M4F is not because the core target-arm code doesn't support the M-profile FPU model yet. Signed-off-by: Aurelio C. Remonda <aurelioremonda@xxxxxxxxx> Message-id: 1434461850-4104-1-git-send-email-aurelioremonda@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ffdb1409a79c9cc91afd9f58df625fdca16bf8b9 Merge: 89e9429 693a3e0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 19 12:54:08 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20150619-1' into staging cocoa queue: * Add Machine menu, with entries for pause, resume, reset, power down, and media change and eject for removable drives # gpg: Signature made Fri Jun 19 11:24:11 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-cocoa-20150619-1: ui/cocoa.m: Add machine menu items to change and eject removable drive media ui/cocoa.m: Add Reset and Power Down menu items to Machine menu ui/cocoa.m: Add Machine menu with pause and resume menu items Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 89e9429c3cb42400f3a80890e0c20b18aa62a11d Merge: 473a494 1e7398a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 19 11:30:57 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio, pci fixes, enhancements Most notably this includes virtio cross-endian patches. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Fri Jun 19 11:18:05 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: vhost: enable vhost without without MSI-X pci: Don't register a specialized 'config_write' if default behavior is intended hw/core: rebase sysbus_get_fw_dev_path() to g_strdup_printf() vhost_net: re-enable when cross endian vhost-net: tell tap backend about the vnet endianness tap: fix non-linux build tap: add VNET_LE/VNET_BE operations vhost: set vring endianness for legacy virtio virtio: introduce virtio_legacy_is_cross_endian() linux-headers: sync vhost.h vhost-user: part of virtio Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e4a511f8cc6f4a46d409fb5c9f72c38ba45f8d83 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jun 17 10:36:54 2015 +0200 exec: clamp accesses against the MemoryRegionSection Because the clamping was done against the MemoryRegion, address_space_rw was effectively broken if a write spanned multiple sections that are not linear in underlying memory (with the memory not being under an IOMMU). This is visible with the MIPS rc4030 IOMMU, which is implemented as a series of alias memory regions that point to the actual RAM. Tested-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Tested-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 965eb2fcdfe919ecced6c34803535ad32dc1249c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jun 17 10:40:27 2015 +0200 exec: do not clamp accesses to MMIO regions It is common for MMIO registers to overlap, for example a 4 byte register at 0xcf8 (totally random choice... :)) and a 1 byte register at 0xcf9. If these registers are implemented via separate MemoryRegions, it is wrong to clamp the accesses as the value written would be truncated. Hence for these regions the effects of commit 23820db (exec: Respect as_translate_internal length clamp, 2015-03-16, previously applied as commit c3c1bb99) must be skipped. Tested-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Tested-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ae46e23964ad45d5bc72374040e87d8f52ac2178 Author: Paul Donohue <qemu-devel@xxxxxxxxxx> Date: Fri Jun 12 10:10:14 2015 -0400 mc146818rtc: Reset the periodic timer on load When loading a VM from a snapshot or migration, clock changes can cause the periodic timer to stall or loop rapidly. qemu-timer has a reset notifier mechanism that is used to avoid timer stalls or loops if the host clock changes while the VM is running when using QEMU_CLOCK_HOST. However, when loading a snapshot or migration, qemu-timer is initialized and fires the reset notifier before mc146818rtc is initialized and has registered its reset handler. In addition, this mechanism isn't used when using QEMU_CLOCK_REALTIME, which might also change when loading a snapshot or migration. To correct that problem, this commit resets the periodic timer after loading from a snapshot or migration if the clock has either jumped backward or has jumped forward by more than the clock jump limit that is used by the reset notifier code in qemu-timer. Signed-off-by: Paul Donohue <qemu-git@xxxxxxxxxx> Message-Id: <20150612141013.GE2749@xxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fb1a3a051d89975f26296163066bb0745ecca49d Author: Paul Donohue <qemu-devel@xxxxxxxxxx> Date: Fri Jun 12 10:08:45 2015 -0400 qemu-timer: Call clock reset notifiers on forward jumps Commit 691a0c9c introduced a mechanism by which QEMU_CLOCK_HOST can notify other parts of the emulator when the host clock has jumped backward. This is used to avoid stalling timers that were scheduled based on the host clock. However, if the host clock jumps forward, then timers that were scheduled based on the host clock may fire rapidly and cause other problems. For example, the mc146818rtc periodic timer will block execution of the VM and consume host CPU while firing every interrupt for the time period that was skipped by the host clock. To correct that problem, this commit fires the reset notification if the host clock jumps forward by more than a hard-coded limit. The limit is currently set to a value of 60 seconds, which should be small enough to prevent excessive timer loops, but large enough to avoid frequent resets in idle VMs. Signed-off-by: Paul Donohue <qemu-git@xxxxxxxxxx> Message-Id: <20150612140845.GD2749@xxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 397c767b2de5b918a7b890d02aae83d6dcb2a470 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 24 19:35:20 2015 +0800 tests: virtio-scsi: Add test for unaligned WRITE SAME This is an exercise for virtio-scsi tests using the libqos virtio library. A few common routines are added to facilitate future extensions of the test set. The added test case is a regression test for the bug in d7f4b1999e. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 693a3e01af8082f855094061650311fcaf3e1269 Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Fri Jun 19 10:53:27 2015 +0100 ui/cocoa.m: Add machine menu items to change and eject removable drive media Adds all removable devices to the Machine menu as a Change and Eject menu item pair. ide-cd0 would have a "Change ide-cd0..." and "Eject ide-cd0" menu items. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 270746142c3c96549ecd82c6097a6d85a35f27cf Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Fri Jun 19 10:53:27 2015 +0100 ui/cocoa.m: Add Reset and Power Down menu items to Machine menu Add "Reset" and "Power Down" menu items to Machine menu. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1e7398a140f7a6bd9f5a438e7ad0f1ef50990e25 Author: Pankaj Gupta <pagupta@xxxxxxxxxx> Date: Tue Jun 16 13:48:59 2015 +0530 vhost: enable vhost without without MSI-X We use vhostforce to enable vhost even if Guests don't have MSI-X support and we fall back to QEMU virtio-net. This gives a very small performance gain, but the disadvantage is that guest now controls which virtio code is running (qemu or vhost) so our attack surface is doubled. This patch will enable vhost unconditionally whenever it's requested. For compatibility, enable vhost when vhostforce is set, as well. Signed-off-by: Pankaj Gupta <pagupta@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> commit 74de5504fd063019433ec0746105da774ede790d Author: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Date: Tue Jun 16 11:24:39 2015 +0300 pci: Don't register a specialized 'config_write' if default behavior is intended Few devices have their specialized 'config_write' methods which simply call 'pci_default_write_config' followed by a 'msix_write_config' or 'msi_write_config' calls, using exact same arguments. This is unnecessary as 'pci_default_write_config' already invokes 'msi_write_config' and 'msix_write_config'. Also, since 'pci_default_write_config' is the default 'config_write' handler, we can simply avoid the registration of these specialized versions. Cc: Leonid Shatz <leonid.shatz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 5ba03e2dd785362026917e4cc8a1fd2c64e8e62c Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Wed Jun 17 14:45:03 2015 +0200 hw/core: rebase sysbus_get_fw_dev_path() to g_strdup_printf() This is done mainly for improving readability, and in preparation for the next patch, but Markus pointed out another bonus for the string being returned: "No arbitrary length limit. Before the patch, it's 39 characters, and the code breaks catastrophically when qdev_fw_name() is longer: the second snprintf() is called with its first argument pointing beyond path[], and its second argument underflowing to a huge size." Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1717388645670336c48aa05d19b0acd07687a821 Author: Cédric Le Goater <clg@xxxxxxxxxx> Date: Wed Jun 17 15:23:54 2015 +0200 vhost_net: re-enable when cross endian Cross-endianness is now checked by the core vhost code. revert 371df9f5e0f1 "vhost-net: disable when cross-endian" Signed-off-by: Cédric Le Goater <clg@xxxxxxxxxx> [ added commit message, Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> ] Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 5be7d9f1b1452613b95c6ba70b8d7ad3d0797991 Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 17 15:23:49 2015 +0200 vhost-net: tell tap backend about the vnet endianness The default behaviour for TAP/MACVTAP is to consider vnet as native endian. This patch handles the cases when this is not true: - virtio 1.0: always little-endian - legacy cross-endian Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4ee9b43be9a6e4ae161a1e6322bfef90818589f6 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jun 18 16:52:23 2015 +0200 tap: fix non-linux build tap_fd_set_vnet_le/tap_fd_set_vnet_be was missing, fix it up. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> commit 8524f1c79e614552c0165db9cc75a8a6bd8607a5 Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Fri Jun 19 10:53:27 2015 +0100 ui/cocoa.m: Add Machine menu with pause and resume menu items Add Machine menu to the Macintosh interface with pause and resume menu items. These items can either pause or resume execution of the guest operating system. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Message-id: 6D7AE6AA-0595-4FAD-AACF-9DFAB87248F0@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 473a49460db0a90bfda046b8f3662b49f94098eb Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Jun 18 13:49:28 2015 -0300 q35: Re-enable FDC on pc-q35-2.3 and older commit ea96bc629cbd52be98b2967a4b4f72e91dfc3ee4 doesn't match the patch submitted by Laszlo to qemu-devel. We reuse pc_q35_2_4_machine_options() inside pc_q35_2_3_machine_options(), so we need to undo the no_floppy change in pc_q35_2_3_machine_options(). (This discrepancy was due to a bad merge.) This restores the previous behavior where all the 2.3 and older machines had no_floppy=0. Reported-by: Ján Tomko <jtomko@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-id: 1434646168-3100-1-git-send-email-ehabkost@xxxxxxxxxx Cc: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> [PMM: mention that this was a merge issue, not a review issue] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ff5397bc72a1716bb34302dd470343ebee7d6bf2 Author: Martin Cerveny <M.Cerveny@xxxxxxxxxxxx> Date: Wed May 13 14:14:54 2015 +0200 scripts: Add support for path as argument of qom-tree Add processing of optional argument path as "tree base". Signed-off-by: Martin Cerveny <M.Cerveny@xxxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 53f77e4562f85ccf82c8831a4448e9aefb538837 Author: Andreas Färber <afaerber@xxxxxxx> Date: Wed Mar 25 18:40:15 2015 +0100 tests: Use qtest_add_data_func() consistently Replace uses of g_test_add_data_func() for QTest test cases. It is still valid to use it for any non-QTest test cases, which are not run for multiple target binaries. Suggested-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 6bc5cf92c0ab0085ba9a6e0cebcf5a544f416ca7 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Apr 9 16:57:30 2015 -0300 qdev: Free property names after registering gpio aliases Now that object_property_add_alias() strdup()s target_name, we can free the property names in qdev_pass_gpios(). Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 1590d266d96b3f9b42443d6388dfc38f527ac2d8 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Apr 9 16:57:29 2015 -0300 qom: strdup() target property name on object_property_add_alias() With this, object_property_add_alias() callers can safely free the target property name, like what already happens with the 'name' argument to all object_property_add*() functions. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 8ffe756da0481233e1bd518b2b16489f51856292 Merge: 1b58f5a e1d4210 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 18 13:32:39 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-06-18' into staging QAPI patches # gpg: Signature made Thu Jun 18 13:20:00 2015 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-06-18: qapi-types: Bury code dead since commit 6b5abc7 qapi-types: Split generate_fwd_builtin() off generate_fwd_struct() qapi-types: Drop unused members parameters qapi-types: Don't filter out expressions with 'gen' qapi: Catch and reject flat union branch of array type tests/qapi-schema: New flat union array branch test case qapi: Better separate the different kinds of helpers qapi: Move exprs checking from parse_schema() to check_exprs() qapi: Fix to reject stray 't', 'f' and 'n' qapi: Simplify inclusion cycle detection qapi: Fix file name in error messages for included files qapi: Improve a couple of confusing variable names qapi: Eliminate superfluous QAPISchema attribute input_dir qapi: Drop bogus command from docs MAINTAINERS: Fix up QAPI and QAPI schema file patterns Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e1d4210c3a50059a3889cedc44a8aa193fa63d7d Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 12 09:45:55 2015 +0200 qapi-types: Bury code dead since commit 6b5abc7 Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit c5ecd7e18f912ab5e91f09b0333fb07567885d42 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 12 09:22:32 2015 +0200 qapi-types: Split generate_fwd_builtin() off generate_fwd_struct() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit ae0a7a109037160465f55f8bab06897f0a904def Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 12 10:40:17 2015 +0200 qapi-types: Drop unused members parameters Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 4f3568002393380558705397bda4cd5f224ffe29 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 12 08:32:51 2015 +0200 qapi-types: Don't filter out expressions with 'gen' Useless, because it can only occur in commands, and we're not dealing with commands here. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit f9a1427361fe06ac67480d580412dc4ed6f5d03b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jun 10 13:07:43 2015 +0200 qapi: Catch and reject flat union branch of array type Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 75276710ae0a9f802a9774a8d845a2c84f89305a Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jun 10 13:03:04 2015 +0200 tests/qapi-schema: New flat union array branch test case The new test demonstrates another generator crash. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 00e4b285a31d19dcd88bd46729c9e09bfc9cc7fd Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jun 10 10:04:36 2015 +0200 qapi: Better separate the different kinds of helpers Insert comments to separate sections dealing with parsing, semantic analysis, code generation, and so forth. Move helpers to their proper section. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 4d076d67c2c74662db092ecf4f99600b18209b2e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jun 10 08:55:21 2015 +0200 qapi: Move exprs checking from parse_schema() to check_exprs() To have expression semantic analysis in one place rather than two. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit e565d934d21e3544b820cd03b88061e71ab644a0 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jun 10 08:24:58 2015 +0200 qapi: Fix to reject stray 't', 'f' and 'n' Screwed up in commit e53188a. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit a1366087270b312d94ff8c4031395a4218f160d4 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Jun 9 16:54:09 2015 +0200 qapi: Simplify inclusion cycle detection We maintain a stack of filenames in include_hist for convenient cycle detection. As error_path() demonstrates, the same information is readily available in the expr_info, so just use that, and drop include_hist. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 8608d2525186062099a38971c276752e7a38903a Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Jun 9 18:32:29 2015 +0200 qapi: Fix file name in error messages for included files We print the name as it appears in the include expression. Tools processing error messages want it relative to the working directory. Make it so. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 54414047eca5bee7d5ba6e7af5fb251f8635896c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Jun 9 16:22:45 2015 +0200 qapi: Improve a couple of confusing variable names old name new name ---------------------------- input_file fname input_relname fname input_fname abs_fname include_path incl_abs_fname parent_info incl_info Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 12c707944927b8aa42752198dcf419a0bafe5d33 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Jun 9 16:49:13 2015 +0200 qapi: Eliminate superfluous QAPISchema attribute input_dir Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 836c3b01d2630192d6f5a941ca073bc8d650574b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Jun 9 14:38:58 2015 +0200 qapi: Drop bogus command from docs Commit 87a560c4 added it in the wrong place. Commit 59a2c4ce added it in the right place, but didn't remove it from the wrong place. Do that now. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 0311c5bde313c9ffcda2a198bd7cc70ae130d973 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 12 15:15:54 2015 +0200 MAINTAINERS: Fix up QAPI and QAPI schema file patterns Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 1b58f5a7f6fbe811cc486cd5786483bad5d51bbf Merge: e207527 a3122b6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 18 11:36:42 2015 +0100 Merge remote-tracking branch 'remotes/mcayland/tags/qemu-openbios-signed' into staging Update OpenBIOS images # gpg: Signature made Wed Jun 17 20:06:06 2015 BST using RSA key ID AE0F321F # gpg: Good signature from "Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx>" * remotes/mcayland/tags/qemu-openbios-signed: Update OpenBIOS images Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e20752775197d3606c50703422d2c5d53ecf54bb Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Wed Jun 17 13:35:00 2015 +0100 vfio: fix build error on CentOS 5.7 Include linux/vfio.h after sys/ioctl.h, just like in hw/vfio/common.c. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Acked-by: Alex Williamson <alex.williamson@xxxxxxxxxx> Message-id: 1434544500-22405-1-git-send-email-leon.alrae@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a3122b681aee8a41268c610ca3a5e7a066a9091a Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Jun 17 20:02:15 2015 +0100 Update OpenBIOS images Update OpenBIOS images to SVN r1340 built from submodule. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> commit c80cd6bb9c20ef518c56319ce44d2971171e677d Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 17 15:23:44 2015 +0200 tap: add VNET_LE/VNET_BE operations The linux tap and macvtap backends can be told to parse vnet headers according to little or big endian. This is done through the TUNSETVNETLE and TUNSETVNETBE ioctls. This patch brings all the plumbing for QEMU to use these APIs. Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 04b7a1523d65bb5c78832098cf3108a1aadcaf8a Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 17 15:23:39 2015 +0200 vhost: set vring endianness for legacy virtio Legacy virtio is native endian: if the guest and host endianness differ, we have to tell vhost so it can swap bytes where appropriate. This is done through a vhost ring ioctl. Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 41d283bdab08868a244b9c19dce507fdf15a8990 Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 17 15:23:34 2015 +0200 virtio: introduce virtio_legacy_is_cross_endian() This helper will be used by vhost and tap to detect cross-endianness in the legacy virtio case. Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 332f64073bddc9240cd572f64682a44572b67049 Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 17 15:23:29 2015 +0200 linux-headers: sync vhost.h This patch brings the cross-endian vhost API to QEMU. Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 06b008d941fd3e9684d38a9b3181a1cf301c78d1 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 24 19:35:19 2015 +0800 tests: virtio-scsi: Move start/stop to individual test functions Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bea2f0982b335c13448dbde8a409107764fa8b59 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 24 19:35:18 2015 +0800 libqos: Complete virtio device ID definition list Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 28452758c405e16d9890c44d6031d44233e8cb38 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 24 19:35:17 2015 +0800 libqos: Allow calling guest_free on NULL pointer Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ebe7d8b166c59b029521f8d95db011e5e0fc649d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 24 19:35:16 2015 +0800 tests: Link libqos virtio object to virtio-scsi-test Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d4862a87e31a51de9eb260f25c9e99a75efe3235 Author: Petr Matousek <pmatouse@xxxxxxxxxx> Date: Wed Jun 17 12:46:11 2015 +0200 i8254: fix out-of-bounds memory access in pit_ioport_read() Due converting PIO to the new memory read/write api we no longer provide separate I/O region lenghts for read and write operations. As a result, reading from PIT Mode/Command register will end with accessing pit->channels with invalid index. Fix this by ignoring read from the Mode/Command register. This is CVE-2015-3214. Reported-by: Matt Tait <matttait@xxxxxxxxxx> Fixes: 0505bcdec8228d8de39ab1a02644e71999e7c052 Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Petr Matousek <pmatouse@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9dacf32d2cbd66cbcce7944ebdfd6b2df20e33b8 Author: Yossi Hindin <yhindin@xxxxxxxxxx> Date: Wed May 6 14:57:40 2015 +0300 qemu-ga: Building Windows MSI installation with configure/Makefile New options were added to enable Windows MSI installation package creation: Option --enable-guest-agent-msi, like the name suggests, enables building Windows MSI package for QEMU guest agent; option --disable-guest-agent-msi disables MSI package creation; by default, no MSI package is created Signed-off-by: Yossi Hindin <yhindin@xxxxxxxxxx> Message-Id: <1430913460-13174-5-git-send-email-yhindin@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 66ae13bb9eb2b16b59698e992bfcea61563b9d78 Author: Yossi Hindin <yhindin@xxxxxxxxxx> Date: Wed May 6 14:57:39 2015 +0300 qemu-ga: Introduce Windows MSI script The script enables building Windows MSI installation package on Linux with wixl tool. Signed-off-by: Yossi Hindin <yhindin@xxxxxxxxxx> Message-Id: <1430913460-13174-4-git-send-email-yhindin@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c69403fcd4a0cb89f838a212ab71e4a1a3464c95 Author: Yossi Hindin <yhindin@xxxxxxxxxx> Date: Wed May 6 14:57:38 2015 +0300 qemu-ga: debug printouts to help troubleshoot installation Debug printouts extended, helps installation troubleshooting Signed-off-by: Yossi Hindin <yhindin@xxxxxxxxxx> Message-Id: <1430913460-13174-3-git-send-email-yhindin@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5e031072e71eebab3d7d2ea4609e84bc928d893e Author: Yossi Hindin <yhindin@xxxxxxxxxx> Date: Wed May 6 14:57:37 2015 +0300 qemu-ga: adding vss-[un]install options Existing command line options include '-s install' and '-s uninstall'. These options install/uninstall both Windows QEMU GA service and optional VSS COM server. The QEMU GA Windows service allows always-on serving guest agent's QMP commands and VSS COM server enables guest agent integration with Volume Shadow Service. This commit introdices new options '-s vss-install' and '-s vss-uninstall', affecting only GA VSS COM server registration. The new options are useful for registering and unregistering the COM server during MSI installation, upgrade and uninstallation. Signed-off-by: Yossi Hindin <yhindin@xxxxxxxxxx> Message-Id: <1430913460-13174-2-git-send-email-yhindin@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 67633bb4f7743be2cb2e70b61e482ab92bf1724e Author: Pranith Kumar <bobby.prani@xxxxxxxxx> Date: Wed Jun 10 10:20:24 2015 -0400 qemu-log: Open file for logging when specified qemu-log defaults to stderr when there is no '-D' option mentioned on command line. When '-D' option is specified, we also need to specify '-d' option for it to use the specified logfile. When using monitor to enable logging this is troublesome since there will be no '-d' option because of which monitor dumps the logs to stderr. Fix this by opening the log file when '-D' is specified on the command line. Also fix an ancient comment which does not hold true since changing location and log level has now been streamlined. Signed-off-by: Pranith Kumar <bobby.prani@xxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Luiz Capitulino <lcapitulino@xxxxxxxxxx> CC: Markus Armbruster <armbru@xxxxxxxxxx> CC: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1433946024-18439-1-git-send-email-bobby.prani@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f754c3c9cce3c4789733d9068394be4256dfe6a8 Merge: a09f4a9 1f68f1d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jun 17 12:43:26 2015 +0100 Merge remote-tracking branch 'remotes/agraf/tags/signed-s390-for-upstream' into staging Patch queue for s390 - 2015-06-17 This is a special one. Two awesome features in one pull request: - CCW support for TCG - Watchpoint support for TCG To celebrate this, we also switch the default machine model from s390-virtio to s390-ccw and give users a fully working s390x model again! # gpg: Signature made Wed Jun 17 11:42:26 2015 BST using RSA key ID 03FEDC60 # gpg: Good signature from "Alexander Graf <agraf@xxxxxxx>" # gpg: aka "Alexander Graf <alex@xxxxxxxxx>" * remotes/agraf/tags/signed-s390-for-upstream: (26 commits) s390x: Switch to s390-ccw machine as default target-s390x: PER: add Breaking-Event-Address register target-s390x: PER instruction-fetch nullification event support target-s390x: PER store-using-real-address event support target-s390x: PER storage-alteration event support translate-all: fix watchpoints if retranslation not possible target-s390x: PER instruction-fetch event support target-s390x: PER successful-branching event support target-s390x: basic PER event handling target-s390x: add get_per_in_range function target-s390x: add get_per_atmid function target-s390x: add PER related constants target-s390x: mvc_fast_memmove: access memory through softmmu target-s390x: mvc_fast_memset: access memory through softmmu target-s390x: function to adjust the length wrt page boundary softmmu: provide tlb_vaddr_to_host function for user mode target-s390x: wire up I/O instructions in TCG mode target-s390x: wire up DIAG REIPL in TCG mode target-s390x: wire up DIAG IPL in TCG mode target-s390x: fix s390_cpu_initial_reset ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1f68f1d36c3af09ed31a529ad69c3d09880d10fd Author: Alexander Graf <agraf@xxxxxxx> Date: Tue Jun 16 23:06:33 2015 +0200 s390x: Switch to s390-ccw machine as default We now finally have TCG support for the basic set of instructions necessary to run the s390-ccw machine. That means in any aspect possible that machine type is now superior to the legacy s390-virtio machine. Switch over to the ccw machine as default. That way people don't get a halfway broken machine with the s390x target. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 3da0ab35292fe93640cfdd95aa8bedec8f145d2c Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:46:03 2015 +0200 target-s390x: PER: add Breaking-Event-Address register This patch adds support for PER Breaking-Event-Address register. Like real hardware, it save the current PSW address when the PSW address is changed by an instruction. We have to take care of optimizations QEMU does, a branch to the next instruction is still a branch. This register is copied to low core memory when a program exception happens. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 83bb161299c019e25a3add59504f0b69e6257dcd Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:46:02 2015 +0200 target-s390x: PER instruction-fetch nullification event support For the instruction-fetch nullification event, we just reuse the existing instruction-fetch code and trigger the exception immediately in that case. There is no need to save the CPU state in the TCG code as it has been saved by the previous instruction before calling the per_check_exception helper. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 2f54394997bfc808bbfbebb2d8294edd17d63808 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:46:01 2015 +0200 target-s390x: PER store-using-real-address event support This PER event happens each time the STURA or STURG instructions are used. As they use helpers, we can just save the event in the PER code there, if enabled. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 311918b979c5364c30392c1054ed77d047a83953 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:46:00 2015 +0200 target-s390x: PER storage-alteration event support For the PER storage-alteration event we can use the QEMU watchpoint infrastructure. When PER is enabled or PER control register changed we enable the corresponding watchpoints. When a watchpoint arises we can save the event. Unfortunately the current code does not provide the address space used to trigger the watchpoint. For now we assume it comes from the default ASC. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 8d302e76755b8157373073d7107e31b0b13f80c1 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:59 2015 +0200 translate-all: fix watchpoints if retranslation not possible The tb_check_watchpoint function currently assumes that all memory access is done either directly through the TCG code or through an helper which knows its return address. This is obviously wrong as the helpers use cpu_ldxx/stxx_data functions to access the memory. Instead of aborting in that case, don't try to retranslate the code, but assume that the CPU state (and especially the program counter) has been saved before calling the helper. Then invalidate the TB based on this address. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit f0e0d817c22539cd2ce1bcb5487e076f117b04c0 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:58 2015 +0200 target-s390x: PER instruction-fetch event support For the PER instruction-fetch, we can't use the QEMU breakpoint infrastructure as it triggers for a single address and not a full address range, and as it actually stop before the instruction and not before. We therefore call an helper with the just fetched instruction address, which check if the address is within the PER address range. If it is the case, an event is recorded and will be signaled through an exception. Note that we implement here the PER-3 behaviour, that is an invalid opcode is not considered as an instruction fetch. Without PER-3 this behavious is undefined. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 2c2275eb41c612df4bd115cf71d6e651d105f69c Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:57 2015 +0200 target-s390x: PER successful-branching event support For the PER successful-branching event support, we can't rely on any QEMU infrastucture. We therefore call an helper in all places where a branch can be taken. We have to pay attention to the branch to next case, as it's still a taken branch. We don't need to care about the cases using goto_tb, as we have disabled them in the previous patch. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 777c98c32ce577a9671b9267ff6e2802f69ebafd Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:56 2015 +0200 target-s390x: basic PER event handling This patch add basic support to generate PER exceptions. It adds two fields to the cpu structure to record for the PER address and PER code & ATMID values. When an exception is triggered and a PER event is pending, the two PER values are copied to the lowcore area. At the end of an instruction, an helper is checking for a possible pending PER event and triggers an exception in that case. For that to work with branches, we need to disable TB chaining when PER is activated. Fortunately it's already in the TB flags. Finally in case of a SERVICE CALL exception, we need to trigger the PER exception immediately after. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit d453d103831c966e7920f146eb3416e43b588f89 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:55 2015 +0200 target-s390x: add get_per_in_range function This function checks if an address is in between the PER starting address and the PER ending address, taking care of a possible address range loop. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a8f931a931f8866abdb2f836d0fb6fb7d2606645 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:54 2015 +0200 target-s390x: add get_per_atmid function This function returns the ATMID field that is stored in the per_perc_atmid lowcore entry. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit fb01bf4c6b86d9ac00ea87d60f97871ee1488188 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:53 2015 +0200 target-s390x: add PER related constants Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 6da528d14de29138ca5ac43d6d059889dd24f464 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:52 2015 +0200 target-s390x: mvc_fast_memmove: access memory through softmmu mvc_fast_memmove is bypassing the softmmu functions, getting the physical source and destination addresses using the mmu_translate function and accessing the corresponding physical memory. This prevents watchpoints to work correctly. Instead use the tlb_vaddr_to_host function to get the host addresses corresponding to the guest source and destination addresses through the softmmu code and fallback to the byte level code in case the corresponding address are not in the QEMU TLB or being examined through a watchpoint. As a bonus it works even for area crossing pages by splitting the are into chunks contained in a single page, bringing some performances improvements. We can therefore remove the 8-byte loads/stores method, as it is now quite unlikely to be used. At the same time change the name of the function to fast_memmove as it's not specific to mvc and use the same argument order as the C memmove function. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit fc89efe693278c79273f3bbf6b581e8a749c85b0 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:51 2015 +0200 target-s390x: mvc_fast_memset: access memory through softmmu mvc_fast_memset is bypassing the softmmu functions, getting the physical address using the mmu_translate function and accessing the corresponding physical memory. This prevents watchpoints to work correctly. Instead use the tlb_vaddr_to_host function to get the host address corresponding to the guest address through the softmmu code and fallback to the byte level code in case the corresponding address is not in the QEMU TLB or being examined through a watchpoint. As a bonus it works even for area crossing pages by splitting the are into chunks contained in a single page, bringing some performances improvements. At the same time change the name of the function to fast_memset as it's not specific to mvc and use the same argument order as the C memset function. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit d7ce6b7a0ba4328a286d09d96395a8fc2fd6943c Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:50 2015 +0200 target-s390x: function to adjust the length wrt page boundary This patch adds a function to adjust the length of a transfer so that it doesn't cross a page boundary in softmmu mode. It does nothing in user mode. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 2e83c496261c799b0fe6b8e18ac80cdc0a5c97ce Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:49 2015 +0200 softmmu: provide tlb_vaddr_to_host function for user mode To avoid to many #ifdef in target code, provide a tlb_vaddr_to_host for both user and softmmu modes. In the first case the function always succeed and just call the g2h function. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit ad8a4570add09a7635cb8cd1c9327640521ee7a7 Author: Alexander Graf <agraf@xxxxxxx> Date: Mon Jun 15 17:57:09 2015 +0200 target-s390x: wire up I/O instructions in TCG mode The code handling the I/O instructions for KVM decodes the instruction itself. In TCG mode also pass the full instruction word to the helpers. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 2ecacb0b4b6c73af424b7b4389fa55809368a98b Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 17:57:08 2015 +0200 target-s390x: wire up DIAG REIPL in TCG mode Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 8df7eef3059394bd53cdf7609aac9a50a78aa030 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 17:57:07 2015 +0200 target-s390x: wire up DIAG IPL in TCG mode DIAG IPL is already implemented for KVM, but not wired from TCG. For that change the format of the instruction so that we can get R1 and R3 numbers in addition to the function code. The diag function can change plenty of things, including CC, so we should enter with a static CC. Also it doesn't set the value of general register 2 to 0 as in the current code. We also need to exit the CPU loop after a reset, which means a new PSW. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit cbed0ba78f04ce9e2e718431f64eb4b621288aca Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 17:57:06 2015 +0200 target-s390x: fix s390_cpu_initial_reset The s390_cpu_initial_reset function zeroes a big part of the CPU state structure, including CPU_COMMON, and thus the QEMU TLB structure. As they should not be initialized with zeroes only, we need to call the tlb_flush to initialize it correctly. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit cc0d079d4582ee0ed97b5e3e3da4f6cb2b5bd67f Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 17:57:05 2015 +0200 target-s390x: initialize I/O interrupt queue env->io_index[] should be set to -1 during CPU reset to mark the I/O interrupt queue as empty. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 7107e5a756317151666d47d1bc1e170293babaff Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 17:57:04 2015 +0200 target-s390x: correctly initialize ext interrupt queue env->ext_index should be initialized to -1 to mark the external interrupt queue as emtpy. This should not be done in s390_cpu_initfn as all the interrupt fields are later reset to 0 by the memset in s390_cpu_initial_reset or s390_cpu_full_reset. Move the initialization there. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 06e3c077daa08c0a616e9507eb737401883ab645 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 17:57:03 2015 +0200 target-s390x: fix setcc in TCG mode In TCG mode we should store the CC value in env->cc_op. However do it inconditionnaly because: - the tcg_enabled function is not inlined - it's probably faster to always store the value, especially given it is likely in the same cache line than env->psw.mask. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a499973ff32bc58f2db7b88ad5597ffdbc2becd7 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 17:57:02 2015 +0200 virtio-ccw: disable ioevent bit when ioeventfds are not enabled This remove the corresponding error messages in TCG mode, and allow to simplify the s390_assign_subch_ioeventfd() function. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit d49f4ab48ec76e590ad72a2d6c3fba8459d3ded7 Author: Alexander Graf <agraf@xxxxxxx> Date: Mon Jun 15 17:57:01 2015 +0200 s390/ioinst: fix endianness in ioinst_schib_valid The ioinst_schib_valid gets a SCHIB in guest endianness, we should byteswap the fields we access. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit ae52e585bf5e9678a77be033fd4b430a2e78dfed Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 17:57:00 2015 +0200 s390/ioinst: fix IO_INT_WORD_ISC macro The I/O-Interruption Subclass field corresponds to bits 2 to 5 (BE notation) of the Interruption-Identification Word. The value should be shift by 27 instead of 24. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a09f4a9d19c500ea5cbcdc0bd7f0d540cf54f9f5 Merge: 8c29f8d f3bcd42 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jun 17 11:12:35 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-seabios-1.8.2-20150617-1' into staging update seabios to release 1.8.2 add vgabios for virtio-vga # gpg: Signature made Wed Jun 17 08:34:22 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-seabios-1.8.2-20150617-1: update seabios and vgabios binaries tag our seabios builds update seabios submodule to release 1.8.2 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8c29f8d6b9595ac0f9ab1b41f22e91aebab482d7 Merge: 93f6d1c f8d30a4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jun 17 10:13:40 2015 +0100 Merge remote-tracking branch 'remotes/kvaneesh/tags/for-upstream-signed' into staging VirtFS update: * Fix for virtfs-proxy-helper crash * Gracefully handle the error condition on input validation in virtfs-proxy-helper # gpg: Signature made Tue Jun 16 16:21:28 2015 BST using RSA key ID 04C4E23A # gpg: Good signature from "Aneesh Kumar K.V <aneesh.kumar@xxxxxxxxxxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 4846 9DE7 1860 360F A6E9 968C DE41 A4FE 04C4 E23A * remotes/kvaneesh/tags/for-upstream-signed: virtfs-proxy-helper: fail gracefully if socket path is too long virtfs-proxy-helper: add missing long option terminator Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f3bcd42683dcc48c576281399d6cf6b34da6ba41 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jun 17 09:28:03 2015 +0200 update seabios and vgabios binaries Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 7edf2f0ec4edbde50be3b54306adf5b8b16ca68b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jun 17 09:24:55 2015 +0200 tag our seabios builds Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 10500ce26069b7c4746e8a2276aa03220a29581c Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jun 17 09:11:47 2015 +0200 update seabios submodule to release 1.8.2 git shortlog rel-1.8.1..rel-1.8.2 ================================= Gerd Hoffmann (1): vga: rework virtio-vga support Kevin O'Connor (5): vgabios: Add config option for assembler fixups vgabios: Emulate "leal" instruction build: Support "make VERSION=xyz" to override the default build version build: CONFIG_VGA_FIXUP_ASM should depend on CONFIG_BUILD_VGABIOS vgabios: On bda_save_restore() the saved vbe_mode also has flags in it Paolo Bonzini (1): smm: ignore bits 16,18-31 of SMM revision ID Vladimir Serbinenko (1): ahci: Ignore max_ports. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f8d30a4f96d6c3a12e692d2e69b8fe4734b916c6 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 30 14:57:16 2015 +0100 virtfs-proxy-helper: fail gracefully if socket path is too long Replace the assertion check with graceful failure when the socket path is too long. Programs should not crash on invalid input. Print an error message and exit properly. Cc: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@xxxxxxxxxxxxxxxxxx> commit bf6667d63ef4c4fbaf91051589a594ec1c235308 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 30 14:57:15 2015 +0100 virtfs-proxy-helper: add missing long option terminator The getopt_long(3) long options array must have a zeroed terminator. This patch solves a segmentation fault when an unknown command-line option is encountered: $ fsdev/virtfs-proxy-helper --help Segmentation fault (core dumped) Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@xxxxxxxxxxxxxxxxxx> commit 93f6d1c16036aaf34055d16f54ea770fb8d6d280 Merge: 4316536 7a4dfd1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 16 10:35:43 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20150615-1' into staging virtio-gpu: pci support bits and virtio-vga. # gpg: Signature made Mon Jun 15 13:55:19 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vga-20150615-1: virtio-vga: add vgabios configuration virtio-vga: add '-vga virtio' support virtio-vga: add virtio gpu device with vga compatibility virtio-gpu-pci: add virtio pci support virtio-gpu: fix error message Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4316536bf424d2e7f9cfa7d0dd561adb0986cc81 Merge: 1dfe73b 45c874e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 16 09:07:22 2015 +0100 Merge remote-tracking branch 'remotes/riku/tags/pull-linux-user-20150616' into staging linux-user patches for 2.4 softfreeze second spin with ioctl patch refreshed # gpg: Signature made Tue Jun 16 08:03:14 2015 BST using RSA key ID DE3C9BC0 # gpg: Good signature from "Riku Voipio <riku.voipio@xxxxxx>" # gpg: aka "Riku Voipio <riku.voipio@xxxxxxxxxx>" * remotes/riku/tags/pull-linux-user-20150616: linux-user: ioctl() command type is int linux-user: fix the breakpoint inheritance in spawned threads linux-user: use __get_user and __put_user in cmsg conversions linux-user: Fix length handling in host_to_target_cmsg linux-user: Use abi_ulong for TARGET_ELF_PAGESTART linux-user: Allocate thunk size dynamically Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 45c874ebbae661238bfa3c0534480ebe2940b112 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Tue Jun 16 00:35:28 2015 +0200 linux-user: ioctl() command type is int When executing a 64bit target chroot on 64bit host, the ioctl() command can mismatch. It seems the previous commit doesn't solve the problem in my case: 9c6bf9c7 linux-user: Fix ioctl cmd type mismatch on 64-bit targets For example, a ppc64 chroot on an x86_64 host: bash-4.3# ls Unsupported ioctl: cmd=0x80087467 Unsupported ioctl: cmd=0x802c7415 The origin of the problem is in syscall.c:do_ioctl(). static abi_long do_ioctl(int fd, abi_long cmd, abi_long arg) In this case (ppc64) abi_long is long (on the x86_64), and cmd = 0x0000000080087467 then if (ie->target_cmd == cmd) target_cmd is int, so target_cmd = 0x80087467 and to compare an int with a long, the sign is extended to 64bit, so the comparison is: if (0xffffffff80087467 == 0x0000000080087467) which doesn't match whereas it should. This patch uses int in the case of the target command type instead of abi_long. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 1d085f6cae51b1a0fb92ad03ce8bf038e29c9750 Author: Thierry Bultel <thierry.bultel@xxxxxxxxxxxxx> Date: Fri Jun 12 11:24:10 2015 +0200 linux-user: fix the breakpoint inheritance in spawned threads When a thread is spawned, cpu_copy re-initializes the bp & wp lists of current thread, instead of the ones of the new thread. The effect is that breakpoints are no longer hit. Signed-off-by: Thierry Bultel <thierry.bultel@xxxxxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 876e23cb2e545148a0ee4effda5c63c861855941 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 26 19:46:32 2015 +0100 linux-user: use __get_user and __put_user in cmsg conversions The target payloads in cmsg conversions may not have the alignment required by the host. Using the get_user and put_user functions is the easiest way to handle this and also do the byte-swapping we require. (Note that prior to this commit target_to_host_cmsg was incorrectly using __put_user() rather than __get_user() for the SCM_CREDENTIALS conversion, which meant it wasn't getting the benefit of the misalignment handling.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit c2aeb2586bd258ad76fcfe308f883075e73ff1d2 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 26 19:46:31 2015 +0100 linux-user: Fix length handling in host_to_target_cmsg The previous code for handling payload length when converting cmsg structures from host to target had a number of problems: * we required the msg->msg_controllen to declare the buffer to have enough space for final trailing padding (we were checking against CMSG_SPACE), whereas the kernel does not require this, and common userspace code assumes this. (In particular, glibc's "try to talk to nscd" code that it will run on startup will receive a cmsg with a 4 byte payload and only allocate 4 bytes for it, which was causing us to do the wrong thing on architectures that need 8-alignment.) * we weren't correctly handling the fact that the SO_TIMESTAMP payload may be larger for the target than the host * we weren't marking the messages with MSG_CTRUNC when we did need to truncate a message that wasn't truncated by the host, but were instead logging a QEMU message; since truncation is always the result of a guest giving us an insufficiently sized buffer, we should report it to the guest as the kernel does and don't log anything Rewrite the parts of the function that deal with length to fix these issues, and add a comment in target_to_host_cmsg to explain why the overflow logging it does is a QEMU bug, not a guest issue. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 1dfe73b94de5a75038a725b17dc7d08a23a977ec Merge: b500e4d f264d51 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:43:09 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150615' into staging target-arm queue: * Handle "extended small page" descriptors correctly * Use extended address bits from supersection short descriptors * Update interrupt status for all cores in gic_update * Fix off-by-one in exynos4210_fimd bit-swap code * Remove stray unused 'pending_exception' field * Add Cortex-A53 KVM support * Fix reset value of REVIDR * Add AArch32 MIDR aliases for ARMv8 cores * MAINTAINERS update for ARM ACPI code * Trust the kernel's value of MPIDR if we're using KVM * Various pxa2xx device updates to avoid old APIs * Mark pxa2xx copro registers as ARM_CP_IO so -icount works * Correctly UNDEF Thumb2 DSP insns on Cortex-M3 * Initial work towards implementing PMSAv7 * Fix a reset order bug introduced recently * Correct "preferred return address" for cpreg access exceptions * Add ACPI SPCR table for the virt board # gpg: Signature made Mon Jun 15 18:19:34 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150615: (28 commits) hw/arm/virt-acpi-build: Add SPCR table ACPI: Add definitions for the SPCR table target-arm: Correct "preferred return address" for cpreg access exceptions hw/arm/boot: fix rom_reset notifier registration order arm: helper: rename get_phys_addr_mpu arm: Add has-mpu property arm: Implement uniprocessor with MP config arm: Refactor get_phys_addr FSR return mechanism arm: helper: Factor out CP regs common to [pv]msa arm: Don't add v7mp registers in MPU systems arm: Do not define TLBTR in PMSA systems target-arm: Add the THUMB_DSP feature hw/sd/pxa2xx_mmci: Stop using old_mmio in MemoryRegionOps hw/arm/pxa2xx: Convert pxa2xx-ssp to VMState hw/arm/pxa2xx: Add reset method for pxa2xx_ssp hw/arm/pxa2xx: Convert pxa2xx-fir to QOM and VMState hw/arm/pxa2xx: Mark coprocessor registers as ARM_CP_IO target-arm: Use the kernel's idea of MPIDR if we're using KVM MAINTAINERS: Add myself as ARM ACPI Subsystem maintainer target-arm: add AArch32 MIDR aliases in ARMv8 ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f264d51d8ad939d7fb339d61a8cf680ed0cb21a2 Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Mon Jun 15 18:06:11 2015 +0100 hw/arm/virt-acpi-build: Add SPCR table Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> Tested-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1433929959-29530-3-git-send-email-drjones@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b8a0d75ef85b8f24c92a6c50817fa9579b4a98d9 Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Mon Jun 15 18:06:11 2015 +0100 ACPI: Add definitions for the SPCR table SPCR is the Serial Port Console Redirection Table. See the document linked from http://uefi.org/acpi. For serial port types, "Interface Type", see the documentation for the Debug Port Table 2 (DBG2). Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> Tested-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1433929959-29530-2-git-send-email-drjones@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3977ee5d7a9f2e3664dd8b233f3224694e23b62b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:06:11 2015 +0100 target-arm: Correct "preferred return address" for cpreg access exceptions The architecture defines that when taking an exception trying to access a coprocessor register, the "preferred return address" for the exception is the address of the instruction that caused the exception. Correct an off-by-4 error which meant we were returning the address after the instruction for traps which happened because of a failure of a runtime access-check function on an AArch32 register. (Traps caused by translate-time checkable permissions failures had the correct address, as did traps on AArch64 registers.) This fixes https://bugs.launchpad.net/qemu/+bug/1463338 Reported-by: Robert Buhren <robert@xxxxxxxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1433861440-30133-1-git-send-email-peter.maydell@xxxxxxxxxx commit 63a183ed0eac2956574745c84faffa042d99afb8 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jun 15 18:06:11 2015 +0100 hw/arm/boot: fix rom_reset notifier registration order commit ac9d32e39664e060cd1b538ff190980d57ad69e4 had the consequence to register the do_cpu_reset after the rom_reset one. Hence they get executed in the wrong order. This commit restores the registration of do_cpu_reset in arm_load_kernel. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reported-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Tested-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1434111582-9325-1-git-send-email-eric.auger@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 13689d43646482f7305282de1bdd662c0d2b8b77 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Mon Jun 15 18:06:10 2015 +0100 arm: helper: rename get_phys_addr_mpu This get_phys_addr is really for pmsav5. Rename it accordingly. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: bf4b019aa87d682a45998105ef8e4d4e97a5e117.1434066412.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8f325f568fbd0158cd413e7d637573ba90b3eaab Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Mon Jun 15 18:06:10 2015 +0100 arm: Add has-mpu property For processors that support MPUs, add a property to de-feature it. This is similar to the implementation of the EL3 feature. The processor definition in init sets ARM_FEATURE_MPU if it can support an MPU. post_init exposes the property, defaulting to true. If cleared by the instantiator, ARM_FEATURE_MPU is then removed at realize time. This is to support R profile processors that may or may-not have an MPU configured. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 632918cc48786e868ea18aa6bd12f70597994cad.1434066412.git.peter.crosthwaite@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a8e81b319d1ae1224cc7059877dcdf04a5aad59d Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Mon Jun 15 18:06:10 2015 +0100 arm: Implement uniprocessor with MP config Add a boolean for indicating uniprocessors with MP extensions. This drives the U bit in MPIDR. Prepares support for Cortex-R5. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: a70a80583df265e0174f01fa1fc92b33ea6d1db5.1434066412.git.peter.crosthwaite@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b7cc4e82f04a1c5b218a657f677a2fdd1e1c2889 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Mon Jun 15 18:06:10 2015 +0100 arm: Refactor get_phys_addr FSR return mechanism Currently, the return code for get_phys_addr is overloaded for both success/fail and FSR value return. This doesn't handle the case where there is an error with a 0 FSR. This case exists in PMSAv7. So rework get_phys_addr and friends to return a success/failure boolean return code and populate the FSR via a caller provided uint32_t pointer. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: a209e3d8ae00cda55260c970891f520210e26bad.1434066412.git.peter.crosthwaite@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8e5d75c950a1241f6e1243c37f28cd58f68fedc9 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Mon Jun 15 18:06:10 2015 +0100 arm: helper: Factor out CP regs common to [pv]msa V6+ PMSA and VMSA share some common registers that are currently in the VMSA definition block. Split them out into a new def that can be shared to PMSA. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 284db78a43c63c9bfbb60de539672c361bcb6af8.1434066412.git.peter.crosthwaite@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5e5cf9e35f25f9f932a6ce25107c11b67b426a43 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Mon Jun 15 18:06:10 2015 +0100 arm: Don't add v7mp registers in MPU systems These registers are VMSA specific so they should be conditional on VMSA (i.e. !MPU). Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 7bb8843e45f2635c6b7a583c5bb5da51ed4442a0.1434066412.git.peter.crosthwaite@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8085ce63c5967d200f1241b6c0a189371993c5df Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Mon Jun 15 18:06:10 2015 +0100 arm: Do not define TLBTR in PMSA systems If doing a PMSA (MPU) system do not define the VMSA specific TLBTR CP. The def is done separately from VMSA registers group as it is affected by both the OMAP/STRONGARM RW errata and the MIDR backgrounding. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: b03fea3840207edf633f5c9189400c3dd6a28d14.1434066412.git.peter.crosthwaite@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 62b44f059a84d1ac580a653fc4110dfabaef6b83 Author: Aurelio C. Remonda <aurelioremonda@xxxxxxxxx> Date: Mon Jun 15 18:06:09 2015 +0100 target-arm: Add the THUMB_DSP feature Create an ARM_FEATURE_THUMB_DSP controlling the Thumb encodings of the 85 DSP instructions (these are all Thumb2). This is enabled for all non-M-profile CPUs with Thumb2 support, as the instructions are mandatory for R and A profiles. On M profile they are optional and not present in the Cortex-M3 (though they are in the M4). The effect of this commit is that we will now treat the DSP encodings as illegal instructions on M3, when previously we incorrectly implemented them. Signed-off-by: Aurelio C. Remonda <aurelioremonda@xxxxxxxxx> Message-id: 1434311355-26554-1-git-send-email-aurelioremonda@xxxxxxxxx [PMM: added clz/crc32/crc32c and default case to the early-decode switch; minor format/spacing fixups; reworded commit message a bit] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 13e1e476b4bc111d36fffaea025f90d8db52b697 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:06:09 2015 +0100 hw/sd/pxa2xx_mmci: Stop using old_mmio in MemoryRegionOps Update the pxa2xx_mmci device to stop using the old_mmio read and write callbacks in its MemoryRegionOps. This actually simplifies the code because the separate byte/halfword/word access functions were all calling into a single function to do the work anyway. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1434117989-7367-6-git-send-email-peter.maydell@xxxxxxxxxx commit 8e079caf82c3658ee64bca37c91953b38296d427 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:06:09 2015 +0100 hw/arm/pxa2xx: Convert pxa2xx-ssp to VMState The pxa2xx-ssp device is already a QOM device but is still using the old-style register_savevm(); convert to VMState. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1434117989-7367-5-git-send-email-peter.maydell@xxxxxxxxxx commit ce3203464bee89d2ae958717222981326a37775e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:06:09 2015 +0100 hw/arm/pxa2xx: Add reset method for pxa2xx_ssp The pxa2xx_ssp device was missing a reset method; add one. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter..crosthwaite@xxxxxxxxxx> Message-id: 1434117989-7367-4-git-send-email-peter.maydell@xxxxxxxxxx commit 1fd9f2df241554b68b3a19ad1c94c475c7bb85ea Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:06:09 2015 +0100 hw/arm/pxa2xx: Convert pxa2xx-fir to QOM and VMState Convert the pxa2xx-fir device to QOM, including using a VMState for its migration info. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1434117989-7367-3-git-send-email-peter.maydell@xxxxxxxxxx commit 14c3032a7ebd5a354381465453c0c0690b7342d1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:06:09 2015 +0100 hw/arm/pxa2xx: Mark coprocessor registers as ARM_CP_IO The pxa2xx custom coprocessor registers in cp6 and cp14 do device accesses, so mark the non-constant regs as ARM_CP_IO so that icount works correctly and doesn't abort. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1434117989-7367-2-git-send-email-peter.maydell@xxxxxxxxxx commit eb5e1d3c85dffe677da2550d211f9304a7d5ba3b Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Mon Jun 15 18:06:09 2015 +0100 target-arm: Use the kernel's idea of MPIDR if we're using KVM When we're using KVM, the kernel's internal idea of the MPIDR affinity fields must match the values we tell it for the guest vcpu cluster configuration in the device tree. Since at the moment the kernel doesn't support letting userspace tell it the correct affinity fields to use, we must read the kernel's view and reflect that back in the device tree. Signed-off-by: Shlomo Pongratz <shlomo.pongratz@xxxxxxxxxx> Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Message-id: 02f601d0a1e6$90c7d630$b2578290$@samsung.com [PMM: Use a local #define rather than a global variable for the TCG ARM_CPUS_PER_CLUSTER setting. Tweak a comment. Update the commit message.] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8f4d260e70aff7c3796d97c78ba0663696e2d503 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Mon Jun 15 18:06:08 2015 +0100 MAINTAINERS: Add myself as ARM ACPI Subsystem maintainer Add Shannon Zhao as the maintainer for the ARM ACPI Subsystem. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> Acked-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1433248318-6076-1-git-send-email-shannon.zhao@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ac00c79ff6635ae9fd732ff357ada0d05e795500 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Mon Jun 15 18:06:08 2015 +0100 target-arm: add AArch32 MIDR aliases in ARMv8 According to ARMv8 ARM, there are additional aliases to MIDR system register in AArch32 state. So add them to the list. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1433321048-23793-3-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 13b72b2b9aa7ab7ee129e38e9587acd6a1b9a932 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Mon Jun 15 18:06:08 2015 +0100 target-arm: Fix REVIDR reset value According to ARM Cortex-A53/A57 TRM, REVIDR reset value should be zero. So let REVIDR reset value be specified by CPU model and correct it for Cortex-A53/A57. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1433321048-23793-2-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8772de2c53b44c75f18140646aa928e6d77cb9d8 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Mon Jun 15 18:06:08 2015 +0100 hw/arm/virt: Add cortex-a53 cpu support in machine virt Add cortex-a53 cpu support in machine virt, so it can be used for TCG and KVM. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1433207452-4512-3-git-send-email-shannon.zhao@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7525465e6def0ef878741087b36e4657016dce80 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Mon Jun 15 18:06:08 2015 +0100 target-arm/kvm64: Add cortex-a53 cpu support Since commit e353102(target-arm: cpu64: Add support for Cortex-A53) has added Cortex-A53 cpu support for target-arm, this patch just enables it for kvm-arm. Here adding XGENE_POTENZA just makes the enum continuous. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Message-id: 1433207452-4512-2-git-send-email-shannon.zhao@xxxxxxxxxx [PMM: Don't add the CPU types to cpus_to_try[]; this array only lists old CPUs which were supported in pre-PREFERRED_TARGET kernels] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a79e0218e0ae27c9cdd2648bd46e5a916c903cc2 Author: Alex Bennée <alex.bennee@xxxxxxxxxx> Date: Mon Jun 15 18:06:08 2015 +0100 target-arm/cpu.h: remove pending_exception This isn't used by any of the code. In fact it looks like it was never used as it came in with ARMv7 support. Signed-off-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1434020015-8868-1-git-send-email-alex.bennee@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 644ead5be1a851abff16886240c5c6fc1c5137c0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:06:08 2015 +0100 hw/display/exynos4210_fimd: Fix bit-swapping code fimd_swap_data() includes code to reverse the bits in a 64-bit integer, but an off-by-one error meant that it would try to shift off the top of the integer. Correct the bug (spotted by Coverity). Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1432912615-23107-1-git-send-email-peter.maydell@xxxxxxxxxx commit 235069a380147e31236b94c31528fc5170c3a421 Author: Johan Karlsson <Johan.Karlsson@xxxxxxxx> Date: Mon Jun 15 18:06:07 2015 +0100 arm_gic: gic_update should always update all cores This patch fixes so that gic_update always updates all the cores with new pending irq states. If the function returns early it is possible to get interrupts that has already been acknowledged. Signed-off-by: Johan Karlsson <johan.karlsson@xxxxxxxx> [PMM: rebased to apply to current master] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4e42a6ca37e39e56725518851f4388e46bd91129 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Mon Jun 15 18:06:07 2015 +0100 target-arm: use extended address bits from supersection short descriptor Since ARMv7 with LPAE support, a supersection short translation table descriptor has had extended base address fields which hold bits 39:32 of translated address. These fields are IMPDEF in ARMv6 and ARMv7 without LPAE support. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1433235718-30485-1-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit fc1891c74ae122a9dc7854f38bae7db03cd911e6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:06:07 2015 +0100 target-arm: Handle "extended small page" descriptors correctly The old ARMv5-style page table format includes a kind of second level descriptor named the "extended small page" format, whose primary purpose is to allow specification of the TEX memory attribute bits on a 4K page. This exists on ARMv6 and also (as an implementation extension) on XScale CPUs; it's UNPREDICTABLE on v5. We were mishandling this in two ways: (1) we weren't implementing it for v6 (probably never noticed because Linux will use the new-style v6 page table format there) (2) we were not correctly setting the page_size, which is 4K, not 1K The latter bug went unnoticed for years because the only thing which the page_size affects is which TLB entries get flushed when the guest does a TLB invalidate on an address in the page, and prior to commit 2f0d8631b7 we were doing a full TLB flush very frequently due to Linux's habit of writing the SCTLR pointlessly a lot. (We can assume that after commit 2f0d8631b7 the bug went unnoticed for a year because nobody's actually using the Zaurus/XScale emulation...) Report the correct page size for these descriptors, and permit them on ARMv6 CPUs. This fixes a problem where a kernel image for Zaurus can boot the kernel OK but gets random segfaults when it tries to run userspace programs. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1432844085-16441-1-git-send-email-peter.maydell@xxxxxxxxxx commit b500e4db8e3e0b5f41a2dd14e2001200e5fc7d6b Merge: 46bca54 d95d7d8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 16:15:32 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-audio-20150615-1' into staging audio: remove obsolete backends (esd, fmod, winwave). audio: stop using global variables, small fixes. audio: remove some obsolte and unused code. # gpg: Signature made Mon Jun 15 13:24:44 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-audio-20150615-1: ossaudio: use trace events instead of debug config flag alsaaudio: use trace events instead of verbose dsoundaudio: remove primary buffer dsoundaudio: remove *_retries kludges audio: remove plive audio: remove LOG_TO_MONITOR along with default_mon MAINTAINERS: remove malc from audio sdlaudio: do not allow multiple instances coreaudio: do not use global variables where possible dsoundaudio: do not use global variables paaudio: fix possible resource leak wavaudio: do not use global variables ossaudio: do not use global variables alsaaudio: do not use global variables paaudio: do not use global variables audio: expose drv_opaque to init_out and init_in only enable dsound in case the header file is present audio: remove winwave audio driver audio: remove fmod backend audio: remove esd backend Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6a084ea39aec84d352dbd3de0f523daaaaac8c7d Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Jun 15 16:20:21 2015 +0200 vhost-user: part of virtio vhost user is related to virtio, add it to the relevant entry. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 46bca5404b08201bb9df1ac32bc88fc7e6db1f74 Merge: f3e3b08 8369e33 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 13:24:50 2015 +0100 Merge remote-tracking branch 'remotes/borntraeger/tags/s390x-20150615' into staging s390x/kvm/watchdog 1. Implement a diag288 based watchdog 2. Fix virtio-ccw BIOS for gcc >= 4.9 # gpg: Signature made Mon Jun 15 12:36:25 2015 BST using RSA key ID B5A61C7C # gpg: Good signature from "Christian Borntraeger (IBM) <borntraeger@xxxxxxxxxx>" * remotes/borntraeger/tags/s390x-20150615: s390/bios: build with -fdelete-null-pointer-checks watchdog: Add new Virtual Watchdog action INJECT-NMI nmi: Implement inject_nmi() for non-monitor context use s390x/watchdog: diag288 migration support s390x/kvm: diag288 instruction interception and handling s390x/watchdog: introduce diag288 watchdog device watchdog: change option wording to allow for more watchdogs Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8369e339d24f365750da456588e742674c153437 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 12:24:03 2015 +0200 s390/bios: build with -fdelete-null-pointer-checks Starting with version 4.9, GCC assumes it can't safely dereference null pointers, and uses this for some optimizations. On s390, the lowcore memory is located at address 0, so this assumption is wrong and breaks the s390-ccw firmware. Pass -fdelete-null-pointer-checks to avoid that. Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1434363843-14576-1-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit d95d7d802c33f6277c9fb967c14ae0cc99aeb072 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Fri Jun 12 14:33:07 2015 +0200 ossaudio: use trace events instead of debug config flag Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit fbb7ef56d55723a4996c288b50a16e6283eea13f Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Fri Jun 12 14:33:06 2015 +0200 alsaaudio: use trace events instead of verbose Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 6dd35fd81e06d469b6f5280adee0a16ee383db57 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Fri Jun 12 14:33:05 2015 +0200 dsoundaudio: remove primary buffer Enabling this option just creates a playback buffer with the specified settings, and then ignores it. It's probably some outdated hack to set audio formats on windows. (The first created stream dictates all other streams settings, at least on some Windows versions). Setting DAC_FIXED_SETTINGS should have the same effect as setting (the now removed) primary buffer. Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2762955f723570944966347600b5746e7dd99388 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Fri Jun 12 14:33:04 2015 +0200 dsoundaudio: remove *_retries kludges According to MSDN this may happen when the window is not in the foreground, but the default is 1 since a long time (which means no retries), so it should be ok. I've found no problems during testing it on Windows 7 and wine, so this was probably only the case with some old Windows versions. Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 73ad33ef7ba0d1e7c7f276663f36c4f72b9193a9 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Fri Jun 12 14:33:03 2015 +0200 audio: remove plive It was useless even 3 years ago, so it can probably safely go away: https://lists.nongnu.org/archive/html/qemu-devel/2012-03/msg02427.html Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 06ac27f683c52890a6d174adba8c92354fa1eceb Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Fri Jun 12 14:33:02 2015 +0200 audio: remove LOG_TO_MONITOR along with default_mon Setting QEMU_AUDIO_LOG_TO_MONITOR=1 can crash qemu (if qemu tries to log to the monitor before it's being initialized), and also nothing else in qemu logs to the monitor. This log to monitor feature was the last thing that used the default_mon variable, so I removed it too (as using it can cause problems). Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 65eb1e6b4c1c4f66deff9cdf9bfbdea267c59343 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Jun 9 12:51:36 2015 +0200 MAINTAINERS: remove malc from audio email bounces, with a appearently permanent error: "av1474@xxxxxxxx mail receiving disabled, rejecting" Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Gonglei <arei.gonglei@xxxxxxxxxx> commit 81ebb07c56a28aa7ca47c38eb44690025a9dd6b9 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:55 2015 +0200 sdlaudio: do not allow multiple instances Since SDL uses a lot of global data, we can't create independent instances of sdl audio backend. Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit d1f52a1d704de2252bc48c64ca4d46086cb249a2 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:54 2015 +0200 coreaudio: do not use global variables where possible Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 191e1f0acd32360b917fa54a52389b97d9b52b6f Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:52 2015 +0200 dsoundaudio: do not use global variables Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 49dd6d0d33e1a59b4055713079e64062bc5092b5 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:53 2015 +0200 paaudio: fix possible resource leak qpa_audio_init did not clean up resources properly if the initialization failed. This hopefully fixes it. Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f2dcc6cec285938967446d412b0477e02e26f3ca Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:51 2015 +0200 wavaudio: do not use global variables Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 4045a85ad1aadb1a56038ed3358e2093ba88f91f Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:50 2015 +0200 ossaudio: do not use global variables Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 765b37da3f2824afd45b38c038af44da42b956f6 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:48 2015 +0200 alsaaudio: do not use global variables Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 9a644c4b4dfc7ebe7994bfa568cbeaa1847ca5ff Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:49 2015 +0200 paaudio: do not use global variables Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 5706db1deb061ee9affdcea81e59c4c2cad7c41e Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:47 2015 +0200 audio: expose drv_opaque to init_out and init_in Currently the opaque pointer returned by audio_driver's init is only exposed to the driver's fini, but not to audio_pcm_ops. This way if someone wants to share a variable with the driver and the pcm, he must use global variables. This patch fixes it by adding a third parameter to audio_pcm_op's init_out and init_in. Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 307119e7d948bcdb5918fd762153deda471e695b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jun 10 09:07:35 2015 +0200 only enable dsound in case the header file is present Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f3e3b083d4c266ea864ae3c83da49d4086857679 Merge: 8aeaa05 67251a3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 10:43:06 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer core and image format patches # gpg: Signature made Fri Jun 12 16:08:53 2015 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: (25 commits) block: Fix reopen flag inheritance block: Add BlockDriverState.inherits_from block: Add list of children to BlockDriverState queue.h: Add QLIST_FIX_HEAD_PTR() block: Drain requests before swapping nodes in bdrv_swap() block: Move flag inheritance to bdrv_open_inherit() block: Use QemuOpts in bdrv_open_common() block: Use macro for cache option names vmdk: Use bdrv_open_image() quorum: Use bdrv_open_image() check-qdict: Test cases for new functions qdict: Add qdict_{set,copy}_default() qdict: Add qdict_array_entries() iotests: Add tests for overriding BDRV_O_PROTOCOL block: driver should override flags in bdrv_open() block: Change bitmap truncate conditional to assertion block: record new size in bdrv_dirty_bitmap_truncate raw-posix: Fix .bdrv_co_get_block_status() for unaligned image size vmdk: Use vmdk_find_index_in_cluster everywhere vmdk: Fix index_in_cluster calculation in vmdk_co_get_block_status ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3cec7cc22f95ce31565e8e2c03b06a2f7ae8bc6f Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:46 2015 +0200 audio: remove winwave audio driver DirectSound should be a superior choice on Windows. Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 14382605da6bda74516f275695bd3345bc54c464 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:45 2015 +0200 audio: remove fmod backend Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 0bac111167e33838fa869cacd16f92e5899252b3 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:44 2015 +0200 audio: remove esd backend ESD is no longer developed and replaced by PulseAudio. Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 79cb1f1d698da5e1e183863aa3c8a91b2e750664 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Mon Apr 20 16:15:20 2015 +0100 linux-user: Use abi_ulong for TARGET_ELF_PAGESTART TARGET_ELF_PAGESTART is required to use abi_ulong to correctly handle addresses for different target bits width. This patch fixes a problem when running a 64-bit user mode application on 32-bit host machines. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 8be656b87c6bb1b9f8af3ff78094413d71e4443a Author: Alexander Graf <agraf@xxxxxxx> Date: Wed May 6 23:47:32 2015 +0200 linux-user: Allocate thunk size dynamically We store all struct types in an array of static size without ever checking whether we overrun it. Of course some day someone (like me in another, ancient ALSA enabling patch set) will run into the limit without realizing it. So let's make the allocation dynamic. We already know the number of structs that we want to allocate, so we only need to pass the variable into the respective piece of code. Also, to ensure we don't accidently overwrite random memory, add some asserts to sanity check whether a thunk is actually part of our array. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 8aeaa055f5d3d4e87bf870892ba301eae57bdc1d Merge: 0a2df85 2db33f8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 12 18:04:14 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Fri Jun 12 15:57:47 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: qemu-iotests: expand test 093 to support group throttling throttle: Update throttle infrastructure copyright throttle: add the name of the ThrottleGroup to BlockDeviceInfo throttle: acquire the ThrottleGroup lock in bdrv_swap() throttle: Add throttle group support throttle: Add throttle group infrastructure tests throttle: Add throttle group infrastructure throttle: Extract timers from ThrottleState into a separate structure raw-posix: Fix .bdrv_co_get_block_status() for unaligned image size Revert "iothread: release iothread around aio_poll" Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 67251a311371c4d22e803f151f47fe817175b6c3 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 9 18:54:04 2015 +0200 block: Fix reopen flag inheritance When reopening an image, the block layer already takes care to reopen bs->file as well with recalculated inherited flags. The same must happen for any other child (most notably missing before this patch: backing files). If bs->file (or any other child) didn't originally inherit from bs, e.g. because it was created separately and then only referenced, it must not inherit flags on reopen either, so check the inherited_from field before propagation the reopen down. VMDK already reopened its extents manually; this code can now be dropped. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit bddcec3745b0220d4a7eda700950812a94398668 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 9 18:47:50 2015 +0200 block: Add BlockDriverState.inherits_from Currently, the block layer assumes that any block node can have only one parent, and if it has a parent, that it inherits some options/flags from this parent. This is not true any more: With references used in block device creation, a single node can be used by multiple parents, or it can be created separately and not inherit flags from any parent. To handle reopens correctly, a node must know from which parent it inherited options. This patch adds the information to BlockDriverState. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 6e93e7c41fdfdee3068770cae79380e1d986b76a Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Apr 8 13:49:41 2015 +0200 block: Add list of children to BlockDriverState This allows iterating over all children of a given BDS, not only including bs->file and bs->backing_hd, but also driver-specific ones like VMDK extents or Quorum children. For bdrv_swap(), the list of children of the swapped BDS stays at that BDS (because that's where the pointers stay as well). The list head moves and pointers to it must be fixed up therefore. The list of children in the parent of the swapped BDS is not affected by the swap. The contents of the BDS objects is swapped, so the existing pointer in the parent automatically points to the newly swapped in BDS. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit ae81693004fd95f7013e42811944707a92948d9a Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Jun 10 13:47:35 2015 +0200 queue.h: Add QLIST_FIX_HEAD_PTR() If the head of a list has been moved to a different memory location, the le_prev link in the first list entry has to be fixed up. Provide a macro that implements this fixup. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 6ee4ce1ee75a651c246d926c2302281b51981f6d Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Jun 10 13:33:17 2015 +0200 block: Drain requests before swapping nodes in bdrv_swap() bdrv_swap() requires that there are no requests in flight on either of the two devices. The request coroutine would work on the wrong BlockDriverState object (with bs->opaque even being interpreted as a different type potentially) and all sorts of bad things would result from this. The currently existing callers mostly ensure that there is no I/O pending on nodes that are swapped. In detail, this is: 1. Live snapshots. This goes through qmp_transaction(), which calls bdrv_drain_all() before doing anything. The command is executed synchronously, so no new I/O can be issued concurrently. 2. snapshot=on in bdrv_open(). We're in the middle of opening the image (both the original image and its temporary overlay), so there can't be any I/O in flight yet. 3. Mirroring. bdrv_drain() is already used on the source device so that the mirror doesn't miss anything. However, the main loop runs between that and the bdrv_swap() (which is actually a bug, being addressed in another series), so there is a small window in which new I/O might be issued that would be in flight during bdrv_swap(). It is safer to just drain the request queue of both devices in bdrv_swap() instead of relying on callers to do the right thing. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit f3930ed0bb1945b59da8e591072b5c79606d0760 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Apr 8 13:43:47 2015 +0200 block: Move flag inheritance to bdrv_open_inherit() Instead of letting every caller of bdrv_open() determine the right flags for its child node manually and pass them to the function, pass the parent node and the role of the newly opened child (like backing file, protocol layer, etc.). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 18edf289a8951f3a48caff3b5fe17f2d414c2924 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Apr 7 17:12:56 2015 +0200 block: Use QemuOpts in bdrv_open_common() Instead of manually parsing options and then deleting them from the options QDict, just use QemuOpts like most other places that deal with block device options. More options will be added there and then QemuOpts is a lot more manageable than open-coding everything. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 54861b9280e95dd16c062b26a9d0adfe3608c63c Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Apr 7 16:55:00 2015 +0200 block: Use macro for cache option names Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> commit a646836784a0fc50fee6f9a0d3fb968289714128 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Apr 7 15:35:59 2015 +0200 vmdk: Use bdrv_open_image() Besides standardising on a single interface for opening child nodes, this patch allows the user to specify options to individual extent nodes. Overriding file names isn't possible with this yet, so it's of limited usefulness, but still a step forward. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> commit ea6828d81b34d42f407e8de28694d2751ee660a2 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Jan 21 18:49:28 2015 +0100 quorum: Use bdrv_open_image() Besides standardising on a single interface for opening child nodes, this simplifies the .bdrv_open() implementation of the quorum block driver by using block layer functionality for handling BlockdevRefs. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> commit ef1919df26b9b094aa41733466b134111fcdbd36 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 28 17:37:55 2015 +0200 check-qdict: Test cases for new functions This adds test cases for the following new QDict functions: * qdict_array_entries() * qdict_set_default_str() * qdict_copy_default() Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 7990d2c99c974ae8e3c3f719d8321ddc6eac93bc Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Jan 19 21:22:45 2015 +0100 qdict: Add qdict_{set,copy}_default() In the block layer functions that determine options for a child block device, it's a common pattern to either copy options from the parent's options or to set a default string if the option isn't explicitly set yet for the child. Provide convenience functions so that it becomes a one-liner for each option. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit bd50530a9f40f6560a03caeaaddd451e2ce90ed8 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Jan 21 17:15:44 2015 +0100 qdict: Add qdict_array_entries() This counts the entries in a flattened array in a QDict without actually splitting the QDict into a QList. bdrv_open_image() doesn't take a QList, but rather a QDict and a key prefix string, so this is more convenient for block drivers which have a dynamically sized list of child nodes (e.g. Quorum) and are to be converted to using bdrv_open_image() as the standard interface for opening child nodes. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 0a2df857a7038c75379cc575de5d4be4c0ac629e Merge: 9faffeb fafa4d5 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 12 15:39:05 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Fri Jun 12 13:57:20 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: qmp/hmp: add rocker device support rocker: bring link up/down on PHY enable/disable rocker: update tests using hw-derived interface names rocker: Add support for phys name iohandler: Change return type of qemu_set_fd_handler to "void" event-notifier: Always return 0 for posix implementation xen_backend: Remove unused error handling of qemu_set_fd_handler oss: Remove unused error handling of qemu_set_fd_handler alsaaudio: Remove unused error handling of qemu_set_fd_handler main-loop: Drop qemu_set_fd_handler2 Change qemu_set_fd_handler2(..., NULL, ...) to qemu_set_fd_handler tap: Drop tap_can_send net/socket: Drop net_socket_can_send netmap: Drop netmap_can_send l2tpv3: Drop l2tpv3_can_send stubs: Add qemu_set_fd_handler Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a68197ff5b11f5a58d48e485d16a36758aeca7f4 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Thu Mar 19 14:53:17 2015 -0400 iotests: Add tests for overriding BDRV_O_PROTOCOL This adds tests for overriding the qemu-internal BDRV_O_PROTOCOL flag by explicitly specifying a block driver. As one test must be run over the NBD protocol while the other must not, this patch adds two separate iotests. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 53a295131274c87914c97053e2ca00f19a9c2efa Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Thu Mar 19 14:53:16 2015 -0400 block: driver should override flags in bdrv_open() The BDRV_O_PROTOCOL flag should have an impact only if no driver is specified explicitly. Therefore, if bdrv_open() is called with an explicit block driver argument (either through the options QDict or through the drv parameter) and that block driver is a protocol block driver, BDRV_O_PROTOCOL should be set; if it is a format block driver, BDRV_O_PROTOCOL should be unset. While there was code to unset the flag in case a format block driver has been selected, it only followed the bdrv_fill_options() function call whereas the flag in fact needs to be adjusted before it is used there. With that change, BDRV_O_PROTOCOL will always be set if the BDS should be a protocol driver; if the driver has been specified explicitly, the new code will set it; and bdrv_fill_options() will only "probe" a protocol driver if BDRV_O_PROTOCOL is set. The probing after bdrv_fill_options() cannot select a protocol driver. Thus, bdrv_open_image() to open BDS.file is never called if a protocol BDS is about to be created. With that change in turn it is impossible to call bdrv_open_common() with a protocol drv and file != NULL, which allows us to remove the bdrv_swap() call. This change breaks a test case in qemu-iotest 051: "-drive file=t.qcow2,file.driver=qcow2" now works because the explicitly specified "qcow2" overrides the BDRV_O_PROTOCOL which is automatically set for the "file" BDS (and the filename is just passed down). Therefore, this patch removes that test case. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 06207b0ff596aa4bb192d1fafc593847ed888e39 Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Jun 10 13:24:54 2015 -0400 block: Change bitmap truncate conditional to assertion This is an artifact of an older version that had both all-bitmap and single-bitmap truncate functions, and some info got lost in the shuffle. Bitmaps can only be frozen during a backup operation, and a backup operation should prevent a resize operation, so just assert that this cannot happen. Suggested-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5270b6a0d0cf41e49d634007ace40f5dfc381940 Author: John Snow <jsnow@xxxxxxxxxx> Date: Mon Jun 8 16:49:15 2015 -0400 block: record new size in bdrv_dirty_bitmap_truncate ce1ffea8 neglected to update the BdrvDirtyBitmap structure itself for internal consistency. It's currently not an issue, but for migration and persistence series this will cause headaches. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b8684454e152ca2e100f4b59d80de2be27186206 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Jun 9 10:45:16 2015 +0200 raw-posix: Fix .bdrv_co_get_block_status() for unaligned image size Image files with an unaligned image size have a final hole that starts at EOF, i.e. in the middle of a sector. Currently, *pnum == 0 is returned when checking the status of this sector. In qemu-img, this triggers an assertion failure. In order to fix this, one type for the sector that contains EOF must be found. Treating a hole as data is safe, so this patch rounds the calculated number of data sectors up, so that a partial sector at EOF is treated as a full data sector. This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1229394 Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Tested-by: Cole Robinson <crobinso@xxxxxxxxxx> commit 90df601f06de14f062d2e8dc1bc57f0decf86fd1 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:02:57 2015 +0800 vmdk: Use vmdk_find_index_in_cluster everywhere Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 61f0ed1d54601b91b8195c1a30d7046f83283b40 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:02:56 2015 +0800 vmdk: Fix index_in_cluster calculation in vmdk_co_get_block_status It has the similar issue with b1649fae49a8. Since the calculation is repeated for a few times already, introduce a function so it can be reused. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit bc85ef265a0118d044ff62ae217c186cb08e0866 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Jun 1 18:09:19 2015 +0200 qcow2: Add DEFAULT_L2_CACHE_CLUSTERS If a relatively large cluster size is chosen, the default of 1 MB L2 cache is not really appropriate. In this case, unless overridden by the user, the default cache size should not be determined by its size in bytes but by the number of L2 tables (clusters) it is supposed to contain. Note that without this patch, MIN_L2_CACHE_SIZE will effectively take over the same role. However, providing space for just two L2 tables is not enough to be the default. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a4291eafc597c0944057930acf3e51d899f79c2e Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Jun 1 18:09:18 2015 +0200 iotests: qcow2 COW with minimal L2 cache size This adds a test case to test 103 for performing a COW operation in a qcow2 image using an L2 cache with minimal size (which should be at least two clusters so the COW can access both source and destination simultaneously). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 57e216695948a79d9ced82fc217a37cce70fd986 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Jun 1 18:09:17 2015 +0200 qcow2: Set MIN_L2_CACHE_SIZE to 2 The L2 cache must cover at least two L2 tables, because during COW two L2 tables are accessed simultaneously. Reported-by: Alexander Graf <agraf@xxxxxxx> Cc: qemu-stable <qemu-stable@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Tested-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9aa711d75030356f1e179b9f71780da5fd1a45bb Author: Fam Zheng <famz@xxxxxxxxxx> Date: Tue May 19 10:46:13 2015 +0000 qemu-iotests: Fix 128 if sudo required If passwordless "sudo" works, use it in the qemu-io cmd. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ff793890faeb119c8dad53b7ed614407ff7b027a Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 12:01:41 2015 -0400 iotests: remove assertIsNotNone call RHEL6 doesn't have Python 2.7, so replace this call with assertNotEqual(x, None) which will work just as well. Reported-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9faffeb7772fddcb5d3fb2dbdcfe7e8a38f01637 Merge: 4cb618a d218b28 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 12 14:31:13 2015 +0100 Merge remote-tracking branch 'remotes/aurel/tags/pull-sh4-next-20150612' into staging sh4 linux-user cpu and hwcap misc optimizations and cleanup convert r2d to new MMIO accessor style # gpg: Signature made Fri Jun 12 11:28:43 2015 BST using RSA key ID 1DDD8C9B # gpg: Good signature from "Aurelien Jarno <aurelien@xxxxxxxxxxx>" # gpg: aka "Aurelien Jarno <aurelien@xxxxxxxx>" # gpg: aka "Aurelien Jarno <aurel32@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 7746 2642 A9EF 94FD 0F77 196D BA9C 7806 1DDD 8C9B * remotes/aurel/tags/pull-sh4-next-20150612: target-sh4: remove dead code target-sh4: factorize fmov implementation target-sh4: split out Q and M from of SR and optimize div1 target-sh4: optimize negc using add2 and sub2 target-sh4: optimize subc using sub2 target-sh4: optimize addc using add2 target-sh4: Split out T from SR target-sh4: use bit number for SR constants sh4/r2d: convert to new MMIO accessor style linux-user: Add HWCAP for SH4 linux-user: Default sh4 to sh7785 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2db33f88d2b340c049c576ad75d442e4b6ffe768 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 8 18:17:48 2015 +0200 qemu-iotests: expand test 093 to support group throttling This patch improves the test by attaching a different number of drives to the VM and putting them in the same throttling group. The test verifies that the I/O is evenly distributed among all members of the group, and that the limits are enforced. By default the test is repeated 3 times with 1, 2 and 3 drives, but the maximum number of simultaneous drives is configurable. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 513df1da5c658878191b579ebcddd985adcd4122.1433779731.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a291d5d9b9940e1b07319041afc2c4b9285b9c48 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 8 18:17:47 2015 +0200 throttle: Update throttle infrastructure copyright Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 07dcd4ed02f0110b13b3140f477b761b8bb8e270.1433779731.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b8fe1694e506362706cde65d1bf55b23e62b150e Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 8 18:17:46 2015 +0200 throttle: add the name of the ThrottleGroup to BlockDeviceInfo Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 172df91f09c69c6f0440a697bbd1b3f95b077ee4.1433779731.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit db6283385cb708b9d589e5b57e96eab4afd0269e Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 8 18:17:45 2015 +0200 throttle: acquire the ThrottleGroup lock in bdrv_swap() bdrv_swap() touches the fields of a BlockDriverState that are protected by the ThrottleGroup lock. Although those fields end up in their original place, they are temporarily swapped in the process, so there's a chance that an operation on a member of the same group happening on a different thread can try to use them. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: d92dc40d7c4f1fc5cda5cbbf4ffb7a4670b79d17.1433779731.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 76f4afb40fa076ed23fe0ab42c7a768ddb71123f Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 8 18:17:44 2015 +0200 throttle: Add throttle group support The throttle group support use a cooperative round robin scheduling algorithm. The principles of the algorithm are simple: - Each BDS of the group is used as a token in a circular way. - The active BDS computes if a wait must be done and arms the right timer. - If a wait must be done the token timer will be armed so the token will become the next active BDS. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: f0082a86f3ac01c46170f7eafe2101a92e8fde39.1433779731.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1fee955f9cc5903b3c7f79bbd90929aefad583a6 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 8 18:17:43 2015 +0200 throttle: Add throttle group infrastructure tests Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: ba7b9dc7fca43efbb31d5f3aad91a8dbdbea635b.1433779731.git.berto@xxxxxxxxxx Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 2ff1f2e3a39daf4a401a8904d00b29ea8c450463 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 8 18:17:42 2015 +0200 throttle: Add throttle group infrastructure Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 2fdb4de17210b733a13eb472c33cd08b45f8fd21.1433779731.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 0e5b0a2d54f4dca2f6d1a676da8ec089dc143001 Author: Benoît Canet <benoit.canet@xxxxxxxxxxxx> Date: Mon Jun 8 18:17:41 2015 +0200 throttle: Extract timers from ThrottleState into a separate structure Group throttling will share ThrottleState between multiple bs. As a consequence the ThrottleState will be accessed by multiple aio context. Timers are tied to their aio context so they must go out of the ThrottleState structure. This commit paves the way for each bs of a common ThrottleState to have its own timer. Signed-off-by: Benoit Canet <benoit.canet@xxxxxxxxxxxx> Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 6cf9ea96d8b32ae2f8769cead38f68a6a0c8c909.1433779731.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit f4a769abaa51badea666093077c50c568c35de17 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Jun 9 10:55:08 2015 +0200 raw-posix: Fix .bdrv_co_get_block_status() for unaligned image size Image files with an unaligned image size have a final hole that starts at EOF, i.e. in the middle of a sector. Currently, *pnum == 0 is returned when checking the status of this sector. In qemu-img, this triggers an assertion failure. In order to fix this, one type for the sector that contains EOF must be found. Treating a hole as data is safe, so this patch rounds the calculated number of data sectors up, so that a partial sector at EOF is treated as a full data sector. This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1229394 Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1433840108-9996-1-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit da5e1de95bb235330d7724316e7a29239d1359d5 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jun 3 10:15:33 2015 +0100 Revert "iothread: release iothread around aio_poll" This reverts commit a0710f7995f914e3044e5899bd8ff6c43c62f916. In qemu-devel email message <556DBF87.2020908@xxxxxxxxxx>, Christian Borntraeger writes: Having many guests all with a kernel/ramdisk (via -kernel) and several null block devices will result in hangs. All hanging guests are in partition detection code waiting for an I/O to return so very early maybe even the first I/O. Reverting that commit "fixes" the hangs. Reverting this commit for the 2.4 release. More time is needed to investigate and correct this patch. Reported-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Suggested-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit fafa4d508b42a70a59a6bd647a2c0cfad86246c3 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Wed Jun 10 18:21:21 2015 -0700 qmp/hmp: add rocker device support Add QMP/HMP support for rocker devices. This is mostly for debugging purposes to see inside the device's tables and port configurations. Some examples: (qemu) info rocker sw1 name: sw1 id: 0x0000013512005452 ports: 4 (qemu) info rocker-ports sw1 ena/ speed/ auto port link duplex neg? sw1.1 up 10G FD No sw1.2 up 10G FD No sw1.3 !ena 10G FD No sw1.4 !ena 10G FD No (qemu) info rocker-of-dpa-flows sw1 prio tbl hits key(mask) --> actions 2 60 pport 1 vlan 1 LLDP src 00:02:00:00:02:00 dst 01:80:c2:00:00:0e 2 60 pport 1 vlan 1 ARP src 00:02:00:00:02:00 dst 00:02:00:00:03:00 2 60 pport 2 vlan 2 IPv6 src 00:02:00:00:03:00 dst 33:33:ff:00:00:02 proto 58 3 50 vlan 2 dst 33:33:ff:00:00:02 --> write group 0x32000001 goto tbl 60 2 60 pport 2 vlan 2 IPv6 src 00:02:00:00:03:00 dst 33:33:ff:00:03:00 proto 58 3 50 1 vlan 2 dst 33:33:ff:00:03:00 --> write group 0x32000001 goto tbl 60 2 60 pport 2 vlan 2 ARP src 00:02:00:00:03:00 dst 00:02:00:00:02:00 3 50 2 vlan 2 dst 00:02:00:00:02:00 --> write group 0x02000001 goto tbl 60 2 60 1 pport 2 vlan 2 IP src 00:02:00:00:03:00 dst 00:02:00:00:02:00 proto 1 3 50 2 vlan 1 dst 00:02:00:00:03:00 --> write group 0x01000002 goto tbl 60 2 60 1 pport 1 vlan 1 IP src 00:02:00:00:02:00 dst 00:02:00:00:03:00 proto 1 2 60 pport 1 vlan 1 IPv6 src 00:02:00:00:02:00 dst 33:33:ff:00:00:01 proto 58 3 50 vlan 1 dst 33:33:ff:00:00:01 --> write group 0x31000000 goto tbl 60 2 60 pport 1 vlan 1 IPv6 src 00:02:00:00:02:00 dst 33:33:ff:00:02:00 proto 58 3 50 1 vlan 1 dst 33:33:ff:00:02:00 --> write group 0x31000000 goto tbl 60 1 60 173 pport 2 vlan 2 LLDP src <any> dst 01:80:c2:00:00:0e --> write group 0x02000000 1 60 6 pport 2 vlan 2 IPv6 src <any> dst <any> --> write group 0x02000000 1 60 174 pport 1 vlan 1 LLDP src <any> dst 01:80:c2:00:00:0e --> write group 0x01000000 1 60 174 pport 2 vlan 2 IP src <any> dst <any> --> write group 0x02000000 1 60 6 pport 1 vlan 1 IPv6 src <any> dst <any> --> write group 0x01000000 1 60 181 pport 2 vlan 2 ARP src <any> dst <any> --> write group 0x02000000 1 10 715 pport 2 --> apply new vlan 2 goto tbl 20 1 60 177 pport 1 vlan 1 ARP src <any> dst <any> --> write group 0x01000000 1 60 174 pport 1 vlan 1 IP src <any> dst <any> --> write group 0x01000000 1 10 717 pport 1 --> apply new vlan 1 goto tbl 20 1 0 1432 pport 0(0xffff) --> goto tbl 10 (qemu) info rocker-of-dpa-groups sw1 id (decode) --> buckets 0x32000001 (type L2 multicast vlan 2 index 1) --> groups [0x02000001,0x02000000] 0x02000001 (type L2 interface vlan 2 pport 1) --> pop vlan out pport 1 0x01000002 (type L2 interface vlan 1 pport 2) --> pop vlan out pport 2 0x02000000 (type L2 interface vlan 2 pport 0) --> pop vlan out pport 0 0x01000000 (type L2 interface vlan 1 pport 0) --> pop vlan out pport 0 0x31000000 (type L2 multicast vlan 1 index 0) --> groups [0x01000002,0x01000000] [Added "query-" prefixes to rocker.json commands as suggested by Eric Blake <eblake@xxxxxxxxxx>. --Stefan] Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: Jiri Pirko <jiri@xxxxxxxxxxx> Message-id: 1433985681-56138-5-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5ff1547b756a820bc7b695fe393b25d82467d1fe Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Wed Jun 10 18:21:20 2015 -0700 rocker: bring link up/down on PHY enable/disable When the OS driver enables/disables the port, go ahead and set the port's link status to up/down in response to the change. This more closely emulates real hardware when the PHY for the port is brought up/down and the PHY negotiates carrier (link status) with link partner. In the case of qemu, the virtual rocker device can't really do link negotiation with the link partner as that requires signally over a physical medium (the wire), so just pretend the negotiation was successful and bring the link up when the port is enabled. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1433985681-56138-4-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 73da0232098a69d06ce0d49ad8751b7c5e8b9448 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Wed Jun 10 18:21:19 2015 -0700 rocker: update tests using hw-derived interface names With previous patch to support phy name attribute for each port, the OS can name port interfaces using the hw-derived name. So update rocker tests to use the new hw-derived interface names. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1433985681-56138-3-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 773495364ffbfc6a4d1e13e24e932f96409ba1d3 Author: David Ahern <dsahern@xxxxxxxxx> Date: Wed Jun 10 18:21:18 2015 -0700 rocker: Add support for phys name Add ROCKER_TLV_CMD_PORT_SETTINGS_PHYS_NAME to port settings. This attribute exports the port name to the guest OS allowing it to name interfaces with sensible defaults. Mostly done by Scott for phys_id support; adapted to phys_name by David. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: David Ahern <dsahern@xxxxxxxxx> Message-id: 1433985681-56138-2-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit f4d248bdc33167ab9e91b1470ef47a61dffd0b38 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:24 2015 +0800 iohandler: Change return type of qemu_set_fd_handler to "void" Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-14-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1e354528bdaf9671ffc94e531e6967233abe7b8f Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:23 2015 +0800 event-notifier: Always return 0 for posix implementation qemu_set_fd_handler cannot fail, let's always return 0. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-13-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6b5166f8a82888638bb9aba9dc49aa7fa25f292f Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:22 2015 +0800 xen_backend: Remove unused error handling of qemu_set_fd_handler The function cannot fail, so the check is superfluous. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-12-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b027a538c6790bcfc93ef7f4819fe3e581445959 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:21 2015 +0800 oss: Remove unused error handling of qemu_set_fd_handler The function cannot fail, so the check is superfluous. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-11-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit be93f216278d84d283187c95cef16c0b60b711b8 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:20 2015 +0800 alsaaudio: Remove unused error handling of qemu_set_fd_handler The function cannot fail, so the check is superfluous. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-10-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6484e422479c93f28e3f8a68258b0eacd3b31e6d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:19 2015 +0800 main-loop: Drop qemu_set_fd_handler2 All users are converted to qemu_set_fd_handler now, drop qemu_set_fd_handler2 and IOHandlerRecord.fd_read_poll. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-9-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 82e1cc4bf91a2e1c3b62297b10b0ab1d93adfc45 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:18 2015 +0800 Change qemu_set_fd_handler2(..., NULL, ...) to qemu_set_fd_handler Done with following Coccinelle semantic patch, plus manual cosmetic changes in net/*.c. @@ expression E1, E2, E3, E4; @@ - qemu_set_fd_handler2(E1, NULL, E2, E3, E4); + qemu_set_fd_handler(E1, E2, E3, E4); Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-8-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a90a7425cf592a3afeff3eaf32f543b83050ee5c Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:17 2015 +0800 tap: Drop tap_can_send This callback is called by main loop before polling s->fd, if it returns false, the fd will not be polled in this iteration. This is redundant with checks inside read callback. After this patch, the data will be sent to peer when it arrives. If the device can't receive, it will be queued to incoming_queue, and when the device status changes, this queue will be flushed. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-7-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6e99c631f116221d169ea53953d91b8aa74d297a Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:16 2015 +0800 net/socket: Drop net_socket_can_send This callback is called by main loop before polling s->fd, if it returns false, the fd will not be polled in this iteration. This is redundant with checks inside read callback. After this patch, the data will be sent to peer when it arrives. If the device can't receive, it will be queued to incoming_queue, and when the device status changes, this queue will be flushed. If the peer is not ready, disable the read poll until send completes. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-6-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e8dd1d9c396104f0fac4b39a701143df49df2a74 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:15 2015 +0800 netmap: Drop netmap_can_send This callback is called by main loop before polling s->fd, if it returns false, the fd will not be polled in this iteration. This is redundant with checks inside read callback. After this patch, the data will be copied from s->fd to s->iov when it arrives. If the device can't receive, it will be queued to incoming_queue, and when the device status changes, this queue will be flushed. Also remove the qemu_can_send_packet() check in netmap_send. If it's true, we are good; if it's false, the qemu_sendv_packet_async would return 0 and read poll will be disabled until netmap_send_completed is called. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-5-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 95b1416ae93106923f733941e52dfe55c4318643 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:14 2015 +0800 l2tpv3: Drop l2tpv3_can_send This callback is called by main loop before polling s->fd, if it returns false, the fd will not be polled in this iteration. This is redundant with checks inside read callback. After this patch, the data will be copied from s->fd to s->msgvec when it arrives. If the device can't receive, it will be queued to incoming_queue, and when the device status changes, this queue will be flushed. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-4-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 0bc12c4f7e8b5ff0f83908bdef0c247f1ca1a9d8 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:12 2015 +0800 stubs: Add qemu_set_fd_handler Some qemu_set_fd_handler2 stub callers will be converted to call qemu_set_fd_handler, add this stub for them before making the change. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-2-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 4cb618abc1818586c08011ff0a84a015787b1672 Merge: a4ef02f 6773f9b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 12 12:49:40 2015 +0100 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150612' into staging MIPS patches 2015-06-12 Changes: * improve dp8393x network card and rc4030 chipset emulation * support misaligned R6 and MSA memory accesses * support MIPS eXtended and Large Physical Addressing * add Config5.FRE bit and ERETNC instruction (Config5.LLB) * support ememsize on MALTA # gpg: Signature made Fri Jun 12 09:38:11 2015 BST using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 8DD3 2F98 5495 9D66 35D4 4FC0 5211 8E3C 0B29 DA6B * remotes/lalrae/tags/mips-20150612: (29 commits) target-mips: enable XPA and LPA features target-mips: remove misleading comments in translate_init.c target-mips: add MTHC0 and MFHC0 instructions target-mips: add CP0.PageGrain.ELPA support target-mips: support Page Frame Number Extension field target-mips: extend selected CP0 registers to 64-bits in MIPS32 target-mips: correct MFC0 for CP0.EntryLo in MIPS64 net/dp8393x: fix hardware reset net/dp8393x: correctly reset in_use field net/dp8393x: add load/save support net/dp8393x: add PROM to store MAC address net/dp8393x: QOM'ify net/dp8393x: use dp8393x_ prefix for all functions net/dp8393x: do not use old_mmio accesses net/dp8393x: always calculate proper checksums dma/rc4030: convert to QOM dma/rc4030: use trace events instead of custom logging dma/rc4030: document register at offset 0x210 dma/rc4030: do not use old_mmio accesses dma/rc4030: use AddressSpace and address_space_rw in users ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a4ef02fd9b3d12b105b56942166c8364ade9be0f Merge: d8e3b72 4fa3dd1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 12 11:06:03 2015 +0100 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20150612' into staging migration/next for 20150612 # gpg: Signature made Fri Jun 12 05:56:21 2015 BST using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20150612: (21 commits) Remove unneeded memset Rename RDMA structures to make destination clear Teach analyze-migration.py about section footers Add a protective section footer Disable section footers on older machine types Merge section header writing Move loadvm_handlers into MigrationIncomingState Move copy out of qemu_peek_buffer Create MigrationIncomingState qemu_ram_foreach_block: pass up error value, and down the ramblock name Split header writing out of qemu_savevm_state_begin Add qemu_get_counted_string to read a string prefixed by a count byte migration: Use normal VMStateDescriptions for Subsections migration: create savevm_state migration: Remove duplicated assignment of SETUP status rdma: Fix qemu crash when IPv6 address is used for migration arch_init: Clean up the duplicate variable 'len' defining in ram_load() migration: reduce include files migration: Add myself to the copyright list of both files migration: move savevm.c inside migration/ ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d218b28d28b8f4de297bfd35c082b22f153cf0df Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:28:56 2015 +0200 target-sh4: remove dead code Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 91b4d29f4eecab14c5f8888ecd7b3a740ad80b7c Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:28:56 2015 +0200 target-sh4: factorize fmov implementation Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 1d565b21e1aecbb0da6589f3c4ea83c9c788ad63 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:28:56 2015 +0200 target-sh4: split out Q and M from of SR and optimize div1 Splitting Q and M out of SR, it's possible to optimize div1 by using TCG code instead of an helper. At the same time removed the now unused gen_copy_bit_i32 function. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 60eb27fe4951fbe6cf5e24cc3d6df7e97c43a909 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:28:56 2015 +0200 target-sh4: optimize negc using add2 and sub2 Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit d0f44a55fa321e042bd6b2a0fa25ac48864b7a25 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:28:56 2015 +0200 target-sh4: optimize subc using sub2 Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit a2368e01c95a093d250a0e5d3cef53dddf642f1e Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:28:56 2015 +0200 target-sh4: optimize addc using add2 Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 34086945254c035a03e01e472d99e4524a2f2416 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:28:56 2015 +0200 target-sh4: Split out T from SR In preparation for more efficient setting of this field. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 5ed9a259c164bb9fd2a6fe8a363a4bda2e4a5461 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:28:56 2015 +0200 target-sh4: use bit number for SR constants Use the bit number for SR constants instead of using a bit mask. This make possible to also use the constants for shifts. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 563807520ff19e6ed2d40695f543f1fba7ba432f Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:16:43 2015 +0200 sh4/r2d: convert to new MMIO accessor style The documentation is clear to use 16-bit accesses for all registers. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit e42fd944f02dda893fc8773959d6db75f2a49367 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat May 23 15:06:54 2015 -0700 linux-user: Add HWCAP for SH4 Only exposing FPU and LLSC as the only features supported by the translator. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 91c45a38f282b970f443f8e9d6bdb6ffaa00dfbf Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat May 23 15:06:53 2015 -0700 linux-user: Default sh4 to sh7785 Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 7a4dfd1e4a741991df1acf31672b391648e0aa0c Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 10 13:04:17 2014 +0200 virtio-vga: add vgabios configuration Add seavgabios configuration for virtio-vga, hook up the new vgabios in the makefiles. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit a94f0c5ca2f0e3dba4a64f40c9d2e1149017d81d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 10 14:28:48 2014 +0200 virtio-vga: add '-vga virtio' support Some convinience fluff: Add support for '-vga virtio', also add virtio-vga to the list of vga cards so '-device virtio-vga' will turn off the default vga. Written by Dave Airlie and Gerd Hoffmann. Signed-off-by: Dave Airlie <airlied@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit c5d4dac86b61070c078a7b35e25f56d2c8bff508 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 10 14:25:45 2014 +0200 virtio-vga: add virtio gpu device with vga compatibility This patch adds a virtio-vga device. It is simliar to virtio-gpu-pci, but it also adds in vga compatibility, so guests without native virtio-gpu support can drive the device in vga mode. It is compatible with stdvga. Written by Dave Airlie and Gerd Hoffmann. Signed-off-by: Dave Airlie <airlied@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 9eafb62d47ac1c8c2d431e1b4829445444ccc2ee Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 10 14:20:34 2014 +0200 virtio-gpu-pci: add virtio pci support This patch adds virtio-gpu-pci, which is the pci proxy for the virtio gpu device. With this patch in place virtio-gpu is functional. You need a linux guest with a virtio-gpu driver though, and output will appear pretty late in boot, once the kernel initialized drm and fbcon. Written by Dave Airlie and Gerd Hoffmann. Signed-off-by: Dave Airlie <airlied@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2c84167b4efa4a0e81946ef624e96005396e14b2 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Mar 17 08:56:18 2015 +0100 virtio-gpu: fix error message iov limit was raised, but the error message still has the old limit ... Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 6773f9b687e0a8ab4b638ef88d075fb233fb7669 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Apr 14 10:33:43 2015 +0100 target-mips: enable XPA and LPA features Enable XPA in MIPS32R5-generic and LPA in MIPS64R6-generic. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 28b027d5b63c7550c7390041d6dd50948c8f55b8 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Apr 14 10:33:35 2015 +0100 target-mips: remove misleading comments in translate_init.c PABITS are not hardcoded to 36 bits and we do not model 59 PABITS (which is the architectural limit) in QEMU. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 5204ea79ea739b557f47fc4db96c94edcb33a5d6 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Thu Sep 11 16:28:17 2014 +0100 target-mips: add MTHC0 and MFHC0 instructions Implement MTHC0 and MFHC0 instructions. In MIPS32 they are used to access upper word of extended to 64-bits CP0 registers. In MIPS64, when CP0 destination register specified is the EntryLo0 or EntryLo1, bits 1:0 of the GPR appear at bits 31:30 of EntryLo0 or EntryLo1. This is to compensate for RI and XI, which were shifted to bits 63:62 by MTC0 to EntryLo0 or EntryLo1. Therefore creating separate functions for EntryLo0 and EntryLo1. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit e117f52636d04502fab28bd3abe93347c29f39a5 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Apr 14 10:09:38 2015 +0100 target-mips: add CP0.PageGrain.ELPA support CP0.PageGrain.ELPA enables support for large physical addresses. This field is encoded as follows: 0: Large physical address support is disabled. 1: Large physical address support is enabled. If this bit is a 1, the following changes occur to coprocessor 0 registers: - The PFNX field of the EntryLo0 and EntryLo1 registers is writable and concatenated with the PFN field to form the full page frame number. - Access to optional COP0 registers with PA extension, LLAddr, TagLo is defined. P5600 can operate in 32-bit or 40-bit Physical Address Mode. Therefore if XPA is disabled (CP0.PageGrain.ELPA = 0) then assume 32-bit Address Mode. In MIPS64 assume 36 as default PABITS (when CP0.PageGrain.ELPA = 0). env->PABITS value is constant and indicates maximum PABITS available on a core, whereas env->PAMask is calculated from env->PABITS and is also affected by CP0.PageGrain.ELPA. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit cd0d45c40133ef8b409aede5ad8a99aeaf6a70fe Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Thu Sep 11 16:28:16 2014 +0100 target-mips: support Page Frame Number Extension field Update tlb->PFN to contain PFN concatenated with PFNX. PFNX is 0 if large physical address is not supported. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 284b731a6ae47b9ebabb9613e753c4d83cf75dd3 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Jun 9 17:14:13 2015 +0100 target-mips: extend selected CP0 registers to 64-bits in MIPS32 Extend EntryLo0, EntryLo1, LLAddr and TagLo from 32 to 64 bits in MIPS32. Introduce gen_move_low32() function which moves low 32 bits from 64-bit temp to GPR; it sign extends 32-bit value on MIPS64 and truncates on MIPS32. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit b435f3f3d174721382b55bbd0c785ec50c1796a9 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Fri Mar 20 12:06:10 2015 +0000 target-mips: correct MFC0 for CP0.EntryLo in MIPS64 CP0.EntryLo bits 31:30 have to be cleared. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 4fa3dd17dc29c316726f0d4a354a4d895e130c73 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Mon Apr 20 16:57:21 2015 +0100 Remove unneeded memset Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Michael R. Hines <mrhines@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a97270ad5d6dd0382ecb4568674226c8463e59fb Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Mon Apr 20 16:57:16 2015 +0100 Rename RDMA structures to make destination clear RDMA has two data types that are named confusingly; RDMALocalBlock (pointed to indirectly by local_ram_blocks) RDMARemoteBlock (pointed to by block in RDMAContext) RDMALocalBlocks, as the name suggests is a data strucuture that represents the RDMAable RAM Blocks on the current side of the migration whichever that is. RDMARemoteBlocks is always the shape of the RAMBlocks on the destination, even on the destination. Rename: RDMARemoteBlock -> RDMADestBlock context->'block' -> context->dest_blocks Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Michael R. Hines <mrhines@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 73d9a7961ab1b083fb2095413a3bd091e35f4369 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Tue May 19 12:29:53 2015 +0100 Teach analyze-migration.py about section footers Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit f68945d42bab700d95b87f62e0898606ce2421ed Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Tue May 19 12:29:52 2015 +0100 Add a protective section footer Badly formatted migration streams can go undetected or produce misleading errors due to a lock of checking at the end of sections. In particular a section that adds an extra 0x00 at the end causes what looks like a normal end of stream and thus doesn't produce any errors, and something that ends in a 0x01..0x04 kind of look like real section headers and then fail when the section parser tries to figure out which section they are. This is made worse by the choice of 0x00..0x04 being small numbers that are particularly common in normal section data. This patch adds a section footer consisting of a marker (0x7e - ~) followed by the section-id that was also sent in the header. If they mismatch then it throws an error explaining which section was being loaded. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 37fb569c0198cba58e3e1bdf6b9702c8248b89dd Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Tue May 19 12:29:51 2015 +0100 Disable section footers on older machine types The next patch adds section footers; but we don't want to break migration compatibility so disable them on older machine types Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit ce39bfc9186005d222a78db4a7fbdc83e2d62481 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Tue May 19 12:29:50 2015 +0100 Merge section header writing The header writing for device sections is open coded in a few places, merge it into one. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 1a8f46f8d61ef885ff9d0bda251e4e9830c932ef Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu May 21 13:24:16 2015 +0100 Move loadvm_handlers into MigrationIncomingState In postcopy we need the loadvm_handlers to be used in a couple of different instances of the loadvm loop/routine, and thus it can't be local any more. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 7c1e52ba6f3994dc127118f491258ce84d0beb52 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu May 21 13:24:15 2015 +0100 Move copy out of qemu_peek_buffer qemu_peek_buffer currently copies the data it reads into a buffer, however a future patch wants access to the buffer without the copy, hence rework to remove the copy to the layer above. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit bca7856ae8220d9f15ff0f44b97397529e26a552 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu May 21 13:24:14 2015 +0100 Create MigrationIncomingState There are currently lots of pieces of incoming migration state scattered around, and postcopy is adding more, and it seems better to try and keep it together. allocate MIS in process_incoming_migration_co Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit e3807054e20fb3b94d18cb751c437ee2f43b6fac Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu May 21 13:24:13 2015 +0100 qemu_ram_foreach_block: pass up error value, and down the ramblock name check the return value of the function it calls and error if it's non-0 Fixup qemu_rdma_init_one_block that is the only current caller, and rdma_add_block the only function it calls using it. Pass the name of the ramblock to the function; helps in debugging. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Michael R. Hines <mrhines@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit f796baa1b3efcf105ba3a465f797e05ac2b3dcfc Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu May 21 13:24:12 2015 +0100 Split header writing out of qemu_savevm_state_begin Split qemu_savevm_state_begin to: qemu_savevm_state_header That writes the initial file header. qemu_savevm_state_begin That sets up devices and does the first device pass. Used later in postcopy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit b3af1bc9d21e6bec7dfd283d91b465c9f815b6d6 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu May 21 13:24:11 2015 +0100 Add qemu_get_counted_string to read a string prefixed by a count byte and use it in loadvm_state and ram_load. Where ever it's used, check the return and error if it failed. Minor: ram_load was using a 257 byte array for its string, the maximum length is 255 bytes + 0 terminator, so fix to 256 Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 5cd8cadae8db905afcbf877cae568c27d1d55a8a Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Tue Sep 23 14:09:54 2014 +0200 migration: Use normal VMStateDescriptions for Subsections We create optional sections with this patch. But we already have optional subsections. Instead of having two mechanism that do the same, we can just generalize it. For subsections we just change: - Add a needed function to VMStateDescription - Remove VMStateSubsection (after removal of the needed function it is just a VMStateDescription) - Adjust the whole tree, moving the needed function to the corresponding VMStateDescription Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 0163a2e025cda6acb33e100d296965671ace17d9 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed May 13 13:37:04 2015 +0200 migration: create savevm_state This way, we will put savevm global state here, instead of lots of variables. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit e45a1ebfc65fb23be8cddb684d97eaa92725484d Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed May 20 17:14:28 2015 +0200 migration: Remove duplicated assignment of SETUP status We assign the MIGRATION_STATUS_SETUP status in two places. Just in succession. Just remove the second one. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 5b61d5752156dcbbe2bf1366c877a676ed9f8f51 Author: Padmanabh Ratnakar <padmanabh.ratnakar@xxxxxxxxxxxxx> Date: Wed Jun 3 04:44:10 2015 +0530 rdma: Fix qemu crash when IPv6 address is used for migration Qemu crashes when IPv6 address is specified for migration and access to any RDMA uverbs device available on the system is blocked using cgroups. Fix the crash by checking the return value of ibv_open_device routine. Signed-off-by: Meghana Cheripady <meghana.cheripady@xxxxxxxxxxxxx> Signed-off-by: Padmanabh Ratnakar <padmanabh.ratnakar@xxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 5ee6926582cca64238967b2d00d870265cdb10b8 Author: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Date: Fri May 15 17:00:03 2015 +0800 arch_init: Clean up the duplicate variable 'len' defining in ram_load() There are two places that define 'len' variable, It's OK for compiling, but makes it difficult for reading. Remove the local one which defined in the inside 'while' loop. Signed-off-by: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 7205c9ec525fe375dd34c0f116c36dc4aab4c0f7 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Fri May 8 13:54:36 2015 +0200 migration: reduce include files To make changes easier, with the copy, I maintained almost all include files. Now I remove the unnecessary ones on this patch. This compiles on linux x64 with all architectures configured, and cross-compiles for windows 32 and 64 bits. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 76cc7b587f1cd1679821e034a2d9974af9bc7d2b Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Fri May 8 13:20:21 2015 +0200 migration: Add myself to the copyright list of both files If anyone feels like adding himself to the list, just sent me a patch. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit c3049a56d69f1ee7e85b5100ba5d0e3dc69a14f1 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Fri May 8 12:49:01 2015 +0200 migration: move savevm.c inside migration/ Now, everything is in place. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 56e93d26b85bac76b93211393163c2ebcdee9481 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Thu May 7 19:33:31 2015 +0200 migration: move ram stuff to migration/ram For historic reasons, ram migration have been on arch_init.c. Just split it into migration/ram.c, the same that happened with block.c. There is only code movement, no changes altogether. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 795dc6e46d953d70b4b7ddd3f4956f8f4b9d8565 Author: Mao Chuan Li <maochuan@xxxxxxxxxxxxxxxxxx> Date: Thu Feb 5 18:28:36 2015 +0800 watchdog: Add new Virtual Watchdog action INJECT-NMI This patch allows QEMU to inject a NMI into a guest when the watchdog expires. Signed-off-by: Mao Chuan Li <maochuan@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> CC: Eric Blake <eblake@xxxxxxxxxx> CC: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit f9a535e089abcbc7ac99db83c8c6e4644e395b12 Author: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Date: Thu Feb 5 18:28:35 2015 +0800 nmi: Implement inject_nmi() for non-monitor context use Let's introduce a general "inject_nmi()" function that doesn't rely on the cpu index of the monitor, but uses cpu index 0 as default (except for x86). This function can then later be used from a non-monitor context. Signed-off-by: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> CC: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit d67f5fe63caa0f707fa91c760508c340e050b6f0 Author: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Date: Thu Feb 5 18:28:34 2015 +0800 s390x/watchdog: diag288 migration support Add vmstate structure to keep state and data during migration. Signed-off-by: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 8fc639af4b62930671b6988c1f7eedf9e7c9f7bc Author: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Date: Thu Jun 11 13:55:26 2015 +0200 s390x/kvm: diag288 instruction interception and handling Intercept the diag288 requests from kvm guests, and hand the requested command to the diag288 watchdog device for further handling. Signed-off-by: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 188f24c2c149bcb0088c6317e99e09afc007de34 Author: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Date: Thu Feb 5 18:28:32 2015 +0800 s390x/watchdog: introduce diag288 watchdog device This patch introduces a new diag288 watchdog device that will, just like other watchdogs, monitor a guest and take corresponding actions when it detects that the guest is not responding. diag288 is s390x specific. The wiring to s390x KVM will be done in separate patches. Signed-off-by: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> [split out qemu-option.hx base changes] commit d7933ef3ac81149a51ba43ddac9fe70405008aba Author: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Date: Thu Jun 11 17:32:05 2015 +0200 watchdog: change option wording to allow for more watchdogs We will introduce a new watchdog for s390x. Lets adopt qemu-options.hx to allow more watchdog devices. Signed-off-by: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> [split out qemu-option.hx base changes] commit d8e3b729cf452d2689c8669f1ec18158db29fd5a Merge: afa25c4 4ebc736 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 11 15:33:38 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging pc, acpi, virtio Most notably this includes virtio 1 patches Still not all devices converted, and not fully spec compliant, so disabled by default. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu Jun 11 12:53:08 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: (42 commits) i386/acpi-build: fix PXB workarounds for unsupported BIOSes i386/acpi-build: more traditional _UID and _HID for PXB root buses vhost-scsi: move qdev properties into vhost-scsi.c virtio-9p-device: move qdev properties into virtio-9p-device.c virtio-serial-bus: move qdev properties into virtio-serial-bus.c virtio-rng: move qdev properties into virtio-rng.c virtio-scsi: move qdev properties into virtio-scsi.c virtio-net.h: Remove unsed DEFINE_VIRTIO_NET_PROPERTIES virtio-net: move qdev properties into virtio-net.c virtio-input: emulated devices [pci] virtio-input: core code & base class [pci] pci: add PCI_CLASS_INPUT_* virtio-pci: fill VirtIOPCIRegions early. virtio-pci: drop identical virtio_pci_cap virtio-pci: move cap type to VirtIOPCIRegion virtio-pci: move virtio_pci_add_mem_cap call to virtio_pci_modern_region_map virtio-pci: add virtio_pci_modern_region_map() virtio-pci: add virtio_pci_modern_regions_init() virtio-pci: add struct VirtIOPCIRegion for virtio-1 regions virtio-balloon: switch to virtio_add_feature ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit afa25c4bb5bd0732dca4aa0691fd4682d242925f Merge: 0b70743 08d49df Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 11 14:40:25 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-sdl-20150611-1' into staging sdl2: fix crash in handle_windowevent() when restoring the screen size # gpg: Signature made Thu Jun 11 08:57:38 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-sdl-20150611-1: sdl2: fix crash in handle_windowevent() when restoring the screen size Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0b70743d4f4f260b2fe6ed53fecc6bc6cda13910 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Thu Jun 11 09:44:40 2015 +0100 hw/vfio/platform: replace g_malloc0_n by g_new0 g_malloc0_n() is introduced since glib-2.24 while QEMU currently requires glib-2.22. This may cause a link error on some distributions. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Gonglei <arei.gonglei@xxxxxxxxxx> Acked-by: Alex Williamson <alex.williamson@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 169b71331eaff7a28e3d4fabe8733e7db91f01aa Merge: 39e16a5 5a9259a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 11 12:12:58 2015 +0100 Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20150611-1' into staging spice: fix segfault in qemu_spice_create_update, ui_info tweaks. # gpg: Signature made Thu Jun 11 08:48:49 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/spice/tags/pull-spice-20150611-1: spice: ui_info tweaks spice-display: fix segfault in qemu_spice_create_update Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4ebc736e9938a7e88ecc785734b17145bf802a56 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu Jun 11 02:37:59 2015 +0200 i386/acpi-build: fix PXB workarounds for unsupported BIOSes The patch apci: fix PXB behaviour if used with unsupported BIOS uses the following condition to see if a "PXB mem/IO chunk" has *not* been configured by the BIOS: (!range_base || range_base > range_limit) When this condition evaluates to true, said patch *omits* the corresponding entry from the _CRS. Later on the patch checks for the opposite condition (with the intent of *adding* entries to the _CRS if the "PXB mem/IO chunks" *have* been configured). Unfortunately, the condition was negated incorrectly: only the first ! operator was removed, which led to the nonsensical expression (range_base || range_base > range_limit) leading to bogus entries in the _CRS, and causing BSOD in Windows Server 2012 R2 when it runs on OVMF. The correct negative of the condition seen at the top is (range_base && range_base <= range_limit) Fix the expressions. Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c96d9286a6d70452e5fa4f1e3f840715e325be95 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu Jun 11 02:37:58 2015 +0200 i386/acpi-build: more traditional _UID and _HID for PXB root buses The ACPI specification permits the _HID and _UID objects to evaluate to strings. (See "6.1.5 _HID (Hardware ID)" and "6.1.12 _UID (Unique ID)" in the ACPI v6.0 spec.) With regard to related standards, the UEFI specification can also express a device address composed from string _HID and _UID identifiers, inside the Expanded ACPI Device Path Node. (See "9.3.3 ACPI Device Path", Table 49, in the UEFI v2.5 spec.) However, numeric (integer) contents for both _HID and _UID are more traditional. They are recommended by the UEFI spec for size reasons: [...] the ACPI Device Path node is smaller and should be used if possible to reduce the size of device paths that may potentially be stored in nonvolatile storage [...] External tools support them better (for example the --acpi_hid and --acpi_uid options of "efibootmgr" only take numeric identifiers). Finally, numeric _HID and _UID contents are existing practice in the QEMU source. This patch was tested with a Fedora 20 LiveCD and a preexistent Windows Server 2012 R2 guest. Using "acpidump" and "iasl" in the Fedora guest, we get, in the SSDT: > Scope (\_SB) > { > Device (PC04) > { > Name (_UID, 0x04) // _UID: Unique ID > Name (_HID, EisaId ("PNP0A03") /* PCI Bus */) // _HID: Hardware ID Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 39e16a5b708358202e8d2252e3d84863666dc9e5 Merge: 0e12e61 060ab76 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 11 11:18:11 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-gtk-20150611-1' into staging gtk: don't exit early in case gtk init fails # gpg: Signature made Thu Jun 11 10:38:29 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-gtk-20150611-1: gtk: don't exit early in case gtk init fails Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 060ab76356fff6a420bc881a574c40a5dda086af Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jun 5 13:07:58 2015 +0200 gtk: don't exit early in case gtk init fails Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit bd8f1ebce430eb6c1dd92e34baf7bc35aa600464 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:49 2015 +0200 net/dp8393x: fix hardware reset Documentation is not clear of what happens when doing a hardware reset, but firmware expect all registers to be zero unless specified otherwise. This fixes reboot on MIPS Magnum. Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 409b52bfe199d8106dadf7c5ff3d88d2228e89b5 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:48 2015 +0200 net/dp8393x: correctly reset in_use field Don't write more than the field width, which is always 16 bit. Fixes network in NetBSD 5.1/arc Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 1670735dd7087224cf8fabd37c78fc2aa1f0b22f Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:47 2015 +0200 net/dp8393x: add load/save support Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 89ae0ff9b73ee74c9ba707a09a07ad77b9fdccb4 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:46 2015 +0200 net/dp8393x: add PROM to store MAC address Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 104655a5c818ea8de1329cef50d1cc8defc524f3 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:45 2015 +0200 net/dp8393x: QOM'ify Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 3df5de64f06f6b288b1cf30ce2bad7878a96454b Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:44 2015 +0200 net/dp8393x: use dp8393x_ prefix for all functions Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 84689cbb97d2f8c7bb1ebe069f887eaaaddb0902 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:43 2015 +0200 net/dp8393x: do not use old_mmio accesses Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit f2f62c4db244f392381c9061c4185ced98f9be57 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:42 2015 +0200 net/dp8393x: always calculate proper checksums Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit d791d60f1cf944f578aa26ca9f8903ce5dda1c78 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:41 2015 +0200 dma/rc4030: convert to QOM Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 95c357bc461b00785284403bf56567657d42e915 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:40 2015 +0200 dma/rc4030: use trace events instead of custom logging Remove also unneeded debug logs. Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit dc6e3e1e1aef2e6b2ed2ddf80c9559c91f685ecd Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:39 2015 +0200 dma/rc4030: document register at offset 0x210 Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit b421f3f52aed306ecc69221a13fac22d03905956 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:38 2015 +0200 dma/rc4030: do not use old_mmio accesses Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit dd8205130bab277a27889b6d3c0c6c7651585732 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:37 2015 +0200 dma/rc4030: use AddressSpace and address_space_rw in users Now that rc4030 internally uses an AddressSpace for DMA handling, make its root memory region public. This is especially usefull for dp8393x netcard, which now uses well known QEMU types and methods. Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit a3d586f704609a45b6037534cb2f34da5dfd8895 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:36 2015 +0200 dma/rc4030: create custom DMA address space Add a new memory region in system address space where DMA address space definition (the 'translation table') belongs, so we can update on the fly the DMA address space. Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 9b1d21c53b73c8f8f79e4aae69c4eb7a5270d6d4 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:35 2015 +0200 mips jazz: compile only in 64 bit Remove now useless device models from other MIPS configurations We're now compiling 12 files less than before. Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit ce9782f40ac16660ea9437bfaa2c9c34d5ed8110 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Thu Jun 4 17:00:31 2015 +0100 target-mips: add ERETNC instruction and Config5.LLB bit ERETNC is identical to ERET except that an ERETNC will not clear the LLbit that is set by execution of an LL instruction, and thus when placed between an LL and SC sequence, will never cause the SC to fail. Presence of ERETNC is denoted by the Config5.LLB. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit adc370a48fd26b92188fa4848dfb088578b1936c Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Mon Jun 1 12:13:24 2015 +0100 target-mips: Misaligned memory accesses for MSA MIPS SIMD Architecture vector loads and stores require misalignment support. MSA Memory access should work as an atomic operation. Therefore, it has to check validity of all addresses for a vector store access if it is spanning into two pages. Separating helper functions for each data format as format is known in translation. To use mmu_idx from cpu_mmu_index() instead of calculating it from hflag. Removing save_cpu_state() call in translation because it is able to use cpu_restore_state() on fault as GETRA() is passed. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> [leon.alrae@xxxxxxxxxx: remove unused do_* functions] Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 3b4afc9e75ab1a95f33e41f462921093f8a109c4 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Mon Jun 1 12:13:23 2015 +0100 softmmu: Add probe_write() Probe for whether the specified guest write access is permitted. If it is not permitted then an exception will be taken in the same way as if this were a real write access (and we will not return). Otherwise the function will return, and there will be a valid entry in the TLB for this access. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit be3a8c53b4f18bcc51a462d977cc61a0f46ebb1c Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Mon Jun 1 12:13:22 2015 +0100 target-mips: Misaligned memory accesses for R6 Release 6 requires misaligned memory access support for all ordinary memory access instructions (for example, LW/SW, LWC1/SWC1). However misaligned support is not provided for certain special memory accesses such as atomics (for example, LL/SC). Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 71c199c81d290b2077ee7cf5400332a342de3a97 Author: Paul Burton <paul.burton@xxxxxxxxxx> Date: Mon May 25 14:21:04 2015 +0100 mips_malta: provide ememsize env variable to kernels Commit 94c2b6aff43c (mips_malta: support up to 2GiB RAM) provided support for using over 256MB of RAM with the MIPS Malta board, including capping the memsize variable that QEMUs pseudo-bootloader provides to the kernel at 256MB in order to match YAMON. It didn't however provide the ememsize variable which kernels supporting memory outside of the unmapped address spaces (ie. EVA or highmem) may use to determine the true size of the RAM present in the system. Set ememsize to the size of RAM so that such kernels may use all available memory without the user having to manually specifying its size & location. Signed-off-by: Paul Burton <paul.burton@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 7c979afd11b09a16634699dd6344e3ba10c9677e Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Apr 21 16:06:28 2015 +0100 target-mips: add Config5.FRE support allowing Status.FR=0 emulation This relatively small architectural feature adds the following: FIR.FREP: Read-only. If FREP=1, then Config5.FRE and Config5.UFE are available. Config5.FRE: When enabled all single-precision FP arithmetic instructions, LWC1/LWXC1/MTC1, SWC1/SWXC1/MFC1 cause a Reserved Instructions exception. Config5.UFE: Allows user to write/read Config5.FRE using CTC1/CFC1 instructions. Enable the feature in MIPS64R6-generic CPU. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit eab9944c7801525737626fa45cddaf00932dd2c8 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Apr 21 16:06:27 2015 +0100 target-mips: move group of functions above gen_load_fpr32() Move the "Tests" group of functions so that gen_load_fpr32() and gen_store_fpr32() can use generate_exception(). Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 5a9259a0b5d6f9424f94539cd9c715b1d166d90c Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Mar 13 12:21:50 2015 +0100 spice: ui_info tweaks Use the new dpy_ui_info_supported function. Clarifies the control flow. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit c6e484707f28b3e115e64122a0570f6b3c585489 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Jun 9 21:08:47 2015 +0200 spice-display: fix segfault in qemu_spice_create_update Although it is pretty unusual the stride for the guest image and the mirror image maintained by spice-display can be different. So use separate variables for them. https://bugzilla.redhat.com/show_bug.cgi?id=1163047 Cc: qemu-stable@xxxxxxxxxx Reported-by: perrier vincent <clownix@xxxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 0e12e61ff9a3407d123d0dbc4d945aec98d60fdf Merge: 3974c9d 62232bf Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jun 10 18:13:58 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20150610-1' into staging stdvga: factor out mmio subregion init virtio-gpu: add virtio gpu core code, 2d mode # gpg: Signature made Wed Jun 10 10:03:11 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vga-20150610-1: virtio-gpu/2d: add virtio gpu core code virtio: update headers, add virtio-gpu (2d) stdvga: factor out mmio subregion init stdvga: pass VGACommonState instead of PCIVGAState stdvga: fix offset in pci_vga_ioport_read Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 21549a4642e1f1b438ffc31dd9dc35f134b10e5b Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Wed Jun 10 23:04:36 2015 +0800 vhost-scsi: move qdev properties into vhost-scsi.c As only one place in vhost-scsi.c uses DEFINE_VHOST_SCSI_PROPERTIES, there is no need to expose it. Inline it into vhost-scsi.c to avoid wrongly use. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 83a84878da2e00b4d350bd90d6775c1f6320e7b4 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Wed Jun 10 23:04:35 2015 +0800 virtio-9p-device: move qdev properties into virtio-9p-device.c As only one place in virtio-9p-device.c uses DEFINE_VIRTIO_9P_PROPERTIES, there is no need to expose it. Inline it into virtio-9p-device.c to avoid wrongly use. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 448777c411b80df0263eb00b9df2f829cdc7cc9b Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Wed Jun 10 23:04:34 2015 +0800 virtio-serial-bus: move qdev properties into virtio-serial-bus.c As only one place in virtio-serial-bus.c uses DEFINE_VIRTIO_SERIAL_PROPERTIES, there is no need to expose it. Inline it into virtio-serial-bus.c to avoid wrongly use. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fe704809b974d8dd8e020b4d3f48ede338a886fe Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Wed Jun 10 23:04:33 2015 +0800 virtio-rng: move qdev properties into virtio-rng.c As only one place in virtio-rng.c uses DEFINE_VIRTIO_RNG_PROPERTIES, there is no need to expose it. Inline it into virtio-rng.c to avoid wrongly use. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 0c63237a90f37fffe8a8016f24f61bb228653e86 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Wed Jun 10 23:04:32 2015 +0800 virtio-scsi: move qdev properties into virtio-scsi.c As only one place in virtio-scsi.c uses DEFINE_VIRTIO_SCSI_PROPERTIES and DEFINE_VIRTIO_SCSI_FEATURES, there is no need to expose them. Inline them into virtio-scsi.c to avoid wrongly use. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit db58c063e159f02f0232d1557f0930fd32a6580f Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Wed Jun 10 23:04:31 2015 +0800 virtio-net.h: Remove unsed DEFINE_VIRTIO_NET_PROPERTIES Remove unsed DEFINE_VIRTIO_NET_PROPERTIES in virtio-net.h and delete a space typo. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 87108bb26ce04637980c0897caeabee8901e72c9 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Wed Jun 10 23:04:30 2015 +0800 virtio-net: move qdev properties into virtio-net.c As only one place in virtio-net.c uses DEFINE_VIRTIO_NET_FEATURES, there is no need to expose it. Inline it into virtio-net.c to avoid wrongly use. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 710e2d90da1a16807f7885d37b203ce739fdc53a Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:42 2015 +0200 virtio-input: emulated devices [pci] This patch adds virtio-pci support for the emulated virtio-input devices. Using them is as simple as adding "-device virtio-tablet-pci" to your command line. If you want add multiple devices but don't want waste a pci slot for each you can compose a multifunction device this way: qemu -device virtio-keyboard-pci,addr=0d.0,multifunction=on \ -device virtio-tablet-pci,addr=0d.1,multifunction=on Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit f958c8aa138718b8126a300d6faece522f7674b8 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:41 2015 +0200 virtio-input: core code & base class [pci] This patch adds the virtio-pci support bits for virtio-input-device. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ffaa05037134d48e3ccd7ebbf2d58db26590b96d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:40 2015 +0200 pci: add PCI_CLASS_INPUT_* Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b6ce27a593ab39ac28baebc3045901925046bebd Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:39 2015 +0200 virtio-pci: fill VirtIOPCIRegions early. Initialize the modern bar and the VirtIOPCIRegion fields early, in realize. Also add a size field to VirtIOPCIRegion and variables for pci bars to VirtIOPCIProxy. This allows virtio-pci subclasses to change things before the device_plugged callback applies them. virtio-vga will use that to arrange regions in a way that virtio-vga is compatible to both stdvga (in vga mode) and virtio-gpu-pci (in pci mode). Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit cc52ea90f835aa66d431db712b22f8b15bec2e46 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:38 2015 +0200 virtio-pci: drop identical virtio_pci_cap Now the three struct virtio_pci_caps are identical, lets drop two of them ;) Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fc004905c5b4b7568aad50087c156a5f4dfae1a7 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:37 2015 +0200 virtio-pci: move cap type to VirtIOPCIRegion Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 54790d71e4adcfaae95dac3c7019b10721e609de Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:36 2015 +0200 virtio-pci: move virtio_pci_add_mem_cap call to virtio_pci_modern_region_map Also fill offset and length automatically, from VirtIOPCIRegion->offset and region size. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit a3cc2e81592aba6d818005c078b94b16ba47a02c Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:35 2015 +0200 virtio-pci: add virtio_pci_modern_region_map() Add function to map modern virtio regions. Add offset to VirtIOPCIRegion. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1141ce2190c85daacfa9b874476651ed0f7dc6df Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:34 2015 +0200 virtio-pci: add virtio_pci_modern_regions_init() Add init function for the modern pci regions, move over the init code. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 588255ad5021f06789f438f7b045015c54e30841 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:33 2015 +0200 virtio-pci: add struct VirtIOPCIRegion for virtio-1 regions For now just place the MemoryRegion there, following patches will add more. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 40de55affda76392627e68d3b1ba5a6a11c492bc Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:32 2015 +0200 virtio-balloon: switch to virtio_add_feature This was missed during the conversion of feature bit manipulation. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fbdc6892dd8a842a3d86b8315ff56399e0387b74 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jun 4 12:34:31 2015 +0200 virtio_balloon: header update add modern header Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 975acc0ae6d60260859884a9235ae3c62e2969a2 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Jun 4 12:34:30 2015 +0200 virtio-pci: correctly set host notifiers for modern bar Currently, during host notifier set. We only add eventfd for legacy bar, this is not correct since: - Non-transitional device does not have legacy bar, so qemu will crash since proxy->bar was not initialized. - Modern device uses modern bar and notify cap to notify the device, we should add eventfd for proxy->notify. So this patch fixes the above two issues by adding eventfd based on whether legacy or modern device were supported. Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4e93a68eb369b2f7adbef7a4f6afd7a30a0ed927 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:29 2015 +0200 virtio-pci: make modern bar 64bit + prefetchable Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 23c5e3977502a1b57fa2d8cf8cf4b5c9e45f0d1f Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:28 2015 +0200 virtio-pci: change & document virtio pci bar layout. This patch adds variables for the pci bars (to get rid of the magic numbers in the code) and moves the modern virtio bar to region 4 so regions 2+3 are kept free. virtio-vga wants use them. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8aca0d75869f8ad0aa0032c50d8c85dcad65302f Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:27 2015 +0200 virtio-pci: make QEMU_VIRTIO_PCI_QUEUE_MEM_MULT smaller Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit e266d421490e0ae83044bbebb209b2d3650c0ba6 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:26 2015 +0200 virtio-pci: add flags to enable/disable legacy/modern Add VIRTIO_PCI_FLAG_DISABLE_LEGACY and VIRTIO_PCI_FLAG_DISABLE_MODERN for VirtIOPCIProxy->flags. Also add properties for them. They can be used to disable modern (virtio 1.0) or legacy (virtio 0.9) modes. By default only legacy is advertized, modern will be turned on by default once all remaining spec compilance issues are addressed. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 54c720d49d3f9741b52ac95c65a5cc990254a5d8 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jun 4 12:34:25 2015 +0200 virtio-pci: switch to modern accessors for 1.0 virtio 1.0 config space is in LE format for all devices, use modern wrappers when accessed through the 1.0 BAR. Reported-by: Rusty Russell <rusty@xxxxxxxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit adfb743c90c7aa5e92907ce875e4f35747ee1963 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jun 4 12:34:24 2015 +0200 virtio: add modern config accessors virtio 1.0 defines config space as LE, as opposed to pre-1.0 which was native endian. Add API for transports to execute word/dword accesses in little endian format - will be useful for mmio and pci (byte access is also wrapped, for completeness). For simplicity, we still keep config in host native endian format, byteswap to LE on guest access. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b8f059081d93f1802480059d1d49fe5c1d32f60c Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jun 4 12:34:23 2015 +0200 virtio: generation counter support Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit dfb8e184db758bff275f94f7aa634300886cfe21 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jun 4 12:34:22 2015 +0200 virtio-pci: initial virtio 1.0 support This is somewhat functional. With this, and linux driver from my tree, I was able to use virtio net as virtio 1.0 device for light browsing. At the moment, dataplane and vhost code is still missing. Based on Cornelia's virtio 1.0 patchset: Date: Thu, 11 Dec 2014 14:25:02 +0100 From: Cornelia Huck <cornelia.huck@xxxxxxxxxx> To: virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx, qemu-devel@xxxxxxxxxx Cc: rusty@xxxxxxxxxxxxxxx, thuth@xxxxxxxxxxxxxxxxxx, mst@xxxxxxxxxx, Cornelia Huck <cornelia.huck@xxxxxxxxxx> Subject: [PATCH RFC v6 00/20] qemu: towards virtio-1 host support Message-Id: <1418304322-7546-1-git-send-email-cornelia.huck@xxxxxxxxxx> which is itself still missing some core bits. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c17bef33601737e24a3d53259ddb6db28ac4d6d2 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jun 4 12:34:21 2015 +0200 linux-headers: add virtio_pci Easier than duplicating code. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 9a2ba82302bea7faf3b9579f9168b89c73ae34ad Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:20 2015 +0200 vhost: 64 bit features Make sure that all vhost interfaces use 64 bit features, as the virtio core does, and make sure to use ULL everywhere possible to be on the safe side. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b1506132001eee6b11cf23b5968cd66ec141a9ed Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jun 4 12:34:19 2015 +0200 vhost_net: add version_1 feature Add VERSION_1 to list of features that we should test at the backend. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit df91055db5c9cee93d70ca8c08d72119a240b987 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:18 2015 +0200 virtio-net: enable virtio 1.0 virtio-net (non-vhost) now should have everything in place to support virtio 1.0: let's enable the feature bit for it. Note that VIRTIO_F_VERSION_1 is technically a transport feature; once every device is ready for virtio 1.0, we can move setting this feature bit out of the individual devices. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit bb9d17f831fa8e70494eab8421d83a542e3d8508 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:17 2015 +0200 virtio-net: support longer header virtio-1 devices always use num_buffers in the header, even if mergeable rx buffers have not been negotiated. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b6a3cddb22d3f0f729e267d45f350ae31bdebbcf Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:16 2015 +0200 virtio-net: no writeable mac for virtio-1 Devices operating as virtio 1.0 may not allow writes to the mac address in config space. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 0b352fd680e1ca7827ddea47b5e9b603320913b6 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:15 2015 +0200 virtio: allow to fail setting status virtio-1 allow setting of the FEATURES_OK status bit to fail if the negotiated feature bits are inconsistent: let's fail virtio_set_status() in that case and update virtio-ccw to post an error to the guest. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 6c0196d702e8482a17638ee79f45ce27cdd1ef5d Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:14 2015 +0200 virtio: disallow late feature changes for virtio-1 For virtio-1 devices, the driver must not attempt to set feature bits after it set FEATURES_OK in the device status. Simply reject it in that case. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit f5a5628cf0b65b223fa0c9031714578dfac4cf04 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:13 2015 +0200 dataplane: allow virtio-1 devices Handle endianness conversion for virtio-1 virtqueues correctly. Note that dataplane now needs to be built per-target. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ab223c9518e8c7eb542ef3133de1a34475b69790 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:12 2015 +0200 virtio: allow virtio-1 queue layout For virtio-1 devices, we allow a more complex queue layout that doesn't require descriptor table and rings on a physically-contigous memory area: add virtio_queue_set_rings() to allow transports to set this up. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 3c185597c86b8cd0a07c46e7a5bd5aac28bb7200 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:11 2015 +0200 virtio: endianness checks for virtio 1.0 devices Add code that checks for the VERSION_1 feature bit in order to make decisions about the device's endianness. This allows us to support transitional devices. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 3974c9d8ccfccbd81edc9df271fcae7082f3921d Merge: eed8a8f 5efed5a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jun 10 16:52:34 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-fw_cfg-20150610-1' into staging fw_cfg: drop write support, qemu cmdline support, bugfixes. bios-tables-test: fix smbios test. # gpg: Signature made Wed Jun 10 07:29:53 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-fw_cfg-20150610-1: bios-tables-test: handle false-positive smbios signature matches fw_cfg: insert fw_cfg file blobs via qemu cmdline fw_cfg: prohibit insertion of duplicate fw_cfg file names fw_cfg: prevent selector key conflict fw_cfg: remove support for guest-side data writes fw_cfg: fix FW_CFG_BOOT_DEVICE update on ppc and sparc fw_cfg: add fw_cfg_modify_i16 (update) method QemuOpts: increase number of vm_config_groups Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit eed8a8f572e659c85f8711d79c20da95021e06e2 Merge: e015fe0 7a8d15d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jun 10 15:46:39 2015 +0100 Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150609.0' into staging Initial VFIO platform device support, v2 (Eric Auger, et al.) # gpg: Signature made Tue Jun 9 15:25:40 2015 BST using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex@xxxxxxxxxxx>" # gpg: aka "Alex Williamson <alwillia@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex.l.williamson@xxxxxxxxx>" * remotes/awilliam/tags/vfio-update-20150609.0: hw/vfio/platform: calxeda xgmac device hw/vfio/platform: add irq assignment hw/vfio/platform: vfio-platform skeleton Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e015fe008a3a8901913248cdb50c62dba795c588 Merge: b041114 9f7c594 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jun 10 15:10:14 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/CVE-2015-3209-pcnet-tx-buffer-fix-pull-request' into staging # gpg: Signature made Wed Jun 10 15:04:11 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/CVE-2015-3209-pcnet-tx-buffer-fix-pull-request: pcnet: force the buffer access to be in bounds during tx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9f7c594c006289ad41169b854d70f5da6e400a2a Author: Petr Matousek <pmatouse@xxxxxxxxxx> Date: Sun May 24 10:53:44 2015 +0200 pcnet: force the buffer access to be in bounds during tx 4096 is the maximum length per TMD and it is also currently the size of the relay buffer pcnet driver uses for sending the packet data to QEMU for further processing. With packet spanning multiple TMDs it can happen that the overall packet size will be bigger than sizeof(buffer), which results in memory corruption. Fix this by only allowing to queue maximum sizeof(buffer) bytes. This is CVE-2015-3209. [Fixed 3-space indentation to QEMU's 4-space coding standard. --Stefan] Signed-off-by: Petr Matousek <pmatouse@xxxxxxxxxx> Reported-by: Matt Tait <matttait@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 24bfa207efb9b9d591552eefc1f414ff33ef0eac Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Jun 4 23:05:58 2015 -0400 vhost: put log correctly in vhost_dev_start() We allocate an dummy log even if the size is zero. So we should put it unconditionally too. Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 62232bf48456bda4058ceae05851bc58c1032338 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 10 14:12:28 2014 +0200 virtio-gpu/2d: add virtio gpu core code This patch adds the core code for virtio gpu emulation, covering 2d support. Written by Dave Airlie and Gerd Hoffmann. Signed-off-by: Dave Airlie <airlied@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 53476e07d299b7fc33fa480db6bd9a6b1e2e8a97 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri May 22 15:37:33 2015 +0200 virtio: update headers, add virtio-gpu (2d) Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 220869e12d96bfb0b44d8e47394587c30e9a093f Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Apr 8 09:50:46 2015 +0200 stdvga: factor out mmio subregion init Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit cf45ec6a52af77ec2cdfe229b6f496a29b8f7886 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Apr 8 09:09:49 2015 +0200 stdvga: pass VGACommonState instead of PCIVGAState Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 24cdff7c8278849747035f9554f8c538beabf949 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Apr 8 09:03:54 2015 +0200 stdvga: fix offset in pci_vga_ioport_read Simliar to pci_vga_ioport_write. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 5efed5a172881f601ac3c57c22ec5c5721f895be Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Mon May 18 08:47:24 2015 -0400 bios-tables-test: handle false-positive smbios signature matches It has been reported that sometimes the .rodata section of SeaBIOS, containing the constant string against which the SMBIOS signature ends up being compared, also falls within the guest f-segment. In that case, the test obviously fails, unless we continue searching for the *real* SMBIOS entry point. Rather than stopping at the first match for the SMBIOS signature ("_SM_") in the f-segment (0xF0000-0xFFFFF), continue scanning until either a valid entry point table is found, or the f-segment has been exhausted. Reported-by: Bruce Rogers <brogers@xxxxxxxx> Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Tested-by: Bruce Rogers <brogers@xxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 81b2b81062612ebeac4cd5333a3b15c7d79a5a3d Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Wed Apr 29 11:21:53 2015 -0400 fw_cfg: insert fw_cfg file blobs via qemu cmdline Allow user supplied files to be inserted into the fw_cfg device before starting the guest. Since fw_cfg_add_file() already disallows duplicate fw_cfg file names, qemu will exit with an error message if the user supplies multiple blobs with the same fw_cfg file name, or if a blob name collides with a fw_cfg name programmatically added from within the QEMU source code. A warning message will be printed if the fw_cfg item name does not begin with the prefix "opt/", which is recommended for external, user provided blobs. Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 0eb973f91521c6bcb6399d25327711d083f6eb10 Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Wed Apr 29 11:21:52 2015 -0400 fw_cfg: prohibit insertion of duplicate fw_cfg file names Exit with an error (instead of simply logging a trace event) whenever the same fw_cfg file name is added multiple times via one of the fw_cfg_add_file[_callback]() host-side API calls. Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 0f9b214139d11ef058fa0f1c11c89e94fa6ef95d Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Wed Apr 29 11:21:51 2015 -0400 fw_cfg: prevent selector key conflict Enforce a single assignment of data for each distinct selector key. Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 023e3148567ac898c7258138f8e86c3c2bb40d07 Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Wed Apr 29 11:21:50 2015 -0400 fw_cfg: remove support for guest-side data writes From this point forward, any guest-side writes to the fw_cfg data register will be treated as no-ops. This patch also removes the unused host-side API function fw_cfg_add_callback(), which allowed the registration of a callback to be executed each time the guest completed a full overwrite of a given fw_cfg data item. Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 48779e501810c5046ff8af7b9cf9c99bec2928a1 Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Mon Jun 8 14:10:45 2015 -0400 fw_cfg: fix FW_CFG_BOOT_DEVICE update on ppc and sparc On ppc, sparc, and sparc64, the value of the FW_CFG_BOOT_DEVICE 16bit fw_cfg entry is repeatedly modified from a series of callbacks, which currently results in the previous value's dynamically allocated memory being leaked. This patch switches updating to the new fw_cfg_modify_i16() call, which does not cause memory leaks. Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 1edd34b638f73d39a175fbc4f9ad5c97800d7470 Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Mon Jun 8 14:10:44 2015 -0400 fw_cfg: add fw_cfg_modify_i16 (update) method Allow the ability to modify the value of an existing 16-bit integer fw_cfg item. Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 1ceaefbd0d09642fcff05c6b8da49ad8fbc050cb Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri May 29 14:37:54 2015 +0200 QemuOpts: increase number of vm_config_groups Adding the fw_cfg cmd line support patch by Gabriel L. Somlo hits the limit. Fix this by making the array larger. Cc: Gabriel L. Somlo <somlo@xxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit b0411142f482df92717f8b4a3b746081a62b724f Merge: 44ee94e 36e60ef Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 9 15:29:34 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150609' into staging Collected TCG patches # gpg: Signature made Tue Jun 9 15:06:18 2015 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20150609: tcg/optimize: rename tcg_constant_folding tcg/optimize: fold constant test in tcg_opt_gen_mov tcg/optimize: fold temp copies test in tcg_opt_gen_mov tcg/optimize: remove opc argument from tcg_opt_gen_mov tcg/optimize: remove opc argument from tcg_opt_gen_movi tcg: fix dead computation for repeated input arguments tcg: fix register allocation with two aliased dead inputs tcg: Handle MO_AMASK in tcg_dump_ops tcg: Mask TCGMemOp appropriately for indexing Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7a8d15d7702444be715b6ae32574659483c0c158 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Tue Jun 9 09:00:07 2015 +0100 hw/vfio/platform: calxeda xgmac device The platform device class has become abstract. This patch introduces a calxeda xgmac device that derives from it. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 36e60ef6ac5d8a262d0fbeedfdb2b588514cb1ea Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jun 4 21:53:27 2015 +0200 tcg/optimize: rename tcg_constant_folding The tcg_constant_folding folding ends up doing all the optimizations (which is a good thing to avoid looping on all ops multiple time), so make it clear and just rename it tcg_optimize. Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1433447607-31184-6-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 97a79eb70dd35a24fda87d86196afba5e6f21c5d Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Fri Jun 5 11:19:18 2015 +0200 tcg/optimize: fold constant test in tcg_opt_gen_mov Most of the calls to tcg_opt_gen_mov are preceeded by a test to check if the source temp is a constant. Fold that into the tcg_opt_gen_mov function. Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1433495958-9508-1-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 5365718a9afeeabde3784d82a542f8ad909b18cf Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jun 4 21:53:25 2015 +0200 tcg/optimize: fold temp copies test in tcg_opt_gen_mov Each call to tcg_opt_gen_mov is preceeded by a test to check if the source and destination temps are copies. Fold that into the tcg_opt_gen_mov function. Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1433447607-31184-4-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 8d6a91602ea824ef4435ea38fd475387eecc098c Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jun 4 21:53:24 2015 +0200 tcg/optimize: remove opc argument from tcg_opt_gen_mov We can get the opcode using the TCGOp pointer. It needs to be dereferenced, but it's anyway done a few lines below to write the new value. Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1433447607-31184-3-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit ebd27391b00cdafc81e0541a940686137b3b48df Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jun 4 21:53:23 2015 +0200 tcg/optimize: remove opc argument from tcg_opt_gen_movi We can get the opcode using the TCGOp pointer. It needs to be dereferenced, but it's anyway done a few lines below to write the new value. Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1433447607-31184-2-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit c19f47bf5e8fe3dbd10206a52d0e6e348f803933 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jun 4 21:47:08 2015 +0200 tcg: fix dead computation for repeated input arguments When the same temp is used twice or more as an input argument to a TCG instruction, the dead computation code doesn't recognize the second use as a dead temp. This is because the temp is marked as live in the same loop where dead inputs are checked. The fix is to split the loop in two parts. This avoid emitting a move and using a register for the movcond instruction when used as "move if true" on x86-64. This might bring more improvements on RISC TCG targets which don't have outputs aliased to inputs. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1433447228-29425-3-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 7e1df267a7e8b39fc0cf1d84d2afc2e88ccbfeac Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jun 4 21:47:07 2015 +0200 tcg: fix register allocation with two aliased dead inputs For TCG ops with two outputs registers (add2, sub2, div2, div2u), when the same input temp is used for the two inputs aliased to the two outputs, and when these inputs are both dead, the register allocation code wrongly assigned the same register to the same output. This happens for example with sub2 t1, t2, t3, t3, t4, t5, when t3 is not used anymore after the TCG op. In that case the same register is used for t1, t2 and t3. The fix is to look for already allocated aliased input when allocating a dead aliased input and check that the register is not already used. Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1433447228-29425-2-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 59c4b7e8dfab0cdc41434fedbf2686222f541e57 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Jun 1 14:38:56 2015 -0700 tcg: Handle MO_AMASK in tcg_dump_ops Reviewed-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Tested-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2b7ec66f025263a5331f37d5ad78a625496fd7bd Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri May 29 09:16:51 2015 -0700 tcg: Mask TCGMemOp appropriately for indexing The addition of MO_AMASK means that places that used inverted masks need to be changed to use positive masks, and places that failed to mask the intended bits need updating. Reviewed-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Tested-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 44ee94e4862603c2b1b21718effc5f17b39f43bc Merge: b781a60 6028ef0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 9 11:07:41 2015 +0100 Merge remote-tracking branch 'remotes/borntraeger/tags/s390x-20150609' into staging s390x/virtio-ccw: migration and virtio for 2.4 1. Migration fixups 2. virtio 9pfs # gpg: Signature made Tue Jun 9 09:00:05 2015 BST using RSA key ID B5A61C7C # gpg: Good signature from "Christian Borntraeger (IBM) <borntraeger@xxxxxxxxxx>" * remotes/borntraeger/tags/s390x-20150609: s390x/migration: add comment about floating point migration s390x/kvm: always ignore empty vcpu interrupt state virtio-ccw/migration: Migrate config vector for virtio devices virtio-ccw: add support for 9pfs Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b781a60b1054e06de6733b75dd1489afff9c3276 Merge: ee09f84 8190483 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 9 10:05:29 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2015-06-09' into staging Error reporting patches # gpg: Signature made Tue Jun 9 06:42:15 2015 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-error-2015-06-09: vhost-user: Improve -netdev/netdev_add/-net/... error reporting QemuOpts: Convert qemu_opt_foreach() to Error QemuOpts: Drop qemu_opt_foreach() parameter abort_on_failure blkdebug: Simplify passing of Error through qemu_opts_foreach() QemuOpts: Convert qemu_opts_foreach() to Error QemuOpts: Drop qemu_opts_foreach() parameter abort_on_failure vl: Fail right after first bad -object vl: Print -device help at most once vl: Report failure to sandbox at most once Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 08d49df0dbaacc220a099dbfb644e1dc0eda57be Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 8 11:12:15 2015 +0200 sdl2: fix crash in handle_windowevent() when restoring the screen size The Ctrl-Alt-u keyboard shortcut restores the screen to its original size. In the SDL2 UI this is done by destroying the window and creating a new one. The old window emits SDL_WINDOWEVENT_HIDDEN when it's destroyed, but trying to call SDL_GetWindowFromID() from that event's window ID returns a null pointer. handle_windowevent() assumes that the pointer is never null so it results in a crash. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 6028ef075791913228c36f10cb270f1f52e9f076 Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Mon Jun 8 12:21:24 2015 +0200 s390x/migration: add comment about floating point migration commit 46c804def4bd ("s390x: move fpu regs into a subsection of the vmstate") moved the fprs into a subsection and bumped the version number. This will allow to not transfer fprs in the future if necessary. Add a comment to mark the return true as intentional. CC: Juan Quintela <quintela@xxxxxxxxxx> CC: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Message-Id: <1433758884-2997-1-git-send-email-borntraeger@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> commit 8190483196148f765c65785876f7b893d64b6cdd Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 13 14:17:16 2015 +0100 vhost-user: Improve -netdev/netdev_add/-net/... error reporting When -netdev vhost-user fails, it first reports a specific error, then one or more generic ones, like this: $ qemu-system-x86_64 -netdev vhost-user,id=foo,chardev=xxx qemu-system-x86_64: -netdev vhost-user,id=foo,chardev=xxx: chardev "xxx" not found qemu-system-x86_64: -netdev vhost-user,id=foo,chardev=xxx: No suitable chardev found qemu-system-x86_64: -netdev vhost-user,id=foo,chardev=xxx: Device 'vhost-user' could not be initialized With the command line, the messages go to stderr. In HMP, they go to the monitor. In QMP, the last one becomes the error reply, and the others go to stderr. Convert net_init_vhost_user() and its helpers to Error. This suppresses the unwanted unspecific error messages, and makes the specific error the QMP error reply. Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Cc: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 71df1d833776647fc12f5bbcd6d6fe4c5e931094 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 12 08:40:25 2015 +0100 QemuOpts: Convert qemu_opt_foreach() to Error Retain the function value for now, to permit selective conversion of its callers. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 1640b200d53e3d981f12a192fe84b7bb7958c065 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 12 07:45:10 2015 +0100 QemuOpts: Drop qemu_opt_foreach() parameter abort_on_failure When the argument is non-zero, qemu_opt_foreach() stops on callback returning non-zero, and returns that value. When the argument is zero, it doesn't stop, and returns the callback's value from the last iteration. The two callers that pass zero could just as well pass one: * qemu_spice_init()'s callback add_channel() either returns zero or exit()s. * config_write_opts()'s callback config_write_opt() always returns zero. Drop the parameter, and always stop. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 8809cfc38e4e93884d664bb00108fc71b423f589 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 13 13:38:42 2015 +0100 blkdebug: Simplify passing of Error through qemu_opts_foreach() Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: qemu-block@xxxxxxxxxx Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Acked-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 28d0de7a4fb721b06de72970bd163f5183c2188b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 13 13:35:14 2015 +0100 QemuOpts: Convert qemu_opts_foreach() to Error Retain the function value for now, to permit selective conversion of its callers. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Acked-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a4c7367f7dd9348f94dc4298571ed515b8160a27 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 13 11:07:24 2015 +0100 QemuOpts: Drop qemu_opts_foreach() parameter abort_on_failure When the argument is non-zero, qemu_opts_foreach() stops on callback returning non-zero, and returns that value. When the argument is zero, it doesn't stop, and returns the bit-wise inclusive or of all the return values. Funky :) The callers that pass zero could just as well pass one, because their callbacks can't return anything but zero: * qemu_add_globals()'s callback qdev_add_one_global() * qemu_config_write()'s callback config_write_opts() * main()'s callbacks default_driver_check(), drive_enable_snapshot(), vnc_init_func() Drop the parameter, and always stop. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Acked-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8122928a52248e28513c79d9b9929c6d20c866ea Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 13 13:08:36 2015 +0100 vl: Fail right after first bad -object Failure to create an object with -object is a fatal error. However, we delay the actual exit until all -object are processed. On the one hand, this permits detection of genuine additional errors. On the other hand, it can muddy the waters with uninteresting additional errors, e.g. when a later -object tries to reference a prior one that failed. We generally stop right on the first bad option, so do that for -object as well. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 8416abb3b0f42132fc6346c439ec543635075135 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 13 13:02:03 2015 +0100 vl: Print -device help at most once We print it once for each -device help. Not helpful. Stop after the first one. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 092b21aa7edf7962248e731cddaf5350d268e333 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 13 12:59:43 2015 +0100 vl: Report failure to sandbox at most once It's reported once per -sandbox on. Stop on the first failure, like we do for other options. Not fixed: "-sandbox on -sandbox off" should leave the sandbox off. It doesn't. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 38559979bf0095a586f61bc9e028df36673f21a1 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jun 8 09:25:26 2015 -0600 hw/vfio/platform: add irq assignment This patch adds the code requested to assign interrupts to a guest. The interrupts are mediated through user handled eventfds only. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Tested-by: Vikram Sethi <vikrams@xxxxxxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 0ea2730bef0b764ce87f5d6859f9b1eac6069250 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jun 8 09:25:25 2015 -0600 hw/vfio/platform: vfio-platform skeleton Minimal VFIO platform implementation supporting register space user mapping but not IRQ assignment. Signed-off-by: Kim Phillips <kim.phillips@xxxxxxxxxx> Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Tested-by: Vikram Sethi <vikrams@xxxxxxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit ee09f84e6bf5383a23c9624115c26b72aa1e076c Merge: 2e29dd7 24a3142 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 8 15:57:41 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * KVM error improvement from Laurent * CONFIG_PARALLEL fix from Mirek * Atomic/optimized dirty bitmap access from myself and Stefan * BUILD_DIR convenience/bugfix from Peter C * Memory leak fix from Shannon * SMM improvements (though still TCG only) from myself and Gerd, acked by mst # gpg: Signature made Fri Jun 5 18:45:20 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: (62 commits) update Linux headers from kvm/next atomics: add explicit compiler fence in __atomic memory barriers ich9: implement SMI_LOCK q35: implement TSEG q35: add test for SMRAM.D_LCK q35: implement SMRAM.D_LCK q35: add config space wmask for SMRAM and ESMRAMC q35: fix ESMRAMC default q35: implement high SMRAM hw/i386: remove smram_update target-i386: use memory API to implement SMRAM hw/i386: add a separate region that tracks the SMRAME bit target-i386: create a separate AddressSpace for each CPU vl: run "late" notifiers immediately qom: add object_property_add_const_link vl: allow full-blown QemuOpts syntax for -global pflash_cfi01: add secure property pflash_cfi01: change to new-style MMIO accessors pflash_cfi01: change big-endian property to BIT type target-i386: wake up processors that receive an SMI ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2e29dd7c44db30e3d3c108ab2a622cbdac6d16f0 Merge: 0daba1f 0ba9888 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 8 14:07:32 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Fri Jun 5 20:59:07 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/ide-pull-request: macio: remove remainder_len DBDMA_io property macio: update comment/constants to reflect the new code macio: switch pmac_dma_write() over to new offset/len implementation macio: switch pmac_dma_read() over to new offset/len implementation fdc-test: Test state for existing cases more thoroughly fdc: Fix MSR.RQM flag fdc: Disentangle phases in fdctrl_read_data() fdc: Code cleanup in fdctrl_write_data() fdc: Use phase in fdctrl_write_data() fdc: Introduce fdctrl->phase fdc: Rename fdctrl_set_fifo() to fdctrl_to_result_phase() fdc: Rename fdctrl_reset_fifo() to fdctrl_to_command_phase() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0daba1f037ab85be7a9ff7ee37ba6b644c5e7977 Author: Alexander Graf <agraf@xxxxxxx> Date: Fri Jun 5 11:05:03 2015 +0200 machine: Drop use of DEFAULT_RAM_SIZE in help text As of commit 076b35b5a (machine: add default_ram_size to machine class) we no longer have a global default ram size, but instead machine specific defaults. When invoking qemu --help we don't know which machine you selected, so we can't tell the user the default RAM size in the help text anymore now. Thus I don't see an easy way to expose the default ram size to the user in the help text. The easiest option IMHO is to just drop this piece of information. Reported-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> Acked-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Acked-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Message-id: 1433495103-62084-1-git-send-email-agraf@xxxxxxx [PMM: rewrapped long commit message lines] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 779cec4d20907cbccb26fbf5f5c19c6cdee33eff Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Jun 8 10:44:30 2015 +0200 monitor: Fix QMP ABI breakage around "id" Commit 65207c5 accidentally dropped a line of code we need along with a comment that became wrong then. This made QMP reject "id": {"execute": "system_reset", "id": "1"} {"error": {"class": "GenericError", "desc": "QMP input object member 'id' is unexpected"}} Put the lost line right back, so QMP again accepts and returns "id", as promised by the ABI: {"execute": "system_reset", "id": "1"} {"return": {}, "id": "1"} Reported-by: Fabio Fantoni <fabio.fantoni@xxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Don Slutz <dslutz@xxxxxxxxxxx> Tested-by: Fabio Fantoni <fabio.fantoni@xxxxxxx> Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Tested-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-id: 1433753070-12632-2-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 24a314269281a175b5540b3b6a8981ed2e8220e1 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 4 16:38:29 2015 +0200 update Linux headers from kvm/next This is kvm.git commit 05ff30bb56c6b3d3000519d6e02ed35678ddae3b. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3bbf572345c65813f86a8fc434ea1b23beb08e16 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jun 3 14:21:20 2015 +0200 atomics: add explicit compiler fence in __atomic memory barriers __atomic_thread_fence does not include a compiler barrier; in the C++11 memory model, fences take effect in combination with other atomic operations. GCC implements this by making __atomic_load and __atomic_store access memory as if the pointer was volatile, and leaves no trace whatsoever of acquire and release fences in the compiler's intermediate representation. In QEMU, we want memory barriers to act on all memory, but at the same time we would like to use __atomic_thread_fence for portability reasons. Add compiler barriers manually around the __atomic_thread_fence. Message-Id: <1433334080-14912-1-git-send-email-pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 11e66a15a084cb0820dba13f4ea3b15b0512fd39 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed May 6 10:58:30 2015 +0200 ich9: implement SMI_LOCK Add write mask for the smi enable register, so we can disable write access to certain bits. Open all bits on reset. Disable write access to GBL_SMI_EN when SMI_LOCK (in ich9 lpc pci config space) is set. Write access to SMI_LOCK itself is disabled too. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bafc90bdc594a4d04db846bd8712bdcec59678a8 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Mon Apr 20 10:55:09 2015 +0200 q35: implement TSEG TSEG provides larger amounts of SMRAM than the 128 KB available with legacy SMRAM and high SMRAM. Route access to tseg into nowhere when enabled, for both cpus and busmaster dma, and add tseg window to smram region, so cpus can access it in smm mode. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 66e2ec2417e72edea1df5fb340b210100b0571b7 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Apr 14 15:11:36 2015 +0200 q35: add test for SMRAM.D_LCK Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> [Fix compilation of the newly introduced test. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 68c77acfb18d28933f17b1c2a842bd936ce7223b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Apr 14 14:03:22 2015 +0200 q35: implement SMRAM.D_LCK Once the SMRAM.D_LCK bit has been set by the guest several bits in SMRAM and ESMRAMC become readonly until the next machine reset. Implement this by updating the wmask accordingly when the guest sets the lock bit. As the lock it itself is locked down too we don't need to worry about the guest clearing the lock bit. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b66a67d7519cb7f980885af5391b1103c42e9b6d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Apr 15 16:48:12 2015 +0200 q35: add config space wmask for SMRAM and ESMRAMC Not all bits in SMRAM and ESMRAMC can be changed by the guest. Add wmask defines accordingly and set them in mch_reset(). Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7744752402d11cebe4c1d4079dcd40d3145eb37b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Apr 15 16:43:24 2015 +0200 q35: fix ESMRAMC default The cache bits in ESMRAMC are hardcoded to 1 (=disabled) according to the q35 mch specs. Add and use a define with this default. While being at it also update the SMRAM default to use the name (no code change, just makes things a bit more readable). Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 64130fa4a1514ae7a580b8d46290a11784770600 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Mar 31 17:13:01 2015 +0200 q35: implement high SMRAM When H_SMRAME is 1, low memory at 0xa0000 is left alone by SMM, and instead the chipset maps the 0xa0000-0xbffff window at 0xfeda0000-0xfedbffff. This affects both the "non-SMM" view controlled by D_OPEN and the SMM view controlled by G_SMRAME, so add two new MemoryRegions and toggle the enabled/disabled state of all four in mch_update_smram. Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3de70c0899db2712a5ae321093aa6173d6f76706 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Mar 31 14:14:28 2015 +0200 hw/i386: remove smram_update It's easier to inline it now that most of its work is done by the CPU (rather than the chipset) through /machine/smram and the memory API. Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f809c605122df291bbb9004dc487bde0969134b5 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Mar 31 14:12:25 2015 +0200 target-i386: use memory API to implement SMRAM Remove cpu_smm_register and cpu_smm_update. Instead, each CPU address space gets an extra region which is an alias of /machine/smram. This extra region is enabled or disabled as the CPU enters/exits SMM. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fe6567d5fddfb7501a352c5e080a9eecf7b89177 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Mar 31 14:10:22 2015 +0200 hw/i386: add a separate region that tracks the SMRAME bit This region is exported at /machine/smram. It is "empty" if SMRAME=0 and points to SMRAM if SMRAME=1. The CPU will enable/disable it as it enters or exits SMRAM. While touching nearby code, the existing memory region setup was slightly inconsistent. The smram_region is *disabled* in order to open SMRAM (because the smram_region shows the low VRAM instead of the RAM at 0xa0000). Because SMRAM is closed at startup, the smram_region must be enabled when creating the i440fx or q35 devices. Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2001d0cd6d55e5efa9956fa8ff8b89034d6a4329 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Mar 31 14:11:09 2015 +0200 target-i386: create a separate AddressSpace for each CPU Different CPUs can be in SMM or not at the same time, thus they will see different things where the chipset places SMRAM. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 71cdd1cb914e24000273bbbfa5fb226cdb8ea265 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Mar 31 14:01:06 2015 +0200 vl: run "late" notifiers immediately If a machine_init_done notifier is added late, as part of a hot-plugged device, run it immediately. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fb9e7e334b54350e8e3b62bd7892b78f63a9d848 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue May 5 18:29:00 2015 +0200 qom: add object_property_add_const_link Suggested-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3751d7c43f795b45ffdb9429cfb09c6beea55c68 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Apr 9 14:16:19 2015 +0200 vl: allow full-blown QemuOpts syntax for -global -global does not work for drivers that have a dot in their name, such as cfi.pflash01. This is just a parsing limitation, because such globals can be declared easily inside a -readconfig file. To allow this usage, support the full QemuOpts key/value syntax for -global too, for example "-global driver=cfi.pflash01,property=secure,value=on". The two formats do not conflict, because the key/value syntax does not have a period before the first equal sign. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f71e42a5c98722d6faa5be84a34fbad90d27dc04 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 8 14:09:43 2015 +0200 pflash_cfi01: add secure property When this property is set, MMIO accesses are only allowed with the MEMTXATTRS_SECURE attribute. This is used for secure access to UEFI variables stored in flash. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5aa113f0a2c245b0a77865e1dd2445bdd24c3ef8 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 8 14:00:53 2015 +0200 pflash_cfi01: change to new-style MMIO accessors This is a required step to implement read_with_attrs and write_with_attrs. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e98094221ec336fcfd0c72c66f280f1cabb16c72 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 8 13:53:29 2015 +0200 pflash_cfi01: change big-endian property to BIT type Make this consistent with the secure property, added in the next patch. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit a9bad65d2c1f61af74ce2ff43238d4b20bf81c3a Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue May 19 13:46:47 2015 +0200 target-i386: wake up processors that receive an SMI An SMI should definitely wake up a processor in halted state! This lets OVMF boot with SMM on multiprocessor systems, although it halts very soon after that with a "CpuIndex != BspIndex" assertion failure. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b4854f1384176d897747de236f426d020668fa3c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Apr 30 12:02:46 2015 +0200 target-i386: set G=1 in SMM big real mode selectors Because the limit field's bits 31:20 is 1, G should be 1. VMX actually enforces this, let's do it for completeness in QEMU as well. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9982f74bad70479939491b69522da047a3be5a0d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 11:40:41 2015 +0200 target-i386: mask NMIs on entry to SMM QEMU is not blocking NMIs on entry to SMM. Implementing this has to cover a few corner cases, because: - NMIs can then be enabled by an IRET instruction and there is no mechanism to _set_ the "NMIs masked" flag on exit from SMM: "A special case can occur if an SMI handler nests inside an NMI handler and then another NMI occurs. [...] When the processor enters SMM while executing an NMI handler, the processor saves the SMRAM state save map but does not save the attribute to keep NMI interrupts disabled. - However, there is some hidden state, because "If NMIs were blocked before the SMI occurred [and no IRET is executed while in SMM], they are blocked after execution of RSM." This is represented by the new HF2_SMM_INSIDE_NMI_MASK bit. If it is zero, NMIs are _unblocked_ on exit from RSM. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3f7d84648607cc0fcb3812bb4b88978e2a7aa24f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 8 14:45:53 2015 +0200 target-i386: Use correct memory attributes for ioport accesses In order to do this, stop using the cpu_in*/out* helpers, and instead access address_space_io directly. cpu_in* and cpu_out* remain for usage in the monitor, in qtest, and in Xen. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b216aa6c0fcbaa8ff4128969c14594896a5485a4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 8 13:39:37 2015 +0200 target-i386: Use correct memory attributes for memory accesses These include page table walks, SVM accesses and SMM state save accesses. The bulk of the patch is obtained with sed -i 's/\(\<[a-z_]*_phys\(_notdirty\)\?\>(cs\)->as,/x86_\1,/' Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f794aa4a2fd772a3ec413c4e478cc23857cfee98 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 8 14:52:04 2015 +0200 target-i386: introduce cpu_get_mem_attrs Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d7a0f71d9aac33e58d39fdbe4861d440af44fa8b Author: Victor CLEMENT <victor.clement@xxxxxxxxxxx> Date: Fri May 29 17:14:06 2015 +0200 icount: print a warning if there is no more deadline in sleep=no mode While qemu is running in sleep=no mode, a warning will be printed when no timer deadline is set. As this mode is intended for getting deterministic virtual time, if no timer is set on the virtual clock this determinism is broken. Signed-off-by: Victor CLEMENT <victor.clement@xxxxxxxxxxx> Message-Id: <1432912446-9811-4-git-send-email-victor.clement@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f1f4b57e88ff7c9cb20b074ff6106fd8f4397baa Author: Victor CLEMENT <victor.clement@xxxxxxxxxxx> Date: Fri May 29 17:14:05 2015 +0200 icount: add sleep parameter to the icount option to set icount_sleep mode The 'sleep' parameter sets the icount_sleep mode, which is enabled by default. To disable it, add the 'sleep=no' parameter (or 'nosleep') to the qemu -icount option. Signed-off-by: Victor CLEMENT <victor.clement@xxxxxxxxxxx> Message-Id: <1432912446-9811-3-git-send-email-victor.clement@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5045e9d912588a7421ab899ba510025722666fd1 Author: Victor CLEMENT <victor.clement@xxxxxxxxxxx> Date: Fri May 29 17:14:04 2015 +0200 icount: implement a new icount_sleep mode toggleing real-time cpu sleep When the icount_sleep mode is disabled, the QEMU_VIRTUAL_CLOCK runs at the maximum possible speed by warping the sleep times of the virtual cpu to the soonest clock deadline. The virtual clock will be updated only according the instruction counter. Signed-off-by: Victor CLEMENT <victor.clement@xxxxxxxxxxx> Message-Id: <1432912446-9811-2-git-send-email-victor.clement@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ec05ec26f940564b1e07bf88857035ec27e21dd8 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Sun Mar 29 09:31:43 2015 +0200 memory: use mr->ram_addr in "is this RAM?" assertions mr->terminates alone doesn't guarantee that we are looking at a RAM region. mr->ram_addr also has to be checked, in order to distinguish RAM and I/O regions. So, do the following: 1) add a new define RAM_ADDR_INVALID, and test it in the assertions instead of mr->terminates 2) IOMMU regions were not setting mr->ram_addr to a bogus value, initialize it in the instance_init function so that the new assertions would fire for IOMMU regions as well. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5f2cb94688bd0b2c88e0fc1ac3c4582965b7b106 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Dec 2 11:23:19 2014 +0000 memory: make cpu_physical_memory_sync_dirty_bitmap() fully atomic The fast path of cpu_physical_memory_sync_dirty_bitmap() directly manipulates the dirty bitmap. Use atomic_xchg() to make the test-and-clear atomic. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1417519399-3166-7-git-send-email-stefanha@xxxxxxxxxx> [Only do xchg on nonzero words. - Paolo] Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 03eebc9e3246b9b3f5925aa41f7dfd7c1e467875 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Dec 2 11:23:18 2014 +0000 memory: replace cpu_physical_memory_reset_dirty() with test-and-clear The cpu_physical_memory_reset_dirty() function is sometimes used together with cpu_physical_memory_get_dirty(). This is not atomic since two separate accesses to the dirty memory bitmap are made. Turn cpu_physical_memory_reset_dirty() and cpu_physical_memory_clear_dirty_range_type() into the atomic cpu_physical_memory_test_and_clear_dirty(). Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1417519399-3166-6-git-send-email-stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 20015f72bda7d2f356c43580a5542a659afedf83 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Dec 2 11:23:17 2014 +0000 migration: move dirty bitmap sync to ram_addr.h The dirty memory bitmap is managed by ram_addr.h and copied to migration_bitmap[] periodically during live migration. Move the code to sync the bitmap to ram_addr.h where related code lives. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1417519399-3166-5-git-send-email-stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d114875b9a1c21162f69a12d72f69a22e7bab376 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Dec 2 11:23:16 2014 +0000 memory: use atomic ops for setting dirty memory bits Use set_bit_atomic() and bitmap_set_atomic() so that multiple threads can dirty memory without race conditions. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1417519399-3166-4-git-send-email-stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 36546e5b803f6e363906607307f27c489441fd15 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Dec 2 11:23:15 2014 +0000 bitmap: add atomic test and clear The new bitmap_test_and_clear_atomic() function clears a range and returns whether or not the bits were set. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1417519399-3166-3-git-send-email-stefanha@xxxxxxxxxx> [Test before xchg; then a full barrier is needed at the end just like in the previous patch. The barrier can be avoided if we did at least one xchg. - Paolo] Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9f02cfc84b85929947b32fe1674fbc6a429f332a Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Dec 2 11:23:14 2014 +0000 bitmap: add atomic set functions Use atomic_or() for atomic bitmaps where several threads may set bits at the same time. This avoids the race condition between threads loading an element, bitwise ORing, and then storing the element. When setting all bits in a word we can avoid atomic ops and instead just use an smp_mb() at the end. Most bitmap users don't need atomicity so introduce new functions. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1417519399-3166-2-git-send-email-stefanha@xxxxxxxxxx> [Avoid barrier in the single word case, use full barrier instead of write. - Paolo] Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9460dee4b2258e3990906fb34099481c8334c267 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 11:41:32 2015 +0100 memory: do not touch code dirty bitmap unless TCG is enabled cpu_physical_memory_set_dirty_lebitmap unconditionally syncs the DIRTY_MEMORY_CODE bitmap. This however is unused unless TCG is enabled. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e87f7778b64d4a6a78e16c288c7fdc6c15317d5f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Mar 25 15:21:39 2015 +0100 exec: only check relevant bitmaps for cleanliness Most of the time, not all bitmaps have to be marked as dirty; do not do anything if the interesting ones are already dirty. Previously, any clean bitmap would have cause all the bitmaps to be marked dirty. In fact, unless running TCG most of the time bitmap operations need not be done at all, because memory_region_is_logging returns zero. In this case, skip the call to cpu_physical_memory_range_includes_clean altogether as well. With this patch, cpu_physical_memory_set_dirty_range is called unconditionally, so there need not be anymore a separate call to xen_modified_memory. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 72b47e79cef36ed6ffc718f10e21001d7ec2a66f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 13:48:25 2015 +0200 exec: invert return value of cpu_physical_memory_get_clean, rename While it is obvious that cpu_physical_memory_get_dirty returns true even if a single page is dirty, the same is not true for cpu_physical_memory_get_clean; one would expect that it returns true only if all the pages are clean, but it actually looks for even one clean page. (By contrast, the caller of that function, cpu_physical_memory_range_includes_clean, has a good name). To clarify, rename the function to cpu_physical_memory_all_dirty and return true if _all_ the pages are dirty. This is the opposite of the previous meaning, because "all are 1" is the same as "not (any is 0)", so we have to modify cpu_physical_memory_range_includes_clean as well. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 58d2707e8713ef17b89b8b4c9ce586c76655a385 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 11:56:01 2015 +0100 exec: pass client mask to cpu_physical_memory_set_dirty_range This cuts in half the cost of bitmap operations (which will become more expensive when made atomic) during migration on non-VRAM regions. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fc377bcf617a48233a99a9fe0a26247c38b5cb76 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 14:20:35 2015 +0200 translate-all: make less of tb_invalidate_phys_page_range depend on is_cpu_write_access is_cpu_write_access is only set if tb_invalidate_phys_page_range is called from tb_invalidate_phys_page_fast, and hence from notdirty_mem_write. However: - the code bitmap can be built directly in tb_invalidate_phys_page_fast (unconditionally, since is_cpu_write_access would always be passed as 1); - the virtual address is not needed to mark the page as "not containing code" (dirty code bitmap = 1), so we can also remove that use of is_cpu_write_access. For calls of tb_invalidate_phys_page_range that do not come from notdirty_mem_write, the next call to notdirty_mem_write will notice that the page does not contain code anymore, and will fix up the TLB entry. The parameter needs to remain in order to guard accesses to cpu->mem_io_pc. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9564f52da7eb061326956ed9a468935e3352512d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 14:24:54 2015 +0200 cputlb: remove useless arguments to tlb_unprotect_code_phys, rename These days modification of the TLB is done in notdirty_mem_write, so the virtual address and env pointer as unnecessary. The new name of the function, tlb_unprotect_code, is consistent with tlb_protect_code. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 358653391b0c0beaa0e3f9e28304e1918cd223b3 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 14:20:35 2015 +0200 translate-all: remove unnecessary argument to tb_invalidate_phys_range The is_cpu_write_access argument is always 0, remove it. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 1652b974766401743879d78f796f44b8929b0787 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 14:15:48 2015 +0200 exec: move functions to translate-all.h Remove them from the sundry exec-all.h header, since they are only used by the TCG runtime in exec.c and user-exec.c. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 845b6214a309fa58a4405050bf8313e19fde5c91 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 11:45:53 2015 +0100 exec: use memory_region_get_dirty_log_mask to optimize dirty tracking The memory API can now return the exact set of bitmaps that have to be tracked. Use it instead of the in_migration variable. In the next patches, we will also use it to set only DIRTY_MEMORY_VGA or DIRTY_MEMORY_MIGRATION if necessary. This can make a difference for dataplane, especially after the dirty bitmap is changed to use more expensive atomic operations. Of some interest is the change to stl_phys_notdirty. When migration was introduced, stl_phys_notdirty was changed to effectively behave as stl_phys during migration. In fact, if one looks at the function as it was in the beginning (commit 8df1cd0, physical memory access functions, 2005-01-28), at the time the dirty bitmap was the equivalent of DIRTY_MEMORY_CODE nowadays; hence, the function simply should not touch the dirty code bits. This patch changes it to do the intended thing. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 49dfcec40349245ad365964468b67e132c3cedc7 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 11:35:19 2015 +0100 ram_addr: tweaks to xen_modified_memory Invoke xen_modified_memory from cpu_physical_memory_set_dirty_range_nocode; it is akin to DIRTY_MEMORY_MIGRATION, so set it together with that bitmap. The remaining call from invalidate_and_set_dirty's "else" branch will go away soon. Second, fix the second argument to the function in the cpu_physical_memory_set_dirty_lebitmap call site. That function is only used by KVM, but it is better to be clean anyway. Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 1bfbac4ee16e2ea95d087e0926727d9a113b483e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:57:21 2015 +0100 kvm: remove special handling of DIRTY_MEMORY_MIGRATION in the dirty log mask One recent example is commit 4cc856f (kvm-all: Sync dirty-bitmap from kvm before kvm destroy the corresponding dirty_bitmap, 2015-04-02). Another performance problem is that KVM keeps tracking dirty pages after a failed live migration, which causes bad performance due to disallowing huge page mapping. Thanks to the previous patch, KVM can now stop hooking into log_global_start/stop. This simplifies the KVM code noticeably. Reported-by: Wanpeng Li <wanpeng.li@xxxxxxxxxxxxxxx> Reported-by: Xiao Guangrong <guangrong.xiao@xxxxxxxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6f6a5ef3e429f92f987678ea8c396aab4dc6aa19 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:57:21 2015 +0100 memory: include DIRTY_MEMORY_MIGRATION in the dirty log mask The separate handling of DIRTY_MEMORY_MIGRATION, which does not call log_start/log_stop callbacks when it changes in a region's dirty logging mask, has caused several bugs. One recent example is commit 4cc856f (kvm-all: Sync dirty-bitmap from kvm before kvm destroy the corresponding dirty_bitmap, 2015-04-02). Another performance problem is that KVM keeps tracking dirty pages after a failed live migration, which causes bad performance due to disallowing huge page mapping. This patch removes the root cause of the problem by reporting DIRTY_MEMORY_MIGRATION changes via log_start and log_stop. Note that we now have to rebuild the FlatView when global dirty logging is enabled or disabled; this ensures that log_start and log_stop callbacks are invoked. This will also be used to make the setting of bitmaps conditional. In general, this patch lets users of the memory API ignore the global state of dirty logging if they handle dirty logging generically per region. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ea8cb1a8d98f5e3822a23a7cecdb4add0f29178b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Apr 27 14:51:31 2015 +0200 kvm: accept non-mapped memory in kvm_dirty_pages_log_change It is okay if memory is not mapped into the guest but has dirty logging enabled. When this happens, KVM will not do anything and only accesses from the host will be logged. This can be triggered by iofuzz. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 677e7805cf95f3b2bca8baf0888d1ebed7f0c606 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:53:21 2015 +0100 memory: track DIRTY_MEMORY_CODE in mr->dirty_log_mask DIRTY_MEMORY_CODE is only needed for TCG. By adding it directly to mr->dirty_log_mask, we avoid testing for TCG everywhere a region is checked for the enabled/disabled state of dirty logging. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 42af3e3a02f6d0c38c46465b7f0311eabf532f77 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 13:30:19 2015 +0200 ui/console: remove dpy_gfx_update_dirty dpy_gfx_update_dirty expects DIRTY_MEMORY_VGA logging to be always on, but that will not be the case soon. Because it computes the memory region on the fly for every update (with memory_region_find), it cannot enable/disable logging by itself. We could always treat updates as invalidations if dirty logging is not enabled, assuming that the board will enable logging on the RAM region that includes the framebuffer. However, the function is unused, so just drop it. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d55d42078bfb507743747b761673507b95a76620 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:46:52 2015 +0100 framebuffer: check memory_region_is_logging framebuffer.c expects DIRTY_MEMORY_VGA logging to be always on, but that will not be the case soon. Because framebuffer.c computes the memory region on the fly for every update (with memory_region_find), it cannot enable/disable logging by itself. Instead, always treat updates as invalidations if dirty logging is not enabled, assuming that the board will enable logging on the RAM region that includes the framebuffer. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b2dfd71c4843a762f2befe702adb249cf55baf66 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Sat Apr 25 14:38:30 2015 +0200 memory: prepare for multiple bits in the dirty log mask When the dirty log mask will also cover other bits than DIRTY_MEMORY_VGA, some listeners may be interested in the overall zero/non-zero value of the dirty log mask; others may be interested in the value of single bits. For this reason, always call log_start/log_stop if bits have respectively appeared or disappeared, and pass the old and new values of the dirty log mask so that listeners can distinguish the kinds of change. For example, KVM checks if dirty logging used to be completely disabled (in log_start) or is now completely disabled (in log_stop). On the other hand, Xen has to check manually if DIRTY_MEMORY_VGA changed, since that is the only bit it cares about. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2d1a35bef0ed96b3f23535e459c552414ccdbafd Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:50:57 2015 +0100 memory: differentiate memory_region_is_logging and memory_region_get_dirty_log_mask For now memory regions only track DIRTY_MEMORY_VGA individually, but this will change soon. To support this, split memory_region_is_logging in two functions: one that returns a given bit from dirty_log_mask, and one that returns the entire mask. memory_region_is_logging gets an extra parameter so that the compiler flags misuse. While VGA-specific users (including the Xen listener!) will want to keep checking that bit, KVM and vhost check for "any bit except migration" (because migration is handled via the global start/stop listener callbacks). Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5299c0f2cf951c23ec681ff87e455d1cf4ec537b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 13:12:40 2015 +0200 display: add memory_region_sync_dirty_bitmap calls These are strictly speaking only needed for KVM and Xen, but it's still nice to be consistent. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 74259ae55b15bff4ef7b26faa6431a3ff16d7c9d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:47:45 2015 +0100 display: enable DIRTY_MEMORY_VGA tracking explicitly This will be required soon by the memory core. Tested-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 086f90e890fb25e7f12fbe72fe5a8078792398aa Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 12:43:24 2015 +0200 g364fb: remove pointless call to memory_region_set_coalescing Coalescing work on MMIO, not RAM, thus this call has no effect. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit dbddac6da01a13c9d5d162994a0a265173acecab Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:31:53 2015 +0100 memory: the only dirty memory flag for users is DIRTY_MEMORY_VGA DIRTY_MEMORY_MIGRATION is triggered by memory_global_dirty_log_start and memory_global_dirty_log_stop, so it cannot be used with memory_region_set_log. Specify this in the documentation and assert it. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6b4ad3b28d4a70ad93f287b50200b04766aeb0de Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Mon May 25 22:38:06 2015 -0700 Makefile.target: set master BUILD_DIR make can be invoked in the individual build dirs to build an individual target or just a single file of a target. e.g. touch translate-all.c make -C microblazeel-softmmu translate-all.o There is however a small bug when using the pixman submodule. config-host.mak will ref BUILD_DIR for the pixman -I CFLAGS: grep BUILD_DIR config-host.mak QEMU_CFLAGS=-I$(SRC_PATH)/pixman/pixman -I$(BUILD_DIR)/pixman/pixman ... This causes a build failure as -I/pixman/pixman (BUILD_DIR=="") will not be found. BUILD_DIR is usually set by the top level Makefile. Just lazy-set it in Makefile.target to the parent directory. Granted, this will not work if the pixman submodule is not prebuilt, but it at least means you can do incremental partial builds once you have done your initial full build (or attempt) from the top level. The next step would be refactor make infrastructure to rebuild pixman on a submake like the one above. Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <1432618686-16077-1-git-send-email-crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit db94604b20278c1dc227a04e4c564d80230e6c3f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu May 21 15:12:29 2015 +0200 exec: optimize phys_page_set_level phys_page_set_level is writing zeroes to a struct that has just been filled in by phys_map_node_alloc. Instead, tell phys_map_node_alloc whether to fill in the page "as a leaf" or "as a non-leaf". memcpy is faster than struct assignment, which copies each bitfield individually. A compiler bug (https://gcc.gnu.org/PR66391), and small memcpys like this one are special-cased anyway, and optimized to a register move, so just use the memcpy. This cuts the cost of phys_page_set_level from 25% to 5% when booting qboot. Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e4afbf4fb4d026510700cb40bb72dea9aef14e3b Author: Fam Zheng <famz@xxxxxxxxxx> Date: Tue May 19 10:50:59 2015 +0000 qemu-nbd: Switch to qemu_set_fd_handler Achieved by: - Remembering the server fd with a global variable, in order to access it from nbd_client_closed. - Checking nbd_can_accept() and updating server_fd handler whenever client connects or disconnects. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1432032670-15124-3-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit dae02ba55a66cb3194a2410c7725734e5bc6166f Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Mon May 18 21:06:47 2015 +0200 ppc: add helpful message when KVM fails to start VCPU On POWER8 systems, KVM checks if VCPU is running on primary threads, and that secondary threads are offline. If this is not the case, ioctl() fails with errno set to EBUSY. QEMU aborts with a non explicit error message: $ ./qemu-system-ppc64 --nographic -machine pseries,accel=kvm error: kvm run failed Device or resource busy To help user to diagnose the problem, this patch adds an informative error message. There is no easy way to check if SMT is enabled before starting the VCPU, and as this case is the only one setting errno to EBUSY, we just check the errno value to display a message. Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Message-Id: <1431976007-20503-1-git-send-email-lvivier@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9157eee1b1c076ff3316361b760e891dda13e9bf Author: Miroslav Rezanina <mrezanin@xxxxxxxxxx> Date: Wed May 13 11:39:30 2015 +0200 Move parallel_hds_isa_init to hw/isa/isa-bus.c Disabling CONFIG_PARALLEL cause removing parallel_hds_isa_init defined in parallel.c. This function is called during initialization of some boards so disabling CONFIG_PARALLEL cause build failure. This patch moves parallel_hds_isa_init to hw/isa/isa-bus.c so it is included in case of disabled CONFIG_PARALLEL. Build is successful but qemu will abort with "Unknown device" error when function is called. Signed-off-by: Miroslav Rezanina <mrezanin@xxxxxxxxxx> Message-Id: <1431509970-32154-1-git-send-email-mrezanin@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 00967f4e0bab246679d0ddc32fd31a7179345baf Merge: d6688ba 9814fed Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 5 12:04:41 2015 +0100 Merge remote-tracking branch 'remotes/agraf/tags/signed-s390-for-upstream' into staging Patch queue for s390 - 2015-06-05 This time there are a lot of s390x TCG emulation bug fixes - almost all of them from Aurelien, who returned from nirvana :). # gpg: Signature made Fri Jun 5 00:39:27 2015 BST using RSA key ID 03FEDC60 # gpg: Good signature from "Alexander Graf <agraf@xxxxxxx>" # gpg: aka "Alexander Graf <alex@xxxxxxxxx>" * remotes/agraf/tags/signed-s390-for-upstream: (34 commits) target-s390x: Only access allocated storage keys target-s390x: fix MVC instruction when areas overlap target-s390x: use softmmu functions for mvcp/mvcs target-s390x: support non current ASC in s390_cpu_handle_mmu_fault target-s390x: add a cpu_mmu_idx_to_asc function target-s390x: implement high-word facility target-s390x: implement load-and-trap facility target-s390x: implement miscellaneous-instruction-extensions facility target-s390x: implement LPDFR and LNDFR instructions target-s390x: implement TRANSLATE EXTENDED instruction target-s390x: implement TRANSLATE AND TEST instruction target-s390x: implement LOAD FP INTEGER instructions target-s390x: move SET DFP ROUNDING MODE to the correct facility target-s390x: move STORE CLOCK FAST to the correct facility target-s390x: change CHRL and CGHRL format to RIL-b target-s390x: fix CLGIT instruction target-s390x: fix exception for invalid operation code target-s390x: implement LAY and LAEY instructions target-s390x: move a few instructions to the correct facility target-s390x: detect tininess before rounding for FP operations ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0ba98885a0e965a17df214ab12b819ef630d8a14 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Thu Jun 4 22:59:37 2015 +0100 macio: remove remainder_len DBDMA_io property Since the block alignment code is now effectively independent of the DMA implementation, this variable is no longer required and can be removed. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1433455177-21243-5-git-send-email-mark.cave-ayland@xxxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit b01d44cd0623dec66e583d6cd2438451443261df Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Thu Jun 4 22:59:36 2015 +0100 macio: update comment/constants to reflect the new code With the offset/len functions taking care of all of the alignment mapping in isolation from the DMA tranasaction, many comments are now unnecessary. Remove these and tidy up a few constants at the same time. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1433455177-21243-4-git-send-email-mark.cave-ayland@xxxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit ac58fe7b2c67a9be142beacd4c6ee51f3264d90f Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Thu Jun 4 22:59:35 2015 +0100 macio: switch pmac_dma_write() over to new offset/len implementation In particular, this fixes a bug whereby chains of overlapping head/tail chains would incorrectly write over each other's remainder cache. This is the access pattern used by OS X/Darwin and fixes an issue with a corrupt Darwin installation in my local tests. While we are here, rename the DBDMA_io struct property remainder to head_remainder for clarification. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1433455177-21243-3-git-send-email-mark.cave-ayland@xxxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 0389b8f8c7688fe512e16bdc00c5f35d2d8df12c Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Thu Jun 4 22:59:34 2015 +0100 macio: switch pmac_dma_read() over to new offset/len implementation For better handling of unaligned block device accesses. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1433455177-21243-2-git-send-email-mark.cave-ayland@xxxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 9814fed0afa73f5c37f04e02ec17c915a5d59303 Author: Alexander Graf <agraf@xxxxxxx> Date: Thu Jun 4 00:52:44 2015 +0200 target-s390x: Only access allocated storage keys We allocate ram_size / PAGE_SIZE storage keys, so we need to make sure that we only access that many. Unfortunately the code can overrun this array by one, potentially overwriting unrelated memory. Fix it by limiting storage keys to their scope. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 068593deea6cc61b06243a33c7fcfadb1650b654 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:56 2015 +0200 target-s390x: fix MVC instruction when areas overlap The MVC instruction and the memmove C funtion do not have the same semantic when memory areas overlap: MVC: When the operands overlap, the result is obtained as if the operands were processed one byte at a time and each result byte were stored immediately after fetching the necessary operand byte. memmove: Copying takes place as though the bytes in src are first copied into a temporary array that does not overlap src or dest, and the bytes are then copied from the temporary array to dest. The behaviour is therefore the same when the destination is at a lower address than the source, but not in the other case. This is actually a trick for propagating a value to an area. While the current code detects that and call memset in that case, it only does for 1-byte value. This trick can and is used for propagating two or more bytes to an area. In the softmmu case, the call to mvc_fast_memmove is correct as the above tests verify that source and destination are each within a page, and both in a different page. The part doing the move 8 bytes by 8 bytes is wrong and we need to check that if the source and destination overlap, they do with a distance of minimum 8 bytes before copying 8 bytes at a time. In the user code, we should check check that the destination is at a lower address than source or than the end of the source is at a lower address than the destination before calling memmove. In the opposite case we fallback to the same code as the softmmu one. Note that l represents (length - 1). Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a3084e8055067b3fe8ed653a609021d2ab368564 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:55 2015 +0200 target-s390x: use softmmu functions for mvcp/mvcs mvcp and mvcs helper get access to the physical memory by a call to mmu_translate for the virtual to real conversion and then using ldb_phys and stb_phys to physically access the data. In practice this is quite slow because it bypasses the QEMU softmmu TLB and because stb_phys calls try to invalidate the corresponding memory for each access. Instead use cpu_ldb_{primary,secondary} for the loads and cpu_stb_{primary,secondary} for the stores. Ideally this should be further optimized by a call to memcpy, but that already improves the boot time of a guest by a factor 1.8. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit c255ac601231e8c53007e10d640722ac58eb77cc Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:54 2015 +0200 target-s390x: support non current ASC in s390_cpu_handle_mmu_fault s390_cpu_handle_mmu_fault currently looks at the current ASC mode defined in PSW mask instead of the MMU index. This prevent emulating easily instructions using a specific ASC mode. Fix that by using the MMU index converted back to ASC using the just added cpu_mmu_idx_to_asc function. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 4decd76d71d6972a59bf0a16d0dea0c83490d001 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:53 2015 +0200 target-s390x: add a cpu_mmu_idx_to_asc function Use constants to define the MMU indexes, and add a function to do the reverse conversion of cpu_mmu_index. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a1f12d855b6ec79a640fa6a74d12884f1646ecfe Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:52 2015 +0200 target-s390x: implement high-word facility Besides RISBHG and RISBLG, all high-word instructions are not implemented. Fix that. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 782a8479522f8e4a596f968e4acad5c10b77e061 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:51 2015 +0200 target-s390x: implement load-and-trap facility At the same time move the trap code from op_ct into gen_trap and use it for all new functions. The value needs to be stored back to register before the exception, but also before the brcond (as we don't use temp locals). That's why we can't use wout helper. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 375ee58bedcda359011fe7fa99e0647f66f9ffa0 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:50 2015 +0200 target-s390x: implement miscellaneous-instruction-extensions facility RISBGN is the same as RISBG, but without setting the condition code. CLT and CLGT are the same as CLRT and CLGRT, but using memory for the second operand. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit df46283ce7be962002a30140a91ffbb56832cc2d Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:49 2015 +0200 target-s390x: implement LPDFR and LNDFR instructions This complete the floating point support sign handling facility. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 3f4de6756cd87b508b37c7ffa93f7b827832c4eb Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:48 2015 +0200 target-s390x: implement TRANSLATE EXTENDED instruction It is part of the basic zArchitecture instructions. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 54f007750978ffbb98ce933077e0d1741e0202b0 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:47 2015 +0200 target-s390x: implement TRANSLATE AND TEST instruction It is part of the basic zArchitecture instructions. Allow it to be call from EXECUTE. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit ed0bcecec105137567f461e5b57834e72c851855 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:46 2015 +0200 target-s390x: implement LOAD FP INTEGER instructions This is needed to pass the gcc.c-torture/execute/ieee/20010114-2.c test in the gcc testsuite. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 9182886d797a20925d801a3378ca5330c0d91dfb Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:45 2015 +0200 target-s390x: move SET DFP ROUNDING MODE to the correct facility It belongs to the DFP rounding facility. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit f7c2114067cc32eb8d8f79b7374a641ec5f4eb72 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:44 2015 +0200 target-s390x: move STORE CLOCK FAST to the correct facility STORE CLOCK FAST should be in the SCF facility. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 74266b4a5837b46477034a39acc2be3a3afba431 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:43 2015 +0200 target-s390x: change CHRL and CGHRL format to RIL-b Change to match the PoP. In practice both format RIL-a and RIL-b have the same fields. They differ on the way we decode the fields, and it's done correctly in QEMU. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 1dedb9b76f061c8da730002f6c21a1fa2b76b106 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:42 2015 +0200 target-s390x: fix CLGIT instruction The COMPARE LOGICAL IMMEDIATE AND TRAP instruction should compare the numbers as unsigned, as its name implies. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 111d7f4a69751d333bac32526cd252add6b071d3 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:41 2015 +0200 target-s390x: fix exception for invalid operation code When an operation code is not recognized (ie invalid instruction) an operation exception should be generated instead of a specification exception. The latter is for valid opcode, with invalid operands or modifiers. This give a very basic GDB support in the guest, as it uses the invalid opcode 0x0001 to generate a trap. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a1c7610a68795d66249c25166220324d4d0b9289 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:47:31 2015 +0200 target-s390x: implement LAY and LAEY instructions This complete the general-instructions-extension facility, enable it. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> [agraf: remove facility bit] Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 92892330e78ffca7bebf03f4f7161c5bbd6602d2 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:47:30 2015 +0200 target-s390x: move a few instructions to the correct facility LY is part of the long-displacement facility. RISBHG and RISBLG are part of the high-word facility. STCMH is part of the z/Architecture. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 4a33565f9f46145d8cc701ab623b18bf423c469e Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:47:26 2015 +0200 target-s390x: detect tininess before rounding for FP operations The s390x floating point unit detects tininess before rounding, so set the softfloat fp_status up appropriately. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit f821135cdd4df09b1362666ddfbdfd162b905b1f Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:47:25 2015 +0200 target-s390x: silence NaNs for LOAD LENGTHENED and LOAD ROUNDED LOAD LENGTHENED and LOAD ROUNDED are considered as FP operations and thus need to convert input sNaN into corresponding qNaN. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 2daea9c16ffe61377b6e5426d9c52014bf538df3 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:47:24 2015 +0200 target-s390x: define default NaN values Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 1f65958d9c21fd3b461f6b645e7884866313c1f3 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:47:23 2015 +0200 target-s390x: fix MMU index computation The cpu_mmu_index function wrongly looks at PSW P bit to determine the MMU index, while this bit actually only control the use of priviledge instructions. The addressing mode is detected by looking at the PSW ASC bits instead. This used to work more or less correctly up to kernel 3.6 as the kernel was running in primary space and userland in secondary space. Since kernel 3.7 the default is to run the kernel in home space and userland in primary space. While the current QEMU code seems to work it open some security issues, like accessing the lowcore memory in R/W mode from a userspace process once it has been accessed by the kernel (it is then cached by the QEMU TLB). At the same time change the MMU_USER_IDX value so that it matches the value used in recent kernels. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 9bebf9863bd16cc824231ad71959a338dc1819ac Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:47:22 2015 +0200 target-s390x: fix PSW value on dynamical exception from helpers runtime_exception computes the psw.addr value using the actual exception address and the instruction length computed by calling the get_ilen function. However as explained above the get_ilen code, it returns the actual instruction length, and not the ILC. Therefore there is no need to multiply the value by 2. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit aa752a4afc2a4b7ede58a960a9d553b3fd9e6882 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Tue May 26 11:09:44 2015 +0200 target-s390x: fix LOAD MULTIPLE instruction on page boundary When consecutive memory locations are on page boundary a page fault might occur when using the LOAD MULTIPLE instruction. In that case real hardware doesn't load any register. This is an important detail in case the base register is in the list of registers to be loaded. If a page fault occurs this register might be overwritten and when the instruction is later restarted the wrong base register value is useD. Fix this by first loading the first and last value from memory, hence triggering all possible page faults, and then the remaining registers. This fixes random segmentation faults seen in the guest. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit b8ae94bd398ff772f40fb232887ecbcbd244c3d4 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 18 23:42:29 2015 +0200 target-s390x: implement STPT helper Save the timer target value in the SPT helper, so that the STPT helper can compute the remaining time. This allow the Linux kernel to correctly do time accounting. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit aa9e14e684506e8ddf02bd5cff720520827bf244 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 18 23:42:28 2015 +0200 target-s390x: implement STCKC helper The STCKC instruction just returns the last written clock comparator value and KVM already provides the corresponding variable. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit d9d55f1108f45c866098731d95fef88409ff1e94 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 18 23:42:27 2015 +0200 target-s390x: streamline STCK helper Now that clock_value is only used in one place, we can inline it in the STCK helper. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit c941f07485e56e4b2653048e166b720428307acb Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 18 23:42:26 2015 +0200 target-s390x: simplify SCKC helper The clock comparator and the QEMU timer work the same way, triggering at a given time, they just differ by the origin and the scale. It is therefore possible to go from one to another without using the current clock value. This spares two calls to qemu_clock_get_ns, which probably return slightly different values, possibly reducing the accuracy. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 9cb32c442e11d16b747fa07e29dd29b5d8227b57 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 18 23:42:25 2015 +0200 target-s390x: add a tod2time function Add a tod2time function similar to the time2tod one, instead of open coding the conversion. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a91a1b20a23424412a3e7bb184422ec30ae64453 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 18 15:40:00 2015 +0200 target-s390x: remove unused helpers Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit d30107814c8d02f1896bd57249aef1b5aaed38c9 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 18 15:39:59 2015 +0200 target-s390x: optimize (negative-) abs computation Now that movcond exists, it's easy to write (negative-) absolute value using TCG code instead of an helper. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 2aaa1940684a3bf2b381fd2a8ff26c287a05109d Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 18 15:39:58 2015 +0200 target-s390x: fix CC computation for LOAD POSITIVE instructions LOAD POSITIVE instructions (LPR, LPGR and LPGFR) set the following condition code: 0: Result zero; no overflow 1: -- 2: Result greater than zero; no overflow 3: Overflow The current code wrongly returns 1 instead of 2 in case of a result greater than 0. This patches fixes that. This fixes the marshalling of the value '0L' in Python. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit ee0d0be16819896cc6c8018cbe171a632b61489c Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun May 17 01:28:03 2015 +0200 target-s390x: fix CC computation for EX instruction Commit 7a6c7067f optimized CC computation by only saving cc_op before calling helpers as they either don't touch the CC or generate a new static value. This however doesn't work for the EX instruction as the helper changes or not the CC value depending on the actual executed instruction (e.g. MVC vs CLC). This patches force a CC computation before calling the helper. This fixes random memory corruption occuring in guests. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> [agraf: remove set_cc_static in op_ex as suggested by rth] Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit d6688ba17b934f20f5e8953dbaafc9408d8799c5 Merge: 3b730f5 309750f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 4 18:32:44 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging pc, acpi, virtio, tpm This includes pxb support by Marcel, as well as multiple enhancements all over the place. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu Jun 4 11:51:02 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: (28 commits) vhost: logs sharing hw/acpi: piix4_pm_init(): take fw_cfg object no more hw/acpi: move "etc/system-states" fw_cfg file from PIIX4 to core hw/acpi: acpi_pm1_cnt_init(): take "disable_s3" and "disable_s4" pc-dimm: don't assert if pc-dimm alignment != hotpluggable mem range size docs: Add PXB documentation apci: fix PXB behaviour if used with unsupported BIOS hw/pxb: add numa_node parameter hw/pci: add support for NUMA nodes hw/pxb: add map_irq func hw/pci: inform bios if the system has extra pci root buses hw/pci: introduce PCI Expander Bridge (PXB) hw/pci: removed 'rootbus nr is 0' assumption from qmp_pci_query hw/acpi: remove from root bus 0 the crs resources used by other buses. hw/acpi: add _CRS method for extra root busses hw/apci: add _PRT method for extra PCI root busses hw/acpi: add support for i440fx 'snooping' root busses hw/pci: extend PCI config access to support devices behind PXB hw/i386: query only for q35/pc when looking for pci host bridge hw/pci: made pci_bus_num a PCIBusClass method ... Conflicts: hw/i386/pc_piix.c Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3b730f570c5872ceea2137848f1d4554d4847441 Merge: 2700a97 1de29ae Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 4 14:04:14 2015 +0100 Merge remote-tracking branch 'remotes/agraf/tags/signed-ppc-for-upstream' into staging Patch queue for ppc - 2015-06-03 Highlights this time around: - sPAPR: endian fixes, speedups, bug fixes, hotplug basics - add default ram size capability for machines (sPAPR defaults to 512MB now) # gpg: Signature made Wed Jun 3 22:59:09 2015 BST using RSA key ID 03FEDC60 # gpg: Good signature from "Alexander Graf <agraf@xxxxxxx>" # gpg: aka "Alexander Graf <alex@xxxxxxxxx>" * remotes/agraf/tags/signed-ppc-for-upstream: (40 commits) softmmu: support up to 12 MMU modes tcg: add TCG_TARGET_TLB_DISPLACEMENT_BITS tci: do not use CPUArchState in tcg-target.h Add David Gibson for sPAPR in MAINTAINERS file pseries: Enable in-kernel H_LOGICAL_CI_{LOAD, STORE} implementations spapr: override default ram size to 512MB machine: add default_ram_size to machine class spapr_pci: emit hotplug add/remove events during hotplug spapr_pci: enable basic hotplug operations pci: make pci_bar useable outside pci.c spapr_pci: create DRConnectors for each PCI slot during PHB realize spapr_pci: add dynamic-reconfiguration option for spapr-pci-host-bridge spapr_drc: add spapr_drc_populate_dt() spapr_events: event-scan RTAS interface spapr_events: re-use EPOW event infrastructure for hotplug events spapr_rtas: add ibm, configure-connector RTAS interface spapr: add rtas_st_buffer_direct() helper spapr_rtas: add get-sensor-state RTAS interface spapr_rtas: add set-indicator RTAS interface spapr_rtas: add get/set-power-level RTAS interfaces ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2700a976dba6b107365aa9af7fd927ffb3dd3b21 Merge: 6fa6b31 de38528 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 4 12:49:15 2015 +0100 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-06-03' into staging trivial patches for 2015-06-03 # gpg: Signature made Wed Jun 3 14:07:47 2015 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-06-03: (30 commits) configure: postfix --extra-cflags to QEMU_CFLAGS cadence_gem: Fix Rx buffer size field mask slirp: use less predictable directory name in /tmp for smb config (CVE-2015-4037) translate-all: delete prototype for non-existent function Add -incoming help text hw/display/tc6393xb.c: Fix misusing qemu_allocate_irqs for single irq hw/arm/nseries.c: Fix misusing qemu_allocate_irqs for single irq hw/alpha/typhoon.c: Fix misusing qemu_allocate_irqs for single irq hw/unicore32/puv3.c: Fix misusing qemu_allocate_irqs for single irq hw/lm32/milkymist.c: Fix misusing qemu_allocate_irqs for single irq hw/lm32/lm32_boards.c: Fix misusing qemu_allocate_irqs for single irq hw/ppc/prep.c: Fix misusing qemu_allocate_irqs for single irq hw/sparc/sun4m.c: Fix misusing qemu_allocate_irqs for single irq hw/timer/arm_timer.c: Fix misusing qemu_allocate_irqs for single irq hw/isa/i82378.c: Fix misusing qemu_allocate_irqs for single irq hw/isa/lpc_ich9.c: Fix misusing qemu_allocate_irqs for single irq hw/i386/pc: Fix misusing qemu_allocate_irqs for single irq hw/intc/exynos4210_gic.c: Fix memory leak by adjusting order hw/arm/omap_sx1.c: Fix memory leak spotted by valgrind hw/ppc/e500.c: Fix memory leak ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 309750fad51f17d1ec6195c5d8ad7d741596ddb6 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Jun 4 05:28:46 2015 -0400 vhost: logs sharing Currently we allocate one vhost log per vhost device. This is sub optimal when: - Guest has several device with vhost as backend - Guest has multiqueue devices In the above cases, we can avoid the memory allocation by sharing a single vhost log among all the vhost devices. This is done through: - Introducing a new vhost_log structure with refcnt inside. - Using a global pointer to vhost_log structure that will be used. And introduce helper to get the log with expected log size and helper to - drop the refcnt to the old log. - Each vhost device still keep track of a pointer to the log that was used. With above, if no resize happens, all vhost device will share a single vhost log. During resize, a new vhost_log structure will be allocated and made for the global pointer. And each vhost devices will drop the refcnt to the old log. Tested by doing scp during migration for a 2 queues virtio-net-pci. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 6fa6b312765f698dc81b2c30e7eeb9683804a05b Merge: d2ceeb1 1b93c9a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 4 11:44:32 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 queue 2015-06-02 # gpg: Signature made Tue Jun 2 20:21:17 2015 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-pull-request: arch_init: Drop target-x86_64.conf target-i386: Register QOM properties for feature flags apic: convert ->busdev.qdev casts to C casts target-i386: Fix signedness of MSR_IA32_APICBASE_BASE pc: Ensure non-zero CPU ref count after attaching to ICC bus Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6e7d82497dc8da7d420c8fa6632d759e08a18bc3 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Wed Apr 29 15:20:16 2015 +0200 hw/acpi: piix4_pm_init(): take fw_cfg object no more This PIIX4 init function has no more reason to receive a pointer to the FwCfg object. Remove the parameter from the prototype, and update callers. As a result, the pc_init1() function no longer needs to save the return value of pc_memory_init() and xen_load_linux(), which makes it more similar to pc_q35_init(). The return type & value of pc_memory_init() and xen_load_linux() are not changed themselves; maybe we'll need their return values sometime later. RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1204696 Cc: Amit Shah <amit.shah@xxxxxxxxxx> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit e3845e7c47cc3eaf35305c9c0f9d55ca3840b49b Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Wed Apr 29 15:20:15 2015 +0200 hw/acpi: move "etc/system-states" fw_cfg file from PIIX4 to core The acpi_pm1_cnt_init() core function is responsible for setting up the register block that will ultimately react to S3 and S4 requests (see acpi_pm1_cnt_write()). It makes sense to advertise this configuration to the guest firmware via an easy to parse fw_cfg file (ACPI is too complex for firmware to parse), and indeed PIIX4 does that. However, since acpi_pm1_cnt_init() is not specific to PIIX4, neither should be the fw_cfg file. This patch makes "etc/system-states" appear on all chipsets modified in the previous patch, not just PIIX4 (assuming they have fw_cfg at all). RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1204696 Cc: Amit Shah <amit.shah@xxxxxxxxxx> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 9a10bbb4e83b184faef6fa744396a6775283c0aa Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Wed Apr 29 15:20:14 2015 +0200 hw/acpi: acpi_pm1_cnt_init(): take "disable_s3" and "disable_s4" This patch only modifies the function prototype and updates all chipset code that calls acpi_pm1_cnt_init() to pass in their own disable_s3 and disable_s4 settings. vt82c686 is assumed to be fixed "S3 and S4 enabled". RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1204696 Cc: Amit Shah <amit.shah@xxxxxxxxxx> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit d2ceeb1d68ed8b005892408fcdb533f578aae081 Merge: a67bfbb 94edf02 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 4 10:21:52 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150602' into staging target-arm queue: * more EL2 preparation patches * revert a no-longer-necessary workaround for old glib versions * add GICv2m support to virt board (MSI support) * pl061: fix wrong calculation of GPIOMIS register * support MSI via irqfd * remove a confusing v8_ prefix from some variable names * add dynamic sysbus device support to the virt board # gpg: Signature made Tue Jun 2 17:30:38 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150602: (22 commits) hw/arm/virt: change indentation in a15memmap hw/arm/virt: add dynamic sysbus device support hw/arm/boot: arm_load_kernel implemented as a machine init done notifier hw/arm/sysbus-fdt: helpers for platform bus nodes addition target-arm: Remove v8_ prefix from names of non-v8-specific cpreg arrays arm_gicv2m: set kvm_gsi_direct_mapping and kvm_msi_via_irqfd_allowed kvm: introduce kvm_arch_msi_data_to_gsi pl061: fix wrong calculation of GPIOMIS register target-arm: Add the GICv2m to the virt board target-arm: Extend the gic node properties arm_gicv2m: Add GICv2m widget to support MSIs target-arm: Add GIC phandle to VirtBoardInfo Revert "target-arm: Avoid g_hash_table_get_keys()" target-arm: Add TLBI_VAE2{IS} target-arm: Add TLBI_ALLE2 target-arm: Add TLBI_ALLE1{IS} target-arm: Add TTBR0_EL2 target-arm: Add TPIDR_EL2 target-arm: Add SCTLR_EL2 target-arm: Add TCR_EL2 ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b5d3b039221f056befb3715471fee1f68214815c Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Wed Jun 3 17:10:43 2015 +0200 pc-dimm: don't assert if pc-dimm alignment != hotpluggable mem range size Drop superfluous pc-dimm alignment on hot-pluggable mem range size assert, since it causes QEMU crash during hotplug when hotplugging pc-dimm with alignment bigger than an alignment of hot-pluggable mem range size. Instead allow pc_dimm_get_free_addr() find free address and bail out gracefully later in that function during checking if pc-dimm will fit in hot-pluggable mem range. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1de29aef17a7d70dbc04a7fe51e18942e3ebe313 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue May 5 09:18:23 2015 +0200 softmmu: support up to 12 MMU modes At 8k per TLB (for 64-bit host or target), 8 or more modes make the TLBs bigger than 64k, and some RISC TCG backends do not like that. On the affected hosts, cut the TLB size in half---there is still a measurable speedup on PPC with the next patch. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1424436345-37924-3-git-send-email-pbonzini@xxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 006f8638c62bca2b0caf609485f47fa5e14d8a3c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue May 5 09:18:22 2015 +0200 tcg: add TCG_TARGET_TLB_DISPLACEMENT_BITS This will be used to size the TLB when more than 8 MMU modes are used by the target. Limitations come from the limited size of the immediate fields (which sometimes, as in the case of Aarch64, extend to instructions that shift the immediate). Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1424436345-37924-2-git-send-email-pbonzini@xxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 5a58e884d1d9905a835de2889c8cd73327fe2a94 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue May 19 09:59:34 2015 +0200 tci: do not use CPUArchState in tcg-target.h tcg-target.h does not use any QEMU-specific symbols, save for tci's usage of CPUArchState. Pull that up to tcg/tcg.h. This will make it possible to include tcg-target.h in cpu-defs.h. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 085eb217dfb3ee12e7985c11f71f8a038394735a Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Fri May 8 10:11:00 2015 +1000 Add David Gibson for sPAPR in MAINTAINERS file At Alex Graf's request I'm now acting as sub-maintainer for the sPAPR (-machine pseries) code. This updates MAINTAINERS accordingly. While we're at it, change the label to mention pseries since that's the actual name of the machine type, even if most of the C files use the sPAPR name. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 026bfd89cb896c8a3460cc551cc4836219bd7ff9 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:59 2015 +1000 pseries: Enable in-kernel H_LOGICAL_CI_{LOAD, STORE} implementations qemu currently implements the hypercalls H_LOGICAL_CI_LOAD and H_LOGICAL_CI_STORE as PAPR extensions. These are used by the SLOF firmware for IO, because performing cache inhibited MMIO accesses with the MMU off (real mode) is very awkward on POWER. This approach breaks when SLOF needs to access IO devices implemented within KVM instead of in qemu. The simplest example would be virtio-blk using an iothread, because the iothread / dataplane mechanism relies on an in-kernel implementation of the virtio queue notification MMIO. To fix this, an in-kernel implementation of these hypercalls has been made, (kernel commit 99342cf "kvmppc: Implement H_LOGICAL_CI_{LOAD,STORE} in KVM" however, the hypercalls still need to be enabled from qemu. This performs the necessary calls to do so. It would be nice to provide some warning if we encounter a problematic device with a kernel which doesn't support the new calls. Unfortunately, I can't see a way to detect this case which won't either warn in far too many cases that will probably work, or which is horribly invasive. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a34944fe2e2457309bde74c1ffe3a1c60c6da018 Author: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:58 2015 +1000 spapr: override default ram size to 512MB Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Acked-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 076b35b5a56bca57c4aa41044ed304fe9c45d6c5 Author: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:57 2015 +1000 machine: add default_ram_size to machine class Machines types can have different requirement for default ram size. Introduce a member in the machine class and set the current default_ram_size to 128MB. For QEMUMachine types override the value during the registration of the machine and for MachineClass introduce the generic class init setting the default_ram_size. Add helpers [K,M,G,T,P,E]_BYTE for better readability and easy usage Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit c5bc152bc399ae7ec8ac5227762e4320d0fd2d1c Author: Tyrel Datwyler <tyreld@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:56 2015 +1000 spapr_pci: emit hotplug add/remove events during hotplug This uses extension of existing EPOW interrupt/event mechanism to notify userspace tools like librtas/drmgr to handle in-guest configuration/cleanup operations in response to device_add/device_del. Userspace tools that don't implement this extension will need to be run manually in response/advance of device_add/device_del, respectively. Signed-off-by: Tyrel Datwyler <tyreld@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 7454c7af91bdd60216e2b6eead827c012bb4d0d0 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:55 2015 +1000 spapr_pci: enable basic hotplug operations This enables hotplug of PCI devices to a PHB. Upon hotplug we generate the OF-nodes required by PAPR specification and IEEE 1275-1994 "PCI Bus Binding to Open Firmware" for the device. We associate the corresponding FDT for these nodes with the DRC corresponding to the slot, which will be fetched via ibm,configure-connector RTAS calls by the guest as described by PAPR specification. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit cf8c704d5a06e7b8327c65d19d0c342dc23fff84 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:54 2015 +1000 pci: make pci_bar useable outside pci.c We need to work with PCI BARs to generate OF properties during PCI hotplug for sPAPR guests. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 62083979b0471ac07da6d94944bf12a9b18baa1f Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:53 2015 +1000 spapr_pci: create DRConnectors for each PCI slot during PHB realize These will be used to support hotplug/unplug of PCI devices to the PCI bus associated with a particular PHB. We also set up device-tree properties in each PHBs initial FDT to describe the DRCs associated with them. This advertises to guests that each PHB is DR-capable device with physical hotpluggable slots, each managed by the corresponding DRC. This is necessary for allowing hotplugging of devices to it later via bus rescan or guest rpaphp hotplug module. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 7619c7b00c90a39243f1229facde8c53a8fba921 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:52 2015 +1000 spapr_pci: add dynamic-reconfiguration option for spapr-pci-host-bridge This option enables/disables PCI hotplug for a particular PHB. Also add machine compatibility code to disable it by default for machine types prior to pseries-2.4. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> [agraf: move commas for compat fields] Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit e4b798bb53447ba4608fc7e6ed91927bdb1c3d5d Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:51 2015 +1000 spapr_drc: add spapr_drc_populate_dt() This function handles generation of ibm,drc-* array device tree properties to describe DRC topology to guests. This will by used by the guest to direct RTAS calls to manage any dynamic resources we associate with a particular DR Connector as part of hotplug/unplug. Since general management of boot-time device trees are handled outside of sPAPRDRConnector, we insert these values blindly given an FDT and offset. A mask of sPAPRDRConnector types is given to instruct us on what types of connectors entries should be generated for, since descriptions for different connectors may live in different parts of the device tree. Based on code originally written by Nathan Fontenot. Signed-off-by: Nathan Fontenot <nfont@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 79853e18d904b0a4bcef62701d48559688007c93 Author: Tyrel Datwyler <tyreld@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:50 2015 +1000 spapr_events: event-scan RTAS interface We don't actually rely on this interface to surface hotplug events, and instead rely on the similar-but-interrupt-driven check-exception RTAS interface used for EPOW events. However, the existence of this interface is needed to ensure guest kernels initialize the event-reporting interfaces which will in turn be used by userspace tools to handle these events, so we implement this interface here. Since events surfaced by this call are mutually exclusive to those surfaced via check-exception, we also update the RTAS event queue code to accept a boolean to mark/filter for events accordingly. Events of this sort are not currently generated by QEMU, but the interface has been tested by surfacing hotplug events via event-scan in place of check-exception. Signed-off-by: Tyrel Datwyler <tyreld@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 31fe14d15d08d613ff38abb249911e98c7966b86 Author: Nathan Fontenot <nfont@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:49 2015 +1000 spapr_events: re-use EPOW event infrastructure for hotplug events This extends the data structures currently used to report EPOW events to guests via the check-exception RTAS interfaces to also include event types for hotplug/unplug events. This is currently undocumented and being finalized for inclusion in PAPR specification, but we implement this here as an extension for guest userspace tools to implement (existing guest kernels simply log these events via a sysfs interface that's read by rtas_errd, and current versions of rtas_errd/powerpc-utils already support the use of this mechanism for initiating hotplug operations). We also add support for queues of pending RTAS events, since in the case of hotplug there's chance for multiple events being in-flight at any point in time. Signed-off-by: Nathan Fontenot <nfont@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 46503c2bc047bfe8c26440e17298fcbc59d7bbbe Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:48 2015 +1000 spapr_rtas: add ibm, configure-connector RTAS interface This interface is used to fetch an OF device-tree nodes that describes a newly-attached device to guest. It is called multiple times to walk the device-tree node and fetch individual properties into a 'workarea'/buffer provided by the guest. The device-tree is generated by QEMU and passed to an sPAPRDRConnector during the initial hotplug operation, and the state of these RTAS calls is tracked by the sPAPRDRConnector. When the last of these properties is successfully fetched, we report as special return value to the guest and transition the device to a 'configured' state on the QEMU/DRC side. See docs/specs/ppc-spapr-hotplug.txt for a complete description of this interface. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit ab316865db8ee97c53cd70c91b1b160c474102f8 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:47 2015 +1000 spapr: add rtas_st_buffer_direct() helper This is similar to the existing rtas_st_buffer(), but for cases where the guest is not expecting a length-encoded byte array. Namely, for calls where a "work area" buffer is used to pass around arbitrary fields/data. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 886445a6ee808ee06533f9ecdf0f169c9ea83fbb Author: Mike Day <ncmike@xxxxxxxxxxx> Date: Thu May 7 15:33:46 2015 +1000 spapr_rtas: add get-sensor-state RTAS interface This interface allows a guest to read various platform/device sensors. initially, we only implement support necessary to support hotplug: reading of the dr-entity-sense sensor, which communicates the state of a hotplugged resource/device to the guest (EMPTY/PRESENT/UNUSABLE). See docs/specs/ppc-spapr-hotplug.txt for a complete description of this interface. Signed-off-by: Mike Day <ncmike@xxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 8c8639df32f19d5ca9bf6a823ac83e298a188fd1 Author: Mike Day <ncmike@xxxxxxxxxxx> Date: Thu May 7 15:33:45 2015 +1000 spapr_rtas: add set-indicator RTAS interface This interface allows a guest to control various platform/device sensors. Initially, we only implement support necessary to control sensors that are required for hotplug: DR connector indicators/LEDs, resource allocation state, and resource isolation state. See docs/specs/ppc-spapr-hotplug.txt for a complete description of this interface. Signed-off-by: Mike Day <ncmike@xxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 094d20585ecdcd31959b1b88a390b4d2c4cfeab7 Author: Nathan Fontenot <nfont@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:44 2015 +1000 spapr_rtas: add get/set-power-level RTAS interfaces These interfaces manage the power domains that guest devices are assigned to and are used to power on/off devices. Currently we only utilize 1 power domain, the 'live-insertion' domain, which automates power management of plugged/unplugged devices, essentially making these calls no-ops, but the RTAS interfaces are still required by guest hotplug code and PAPR+. See docs/specs/ppc-spapr-hotplug.txt for a complete description of these interfaces. Signed-off-by: Nathan Fontenot <nfont@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit bbf5c878ab76a74f6277f99082c77bbdb1ad4c5b Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:43 2015 +1000 spapr_drc: initial implementation of sPAPRDRConnector device This device emulates a firmware abstraction used by pSeries guests to manage hotplug/dynamic-reconfiguration of host-bridges, PCI devices, memory, and CPUs. It is conceptually similar to an SHPC device, complete with LED indicators to identify individual slots to physical physical users and indicate when it is safe to remove a device. In some cases it is also used to manage virtualized resources, such a memory, CPUs, and physical-host bridges, which in the case of pSeries guests are virtualized resources where the physical components are managed by the host. Guests communicate with these DR Connectors using RTAS calls, generally by addressing the unique DRC index associated with a particular connector for a particular resource. For introspection purposes we expose this state initially as QOM properties, and in subsequent patches will introduce the RTAS calls that make use of it. This constitutes to the 'guest' interface. On the QEMU side we provide an attach/detach interface to associate or cleanup a DeviceState with a particular sPAPRDRConnector in response to hotplug/unplug, respectively. This constitutes the 'physical' interface to the DR Connector. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 11eec063f29733395846ba756ecd544876ef6839 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:42 2015 +1000 docs: add sPAPR hotplug/dynamic-reconfiguration documentation This adds a general overview of hotplug/dynamic-reconfiguration for sPAPR/pSeries guest. As specified in PAPR+ v2.7. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 730fce593bbaa9240a0be860616ac4366113194d Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu May 7 15:33:41 2015 +1000 hw/ppc/spapr: Use error_report() instead of hw_error() hw_error() is designed for printing CPU-related error messages (e.g. it also prints a full CPU register dump). For error messages that are not directly related to CPU problems, a function like error_report() should be used instead. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 68fea5a0d7bac17fd74f0608ceed1d914eb0718e Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu May 7 15:33:40 2015 +1000 hw/ppc/spapr: Fix error message when firmware could not be loaded When specifying a non-existing file with the "-bios" parameter, QEMU complained that it "could not find LPAR rtas". That's obviously a copy-n-paste bug from the code which loads the spapr-rtas.bin, it should complain about a missing firmware file instead. Additionally the error message was printed with hw_error() - which also dumps the whole CPU state. However, this does not make much sense here since the CPU is not running yet and thus the registers only contain zeroes. So let's use error_report() here instead. And while we're at it, let's also bail out if the firmware file had zero length. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a1a45612433edb0eb65c468f7ed579cd92358818 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:39 2015 +1000 pseries: Add pseries-2.4 machine type Now that 2.4 development has opened, create a new pseries machine type variant. For now it is identical to the pseries-2.3 machine type, but a number of new features are coming that will need to set backwards compatibility options. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit f9ce8e0aa3fb55ae7a8ea34d3169e73e87feb337 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu May 7 15:33:38 2015 +1000 hw/ppc/spapr_iommu: Fix the check for invalid upper bits in liobn The check "liobn & 0xFFFFFFFF00000000ULL" in spapr_tce_find_by_liobn() is completely useless since liobn is only declared as an uint32_t parameter. Fix this by using target_ulong instead (this is what most of the callers of this function are using, too). Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit dea1b3ce756d7242d4212c22b7d6e6a896495154 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:37 2015 +1000 spapr_iommu: Give unique QOM name to TCE table Useful for debugging. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit ccf9ff8527a87ee485fbb6a0a73d28641cab5f60 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:36 2015 +1000 spapr_pci: Rework device-tree rendering This replaces object_child_foreach() and callback with existing SPAPR_PCI_LIOBN() and spapr_tce_find_by_liobn() to make the code easier to read. This is a mechanical patch so no behaviour change is expected. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit fae807a2b182a613798fe619f9069bd0bbe3dc6a Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:35 2015 +1000 spapr_iommu: Make spapr_tce_find_by_liobn() public At the moment spapr_tce_find_by_liobn() is used by H_PUT_TCE/... handlers to find an IOMMU by LIOBN. We are going to implement Dynamic DMA windows (DDW), new code will go to a new file and we will use spapr_tce_find_by_liobn() there too so let's make it public. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 46c5874e9cd752ed8ded31af03472edd8fc3efc1 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:34 2015 +1000 spapr_pci: Make find_phb()/find_dev() public This makes find_phb()/find_dev() public and changed its names to spapr_pci_find_phb()/spapr_pci_find_dev() as they are going to be used from other parts of QEMU such as VFIO DDW (dynamic DMA window) or VFIO PCI error injection or VFIO EEH handling - in all these cases there are RTAS calls which are addressed to BUID+config_addr in IEEE1275 format. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit d9d96a3cc7267880fbccb6bc4018fc31909fc930 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:33 2015 +1000 spapr_iommu: Add separate trace points for PCI DMA operations This is to reduce VIO noise while debugging PCI DMA. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 3e1a01cb554412e8a9c25573126356596dc0c50f Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:32 2015 +1000 spapr_pci: Define default DMA window size as a macro This gets rid of a magic constant describing the default DMA window size for an emulated PHB. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 4290ca49eed5e239695ce85c925a770e4a7317a6 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:31 2015 +1000 spapr_vio: Introduce a liobn number generating macros This introduces a macro which makes up a LIOBN from fixed prefix and VIO device address (@reg property). This is to keep LIOBN macros rendering consistent - the same macro for PCI has been added by the previous patch. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit c8545818b331e9a32e5dd47f0aefbcf2b93e41da Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:30 2015 +1000 spapr_pci: Introduce a liobn number generating macros We are going to have multiple DMA windows per PHB and we want them to migrate so we need a predictable way of assigning LIOBNs. This introduces a macro which makes up a LIOBN from fixed prefix, PHB index (unique PHB id) and window number. This introduces a SPAPR_PCI_DMA_WINDOW_NUM() to know the window number from LIOBN. It is used to distinguish the default 32bit windows from dynamic windows and avoid picking default DMA window properties from a wrong TCE table. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit f1215ea702e6e6cb3876221cf1f7f60133e08c30 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:29 2015 +1000 spapr_iommu: Make H_PUT_TCE_INDIRECT endian-safe PAPR is defined as big endian so TCEs need an adjustment so does this patch. This changes code to have ldq_be_phys() in one place. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 12fd28535891572be7aaf862a03019257dafa425 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:28 2015 +1000 spapr_iommu: Disable in-kernel IOMMU tables for >4GB windows The existing KVM_CREATE_SPAPR_TCE ioctl only support 4G windows max as the window size parameter to the kernel ioctl() is 32-bit so there's no way of expressing a TCE window > 4GB. We are going to add huge DMA windows support so this will create small window and unexpectedly fail later. This disables KVM_CREATE_SPAPR_TCE for windows bigger that 4GB. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 421b1b27f6e9135ac8f01db219e0d8c0cefd7e71 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Mar 19 15:14:18 2015 +1100 spapr_pci: Fix unsafe signed/unsigned comparisons spapr_pci.c contains a number of expressions of the form (uval == -1) or (uval != -1), where 'uval' is an unsigned value. This mostly works in practice, because as long as the width of uval is greater or equal than that of (int), the -1 will be promoted to the unsigned type, which is the expected outcome. However, at least for the cases where uval is uint32_t, this would break on platforms where sizeof(int) > 4 (and a few such do exist), because then the uint32_t value would be promoted to the larger int type, and never be equal to -1. This patch fixes these errors. The fixes for the (uint32_t) cases are necessary as described above. I've made similar fixes to (uint64_t) and (hwaddr) cases. Those are strictly theoretical, since I don't know of any platforms where sizeof(int) > 8, but hey, it's not that hard so we might as well be strictly C standard compliant. Reported-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 31ce0adb79655003465070fa90d7d20a5b8c2ff5 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Mon May 18 12:59:49 2015 +0200 configure: Check for libfdt version 1.4.0 Some recent patches require a function from libfdt version 1.4.0, so we should check for this version during the configure step already. Unfortunately, there does not seem to be a proper #define for the version number in the libfdt headers. So alternatively, we check for the availability of the required function fdt_get_property_by_offset() instead instead. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 28f490b24af83a007937daacb9ea8bf7537f9084 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Mon May 18 12:59:48 2015 +0200 dtc: Update dtc / libfdt submodule to version 1.4.0 Since some recent patches require libfdt version 1.4.0, let's update the dtc submodule to this version. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 62e9cd771cc368a8fd0f152832b78c43557897a9 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Mar 17 08:46:15 2015 +0100 macio: Convert to realize() Convert device models "macio-oldworld" and "macio-newworld". Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 814550d73a94dcf9f2c9f8d2ee280226f1145388 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:12 2015 +0300 docs: Add PXB documentation Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 0f6dd8e1d514b8c24689499ed72ea89fd0d967f3 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:11 2015 +0300 apci: fix PXB behaviour if used with unsupported BIOS PXB does not work with unsupported bioses, but should not interfere with normal OS operation. We don't ship them anymore, but it's reasonable to keep the work-around until we update the bios in qemu. Fix this by not adding PXB mem/IO chunks to _CRS if they weren't configured by BIOS. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 0e79e51a7dcbd4fde5738d713b60f0fb0321f1af Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:10 2015 +0300 hw/pxb: add numa_node parameter The pxb can be attach to and existing numa node by specifying numa_node option that equals the desired numa nodeid. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 6a3042b23bbb1fa92c00ea9267c830e7f2e99313 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:09 2015 +0300 hw/pci: add support for NUMA nodes PCI root buses can be attached to a specific NUMA node. PCI buses are not attached by default to a NUMA node. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 0639b00d055b313930c23c4d6c9ebfb4af61c00c Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:08 2015 +0300 hw/pxb: add map_irq func The bios does not index the pxb slot number when it computes the IRQ because it resides on bus 0 and not on the current bus. However Qemu routes the irq through bus 0 and adds the pxb slot to the IRQ computation of the PXB device. Synchronize between bios and Qemu by canceling pxb's effect. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 2118196bb3795a43bf708c37bdcf4b3c33778ccb Author: Marcel Apfelbaum <marcel.a@xxxxxxxxxx> Date: Tue Jun 2 14:23:07 2015 +0300 hw/pci: inform bios if the system has extra pci root buses The bios looks for 'etc/extra-pci-roots' to decide if is going to scan further buses after bus 0 tree. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 40d14bef8012087ade60f254487d31db822a1a44 Author: Marcel Apfelbaum <marcel.a@xxxxxxxxxx> Date: Tue Jun 2 14:23:06 2015 +0300 hw/pci: introduce PCI Expander Bridge (PXB) PXB is a "light-weight" host bridge whose purpose is to enable the main host bridge to support multiple PCI root buses for pc machines. As oposed to PCI-2-PCI bridge's secondary bus, PXB's bus is a primary bus and can be associated with a NUMA node (different from the main host bridge) allowing the guest OS to recognize the proximity of a pass-through device to other resources as RAM and CPUs. The PXB is composed from: - A primary PCI bus (can be associated with a NUMA node) Acts like a normal pci bus and from the functionality point of view is an "expansion" of the bus behind the main host bridge. - A pci-2-pci bridge behind the primary PCI bus where the actual devices will be attached. - A host-bridge PCI device Situated on the bus behind the main host bridge, allows the BIOS to configure the bus number and IO/mem resources. It does not have its own config/data register for configuration cycles, this being handled by the main host bridge. - A host-bridge sysbus to comply with QEMU current design. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit cb2ed8b3c66284f226c523231e2c09e60bbb34bb Author: Marcel Apfelbaum <marcel.a@xxxxxxxxxx> Date: Tue Jun 2 14:23:05 2015 +0300 hw/pci: removed 'rootbus nr is 0' assumption from qmp_pci_query Use the newer pci_bus_num to correctly get the root bus number. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit dcdca29655f774568f30a82b7fe0190b4bd38802 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:04 2015 +0300 hw/acpi: remove from root bus 0 the crs resources used by other buses. If multiple root buses are used, root bus 0 cannot use all the pci holes ranges. Remove the IO/mem ranges used by the other primary buses. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit a43c6e276231e8040203940cb07be00387686e87 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:03 2015 +0300 hw/acpi: add _CRS method for extra root busses Save the IO/mem/bus numbers ranges assigned to the extra root busses to be removed from the root bus 0 range. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 0d8935e3370e07f57651e43d2de9011d75c2a066 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:02 2015 +0300 hw/apci: add _PRT method for extra PCI root busses Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit a4894206e3672f8a5e5443d72b705495e022b638 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:01 2015 +0300 hw/acpi: add support for i440fx 'snooping' root busses If the machine has extra root busses that are snooping to the i440fx host bridge, we need to add them to acpi in order to be properly detected by guests. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 09e5b81922179b6c52b42fd27587e64b474036c7 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:00 2015 +0300 hw/pci: extend PCI config access to support devices behind PXB PXB buses are assumed to be children of bus 0. Look for them while scanning the buses. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit ca6c18556c5e9c4aac12489b960c3e4601e183bf Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:22:59 2015 +0300 hw/i386: query only for q35/pc when looking for pci host bridge Because of the PXB hosts we cannot simply query TYPE_PCI_HOST_BRIDGE anymore. On i386 arch we only have two pci hosts, so we can look only for them. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 602141d9974d726063907851528c89d617730156 Author: Marcel Apfelbaum <marcel.a@xxxxxxxxxx> Date: Tue Jun 2 14:22:58 2015 +0300 hw/pci: made pci_bus_num a PCIBusClass method Refactoring it as a method of PCIBusClass will allow different implementations for subclasses. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit ce6a28ee057da3e4a587dada369e33a8486b0066 Author: Marcel Apfelbaum <marcel.a@xxxxxxxxxx> Date: Tue Jun 2 14:22:57 2015 +0300 hw/pci: made pci_bus_is_root a PCIBusClass method Refactoring it as a method of PCIBusClass will allow different implementations for subclasses. Removed the assumption that the root bus does not have a parent device because is specific only to the default class implementation. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 32d9ca15bac63e8a7bad6dc1a4ab624e6d6d3b0f Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:22:56 2015 +0300 acpi: add implementation of aml_while() term Commit 68e6b0af7 (acpi: add aml_while() term) added the definition of aml_while without the actual implementation. Implement the term. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit ca9b46bcecc0f06882eec1b152b71f93a066da79 Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Wed May 13 17:21:36 2015 +0800 acpi: add acpi_send_gpe_event() to rise sci for hotplug Add a new API named acpi_send_gpe_event() to send hotplug SCI. This API can be used by pci, cpu and memory hotplug. This patch is rebased on master. Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit d5aaa1b0456033fc9ff723ac881ebe1b61360cca Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jun 3 14:47:19 2015 +0200 virtio: 64bit features fixups. Commit "019a3ed virtio: make features 64bit wide" missed a few changes, as I've noticed while trying to rebase the virtio-1 branch to latest master. This patch adds them. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 977ad992f14b29a7d4f18eaba42a705004545a64 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Tue Jun 2 15:47:20 2015 +0200 TPM: fix build with tpm disabled Failure was included on commit Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 6652d0811c9463fbfb2d2d1cb2ec03f388145c5f Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Wed May 27 16:26:07 2015 +0800 virtio-pci: don't try to mask or unmask vqs without notifiers We should validate the vq index against nvqs_with_notifiers. Otherwise we may try to mask or unmask vector for vqs without notifiers (e.g control vq). This will lead qemu abort on kvm_irqchip_commit_routes() when trying to boot win8.1 guest. Fixes 851c2a75a6e80c8aa5e713864d98cfb512e7229b ("virtio-pci: speedup MSI-X masking and unmasking") Reported-by: Alex Williamson <alex.williamson@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 557772f26b361ade84acecb366fe6fdd2d55a6d9 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Mon Jun 1 17:09:12 2015 +0300 hw/q35: fix floppy controller definition in ich9 In DSDT FDC0 declares the IO region as IO(Decode16, 0x03F2, 0x03F2, 0x00, 0x04). Use the same in lpc_ich9 initialization code. Now the floppy drive is detected correctly on Windows. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit cb3d37a93cc59da400d27361fcda024d49210abd Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Jun 1 21:03:59 2015 +0200 acpi: add missing ssdt commit 5cb18b3d7bff2a83275ee98af2a14eb9e21c93ab TPM2 ACPI table support was missing a file, so build with iasl fails (build without iasl works since it uses the generated hex files). Reported-by: "Daniel P. Berrange" <berrange@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b853d4cbf2062813e84f9bb880feff8daf467e05 Author: Sascha Silbe <silbe@xxxxxxxxxxxxxxxxxx> Date: Tue Jun 2 18:51:00 2015 +0200 s390x/kvm: always ignore empty vcpu interrupt state kvm_s390_vcpu_interrupt_pre_save() and kvm_s390_vcpu_interrupt_post_load() are essentially no-ops on hosts without KVM_CAP_S390_IRQ_STATE. Move the capability check after the check for saved IRQ state in kvm_s390_vcpu_interrupt_post_load() so that migration between hosts without KVM_CAP_S390_IRQ_STATE (including save / restore on the same host) continues to work. Fixes: 3cda44f7bae5 ("s390x/kvm: migrate vcpu interrupt state") Signed-off-by: Sascha Silbe <silbe@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Reviewed-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 2a72ea5f66b3b87a975475bdc1cabacbbb402937 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 3 11:04:03 2015 -0400 virtio-ccw/migration: Migrate config vector for virtio devices virtio_ccw_{save|load}_config are missing code to save and restore a vdev's config_vector value. This causes some virtio devices to become disabled following a migration. This patch fixes a bug whereby the qmp/hmp balloon command (virsh setmem) silently fails to update the guest's available memory because the device was not properly migrated. This will break compatibility, but vmstate_s390_cpu was bumped from version 2 to version 4 between v2.3.0 and v2.4.0 without a compat handler. Furthermore, there is no production environment yet so migration is fenced anyway between any relevant version of 2.3 and 2.4. Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Message-Id: <1433343843-803-1-git-send-email-jjherne@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit de6a92185e3ac25ba7d37f03e579b1fc72e70162 Author: Pierre Morel <pmorel@xxxxxxxxxxxxxxxxxx> Date: Wed May 27 13:11:59 2015 +0200 virtio-ccw: add support for 9pfs This patch adds 9pfs support for virtio-ccw by registering the virtio_ccw_9p_info type and adding associated callbacks. Signed-off-by: Pierre Morel <pmorel@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit de3852877f1e452321352fdb7e678f079876a41b Author: Alex Bennée <alex.bennee@xxxxxxxxxx> Date: Wed Jun 3 09:56:37 2015 +0100 configure: postfix --extra-cflags to QEMU_CFLAGS It makes sense that extra-cflags should be appended after the normal CFLAGS so they don't get overridden by default behaviour. This way if you specify something like: ./configure --extra-cflags="-O0" You will see the requested behaviour. Signed-off-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 2801339f2fb2534ccf01561d274398328bdd446d Author: Sai Pavan Boddu <sai.pavan.boddu@xxxxxxxxxx> Date: Fri May 29 11:52:35 2015 +0530 cadence_gem: Fix Rx buffer size field mask This patch corrects the Rx buffer size field mask to mask bits 23 to 16 to match Xilinx UG585 documentation. Signed-off-by: Sai Pavan Boddu <saipava@xxxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 8b8f1c7e9ddb2e88a144638f6527bf70e32343e3 Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Thu May 28 14:12:26 2015 +0300 slirp: use less predictable directory name in /tmp for smb config (CVE-2015-4037) In this version I used mkdtemp(3) which is: _BSD_SOURCE || /* Since glibc 2.10: */ (_POSIX_C_SOURCE >= 200809L || _XOPEN_SOURCE >= 700) (POSIX.1-2008), so should be available on systems we care about. While at it, reset the resulting directory name within smb structure on error so cleanup function wont try to remove directory which we failed to create. Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> commit b6b099541d6cf3c50b0fb5af916fff0db6508805 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Jun 1 09:53:55 2015 +0200 translate-all: delete prototype for non-existent function Missed in commit 3a808cc40 Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 1597051b84b816c9608e1ee0947f8e6dc9876b56 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Fri May 29 19:52:52 2015 +0100 Add -incoming help text The help/man text for -incoming defer didn't make it through the merge of the code that implemented it. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 26c8acb3f326166bf9dc60c3e8184f4b862e8451 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:11 2015 +0800 hw/display/tc6393xb.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 294972ce546107f2215b3b162994b47f08aab7a4 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:10 2015 +0800 hw/arm/nseries.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 5429273615e7b412402a7b22738737c09ab9f488 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:09 2015 +0800 hw/alpha/typhoon.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 2c85fad022a5c23b835d7c78b653763ae1e3f6eb Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:08 2015 +0800 hw/unicore32/puv3.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a9c8a0d8d4217754648decc5921e4b0fcd00ce7f Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:07 2015 +0800 hw/lm32/milkymist.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit d4ef00af2598fef06affbd42608e570237a7b276 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:06 2015 +0800 hw/lm32/lm32_boards.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit aaaee0b273082ee2836dcc2f61a878ee291a8d9b Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:05 2015 +0800 hw/ppc/prep.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ca43b97b5f6fa57e79adc7f167b12d3e0545c7e1 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:04 2015 +0800 hw/sparc/sun4m.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b64127244d669c33a4ffdcc47e076559497785af Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:02 2015 +0800 hw/timer/arm_timer.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 5105505e65ba6bc3e1dc549bcd0d1d33f3546e60 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:01 2015 +0800 hw/isa/i82378.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit aff0d5e57a71260885d54c07cef5f4a486c8336b Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:00 2015 +0800 hw/isa/lpc_ich9.c: Fix misusing qemu_allocate_irqs for single irq Since ich9_lpc_pm_init only requests one irq, so let it just call qemu_allocate_irq. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 0b0cc076b78976b30360dd7c6ed994f864424779 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:26:59 2015 +0800 hw/i386/pc: Fix misusing qemu_allocate_irqs for single irq Since pc_allocate_cpu_irq only requests one irq, so let it just call qemu_allocate_irq. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 9ff7f5bddbe5814bafe5e798d2cf1087b58dc7b6 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:03 2015 +0800 hw/intc/exynos4210_gic.c: Fix memory leak by adjusting order Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 9f9b026dc60398224fb035eb27ae0ed083d2d66f Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:38:34 2015 +0800 hw/arm/omap_sx1.c: Fix memory leak spotted by valgrind Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f19377bf234a3359b0a03844822e97de80ad4f30 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Thu May 28 20:39:43 2015 +0800 hw/ppc/e500.c: Fix memory leak Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit c18f855697ab6b64a895f37cf47fd7061ce9e798 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Thu May 28 20:39:42 2015 +0800 hw/alpha/dp264.c: Fix memory leak spotted by valgrind valgrind complains about: ==7055== 58 bytes in 1 blocks are definitely lost in loss record 1,471 of 2,192 ==7055== at 0x4C2845D: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==7055== by 0x24410F: malloc_and_trace (vl.c:2556) ==7055== by 0x64C770E: g_malloc (in /usr/lib64/libglib-2.0.so.0.3600.3) ==7055== by 0x64DEFD7: g_strndup (in /usr/lib64/libglib-2.0.so.0.3600.3) ==7055== by 0x650181A: g_vasprintf (in /usr/lib64/libglib-2.0.so.0.3600.3) ==7055== by 0x64DF0CC: g_strdup_vprintf (in /usr/lib64/libglib-2.0.so.0.3600.3) ==7055== by 0x64DF188: g_strdup_printf (in /usr/lib64/libglib-2.0.so.0.3600.3) ==7055== by 0x242F81: qemu_find_file (vl.c:2121) ==7055== by 0x217A32: clipper_init (dp264.c:105) ==7055== by 0x2484DA: main (vl.c:4249) Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit bd4baf6eebff75c7e0c67a729d1bdb5b0b36fe72 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Mon May 25 14:47:25 2015 +0800 vl: fix memory leak spotted by valgrind valgrind complains about: ==9276== 13 bytes in 1 blocks are definitely lost in loss record 1,046 of 3,673 ==9276== at 0x4C2845D: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==9276== by 0x2EAFBB: malloc_and_trace (vl.c:2556) ==9276== by 0x64C770E: g_malloc (in /usr/lib64/libglib-2.0.so.0.3600.3) ==9276== by 0x4A28BD: addr_to_string (vnc.c:123) ==9276== by 0x4A29AD: vnc_socket_local_addr (vnc.c:139) ==9276== by 0x4A9AFE: vnc_display_local_addr (vnc.c:3240) ==9276== by 0x2EF4FE: main (vl.c:4321) Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 7df057bac3734ee3c2c052fd0807479602ab5583 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 24 13:20:14 2015 -0700 device-tree: Make a common-obj There is no reason for device tree API to be built per-target. common-obj it. There is an extraneous inclusion of config.h that needs to be removed. Cc: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit d370dfa9f3703cf0af07d96d50ed567413e8ec65 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue May 26 09:46:07 2015 +0800 hw/i386/acpi-build: decref after use valgrind complains about: ==16447== 48 bytes in 2 blocks are definitely lost in loss record 2,033 of 3,310 ==16447== at 0x4C2845D: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==16447== by 0x2E4FD7: malloc_and_trace (vl.c:2546) ==16447== by 0x64C770E: g_malloc (in /usr/lib64/libglib-2.0.so.0.3600.3) ==16447== by 0x53EC3F: qint_from_int (qint.c:33) ==16447== by 0x53B426: qmp_output_type_int (qmp-output-visitor.c:162) ==16447== by 0x539257: visit_type_uint32 (qapi-visit-core.c:147) ==16447== by 0x471D07: property_get_uint32_ptr (object.c:1651) ==16447== by 0x47000C: object_property_get (object.c:822) ==16447== by 0x472428: object_property_get_qobject (qom-qobject.c:37) ==16447== by 0x25701A: build_append_pci_bus_devices (acpi-build.c:520) ==16447== by 0x25902E: build_ssdt (acpi-build.c:1004) ==16447== by 0x25A0A8: acpi_build (acpi-build.c:1420) Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 6e38a4ba7889083b65729db2144cdbcefbaa303a Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue May 26 09:46:06 2015 +0800 hw/ide/pci: Fix memory leak valgrind complains about: ==16447== 16 bytes in 2 blocks are definitely lost in loss record 1,304 of 3,310 ==16447== at 0x4C2845D: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==16447== by 0x2E4FD7: malloc_and_trace (vl.c:2546) ==16447== by 0x64C770E: g_malloc (in /usr/lib64/libglib-2.0.so.0.3600.3) ==16447== by 0x36FB47: qemu_extend_irqs (irq.c:55) ==16447== by 0x36FBD3: qemu_allocate_irqs (irq.c:64) ==16447== by 0x3B4B44: bmdma_init (pci.c:464) ==16447== by 0x3B547B: pci_piix_init_ports (piix.c:144) ==16447== by 0x3B55D2: pci_piix_ide_realize (piix.c:164) ==16447== by 0x3EAEC6: pci_qdev_realize (pci.c:1790) ==16447== by 0x36C685: device_set_realized (qdev.c:1058) ==16447== by 0x47179E: property_set_bool (object.c:1514) ==16447== by 0x470098: object_property_set (object.c:837) Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 2ba154cf4eb8636cdd3aa90f392ca9e77206ca39 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue May 26 09:46:05 2015 +0800 hw/i386/pc_piix: Fix memory leak valgrind complains about: ==16447== 8 bytes in 1 blocks are definitely lost in loss record 552 of 3,310 ==16447== at 0x4C2845D: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==16447== by 0x2E4FD7: malloc_and_trace (vl.c:2546) ==16447== by 0x64C770E: g_malloc (in /usr/lib64/libglib-2.0.so.0.3600.3) ==16447== by 0x36FB47: qemu_extend_irqs (irq.c:55) ==16447== by 0x36FBD3: qemu_allocate_irqs (irq.c:64) ==16447== by 0x24E622: pc_init1 (pc_piix.c:287) ==16447== by 0x24E76A: pc_init_pci (pc_piix.c:310) ==16447== by 0x2E9360: main (vl.c:4226) ==16447== 128 bytes in 1 blocks are definitely lost in loss record 2,569 of 3,310 ==16447== at 0x4C2845D: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==16447== by 0x2E4FD7: malloc_and_trace (vl.c:2546) ==16447== by 0x64C770E: g_malloc (in /usr/lib64/libglib-2.0.so.0.3600.3) ==16447== by 0x36FB47: qemu_extend_irqs (irq.c:55) ==16447== by 0x36FBD3: qemu_allocate_irqs (irq.c:64) ==16447== by 0x25BEB2: kvm_i8259_init (i8259.c:133) ==16447== by 0x24E1F1: pc_init1 (pc_piix.c:219) ==16447== by 0x24E76A: pc_init_pci (pc_piix.c:310) ==16447== by 0x2E9360: main (vl.c:4226) Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 5708b2b736ebec6e3af04b9b249faadf896791cd Author: Chen Hanxiao <chenhanxiao@xxxxxxxxxxxxxx> Date: Tue May 26 05:25:41 2015 -0400 docs/writing-qmp-commands: fix a typo s/interation/iteration Signed-off-by: Chen Hanxiao <chenhanxiao@xxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b8981dc9aae25fa79e5f35609e63f50f078a572d Author: Peter Krempa <pkrempa@xxxxxxxxxx> Date: Fri May 15 11:31:43 2015 +0200 util: socket: Add missing localaddr and localport option for DGRAM socket The 'socket_optslist' structure does not contain the 'localaddr' and 'localport' options that are parsed in case you are creating a 'connect' type UDP character device. I've noticed it happening after commit f43e47dbf6de24db20ec9b588bb6cc762 made qemu abort() after seeing the invalid option. A minimal reproducer for the case is: $ qemu-system-x86_64 -chardev udp,id=charrng0,host=127.0.0.1,port=1234,localaddr=,localport=1234 qemu-system-x86_64: -chardev udp,id=charrng0,host=127.0.0.1,port=1234,localaddr=,localport=1234: Invalid parameter 'localaddr' Aborted (core dumped) Prior to the commit mentioned above the error would be printed but the value for localaddr and localport was simply ignored. I did not go through the code to find out when it was broken. Add the two fields so that the options can again be parsed correctly and qemu doesn't abort(). Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1220252 Signed-off-by: Peter Krempa <pkrempa@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a2f533da00f7278788afcf10f325f636805077dc Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu May 14 22:33:39 2015 -0700 microblaze: cpu: Delete MMAP_SHIFT definition Just fallback on the default of 12 like other architectures. This allows changing the system-mode-affecting definition of TARGET_PAGE_BITS without affecting microblaze linux-user. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 44f192f364b71683379e104157b15b0685d24394 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed May 13 13:15:28 2015 +0000 iscsi: Remove pointless runtime check of macro value raw_bsd already has QEMU_BUILD_BUG_ON(BDRV_SECTOR_SIZE != 512), so iscsi should relax. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 1b93c9a1040b3c12320cf55c6284882a2e6e8ff3 Author: Ikey Doherty <michael.i.doherty@xxxxxxxxx> Date: Tue May 26 13:54:06 2015 +0100 arch_init: Drop target-x86_64.conf The target-x86_64.conf sysconfig file has been empty and essentially ignored now for several years. This change removes the unused file to enable moving towards a stateless configuration. Signed-off-by: Ikey Doherty <michael.i.doherty@xxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 38e5c119c2925812bd441450ab9e5e00fc79e662 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Mar 23 17:29:32 2015 -0300 target-i386: Register QOM properties for feature flags This uses the feature name arrays to register QOM properties for feature flags. This simply adds properties that can be configured using -global, but doesn't change x86_cpu_parse_featurestr() to use them yet. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit be9f8a08727e46c790adb8caa8a4525a1e8e9e73 Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Wed May 20 10:40:47 2015 +0800 apic: convert ->busdev.qdev casts to C casts Use C casts to avoid accessing ICCDevice's qdev field directly. Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Acked-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 458cf469f4a1cb520b07092f5537c5a6d2389d23 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 29 16:31:12 2015 -0300 target-i386: Fix signedness of MSR_IA32_APICBASE_BASE Existing definition triggers the following when using clang -fsanitize=undefined: hw/intc/apic_common.c:314:55: runtime error: left shift of 1048575 by 12 places cannot be represented in type 'int' Fix it so we won't try to shift a 1 to the sign bit of a signed integer. Suggested-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 0e3bd56294230ad0ee20fce587879c29a83a0d8b Author: Andreas Färber <afaerber@xxxxxxx> Date: Tue Mar 17 17:46:36 2015 +0100 pc: Ensure non-zero CPU ref count after attaching to ICC bus Setting the parent bus of a device increases its ref count, which we ultimately want to level out. However it is only safe to do so after the last reference to the device in local code, as qom-set or similar operations might decrease the ref count. Therefore move the object_unref() from pc_new_cpu() into its callers. The APIC operations on the last CPU in pc_cpus_init() are still potentially insecure, but that is beyond the scope of this code movement. Signed-off-by: Andreas Färber <afaerber@xxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 4964e18e490f3ecad35c9e4cc9b613316a98755e Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 21 15:19:38 2015 +0200 fdc-test: Test state for existing cases more thoroughly This just adds a few additional checks of the MSR and interrupt pin to the already existing test cases. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1432214378-31891-9-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 6cc8a11c84ddc18c64fc88d54c8e9dca24ada489 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 21 15:19:37 2015 +0200 fdc: Fix MSR.RQM flag The RQM bit in MSR should be set whenever the guest is supposed to access the FIFO, and it should be cleared in all other cases. This is important so the guest can't continue writing/reading the FIFO beyond the length that it's suppossed to access (see CVE-2015-3456). Commit e9077462 fixed the CVE by adding code that avoids the buffer overflow; however it doesn't correct the wrong behaviour of the floppy controller which should already have cleared RQM. Currently, RQM stays set all the time and during all phases while a command is being processed. This is error-prone because the command has to explicitly clear the flag if it doesn't need data (and indeed, the two buggy commands that are the culprits for the CVE just forgot to do that). This patch clears RQM immediately as soon as all bytes that are expected have been received. If the the FIFO is used in the next phase, the flag has to be set explicitly there. It also clear RQM after receiving all bytes even if the phase transition immediately sets it again. While it's technically not necessary at the moment because the state between clearing and setting RQM is not observable by the guest, this is more explicit and matches how real hardware works. It will actually become necessary in qemu once asynchronous code paths are introduced. This alone should have been enough to fix the CVE, but now we have two lines of defense - even better. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1432214378-31891-8-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit f6c2d1d8425fd0ca450d515b06821e2224d4b43c Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 21 15:19:36 2015 +0200 fdc: Disentangle phases in fdctrl_read_data() This commit makes similar improvements as have already been made to the write function: Instead of relying on a flag in the MSR to distinguish controller phases, use the explicit phase that we store now. Assertions of the right MSR flags are added. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1432214378-31891-7-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit d275b33d76c8ed9d5a3dca22ea0fdec8d5a5c8e6 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 21 15:19:35 2015 +0200 fdc: Code cleanup in fdctrl_write_data() Factor out a few common lines of code, reformat, improve comments. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1432214378-31891-6-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 5b0a25e8d2f15f89255c745c71d297b5b24d138c Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 21 15:19:34 2015 +0200 fdc: Use phase in fdctrl_write_data() Instead of relying on a flag in the MSR to distinguish controller phases, use the explicit phase that we store now. Assertions of the right MSR flags are added. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1432214378-31891-5-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 85d291a08c91c07927bbbd29f72a27d3ad7478f3 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 21 15:19:33 2015 +0200 fdc: Introduce fdctrl->phase The floppy controller spec describes three different controller phases, which are currently not explicitly modelled in our emulation. Instead, each phase is represented by a combination of flags in registers. This patch makes explicit in which phase the controller currently is. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Acked-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1432214378-31891-4-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 83a260135f13db8b5d7df72090864a5ebcef2845 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 21 15:19:32 2015 +0200 fdc: Rename fdctrl_set_fifo() to fdctrl_to_result_phase() What callers really do with this function is to switch from execution phase (including data transfers) to result phase where the guest can read out one or more status bytes from the FIFO (the number depends on the command). Rename the function accordingly. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1432214378-31891-3-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 07e415f2398d9cfb21cdd5ef902445032ba54556 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 21 15:19:31 2015 +0200 fdc: Rename fdctrl_reset_fifo() to fdctrl_to_command_phase() What all callers of fdctrl_reset_fifo() really want to do is to start the command phase, where writes to the data port initiate a new command. The function doesn't only clear the FIFO, but also sets up the state so that a new command can be received. Rename it to reflect this. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1432214378-31891-2-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit a67bfbb9e41e089caec61384c625e8a61a5f270f Merge: 42d58e7 489653b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 2 18:23:28 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-06-02' into staging Monitor patches # gpg: Signature made Tue Jun 2 09:16:07 2015 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-monitor-2015-06-02: (21 commits) monitor: Change return type of monitor_cur_is_qmp() to bool monitor: Rename monitor_ctrl_mode() to monitor_is_qmp() monitor: Turn int command_mode into bool in_command_mode monitor: Drop do_qmp_capabilities()'s superfluous QMP check monitor: Unbox Monitor member mc and rename to qmp monitor: Rename monitor_control_read(), monitor_control_event() monitor: Rename handle_user_command() to handle_hmp_command() monitor: Limit QError use to command handlers monitor: Inline monitor_has_error() into its only caller monitor: Wean monitor_protocol_emitter() off mon->error monitor: Propagate errors through invalid_qmp_mode() monitor: Propagate errors through qmp_check_input_obj() monitor: Propagate errors through qmp_check_client_args() monitor: Drop unused "new" HMP command interface monitor: Use trad. command interface for HMP pcie_aer_inject_error monitor: Use traditional command interface for HMP device_add monitor: Use traditional command interface for HMP drive_del monitor: Convert client_migrate_info to QAPI monitor: Improve and document client_migrate_info protocol error monitor: Clean up after previous commit ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 42d58e7c6760cb9c55627c28ae538e27dcf2f144 Merge: 3fc827d c25bbf1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 2 16:47:31 2015 +0100 Merge remote-tracking branch 'remotes/sstabellini/tags/xen-15-06-02-tag' into staging XSA 128 129 130 131 # gpg: Signature made Tue Jun 2 16:46:38 2015 BST using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>" * remotes/sstabellini/tags/xen-15-06-02-tag: xen/pt: unknown PCI config space fields should be read-only xen/pt: add a few PCI config space field descriptions xen/pt: mark reserved bits in PCI config space fields xen/pt: mark all PCIe capability bits read-only xen/pt: split out calculation of throughable mask in PCI config space handling xen/pt: correctly handle PM status bit xen/pt: consolidate PM capability emu_mask xen/MSI: don't open-code pass-through of enable bit modifications xen/MSI-X: limit error messages xen: don't allow guest to control MSI mask register xen: properly gate host writes of modified PCI CFG contents Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 94edf02c4c94781fa777c459fe86b52131b83cb6 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Tue Jun 2 12:29:14 2015 +0100 hw/arm/virt: change indentation in a15memmap Re-indent in a15memmap after VIRT_PLATFORM_BUS introduction Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Message-id: 1433244554-12898-5-git-send-email-eric.auger@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5f7a5a0edc4a2f65293658eb540290ddf9a1988a Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Tue Jun 2 12:29:13 2015 +0100 hw/arm/virt: add dynamic sysbus device support Allows sysbus devices to be instantiated from command line by using -device option. Machvirt creates a platform bus at init. The dynamic sysbus devices are attached to this platform bus device. The platform bus device registers a machine init done notifier whose role will be to bind the dynamic sysbus devices. Indeed dynamic sysbus devices are created after machine init. machvirt also registers a notifier that will build the device tree nodes for the platform bus and its children dynamic sysbus devices. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1433244554-12898-4-git-send-email-eric.auger@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ac9d32e39664e060cd1b538ff190980d57ad69e4 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Tue Jun 2 12:29:12 2015 +0100 hw/arm/boot: arm_load_kernel implemented as a machine init done notifier Device tree nodes for the platform bus and its children dynamic sysbus devices are added in a machine init done notifier. To load the dtb once, after those latter nodes are built and before ROM freeze, the actual arm_load_kernel existing code is moved into a notifier notify function, arm_load_kernel_notify. arm_load_kernel now only registers the corresponding notifier. Machine files that do not support platform bus stay unchanged. Machine files willing to support dynamic sysbus devices must call arm_load_kernel before sysbus-fdt arm_register_platform_bus_fdt_creator to make sure dynamic sysbus device nodes are integrated in the dtb. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Reviewed-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1433244554-12898-3-git-send-email-eric.auger@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c25bbf1545a53ac051f9e51d4140e397660c10ae Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:01 2015 +0000 xen/pt: unknown PCI config space fields should be read-only ... by default. Add a per-device "permissive" mode similar to pciback's to allow restoring previous behavior (and hence break security again, i.e. should be used only for trusted guests). This is part of XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Reviewed-by: Anthony PERARD <anthony.perard@xxxxxxxxxx>) commit a88a3f887181605f4487a22bdfb7d87ffafde5d9 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:01 2015 +0000 xen/pt: add a few PCI config space field descriptions Since the next patch will turn all not explicitly described fields read-only by default, those fields that have guest writable bits need to be given explicit descriptors. This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> commit 0ad3393ad032f76e88b4dbd04d36ad84dff75dd6 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:01 2015 +0000 xen/pt: mark reserved bits in PCI config space fields The adjustments are solely to make the subsequent patches work right (and hence make the patch set consistent), namely if permissive mode (introduced by the last patch) gets used (as both reserved registers and reserved fields must be similarly protected from guest access in default mode, but the guest should be allowed access to them in permissive mode). This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> commit 45ebe3916ab16f859ed930e92fbd52d84d5dcdaf Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:01 2015 +0000 xen/pt: mark all PCIe capability bits read-only xen_pt_emu_reg_pcie[]'s PCI_EXP_DEVCAP needs to cover all bits as read- only to avoid unintended write-back (just a precaution, the field ought to be read-only in hardware). This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 0e7ef22136955169a0fd03c4e41af95662352733 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:01 2015 +0000 xen/pt: split out calculation of throughable mask in PCI config space handling This is just to avoid having to adjust that calculation later in multiple places. Note that including ->ro_mask in get_throughable_mask()'s calculation is only an apparent (i.e. benign) behavioral change: For r/o fields it doesn't matter > whether they get passed through - either the same flag is also set in emu_mask (then there's no change at all) or the field is r/o in hardware (and hence a write won't change it anyway). This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Reviewed-by: Anthony PERARD <anthony.perard@xxxxxxxxxx> commit c4ff1e68c621928abc680266cad0a451686c403b Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:01 2015 +0000 xen/pt: correctly handle PM status bit xen_pt_pmcsr_reg_write() needs an adjustment to deal with the RW1C nature of the not passed through bit 15 (PCI_PM_CTRL_PME_STATUS). This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit d61bb2482dc0c7426f451f23ba7e2748ae2cc06d Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:01 2015 +0000 xen/pt: consolidate PM capability emu_mask There's no point in xen_pt_pmcsr_reg_{read,write}() each ORing PCI_PM_CTRL_STATE_MASK and PCI_PM_CTRL_NO_SOFT_RESET into a local emu_mask variable - we can have the same effect by setting the field descriptor's emu_mask member suitably right away. Note that xen_pt_pmcsr_reg_write() is being retained in order to allow later patches to be less intrusive. This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx> commit d1d35cf4ffb6a60a356193397919e83306d0bb74 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:01 2015 +0000 xen/MSI: don't open-code pass-through of enable bit modifications Without this the actual XSA-131 fix would cause the enable bit to not get set anymore (due to the write back getting suppressed there based on the OR of emu_mask, ro_mask, and res_mask). Note that the fiddling with the enable bit shouldn't really be done by qemu, but making this work right (via libxc and the hypervisor) will require more extensive changes, which can be postponed until after the security issue got addressed. This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit b38ec5ee7a581776bbce0bdaecb397632c3c4791 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:00 2015 +0000 xen/MSI-X: limit error messages Limit error messages resulting from bad guest behavior to avoid allowing the guest to cause the control domain's disk to fill. The first message in pci_msix_write() can simply be deleted, as this is indeed bad guest behavior, but such out of bounds writes don't really need to be logged. The second one is more problematic, as there guest behavior may only appear to be wrong: For one, the old logic didn't take the mask-all bit into account. And then this shouldn't depend on host device state (i.e. the host may have masked the entry without the guest having done so). Plus these writes shouldn't be dropped even when an entry is unmasked. Instead, if they can't be made take effect right away, they should take effect on the next unmasking or enabling operation - the specification explicitly describes such caching behavior. Until we can validly drop the message (implementing such caching/latching behavior), issue the message just once per MSI-X table entry. Note that the log message in pci_msix_read() similar to the one being removed here is not an issue: "addr" being of unsigned type, and the maximum size of the MSI-X table being 32k, entry_nr simply can't be negative and hence the conditonal guarding issuing of the message will never be true. This is XSA-130. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 7611dae8a69f0f1775ba1a9a942961c2aa10d88e Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:00 2015 +0000 xen: don't allow guest to control MSI mask register It's being used by the hypervisor. For now simply mimic a device not capable of masking, and fully emulate any accesses a guest may issue nevertheless as simple reads/writes without side effects. This is XSA-129. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 5c83b2f5b4b956e91dd6e5711f14df7ab800aefb Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:00 2015 +0000 xen: properly gate host writes of modified PCI CFG contents The old logic didn't work as intended when an access spanned multiple fields (for example a 32-bit access to the location of the MSI Message Data field with the high 16 bits not being covered by any known field). Remove it and derive which fields not to write to from the accessed fields' emulation masks: When they're all ones, there's no point in doing any host write. This fixes a secondary issue at once: We obviously shouldn't make any host write attempt when already the host read failed. This is XSA-128. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 11d306b9df172faeeb3409deba4083dbe479b23c Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Tue Jun 2 12:29:11 2015 +0100 hw/arm/sysbus-fdt: helpers for platform bus nodes addition This new C module will be used by ARM machine files to generate platform bus node and their dynamic sysbus device tree nodes. Dynamic sysbus device node addition is done in a machine init done notifier. arm_register_platform_bus_fdt_creator does the registration of this latter and is supposed to be called by ARM machine files that support platform bus and their dynamic sysbus. Addition of dynamic sysbus nodes is done only if the user did not provide any dtb. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Reviewed-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1433244554-12898-2-git-send-email-eric.auger@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4771cd01daaccb2a8929fa04c88c608e378cf814 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 1 19:18:36 2015 +0100 target-arm: Remove v8_ prefix from names of non-v8-specific cpreg arrays The ARMCPRegInfo arrays v8_el3_no_el2_cp_reginfo and v8_el2_cp_reginfo are actually used on non-v8 CPUs as well. Remove the incorrect v8_ prefix from their names. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1433182716-6400-1-git-send-email-peter.maydell@xxxxxxxxxx commit 9718e4ae362d2f221ec028cdacefafc593ef1357 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Tue Jun 2 14:56:23 2015 +0100 arm_gicv2m: set kvm_gsi_direct_mapping and kvm_msi_via_irqfd_allowed After introduction of kvm_arch_msi_data_to_gsi, kvm_gsi_direct_mapping now can be set on ARM. Also kvm_msi_via_irqfd_allowed can be set, depending on kernel irqfd support, hence enabling VIRTIO-PCI with vhost back-end. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1850b6b7d027bb4b45010a7d1da919267fff2cd4 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Tue Jun 2 14:56:23 2015 +0100 kvm: introduce kvm_arch_msi_data_to_gsi On ARM the MSI data corresponds to the shared peripheral interrupt (SPI) ID. This latter equals to the SPI index + 32. to retrieve the SPI index, matching the gsi, an architecture specific function is introduced. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Acked-by: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0b2ff2ceb8a45cbe51ca13a1a32fc5bdeec71815 Author: Victor CLEMENT <victor.clement@xxxxxxxxxxx> Date: Tue Jun 2 14:56:23 2015 +0100 pl061: fix wrong calculation of GPIOMIS register The masked interrupt status register should be the state of the interrupt after masking. There should be a logical AND instead of a logical OR between the interrupt status and the interrupt mask. Signed-off-by: Victor CLEMENT <victor.clement@xxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1433154824-6927-1-git-send-email-victor.clement@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bd204e63a7ce9d1b5c5903c9033863b179194989 Author: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Date: Tue Jun 2 14:56:23 2015 +0100 target-arm: Add the GICv2m to the virt board Add a GICv2m device to the virt board to enable MSIs on the generic PCI host controller. We allocate 64 SPIs in the IRQ space for now (this can be increased/decreased later) and map the GICv2m right after the GIC in the memory map. Reviewed-by: Eric Auger <eric.auger@xxxxxxxxxx> Signed-off-by: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Message-id: 1432897270-7780-5-git-send-email-christoffer.dall@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dfd90a87155882d92a3efa6da9afc773fd8c6796 Author: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Date: Tue Jun 2 14:56:23 2015 +0100 target-arm: Extend the gic node properties In preparation for adding the GICv2m which requires address specifiers and is a subnode of the gic, we extend the gic DT definition to specify the #address-cells and #size-cells properties and add an empty ranges property properties of the DT node, since this is required to add the v2m node as a child of the gic node. Note that we must also expand the irq-map to reference the gic with the right address-cells as a consequence of this change. Reviewed-by: Eric Auger <eric.auger@xxxxxxxxxx> Signed-off-by: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Message-id: 1432897270-7780-4-git-send-email-christoffer.dall@xxxxxxxxxx Suggested-by: Shanker Donthineni <shankerd@xxxxxxxxxxxxxx> Signed-off-by: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 770c58f8d10b61e80a211d87df83670711631530 Author: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Date: Tue Jun 2 14:56:23 2015 +0100 arm_gicv2m: Add GICv2m widget to support MSIs The ARM GICv2m widget is a little device that handles MSI interrupt writes to a trigger register and ties them to a range of interrupt lines wires to the GIC. It has a few status/id registers and the interrupt wires, and that's about it. A board instantiates the device by setting the base SPI number and number SPIs for the frame. The base-spi parameter is indexed in the SPI number space only, so base-spi == 0, means IRQ number 32. When a device (the PCI host controller) writes to the trigger register, the payload is the GIC IRQ number, so we have to subtract 32 from that and then index into our frame of SPIs. When instantiating a GICv2m device, tell PCI that we have instantiated something that can deal with MSIs. We rely on the board actually wiring up the GICv2m to the PCI host controller. Reviewed-by: Eric Auger <eric.auger@xxxxxxxxxx> Signed-off-by: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Message-id: 1432897270-7780-3-git-send-email-christoffer.dall@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 747d009dcac37ce7372b58b21c168f0ad66cf7be Author: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Date: Tue Jun 2 14:56:22 2015 +0100 target-arm: Add GIC phandle to VirtBoardInfo Instead of passing the GIC phandle around between functions, add it to the VirtBoardInfo just like we do for the clock_phandle. We are about to add the v2m phandle as well, and it's easier not having to pass around a bunch of phandles, return multiple values from functions, etc. Reviewed-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Message-id: 1432897270-7780-2-git-send-email-christoffer.dall@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 57b6d95eb480d66c5bfa4e416d1fbcad0f84fdd2 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Jun 2 14:56:22 2015 +0100 Revert "target-arm: Avoid g_hash_table_get_keys()" Since we now require GLib 2.22+ (commit f40685c), we don't have to work around lack of g_hash_table_get_keys() anymore. This reverts commit 82a3a11897308b606120f7235001e87809708f85. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-id: 1432749090-4698-1-git-send-email-armbru@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8742d49d6f2278d353a1623dfa8a5e237dbfd906 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:22 2015 +0100 target-arm: Add TLBI_VAE2{IS} Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-11-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 51da90140bba4333eeb9c1d8d8d8afc2ca790628 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:22 2015 +0100 target-arm: Add TLBI_ALLE2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-10-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bdb9e2d66afbe0571dce48a9430c35ae4d6bbd32 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:22 2015 +0100 target-arm: Add TLBI_ALLE1{IS} Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-9-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a57633c08fa861807a0713505785bd4d441d7df8 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:21 2015 +0100 target-arm: Add TTBR0_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-8-git-send-email-edgar.iglesias@xxxxxxxxx [PMM: Switch to preferred opc1/crm order for 64-bit AArch32 cpregs; drop unneeded use of vmsa_ttbr_writefn] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ff05f37babe7874f28dcead6e9e4f1904d35a13a Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:21 2015 +0100 target-arm: Add TPIDR_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-7-git-send-email-edgar.iglesias@xxxxxxxxx [PMM: reordered fields into preferred opc0/opc1/crn/crm/opc2 order] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b9cb5323bb671a0f2bfecc36168d3a3763e90261 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:21 2015 +0100 target-arm: Add SCTLR_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-6-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 06ec4c8c9f9e21b7671c79296f3a47ab63d50067 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:21 2015 +0100 target-arm: Add TCR_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-5-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 95f949ac3dc7d4a6ebee512a9d122db18210df64 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:21 2015 +0100 target-arm: Add MAIR_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-4-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a903c449b41f105aadd5f762a7aede531b4950f0 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:21 2015 +0100 target-arm: Break down TLB_LOCKDOWN Break down the overly broad wildcard definition of TLB_LOCKDOWN down to v7 level. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-3-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3fc827d591679f3e262b9d1f8b34528eabfca8c0 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Fri May 29 16:43:13 2015 +1000 target-arm: Correct check for non-EL3 This fixes a compile warning from clang 3.5 (the assertion could never fire). Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-2-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> [PMM: added note in commit message that this is fixing a build warning] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 25611aa12b4155937d076dbe7445daed62ee6043 Merge: ef99b3e e63d114 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 2 11:25:12 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20150602-1' into staging virtio-input: two small fixups # gpg: Signature made Tue Jun 2 09:32:51 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-input-20150602-1: virtio-input: make virtio devices follow usual naming convention virtio-input: const_le16 and const_le32 not build time constant Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ef99b3ee065d5c817fa0a50d95293e569bfb47fb Merge: b821cbe 9e47226 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 2 10:20:03 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging pc build fix My last pull breaks build on systems with iasl. Fix this up. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Mon Jun 1 20:41:08 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: acpi: add missing ssdt Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e63d114b8a81e22ff9295674ba64b21255d589ee Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Jun 2 10:31:29 2015 +0200 virtio-input: make virtio devices follow usual naming convention Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 16c9d46d32b39b147774ddd948dd2f9ad9049d02 Author: Michael Mueller <mimu@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 1 15:51:56 2015 +0200 virtio-input: const_le16 and const_le32 not build time constant As the implementation of const_le16 and const_le32 is not build time constant on big endian systems this need to be fixed. CC hw/input/virtio-input-hid.o hw/input/virtio-input-hid.c:340:13: error: initializer element is not constant hw/input/virtio-input-hid.c:340:13: error: (near initialization for â??virtio_keyboard_config[1].u.ids.bustypeâ??) ... Signed-off-by: Michael Mueller <mimu@xxxxxxxxxxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 489653b5db17679fd61b740dd289c798bb25d7b9 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 20:01:05 2015 +0100 monitor: Change return type of monitor_cur_is_qmp() to bool Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 9f3982f2dcd96753d57d0ac64bd1ae3b37a90eb3 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 19:56:38 2015 +0100 monitor: Rename monitor_ctrl_mode() to monitor_is_qmp() ... and change return type to bool. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit f994b2587f081693b017ebd03b362d162d3108b3 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 19:51:51 2015 +0100 monitor: Turn int command_mode into bool in_command_mode While there, inline the pointless qmp_cmd_mode() wrapper. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 6a50636f35ba677c747f2f6127b0dba994b039ca Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 19:49:41 2015 +0100 monitor: Drop do_qmp_capabilities()'s superfluous QMP check Superfluous since commit 30f5041 removed it from HMP. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 74358f2a1647b239d87340ea0024f9d2efa266ca Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 19:35:59 2015 +0100 monitor: Unbox Monitor member mc and rename to qmp While there, rename its type as well, from MonitorControl to MonitorQMP. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit c83fe23b58199a6d4a938305cb0fc45fe7729b61 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 19:20:51 2015 +0100 monitor: Rename monitor_control_read(), monitor_control_event() ... to monitor_qmp_read(), monitor_qmp_event(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 7ef6cf6341c453021939c909adf2d62d9dc25fd5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 19:12:36 2015 +0100 monitor: Rename handle_user_command() to handle_hmp_command() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 710aec915d208246891b68e2ba61b54951edc508 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 11:28:00 2015 +0100 monitor: Limit QError use to command handlers The previous commits narrowed use of QError to handle_qmp_command() and its helpers monitor_protocol_emitter(), build_qmp_error_dict(). Narrow it further to just the command handler call: instead of converting Error to QError throughout handle_qmp_command(), convert the QError gotten from the command handler to Error, and switch the helpers from QError to Error. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 452e0300a3521f13b6c4ba0b99a8cea3a29209f1 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 19:11:13 2015 +0100 monitor: Inline monitor_has_error() into its only caller Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 70ea0c58991ae44b5a1e67d9c189d79029168cb1 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 10:47:08 2015 +0100 monitor: Wean monitor_protocol_emitter() off mon->error Move mon->error handling to its caller handle_qmp_command(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 4086182fcd9b106345b5cc535d78bcc6d13a7683 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 29 10:27:16 2015 +0200 monitor: Propagate errors through invalid_qmp_mode() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit ba0510aad43148e5284cb52fcc7a0103b5e0af4d Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Mar 2 18:41:43 2015 +0100 monitor: Propagate errors through qmp_check_input_obj() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 326283aa5d4d51d576185af4cbbdc29f648cd766 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Mar 2 18:39:09 2015 +0100 monitor: Propagate errors through qmp_check_client_args() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 8a4f501c09bcb8b5a220699e378aa8fb7ec178e4 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 18:50:05 2015 +0100 monitor: Drop unused "new" HMP command interface Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 04e00c92ef75629a241ebc50537f75de0867928d Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 17:48:49 2015 +0100 monitor: Use trad. command interface for HMP pcie_aer_inject_error All QMP commands use the "new" handler interface (mhandler.cmd_new). Most HMP commands still use the traditional interface (mhandler.cmd), but a few use the "new" one. Complicates handle_user_command() for no gain, so I'm converting these to the traditional interface. pcie_aer_inject_error's implementation is split into the hmp_pcie_aer_inject_error() and pcie_aer_inject_error_print(). The former is a peculiar crossbreed between HMP and QMP handler. On success, it works like a QMP handler: store QDict through ret_data parameter, return 0. Printing the QDict is left to pcie_aer_inject_error_print(). On failure, it works more like an HMP handler: print error to monitor, return negative number. To convert to the traditional interface, turn pcie_aer_inject_error_print() into a command handler wrapping around hmp_pcie_aer_inject_error(). By convention, this command handler should be called hmp_pcie_aer_inject_error(), so rename the existing hmp_pcie_aer_inject_error() to do_pcie_aer_inject_error(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 318660f84a0a26451750aee68ab7dcf88731637d Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 17:24:48 2015 +0100 monitor: Use traditional command interface for HMP device_add All QMP commands use the "new" handler interface (mhandler.cmd_new). Most HMP commands still use the traditional interface (mhandler.cmd), but a few use the "new" one. Complicates handle_user_command() for no gain, so I'm converting these to the traditional interface. For device_add, that's easy: just wrap the obvious hmp_device_add() around do_device_add(). monitor_user_noop() is now unused, drop it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 072ebe6b0351060b33287454fdef625fe79c858f Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 17:00:56 2015 +0100 monitor: Use traditional command interface for HMP drive_del All QMP commands use the "new" handler interface (mhandler.cmd_new). Most HMP commands still use the traditional interface (mhandler.cmd), but a few use the "new" one. Complicates handle_user_command() for no gain, so I'm converting these to the traditional interface. For drive_del, that's easy: hmp_drive_del() sheds its unused last parameter, and its return value, which the caller ignored anyway. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit b8a185bc9a8ecbdc74fd64672e4abdd09a558e1c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 17:29:02 2015 +0100 monitor: Convert client_migrate_info to QAPI Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 13cadefbda71e119db79fe0b7a4efd26a6d005bd Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 19:16:58 2015 +0100 monitor: Improve and document client_migrate_info protocol error Protocol must be spice, vnc isn't implemented. Fix up documentation. Attempts to use vnc or any other unknown protocol yield the misleading error message "Invalid parameter 'protocol'". Improve it to "Parameter 'protocol' expects spice". Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by. Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 84add864ebd2e6f3c645948ab595d8454165ebc5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 16:45:15 2015 +0100 monitor: Clean up after previous commit Inline qmp_call_cmd() along with its helper handler_audit() into its only caller handle_qmp_command(), and simplify the result. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 65207c59d99f2260c5f1d3b9c491146616a522aa Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 14:35:26 2015 +0100 monitor: Drop broken, unused asynchronous command interface The asynchronous monitor command interface goes back to commit 940cc30 (Jan 2010). Added a third case to command execution. The hope back then according to the commit message was that all commands get converted to the asynchronous interface, killing off the other two cases. Didn't happen. The initial asynchronous commands balloon and info balloon were converted back to synchronous long ago (commit 96637bc and d72f32), with commit messages calling the asynchronous interface "not fully working" and "deprecated". The only other user went away in commit 3b5704b. New code generally uses synchronous commands and asynchronous events. What exactly is still "not fully working" with asynchronous commands? Well, here's a bug that defeats actual asynchronous use pretty reliably: the reply's ID is wrong (and has always been wrong) unless you use the command synchronously! To reproduce, we need an asynchronous command, so we have to go back before commit 3b5704b. Run QEMU with spice: $ qemu-system-x86_64 -nodefaults -S -spice port=5900,disable-ticketing -qmp stdio {"QMP": {"version": {"qemu": {"micro": 94, "minor": 2, "major": 2}, "package": ""}, "capabilities": []}} Connect a spice client in another terminal: $ remote-viewer spice://localhost:5900 Set up a migration destination dummy in a third terminal: $ socat TCP-LISTEN:12345 STDIO Now paste the following into the QMP monitor: { "execute": "qmp_capabilities", "id": "i0" } { "execute": "client_migrate_info", "id": "i1", "arguments": { "protocol": "spice", "hostname": "localhost", "port": 12345 } } { "execute": "query-kvm", "id": "i2" } Produces two replies immediately, one to qmp_capabilities, and one to query-kvm: {"return": {}, "id": "i0"} {"return": {"enabled": false, "present": true}, "id": "i2"} Both are correct. Two lines of debug output from libspice-server not shown. Now EOF socat's standard input to make it close the connection. This makes the asynchronous client_migrate_info complete. It replies: {"return": {}} Bug: "id": "i1" is missing. Two lines of debug output from libspice-server not shown. Cherry on top: storage for the missing ID is leaked. Get rid of this stuff before somebody hurts himself with it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 9e472263b07d53cb3401ee49ef1b45ef195ddb84 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Jun 1 21:03:59 2015 +0200 acpi: add missing ssdt commit 5cb18b3d7bff2a83275ee98af2a14eb9e21c93ab TPM2 ACPI table support was missing a file, so build with iasl fails (build without iasl works since it uses the generated hex files). Reported-by: "Daniel P. Berrange" <berrange@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b821cbe274c5a5cacf1a7b28360d869ae1e6e0c3 Merge: 9657caf 830d70d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 1 15:22:46 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging pc, pci, tpm, virtio, vhost enhancements and fixes A bunch of cleanups and fixes all over the place, enhancements in TPM, virtio and vhost. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Mon Jun 1 13:19:48 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: (60 commits) vhost-user: add multi queue support virtio: make features 64bit wide qdev: add 64bit properties virtio-mmio: ioeventfd support hw/acpi/aml-build: Fix memory leak acpi: add aml_while() term acpi: add aml_increment() term acpi: add aml_shiftright() term acpi: add aml_shiftleft() term acpi: add aml_index() term acpi: add aml_lless() term acpi: add aml_add() term TPM2 ACPI table support tpm: Probe for connected TPM 1.2 or TPM 2 Extend TPM TIS interface to support TPM 2 Add stream ID to MSI write acpi: Simplify printing to dynamic string i386: drop FDC in pc-q35-2.4+ if neither it nor floppy drives are wanted i386/pc_q35: don't insist on board FDC if there's no default floppy i386/pc: '-drive if=floppy' should imply a board-default FDC ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 830d70db692e374b55555f4407f96a1ceefdcc97 Author: Ouyang Changchun <changchun.ouyang@xxxxxxxxx> Date: Thu May 28 09:23:06 2015 +0800 vhost-user: add multi queue support Based on patch by Nikolay Nikolaev: Vhost-user will implement the multi queue support in a similar way to what vhost already has - a separate thread for each queue. To enable the multi queue functionality - a new command line parameter "queues" is introduced for the vhost-user netdev. Signed-off-by: Nikolay Nikolaev <n.nikolaev@xxxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Changchun Ouyang <changchun.ouyang@xxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 019a3edbb25f1571e876f8af1ce4c55412939e5d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Mon Jun 1 10:45:40 2015 +0200 virtio: make features 64bit wide Make features 64bit wide everywhere. On migration a full 64bit guest_features field is sent if one of the high bits is set, in addition to the lower 32bit guest_features field which must stay for compatibility reasons. That way we send the lower 32 feature bits twice, but the code is simpler because we don't have to split and compose the 64bit features into two 32bit fields. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fdba6d967e00864edd21275a6ee1d23a383510e8 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Mon Jun 1 10:45:39 2015 +0200 qdev: add 64bit properties Needed for virtio features which go from 32bit to 64bit with virtio 1.0 Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 434027badb421863b85ffdb4769966533c001cfa Author: Ying-Shiuan Pan <yingshiuan.pan@xxxxxxxxx> Date: Tue May 12 11:10:50 2015 +0300 virtio-mmio: ioeventfd support set_host_notifier and set_guest_notifiers supported by virtio-mmio now. Most code copied from virtio-pci. This makes it possible to use vhost-net with virtio-mmio, improving performance by about 30%. The kvm-arm does not yet support irqfd, need to fix the hard-coded part after kvm-arm gets irqfd support. Signed-off-by: Ying-Shiuan Pan <yingshiuan.pan@xxxxxxxxx> Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit afcf905cff7971324c2706600ead35a1f41f417a Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Mon May 25 15:14:37 2015 +0800 hw/acpi/aml-build: Fix memory leak Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit 68e6b0af784dda4efd9d4e2e9d3b03a31ca1408c Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Mon May 25 18:33:46 2015 +0300 acpi: add aml_while() term Add encoding for ACPI DefWhile Opcode. Reviewed-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit af39d5363f373e6c1168a0e84658d6e4ef57fa8c Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Mon May 25 18:33:45 2015 +0300 acpi: add aml_increment() term Add encoding for ACPI DefIncrement Opcode. Reviewed-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit f7bd7b8eb6573ed22bfc51e148455a1c0a1e36d0 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Mon May 25 18:33:44 2015 +0300 acpi: add aml_shiftright() term Add encoding for ACPI DefShiftRight Opcode. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> commit a57dddddd2f93b87852fac2ed41a31c45e6d192a Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Mon May 25 18:33:43 2015 +0300 acpi: add aml_shiftleft() term Add encoding for ACPI DefShiftLeft Opcode. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> commit 928b8996576875f9364f77c5a41f12cd55c7b9f7 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Mon May 25 18:33:42 2015 +0300 acpi: add aml_index() term Add encoding for ACPI DefIndex Opcode. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> commit 96396e2858fd8a0b4ee218c9894b5a67d22d97d9 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Mon May 25 18:33:41 2015 +0300 acpi: add aml_lless() term Add encoding for ACPI DefLLess Opcode. Reviewed-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c08cf0704247aa55e9b0bb14cf34d845629e0e3e Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Mon May 25 18:33:40 2015 +0300 acpi: add aml_add() term Add encoding for ACPI DefAdd Opcode. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> commit 5cb18b3d7bff2a83275ee98af2a14eb9e21c93ab Author: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Date: Tue May 26 16:51:07 2015 -0400 TPM2 ACPI table support Add a TPM2 ACPI table if a TPM 2 is used in the backend. Also add an SSDT for the TPM 2. Rename tpm_find() to tpm_get_version() and have this function return the version of the TPM found, TPMVersion_Unspec if no TPM is found. Use the version number to build version specific ACPI tables. Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 9657cafceb90accedd574a3accb3d344def8e764 Merge: 97af820 07e1548 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 1 11:29:37 2015 +0100 Merge remote-tracking branch 'remotes/bkoppelmann/tags/pull-tricore-20150530' into staging TriCore bugfixes # gpg: Signature made Sat May 30 15:50:49 2015 BST using RSA key ID 6B69CA14 # gpg: Good signature from "Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx>" * remotes/bkoppelmann/tags/pull-tricore-20150530: target-tricore: fix BOL_ST_H_LONGOFF using ld target-tricore: fix msub32_q producing the wrong overflow bit target-tricore: fix OPC2_32_RR_DVINIT_HU having write before use on the result Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 56a3c24ffc11955ddc7bb21362ca8069a3fc8c55 Author: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Date: Tue May 26 16:51:06 2015 -0400 tpm: Probe for connected TPM 1.2 or TPM 2 In the TPM passthrough backend driver, modify the probing code so that we can check whether a TPM 1.2 or TPM 2 is being used and adapt the behavior of the TPM TIS accordingly. Move the code that tested for a TPM 1.2 into tpm_utils.c and extend it with test for probing for TPM 2. Have the function return the version of TPM found. Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 116694c34aa794a994051fce55bfee418fe1521d Author: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Date: Tue May 26 16:51:05 2015 -0400 Extend TPM TIS interface to support TPM 2 Following the recent upgrade to version 1.3, extend the TPM TIS interface with capabilities introduced for support of a TPM 2. TPM TIS for TPM 2 introduced the following extensions beyond the TPM TIS 1.3 (used for TPM 1.2): - A new 32bit interface Id register was introduced. - New flags for the status (STS) register were defined. - New flags for the capability flags were defined. Support the above if a TPM TIS 1.3 for TPM 2 is used with a TPM 2 on the backend side. Support the old TPM TIS 1.3 configuration if a TPM 1.2 is being used. A subsequent patch will then determine which TPM version is being used in the backend. Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 38d40ff10f71657ea913a63d1f8477be368b92c1 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Wed May 27 15:59:59 2015 +0300 Add stream ID to MSI write GICv3 ITS distinguishes between devices by using hardwired device IDs passed on the bus. This patch implements passing these IDs in qemu. SMMU is also known to use stream IDs, therefore this addition can also be useful for implementing platforms with SMMU. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Changes from v1: - Added bus number to the stream ID - Added stream ID not only to MSI-X, but also to plain MSI. Some common code was made into msi_send_message() function. Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c3bdc56c183f6ca6baa502bd7861583ca98b333b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed May 27 19:55:55 2015 +0200 acpi: Simplify printing to dynamic string build_append_namestringv() and aml_string() first calculate the resulting string's length with vsnprintf(NULL, ...), then allocate, then print for real. Simply use g_strdup_vprintf() or g_vasprintf() instead. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit ea96bc629cbd52be98b2967a4b4f72e91dfc3ee4 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu May 28 22:04:11 2015 +0200 i386: drop FDC in pc-q35-2.4+ if neither it nor floppy drives are wanted It is Very annoying to carry forward an outdatEd coNtroller with a mOdern Machine type. Hence, let us not instantiate the FDC when all of the following apply: - the machine type is pc-q35-2.4 or later, - "-device isa-fdc" is not passed on the command line (nor in the config file), - no "-drive if=floppy,..." is requested. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Cc: "Gabriel L. Somlo" <gsomlo@xxxxxxxxx> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: qemu-block@xxxxxxxxxx Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 6cd2234ccbacf2825372142a2658bf318ce2f848 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu May 28 22:04:10 2015 +0200 i386/pc_q35: don't insist on board FDC if there's no default floppy The "no_floppy = 1" machine class setting causes "default_floppy" in main() to become zero. Consequently, default_drive() will not call drive_add() and drive_new() for IF_FLOPPY, index=0, meaning that no default floppy drive will be created for the virtual machine. In that case, board code should also not insist on the creation of the board-default FDC. The board-default FDC will still be created if the user requests a floppy drive with "-drive if=floppy". Additionally, separate FDCs can be specified manually with "-device isa-fdc". They allow the -device isa-fdc,driveA=... syntax that is more flexible than the one required by the board-default FDC: -global isa-fdc.driveA=... This patch doesn't change the behavior observably, as all Q35 machine types have "no_floppy = 0". Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Cc: "Gabriel L. Somlo" <gsomlo@xxxxxxxxx> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: qemu-block@xxxxxxxxxx Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 936a7c1cf7410a3bab97c98301054921d47a8918 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu May 28 22:04:09 2015 +0200 i386/pc: '-drive if=floppy' should imply a board-default FDC Even if board code decides not to request the creation of the FDC (keyed off board-level factors, to be determined later), we should create the FDC nevertheless if the user passes '-drive if=floppy' on the command line. Otherwise '-drive if=floppy' would break without explicit '-device isa-fdc' on such boards. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Cc: "Gabriel L. Somlo" <gsomlo@xxxxxxxxx> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: qemu-block@xxxxxxxxxx Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> commit fd53c87cf6651b0dfe9f5107cfe77d2f697bd4f6 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu May 28 22:04:08 2015 +0200 i386/pc: pc_basic_device_init(): delegate FDC creation request This patch introduces no observable change, but it allows the callers of pc_basic_device_init(), ie. pc_init1() and pc_q35_init(), to request (or not request) the creation of the FDC explicitly. At the moment both callers pass constant create_fdctrl=true (hence no observable change). Assuming a board passes create_fdctrl=false, "floppy" will be NULL on output, and (beyond the FDC not being created) that NULL will be passed on to pc_cmos_init(). Luckily, pc_cmos_init() already handles that case. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Cc: "Gabriel L. Somlo" <gsomlo@xxxxxxxxx> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: qemu-block@xxxxxxxxxx Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> commit b829c2a98f1f67308eb02fcddb52d8fa67775f18 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:32 2015 +0800 virtio: increase the queue limit to 1024 Increase the queue limit to 1024. But virtio-ccw and s390-virtio won't support this, this is done through failing device_plugged() for those two transports if the number of virtqueues is greater than 64. Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 87b3bd1c858e6cacac4d403da9109ec3a04fe9d0 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:31 2015 +0800 virtio: rename VIRTIO_PCI_QUEUE_MAX to VIRTIO_QUEUE_MAX VIRTIO_PCI_QUEUE_MAX is not only used for pci, so rename it be generic. Cc: Amit Shah <amit.shah@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d820331a0b47cbbdc409b435545aea25e19b57ad Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:30 2015 +0800 virtio-s390: introduce virtio_s390_device_plugged() This patch introduce a virtio-s390 specific device_plugged() function and doing the number of virtqueue validation inside. Cc: Alexander Graf <agraf@xxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 74c85296dc880568005b8e7572e08a39d66bcdca Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:29 2015 +0800 virtio-s390: introduce virito s390 queue limit Cc: Alexander Graf <agraf@xxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 10ceaa1e8f9f74c917df1fe5db856817a8b26fe7 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:28 2015 +0800 virtio-ccw: validate the number of queues against bus limitation Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8dfbaa6ac450c4ec2646b1ca08a4017052a90c1d Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:27 2015 +0800 virtio-ccw: introduce ccw specific queue limit Cc: Alexander Graf <agraf@xxxxxxx> Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8ad176aaed24535f535e0fdb03c538c23017535d Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:26 2015 +0800 virtio: introduce virtio_get_num_queues() This patch introduces virtio_get_num_queues() which iterates the vqs array and return the number of virtqueues used by device. Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit e83980455c8c7eb066405de512be7c4bace3ac4d Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:25 2015 +0800 virtio: device_plugged() can fail This patch passes error pointer to transport specific device_plugged() callback. Through this way, device_plugged() can do some transport specific check and fail. This will be uesd by following patches that check the number of virtqueues against the transport limitation. Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit da51a335aa61ec0e45879d80f3c5e2ee4f87cd2f Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:24 2015 +0800 virtio-net: adding all queues in .realize() Instead of adding queues for multiqueue during feature set. This patch did this in .realize(), this will help the following patches that count the number of virtqueues used in .device_plugged() callback. Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit cf34f533a161f8ced7322321d70ca00414d47473 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri May 29 11:29:40 2015 +0200 virtio: move VIRTIO_F_NOTIFY_ON_EMPTY into core Nearly all transports have been offering VIRTIO_F_NOTIFY_ON_EMPTY, s390-virtio being the exception. There's no reason why it shouldn't offer it as well, though (handling is done in core anyway), so let's move it to the common virtio features. While we're changing it anyway, fix the indentation for the DEFINE_VIRTIO_COMMON_FEATURES macro. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 13644819c5bf322ae4c2a415aca77d5dbde95fe8 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri May 29 11:29:39 2015 +0200 virtio-ccw: Don't advertise VIRTIO_F_BAD_FEATURE This was copied from virtio-pci, but it doesn't make much sense for ccw, as it doesn't have to handle the broken implementations this bit is supposed to deal with. Remove it. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 6b8f1020540c27246277377aa2c3331ad2bfb160 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue May 26 16:34:47 2015 +0200 virtio: move host_features Move host_features from the individual transport proxies into the virtio device. Transports may continue to add feature bits during device plugging. This should it make easier to offer different sets of host features for virtio-1/transitional support. Tested-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 2332333c9738b442fbbd5b83a1eaa6be656ab9b5 Author: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Date: Fri May 29 21:57:32 2015 +0200 pc: acpi: fix pvpanic for buggy guests In the old times, we always had pvpanic in ACPI and a _STA method told the guest not to use it. Automatic generation dropped the _STA method as the specification says that missing _STA means enabled and working. Some guests (Linux) had buggy drivers and this change made them unable to utilize pvpanic. A Linux patch is posted as well, but I think it's worth to make pvpanic useable on old guests at the price of three lines and few bytes of SSDT. The old _STA method was Method (_STA, 0, NotSerialized) { Store (PEST, Local0) If (LEqual (Local0, Zero)) { Return (Zero) } Else { Return (0x0F) }} Igor pointed out that we don't need to use a method to return a constant and that 0xB (don't show in UI) is the common definition now. Also, the device used to be PEVT. (PEVT as in "panic event"?) Signed-off-by: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 99fbeafee8b568e796863980365080abdb8d675e Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:19:01 2015 -0300 pc: Generate init functions with a macro All pc-i440fx and pc-q35 init functions simply call the corresponding compat function and then call the main init function. Use a macro to generate that code. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 211b5b1d0a31f2f7593d6858a0b10487fb7b7fac Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:19:00 2015 -0300 piix: Eliminate pc_init_pci() The function is not needed anymore, we can simply call pc_init1() directly. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 72d164aa73b7c8d22a63b8ee789f97e4a8d2aa5c Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:18:59 2015 -0300 piix: Add kvmclock_enabled, pci_enabled globals This looks like a step backwards, but it will allow pc-0.1[0123] and isapc to follow the same compat+init pattern used by the other machine-types, allowing us to generate all init function using the same macro later. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d48f4fa69eb3efb03a2efe2e4606a97a17cf222f Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:18:58 2015 -0300 machine: Remove unused fields from QEMUMachine This removes the following fields from QEMUMachine: family, alias, reset, hot_add_cpu, units_per_default_bus, no_serial, no_parallel, use_virtcon, use_sclp, no_floppy, no_cdrom, default_display, compat_props, and hw_version. The only users of those fields were already converted to use QOM and MachineClass directly, so they are not needed anymore. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d644b11657ae047d50d8ea9ce285ecd6dae04ca2 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:18:57 2015 -0300 pc: Remove qemu_register_pc_machine() function The helper is not needed anymore, as the PC machine classes are registered using QOM directly. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 865906f7fdadd2732441ab158787f81f6a212bfe Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:18:56 2015 -0300 pc: Don't use QEMUMachine anymore Now that we have a DEFINE_PC_MACHINE helper macro that just requires an initialization function, it is trivial to convert them to register a QOM machine class directly, instead of using QEMUMachine. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 25519b062c70f2afe2d2f0c262f3838a41e8bc7c Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:18:55 2015 -0300 pc: Move compat_props setting inside *_machine_options() functions This will simplify the DEFINE_PC_MACHINE macro, and will help us to implement reuse of PC_COMPAT_* macros through class_init function reuse, in the future. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fddd179ab962f6f78a8493742e1068d6a620e059 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:18:54 2015 -0300 pc: Convert *_MACHINE_OPTIONS macros into functions By now the new functions will get QEMUMachine as argument, but they will be later converted to initialize a MachineClass struct directly. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 61f219dfb093c0df91926928c780299cdf429619 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:18:53 2015 -0300 pc: Define machines using a DEFINE_PC_MACHINE macro This will automatically generate the existing QEMUMachine structs based on the *_MACHINE_OPTIONS macros, and automatically add registration code for them. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b6b5c8e492ae7b71a16fe702b7409bff0feebfa7 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:18:52 2015 -0300 pc: Define MACHINE_OPTIONS macros consistently for all machines Define a MACHINE_OPTIONS macro for each PC machine, and move every field inside the QEMUMachine structs to the macros, except for name, init, and compat_props. This also ensures that all MACHINE_OPTIONS inherit the fields from the next version, so their definitions carry only the changes that exist between one version and the next one. Comments about specific cases: pc-*-2.1: Existing PC_*_2_1_MACHINE_OPTIONS macros were defined as: PC_*_MACHINE_OPTIONS, .default_machine_opts = "firmware=bios-256k.bin" PC_*_2_2_MACHINE_OPTIONS is: PC_*_2_3_MACHINE_OPTIONS which is expanded to: PC_*_MACHINE_OPTIONS, .default_machine_opts = "firmware=bios-256k.bin", .default_display = "std" The only difference between 2_1 and 2_2 is .default_display, that's why we didn't reuse PC_*_2_2_MACHINE_OPTIONS. The good news is that having multiple initializers for a field is allowed by C99, and the last initializer overrides the previous ones. So we can reuse the 2_2 macro in 2_1 and define PC_*_2_1_MACHINE_OPTIONS as: PC_*_2_2_MACHINE_OPTIONS, .default_display = NULL pc-*-1.7: PC_*_1_7_MACHINE_OPTIONS was defined as: PC_*_MACHINE_OPTIONS PC_*_2_0_MACHINE_OPTIONS is defined as: PC_*_2_1_MACHINE_OPTIONS which is expanded to: PC_*_2_2_MACHINE_OPTIONS, .default_display = NULL which is expanded to: PC_*_2_3_MACHINE_OPTIONS, .default_display = NULL which is expanded to: PC_*_MACHINE_OPTIONS, .default_machine_opts = "firmware=bios-256k.bin", .default_display = "std", .default_display = NULL /* overrides the previous line */ So, the only difference between PC_*_1_7_MACHINE_OPTIONS and PC_*_2_0_MACHINE_OPTIONS is .default_machine_opts (as .default_display is not explicitly set by PC_*_MACHINE_OPTIONS so it is NULL). So we can keep the macro reuse pattern and define PC_*_2_0_MACHINE_OPTIONS as: PC_*_2_0_MACHINE_OPTIONS, .default_machine_opts = NULL pc-*-2.4 (alias and is_default fields): Set alias and is_default fields inside the 2.4 MACHINE_OPTIONS macro, and clear it in the 2.3 macro (that reuses the 2.4 macro). hw_machine: As all the machines older than v1.0 set hw_version explicitly, we can safely move the field to the MACHINE_OPTIONS macros without affecting the other versions that reuse them. init function: Some machines had the init function set inside the MACHINE_OPTIONS macro. Move it to the QEMUMachine declaration, to keep it consistent with the other machines. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit f6d5a0bad276ea97fac4e0efb0f41f54a3f1ac84 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:10 2015 -0300 piix: Define PC_COMPAT_0_10 Move compat_props from pc-0.10 to the macro, to make it consistent with the other machines. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit faf7e4254fa33a13805a34a1ffeeb9dcc0a36a5e Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:09 2015 -0300 piix: Move pc-0.1[23] rombar compat props to PC_COMPAT_0_13 The VGA and vmware-svga rombar compat properties were added by commit 281a26b15b4adcecb8604216738975abd754bea8, but only to pc-0.13 and pc-0.12. This breaks the PC_COMPAT_* nesting pattern we currently follow. The new variables will now be inherited by pc-0.11 and older, but pc-0.11 and pc-0.10 already have PCI.rombar=0 on compat_props, so they shouldn't be affected at all. Cc: Stefan Weil <sw@xxxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d765519bef48bd95f2139314a5354144387523eb Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:08 2015 -0300 piix: Move pc-0.13 virtio-9p-pci compat to PC_COMPAT_0_13 The compat property was added by commit 9dbcca5aa13cb9ab40788ac4c56bc227d94ca920, and the pc-0.12 and older machine-types were not changed because virtio-9p-pci was introduced on QEMU 0.13 (commit 9f10751365b26b13b8a9b67e0e90536ae3d282df). The only problem is that this breaks the PC_COMPAT_* nesting pattern we currently use. So, move the property to PC_COMPAT_0_13. This make pc-0.12 and older inherit it, but that shouldn't be an issue as QEMU 0.12 didn't have virtio-9p-pci. Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Cc: Aneesh Kumar K.V <aneesh.kumar@xxxxxxxxxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d5303df71073da70e0ad29a6dfb304ec7b747f5c Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:07 2015 -0300 piix: Move pc-0.11 drive version compat props to PC_COMPAT_0_11 The current code setting ide-drive.ver and scsi-disk.ver on pc-0.11 breaks the PC_COMPAT_* nesting pattern we currently use. As those variables are overwritten in pc-0.10 too, they can be inherited by pc-0.10 with no side-effects at all. Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit bb08d8829b5bec6af619e4532a397ef12727516c Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:06 2015 -0300 piix: Move pc-0.14 qxl compat properties to PC_COMPAT_0_14 Those properties were introduced by commit 3827cdb1c3aa17a792d1658161195b9d7173c26b. They were not duplicated into pc-0.13 and older because 0.14 was the first QEMU version supporting qxl. The only problem is that this breaks the PC_COMPAT_* nesting pattern we currently use. So, move the properties to PC_COMPAT_0_14. This makes pc-0.13 and older inherit them, but that shouldn't be an issue as QEMU 0.13 didn't support qxl. Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 38ff32c6e6fd966c5adb9cde4d393a8cca9ef093 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:05 2015 -0300 spapr: define SPAPR_COMPAT_2_3 Don't add the pseries-2.3 machine yet, but define the corresponding SPAPR_COMPAT macro to make sure both pseries-2.2 and pseries-2.1 will inherit HW_COMPAT_2_3. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4dfd8eaa19c90087f19b56da5d04d9c468109a65 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:04 2015 -0300 spapr: Use HW_COMPAT_* inside SPAPR_COMPAT_* macros SPAPR_COMPAT_2_1 will need to include both HW_COMPAT_2_2 and HW_COMPAT_2_1, so include HW_COMPAT_2_1 inside SPAPR_COMPAT_2_1 and HW_COMPAT_2_2 inside SPAPR_COMPAT_2_2. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 42134ac9d74799cf2f70257798b72a2988b75d31 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:03 2015 -0300 pc: Define PC_COMPAT_2_[123] macros Once we start adding compat code for pc-2.3, the usage of HW_COMPAT_2_1 in pc-*-2.2 won't be enough, as it also has to include PC_COMPAT_2_3 inside it. To ensure that, define PC_COMPAT_2_3, PC_COMPAT_2_2, and PC_COMPAT_2_1 macros. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1edbde82b809f80b973978886d8232fbf280cb03 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:02 2015 -0300 hw: Define empty HW_COMPAT_2_[23] macros Now we can make everything consistent and define the macros even if they are still empty. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit dd754baf46b6479a02521f671a0b58ffc799810e Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:01 2015 -0300 spapr: Move commas inside SPAPR_COMPAT_* macros Changing the convention to include commas inside the macros will allow macros containing empty lists to be defined and used without compilation errors. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit a7cde24dc2f104c8e5861df0e2938e79264e9d58 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:00 2015 -0300 pc: Move commas inside PC_COMPAT_* macros Changing the convention to include commas inside the macros will allow macros containing empty lists to be defined and used without compilation errors. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit f27086a731bbd0141646702c95f6dc5fce3e8575 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:52:59 2015 -0300 hw: Move commas inside HW_COMPAT_2_1 macro Changing the convention to include commas inside the macros will allow macros containing empty lists to be defined and used without compilation errors. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4974920ab8fc8cf05687f1f764650dbc7c821004 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:52:58 2015 -0300 pc: Replace tab with spaces Coding style change only. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ecfa60e37439c870d08a90a845b061a53aa26f74 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Mon May 11 17:34:07 2015 +0800 hw/s390x/virtio-ccw: use alias property for virtio-balloon-ccw Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 39b87c7b9f8bf3618e0357699d29615e521264d8 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Mon May 11 17:34:06 2015 +0800 hw/virtio/virtio-pci: use alias property for virtio-balloon-pci Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 1190044ea5a1c9a871664c4e2013072e51e56d5a Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Mon May 11 17:34:05 2015 +0800 hw/virtio/virtio-balloon: move adding property to virtio_balloon_instance_init This is in preparation for using alias property in virtio-balloon-pci and virtio-balloon-ccw. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 07e15486faf353260431f10e85185372c5036baa Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Fri May 22 12:15:58 2015 +0200 target-tricore: fix BOL_ST_H_LONGOFF using ld Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Message-Id: <1432289758-6250-4-git-send-email-kbastian@xxxxxxxxxxxxxxxxxxxxx> commit 9bbd4843c052a0a467c7a3363046b0c95c0e5fc0 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Fri May 22 12:15:57 2015 +0200 target-tricore: fix msub32_q producing the wrong overflow bit The inversion of the overflow bit as a special case, which was needed for the madd32_q instructions, does not apply for msub32_q instructions. So remove it. Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Message-Id: <1432289758-6250-3-git-send-email-kbastian@xxxxxxxxxxxxxxxxxxxxx> commit 05b6ca9bbcaede74120050aa8e6684300c09257c Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Fri May 22 12:15:56 2015 +0200 target-tricore: fix OPC2_32_RR_DVINIT_HU having write before use on the result If the argument r1 was the same as the extended result register r3+1, we would overwrite r1 and then use it. Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Message-Id: <1432289758-6250-2-git-send-email-kbastian@xxxxxxxxxxxxxxxxxxxxx> commit 97af820f539efe80b87615a04f9de11ea585f725 Merge: 2cc3bdb 3960c33 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 17:10:57 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150529' into staging target-arm: * Support ACPI for ARMv8 systems using the 'virt' board (and a UEFI boot image, typically) * avoid buffer overrun in some UNPREDICTABLE ldrd/strd cases * further work preparing for 64-bit EL2/EL3 support # gpg: Signature made Fri May 29 12:14:06 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150529: (39 commits) target-arm: Avoid buffer overrun on UNPREDICTABLE ldrd/strd hw/arm/virt: Enable dynamic generation of ACPI v5.1 tables ACPI: split CONFIG_ACPI into 4 pieces hw/arm/virt-acpi-build: Add PCIe controller in ACPI DSDT table hw/acpi/aml-build: Add Unicode macro hw/acpi/aml-build: Add aml_dword_io() term hw/acpi/aml-build: Add aml_create_dword_field() term hw/acpi/aml-build: Add aml_else() term hw/acpi/aml-build: Add aml_lnot() term hw/acpi/aml-build: Add aml_or() term hw/acpi/aml-build: Add ToUUID macro hw/acpi/aml-build: Make aml_buffer() definition consistent with the spec hw/arm/virt-acpi-build: Generate MCFG table hw/arm/virt-acpi-build: Generate RSDP table hw/arm/virt-acpi-build: Generate RSDT table hw/arm/virt-acpi-build: Generate GTDT table hw/arm/virt-acpi-build: Generate MADT table hw/arm/virt-acpi-build: Generate FADT table and update ACPI headers hw/arm/virt-acpi-build: Generation of DSDT table for virt devices hw/acpi/aml-build: Add aml_interrupt() term ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2cc3bdbe2d3908f7a813d1c2d774cc2bf07746cd Merge: 2a90c45 9abe3bd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 15:32:15 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-block-2015-05-29' into staging Block QAPI, monitor, command line patches # gpg: Signature made Fri May 29 12:02:32 2015 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-block-2015-05-29: qapi: add dirty bitmap status Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2a90c454a1b90ace56ed908cd064f2fd483d1231 Merge: 9441aa2 63c67b6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 14:24:35 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-gtk-20150529-1' into staging gtk: add opengl rendering support. small bugfixes for gtk and opengl ui code. # gpg: Signature made Fri May 29 10:44:54 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-gtk-20150529-1: gtk: Replace gdk_cursor_new() gtk: add opengl support, using egl ui: add egl-helpers ui: shader.h protect against double inclusion ui: use libexpoxy Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9abe3bdc45ced367fe034c0fdd7c686212389767 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue May 12 15:53:01 2015 -0400 qapi: add dirty bitmap status Bitmaps can be in a handful of different states with potentially more to come as we tool around with migration and persistence patches. Management applications may need to know why certain bitmaps are unavailable for various commands, e.g. busy in another operation, busy being migrated, etc. Right now, all we offer is BlockDirtyInfo's boolean member 'frozen'. Instead of adding more booleans, replace it by an enumeration member 'status' with values 'active' and 'frozen'. Then add new value 'disabled'. Incompatible change. Fine because the changed part hasn't been released so far. Suggested-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> [Commit message tweaked] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 3960c336ad96c2183549c8bf32bbff93ecda7ea4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:29:00 2015 +0100 target-arm: Avoid buffer overrun on UNPREDICTABLE ldrd/strd A LDRD or STRD where rd is not an even number is UNPREDICTABLE. We were letting this fall through, which is OK unless rd is 15, in which case we would attempt to do a load_reg or store_reg to a nonexistent r16 for the second half of the double-word. Catch the odd-numbered-rd cases and UNDEF them instead. To do this we rearrange the structure of the code a little so we can put the UNDEF catches at the top before we've allocated TCG temporaries. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1431348973-21315-1-git-send-email-peter.maydell@xxxxxxxxxx commit d7c2e2db28eb7e8f2ed7467fa2f2c59026b206d1 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:59 2015 +0100 hw/arm/virt: Enable dynamic generation of ACPI v5.1 tables Initialize VirtGuestInfoState and register a machine_init_done notify to call virt_acpi_build(). Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Message-id: 1432522520-8068-25-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 135a67a692bedb952ea720351026247104da8645 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:59 2015 +0100 ACPI: split CONFIG_ACPI into 4 pieces As core.c, piix4.c, ich9.c and pcihp.c are for x86, add CONFIG_ACPI_X86 to make it only for x86. ARM doesn't support cpu and memory hotplug, add CONFIG_ACPI_CPU_HOTPLUG and CONFIG_ACPI_MEMORY_HOTPLUG to exclude them for target-arm. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1432522520-8068-24-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d4e5de1ae02f6b47eb088531d3d4d047b4db6cfa Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:59 2015 +0100 hw/arm/virt-acpi-build: Add PCIe controller in ACPI DSDT table Add PCIe controller in ACPI DSDT table, so the guest can detect the PCIe. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Message-id: 1432522520-8068-23-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e1f776c434f8f18079b82d8121c166fb53a63451 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:59 2015 +0100 hw/acpi/aml-build: Add Unicode macro Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-22-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 616ef329adbb671be783a1dba96d881b9218ff80 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:58 2015 +0100 hw/acpi/aml-build: Add aml_dword_io() term Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-21-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ed8176a37a8f227e61daddbcf92dc5d1cad45818 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:58 2015 +0100 hw/acpi/aml-build: Add aml_create_dword_field() term Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-20-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 467b07dfae6087381d0993ab910253a6c1850457 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:58 2015 +0100 hw/acpi/aml-build: Add aml_else() term Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-19-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ea7df04a0217fe6314a1520dde1883c45fefcaaa Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:58 2015 +0100 hw/acpi/aml-build: Add aml_lnot() term Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-18-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 922cc8823e484733021a7be5b0e876eba2218623 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:58 2015 +0100 hw/acpi/aml-build: Add aml_or() term Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-17-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b930fb9db4aa07abb8f3871eb7379242edbdf2a5 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:57 2015 +0100 hw/acpi/aml-build: Add ToUUID macro Add ToUUID macro, this is useful for generating PCIe ACPI table. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-16-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ed8b5847e46c24d6e9c286892a00a34bee9b0835 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:57 2015 +0100 hw/acpi/aml-build: Make aml_buffer() definition consistent with the spec According to ACPI spec, DefBuffer can take two parameters: BufferSize and ByteList. Make it consistent with the spec. Uninitialized buffer could be requested by passing ByteList as NULL to reserve space. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-15-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8434488400971c6793893b8c9547bc6b97e076ce Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:57 2015 +0100 hw/arm/virt-acpi-build: Generate MCFG table Generate MCFG table for PCIe controller. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1432522520-8068-14-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d4bec5d876b694f7f13ad3fcfe510ff46e9748d0 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:56 2015 +0100 hw/arm/virt-acpi-build: Generate RSDP table RSDP points to RSDT which in turn points to other tables. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1432522520-8068-13-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 243bdb79fb0b2eda176cdef37700f29068a71d43 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:56 2015 +0100 hw/arm/virt-acpi-build: Generate RSDT table RSDT points to other tables FADT, MADT, GTDT. This code is shared with x86. Here we still use RSDT as UEFI puts ACPI tables below 4G address space, and UEFI ignore the RSDT or XSDT. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1432522520-8068-12-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ee246400c1ceef2014e120b718388d5f4aea8a2a Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:56 2015 +0100 hw/arm/virt-acpi-build: Generate GTDT table ACPI v5.1 defines GTDT for ARM devices as a place to describe timer related information in the system. The Arch Timer interrupts must be provided for GTDT. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1432522520-8068-11-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 982d06c561a62cf7d2a8d31e8a8c107fb3477419 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:56 2015 +0100 hw/arm/virt-acpi-build: Generate MADT table MADT describes GIC enabled ARM platforms. The GICC and GICD subtables are used to define the GIC regions. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1432522520-8068-10-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c2f7c0c306dcd56725b506d3743eed421e6d0994 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:55 2015 +0100 hw/arm/virt-acpi-build: Generate FADT table and update ACPI headers In the case of mach virt, it is used to set the Hardware Reduced bit and enable PSCI SMP booting through HVC. So ignore FACS and FADT points to DSDT. Update the header definitions for FADT taking into account the new additions of ACPI v5.1 in `include/hw/acpi/acpi-defs.h` Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Message-id: 1432522520-8068-9-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dfccd8cfd7c5d1b6740463821d84106bbaced44c Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:55 2015 +0100 hw/arm/virt-acpi-build: Generation of DSDT table for virt devices DSDT consists of the usual common table header plus a definition block in AML encoding which describes all devices in the platform. After initializing DSDT with header information the namespace is created which is followed by the device encodings. The devices are described using the Resource Template for the 32-Bit Fixed Memory Range and the Extended Interrupt Descriptors. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1432522520-8068-8-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 205d1d1c04033b1be4c925e687b6865d1fc1b26b Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:55 2015 +0100 hw/acpi/aml-build: Add aml_interrupt() term Add aml_interrupt() for describing device interrupt in resource template. These can be used to generating DSDT table for ACPI on ARM. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Message-id: 1432522520-8068-7-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dc17ab1de53d37ddcca81b16dfeae839322fbe5a Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:55 2015 +0100 hw/acpi/aml-build: Add aml_memory32_fixed() term Add aml_memory32_fixed() for describing device mmio region in resource template. These can be used to generating DSDT table for ACPI on ARM. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-6-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f5d8c8cd792b3712f85a1f9a3a9a719015691975 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:54 2015 +0100 hw/arm/virt-acpi-build: Basic framework for building ACPI tables on ARM Introduce a preliminary framework in virt-acpi-build.c with the main ACPI build functions. It exposes the generated ACPI contents to guest over fw_cfg. The required ACPI v5.1 tables for ARM are: - RSDP: Initial table that points to XSDT - RSDT: Points to FADT GTDT MADT tables - FADT: Generic information about the machine - GTDT: Generic timer description table - MADT: Multiple APIC description table - DSDT: Holds all information about system devices/peripherals, pointed by FADT Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Message-id: 1432522520-8068-5-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6a1f001be3ea7478cac803d03149cfcfc1fa2094 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:54 2015 +0100 hw/arm/virt: Record PCIe ranges in MemMapEntry array To generate ACPI table for PCIe controller, we need the base and size of the PCIe ranges. Record these ranges in MemMapEntry array, then we could share and use them for generating ACPI table. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Message-id: 1432522520-8068-4-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit afe0b3803f1a5fffe618af5a483d4c9567b5c5b7 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:54 2015 +0100 hw/arm/virt: Move common definitions to virt.h Move some common definitions to virt.h. These will be used by generating ACPI tables. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1432522520-8068-3-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ff80dc7fa8045e2b2531888d965424d2b0e1d1b6 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:54 2015 +0100 hw/acpi/aml-build: Make enum values to be upper case to match coding style Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Message-id: 1432522520-8068-2-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b1eced713d9913a5c58ba9daa795f10e4c856c49 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Fri May 29 11:28:53 2015 +0100 target-arm: Add WFx instruction trap support Add support for trapping WFI and WFE instructions to the proper EL when SCTLR/SCR/HCR settings apply. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> [PMM: removed unnecessary tweaking of syn_wfx() prototype; use raise_exception(); don't trap on WFE (and add comment explaining why not); remove unnecessary ARM_FEATURE checks; trap to EL3, not EL1, if in S-EL0 and SCTLR check fires] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 84549b6dcf9147559ec08b066de673587be6b763 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:28:53 2015 +0100 target-arm: Don't halt on WFI unless we don't have any work Just NOP the WFI instruction if we have work to do. This doesn't make much difference currently (though it does avoid jumping out to the top level loop and immediately restarting), but the distinction between "halt" and "don't halt" will become more important when the decision to halt requires us to trap to a higher exception level instead. Suggested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 647f767ba3b37fb229275086187e96242248a4ac Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:28:53 2015 +0100 target-arm: Move TB flags down to fill gap Deleting the now-unused ARM_TBFLAG_CPACR_FPEN left a gap in the bit usage; move the following ARM_TBFLAG_XSCALE_CPAR and ARM_TBFLAG_NS_SHIFT down 3 bits to fill the gap. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 9dbbc748d671c70599101836cd1c2719d92f3017 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Fri May 29 11:28:53 2015 +0100 target-arm: Extend FP checks to use an EL Extend the ARM disassemble context to take a target exception EL instead of a boolean enable. This change reverses the polarity of the check making a value of 0 indicate floating point enabled (no exception). Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> [PMM: Use a common TB flag field for AArch32 and AArch64; CPTR_EL2 exists in v7; CPTR_EL2 should trap for EL2 accesses; CPTR_EL2 should not trap for secure accesses; CPTR_EL3 should trap for EL3 accesses; CPACR traps for secure accesses should trap to EL3 if EL3 is AArch32] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 3cf6a0fcedd429693d439556543400d5f0e31e1d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:28:52 2015 +0100 target-arm: Make singlestate TB flags common between AArch32/64 Currently we keep the TB flags PSTATE_SS and SS_ACTIVE in different bit positions for AArch64 and AArch32. Replace these separate definitions with a single common flag in the upper part of the flags word. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit c6f191642a4027909813b4e6e288411f8371e951 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Fri May 29 11:28:52 2015 +0100 target-arm: Add AArch64 CPTR registers Adds CPTR_EL2/3 system registers definitions and access function. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> [PMM: merge CPTR_EL2 and HCPTR definitions into a single def using STATE_BOTH; don't use readfn/writefn to implement RAZ/WI registers; don't use accessfn for the no-EL2 CPTR_EL2; fix cpacr_access logic to catch EL2 accesses to CPACR being trapped to EL3; use new CP_ACCESS_TRAP_EL[23] rather than setting exception.target_el directly] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 38836a2cd47c20daaaa84873e3d6020f19e4bfca Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:28:52 2015 +0100 target-arm: Allow cp access functions to indicate traps to EL2 or EL3 Some coprocessor access functions will need to indicate that the instruction should trap to EL2 or EL3 rather than the default target exception level; add corresponding CPAccessResult enum entries and handling code. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 012a906b19e99b126403ff4a257617dab9b34163 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Fri May 29 11:28:51 2015 +0100 target-arm: Update interrupt handling to use target EL Updated the interrupt handling to utilize and report through the target EL exception field. This includes consolidating and cleaning up code where needed. Target EL is now calculated once in arm_cpu_exec_interrupt() and do_interrupt was updated to use the target_el exception field. The necessary code from arm_excp_target_el() was merged in where needed and the function removed. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Acked-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1429722561-12651-4-git-send-email-greg.bellows@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c63285991b371c031147ad620dd7671662a90303 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:28:51 2015 +0100 target-arm: Make raise_exception() take syndrome and target EL Rather than making every caller of raise_exception set the syndrome and target EL by hand, make these arguments to raise_exception() and have that do the job. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 863b6589d738d0b4c8b283297b0ff228f3d3fb14 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:28:51 2015 +0100 target-arm: Set exception target EL in tlb_fill Set the exception target EL for MMU faults in tlb_fill. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 8c6084bf10fe721929ca94cf16acd6687e61d3ec Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:28:51 2015 +0100 target-arm: Move setting of exception info into tlb_fill Move the code which sets exception information out of arm_cpu_handle_mmu_fault and into tlb_fill. tlb_fill is the only caller which wants to raise_exception() so it makes more sense for it to handle the whole of the exception setup. As part of this cleanup, move the user-mode-only implementation function for the handle_mmu_fault CPU method into cpu.c so we don't need to make it globally visible, and rename the softmmu-only utility function arm_cpu_handle_mmu_fault to arm_tlb_fill so it's clear that it's not the same thing. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit f2932df777dace044719dc2f394f5a5a8aa1b1cd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:28:50 2015 +0100 target-arm: Set correct syndrome for faults on MSR DAIF*, imm If the SCTLR.UMA trap bit is set then attempts by EL0 to update the PSTATE DAIF bits via "MSR DAIFSet, imm" and "MSR DAIFClr, imm" instructions will raise an exception. We were failing to set the syndrome information for this exception, which meant that it would be reported as a repeat of whatever the previous exception was. Set the correct syndrome information. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit e3b1d480995f6e2e86ef062038e618c1234dbcf1 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Fri May 29 11:28:50 2015 +0100 target-arm: Extend helpers to route exceptions Updated the various helper routines to set the target EL as needed using a dedicated function. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Acked-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1429722561-12651-3-git-send-email-greg.bellows@xxxxxxxxxx [PMM: Also set target_el in fault cases in access_check_cp_reg()] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 737103619869600668cc7e8700e4f6eab3943896 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Fri May 29 11:28:50 2015 +0100 target-arm: Add exception target el infrastructure Add a CPU state exception target EL field that will be used for communicating the EL to which an exception should be routed. Add a disassembly context field for tracking the EL3 architecture needed for determining the target exception EL. Add a target EL argument to the generic exception helper for callers to specify the EL to which the exception should be routed. Extended the helper to set the newly added CPU state exception target el. Added a function for setting the target exception EL and updated calls to helpers to call it. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Acked-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1429722561-12651-2-git-send-email-greg.bellows@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9441aa282bc3213ef0530cab86f318b877bac25c Merge: ba7c388 55a1d80 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:23:07 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20150529-1' into staging kbd: add support for brazilian keyboard (two extra keys). input: add virtio-input devices. # gpg: Signature made Fri May 29 10:09:02 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-input-20150529-1: virtio-input: emulated devices [device] virtio-input: core code & base class [device] virtio-input: add linux/input.h kbd: add brazil kbd keys to x11 evdev map kbd: add brazil kbd keys to qemu Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 63c67b6d4462b6589b371d55e3740e9f0dba3281 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed May 20 15:35:31 2015 +0200 gtk: Replace gdk_cursor_new() gdk_cursor_new() has been deprecated in GTK 3.16, it is recommended to use gdk_cursor_new_for_display() instead, so do that. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Cole Robinson <crobinso@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 97edf3bd5eab8952d475de66ede77307c12b8c48 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Jan 20 12:43:28 2015 +0100 gtk: add opengl support, using egl This adds opengl rendering support to the gtk ui, using egl. It's off by default for now, use 'qemu -display gtk,gl=on' to play with this. Note that gtk got native opengl support with release 3.16. There most likely will be a separate implementation for 3.16+, using the native gtk opengl support. This patch covers older versions (and for the time being 3.16 too, hopefully without rendering quirks). Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit ba7c388963e099c0d2cedb7f048e30747ffff25d Merge: ce0274f f7a8beb Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 10:17:48 2015 +0100 Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20150529-1' into staging spice: misc fixes. # gpg: Signature made Fri May 29 09:16:29 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/spice/tags/pull-spice-20150529-1: spice: fix spice_chr_add_watch() pre-condition spice: don't update mm_time when spice-server is stopped. spice-char: notify the server when chardev is writable virtio-console: notify chardev when writable Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7ced9e9f6da2257224591b91727cfeee4f3977fb Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Jan 6 15:40:00 2015 +0100 ui: add egl-helpers Add helper functions to initialize OpenGL using egl. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 896e1a050a0d333b1f0ec0768cc64e26c5d0d104 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Mon May 11 12:25:23 2015 +0200 ui: shader.h protect against double inclusion Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit dcf30025c3e3d43140a687240433de1920adf8b0 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Mon May 11 12:24:43 2015 +0200 ui: use libexpoxy libepoxy does the opengl extension handling for us. It also is helpful for trouble-shooting as it prints nice error messages instead of silently failing or segfaulting in case we do something wrong, like using gl commands not supported by the current context. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 55a1d80a41032d6133adec041c0096820beaa1b7 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Apr 1 10:06:29 2014 +0200 virtio-input: emulated devices [device] This patch adds the virtio-input-hid base class and virtio-{keyboard,mouse,tablet} subclasses building on the base class. They are hooked up to the qemu input core and deliver input events to the guest like all other hid devices (ps/2 kbd, usb tablet, ...). Using them is as simple as adding "-device virtio-tablet-device" to your command line, for use all transports except pci. virtio-pci support comes as separate patch, once virtio-pci got virtio 1.0 support. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f73ddbad397f98c1d476ffbf93d65af1cfa796e6 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Mar 14 14:39:20 2014 +0100 virtio-input: core code & base class [device] This patch adds virtio-input support to qemu. It brings a abstract base class providing core support, other classes can build on it to actually implement input devices. virtio-input basically sends linux input layer events (evdev) over virtio. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2fe7c31832a345cdc34314cdcd5478d06b884842 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Mar 19 11:55:24 2015 +0100 virtio-input: add linux/input.h Linux input layer (evdev) header file. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 33aa30cafcce053b833f9fe09fbb88e2f54b93aa Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue May 26 13:12:54 2015 +0200 kbd: add brazil kbd keys to x11 evdev map This patch adds the two extra brazilian keys to the evdev keymap for X11. This patch gets the two keys going with the vnc, gtk and sdl1 UIs. The SDL2 library complains it doesn't know these keys, so the SDL2 library must be fixed before we can update ui/sdl2-keymap.h Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b771f470f3e2f99f585eaae68147f0c849fd1f8d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue May 26 10:39:10 2015 +0200 kbd: add brazil kbd keys to qemu The brazilian computer keyboard layout has two extra keys (compared to the usual 105-key intl ps/2 keyboard). This patch makes these two keys known to qemu. For historic reasons qemu has two ways to specify a key: A QKeyCode (name-based) or a number (ps/2 scancode based). Therefore we have to update multiple places to make new keys known to qemu: (1) The QKeyCode definition in qapi-schema.json (2) The QKeyCode <-> number mapping table in ui/input-keymap.c This patch does just that. With this patch applied you can send those two keys to the guest using the send-key monitor command. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f7a8beb5e6a13dc924895244777d9ef08b23b367 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Date: Thu May 28 15:04:58 2015 +0200 spice: fix spice_chr_add_watch() pre-condition Since e02bc6de30c44fd668dc0d6e1cd1804f2eed3ed3, add_watch() is called with G_IO_HUP. Even if spice-qemu-char ignores this flag, the precondition must be changed. https://bugzilla.redhat.com/show_bug.cgi?id=1128992 Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 641381c1fcd66ea8de07ecfcd733089da26cbba9 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue May 12 11:54:34 2015 +0200 spice: don't update mm_time when spice-server is stopped. Skip mm_time updates (in qxl device memory) in case the guest is stopped. Guest isn't able to look anyway, and it causes problems with migration. Also make sure the initial state for spice server is stopped. Reported-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e95e203c085b7731746e39c9b9f8bd2f6eaa0cd6 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Date: Tue May 5 16:58:56 2015 +0200 spice-char: notify the server when chardev is writable The spice server is polling on write, unless SPICE_CHAR_DEVICE_NOTIFY_WRITABLE flag is set. In this case, qemu must call spice_server_char_device_wakeup() when the frontend is writable. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 246ca55faff625f4c15e21f3424781e215a254ea Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Date: Tue May 5 16:58:55 2015 +0200 virtio-console: notify chardev when writable When the virtio serial is writable, notify the chardev backend with qemu_chr_accept_input(). Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit ce0274f730eacbd24c706523ddbbabb6b95d0659 Author: Fabien Chouteau <chouteau@xxxxxxxxxxx> Date: Sat Feb 7 09:38:45 2015 +0100 Revert "gdbstub: Do not kill target in system emulation mode" The requirements described in this patch are implemented by "Add GDB qAttached support". This reverts commit 00e94dbc7fd0110b0555d59592b004333adfb4b8. Signed-off-by: Fabien Chouteau <chouteau@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a3919386eab91b56e40fb4faead980f57a664b2e Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Sat Feb 7 09:38:44 2015 +0100 Add GDB qAttached support With this patch QEMU handles qAttached request from gdb. When QEMU replies 1, GDB sends a "detach" command at the end of a debugging session otherwise GDB sends "kill". The default value for qAttached is 1 on system emulation and 0 on user emulation. Based on original version by Fabien Chouteau. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4dabe747af0a6bd66a86c2c7879f1882bec43c33 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Sat Feb 7 09:38:43 2015 +0100 gdbstub: Introduce an is is_query_packet helper This helper supports parsing of query packets with optional extensions. The separator can be specified so that we can use it already for both qqemu.sstep[=] and qSupported[:feature]. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 070949f39ee96bd16654e6623ab4ff627d918ba6 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Sat Feb 7 09:38:42 2015 +0100 gdbstub: Fix qOffsets packet detection qOffsets has no additional optional parameters. So match the complete string to avoid stumbling over possible future commands with identical prefix. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a84904737277c2f07c8fbcb69db27451d844f12b Merge: bc3004f 46ca6b3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu May 28 14:57:34 2015 +0100 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20150528' into staging A set of patches add support for vector registers on s390x. Notable: Floating point registers and vector registers overlap, so extra care is needed so that we end up with a consistent state in all cases. # gpg: Signature made Thu May 28 09:37:27 2015 BST using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20150528: s390x: Enable vector processing capability s390x: Migrate vector registers s390x: Add vector registers to ELF dump linux/elf.h update s390x: Add vector registers to HMP output s390x: gdb updates for vector registers gdb-xml: Include XML for s390 vector registers s390x: Store Additional Status SIGP order s390x: Vector Register IOCTLs s390x: Common access to floating point registers Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bc3004f0bb28d36b97eea5ff48922d16b4df7a1f Merge: 0915aed 2bc22a5 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu May 28 11:03:02 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Wed May 27 11:02:55 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: net/net: Record usage status of mac address tap: Improve -netdev/netdev_add/-net/... tap error reporting tap: Finish conversion of tap_open() to Error tap-solaris: Convert tap_open() to Error tap-bsd: Convert tap_open() to Error tap-linux: Convert tap_open() to Error tap: Permit incremental conversion of tap_open() to Error tap: Convert launch_script() to Error tap: Convert net_init_tap_one() to Error tap: Convert tap_set_sndbuf() to Error tap: Improve -netdev/netdev_add/-net/... bridge error reporting tap: net_tap_fd_init() can't fail, drop dead error handling net/dump: Improve -net/host_net_add dump error reporting net: Improve -net nic error reporting net: Permit incremental conversion of init functions to Error net: Improve error message for -net hubport a bit net: Change help text to list -netdev instead of -net by default Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 46ca6b3bc99ebf9205e28ed14c023ebf84d39bb7 Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Thu Oct 30 09:23:06 2014 -0400 s390x: Enable vector processing capability Everything is finally in place, inform the kernel that user space supports vector registers. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit b2ac0ff5d9478907cfd5b204c9179f77d0cb943f Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 10:52:16 2015 -0400 s390x: Migrate vector registers When migrating a guest, be sure to include the vector registers. The vector registers are defined in a subsection, similar to the existing subsection for floating point registers. Since the floating point registers are always present (and thus migrated), we can skip them when performing the migration of the vector registers which may or may not be present. Suggested-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 3ceeb2930faf1116ee4bb22c8a7794bb2337e8a9 Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Thu May 29 14:54:26 2014 -0400 s390x: Add vector registers to ELF dump Create ELF notes for the vector registers where applicable, so that their contents can be examined by utilities such as crash or readelf. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit eeef559ab4a80753b7bf31728780692a3a4e3ec1 Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 12 14:22:55 2014 -0500 linux/elf.h update Sync with kernel elf.h updates to get s390x vector register definitions. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 56c42271495fc5f6c5bd70c4309a74b425c5cbda Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Thu May 29 13:50:37 2014 -0400 s390x: Add vector registers to HMP output There are mechanisms to dump registers via the qemu HMP interface, such as the "info registers" command. Expand this output to dump the new vector registers. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit ca343c7a84fbe457dd442d26d5a01f31e8a8d308 Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Tue Jun 3 08:42:18 2014 -0400 s390x: gdb updates for vector registers gdb allows registers to be displayed/modified, and is being updated to account for the new vector registers. Mirror these changes in the gdb stub in qemu so that this can be performed when gdb is attached to the qemu gdbserver. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 773d4ebc9a31a5e0efbaf83f76715ab40c355384 Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Tue Nov 18 17:03:02 2014 -0500 gdb-xml: Include XML for s390 vector registers Include the vector registers XML file that is provided by gdb, and can be used by the qemu gdbserver interface. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit abec53565dce5ed56bff4968d3bed88f6cf68c3c Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Wed Jan 14 09:57:16 2015 -0500 s390x: Store Additional Status SIGP order Add handling for the Store Additional Status at Address order that exists for the Signal Processor (SIGP) instruction. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit fcb79802e07fe06fe24ba97a027d8a1c3a714fa7 Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Mon Aug 18 15:33:39 2014 -0400 s390x: Vector Register IOCTLs Handle the actual syncing of the vector registers with kernel space, via the get/put register IOCTLs. The vector registers that were introduced with the z13 overlay the existing floating point registers. FP registers 0-15 are the high-halves of vector registers 0-15. Thus, remove the freg fields and replace them with the equivalent vector field to avoid errors in duplication. Moreover, synchronize either the vector registers via kvm_sync_regs, or floating point registers via the GET/SET FPU IOCTLs. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit c498d8e36e2998fb67de21a34ece633d356a4834 Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 14:35:44 2015 -0400 s390x: Common access to floating point registers Provide a routine to access the correct floating point register, to simplify future expansion. Suggested-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 2bc22a58e16f0650e56dccfac9495e5aef58e2ef Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Thu May 21 17:44:48 2015 +0800 net/net: Record usage status of mac address Currently QEMU dynamically generates mac address for the NIC which doesn't specify the mac address. But when we hotplug a NIC without specifying mac address, the mac address will increase for the same NIC along with hotplug and hot-unplug, and at last it will overflow. And if we codeplug one NIC with mac address e.g. "52:54:00:12:34:56", then hotplug one NIC without specifying mac address and the mac address of the hotplugged NIC is duplicate of "52:54:00:12:34:56". This patch add a mac_table to record the usage status and free the mac address when the NIC is unrealized. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a308817743be5cc051d3379477f54027deb0befb Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:59:03 2015 +0200 tap: Improve -netdev/netdev_add/-net/... tap error reporting When -netdev tap fails, it first reports a specific error, then a generic one, like this: $ qemu-system-x86_64 -netdev tap,id=foo qemu-system-x86_64: -netdev tap,id=foo: could not configure /dev/net/tun: Operation not permitted qemu-system-x86_64: -netdev tap,id=foo: Device 'tap' could not be initialized With the command line, the messages go to stderr. In HMP, they go to the monitor. In QMP, the second one becomes the error reply, and the first one goes to stderr. Convert net_init_tap() to Error. This suppresses the unwanted second message, and makes the specific error the QMP error reply. [Dropped duplicate "and" from error message as suggested by Eric Blake: "ifname=, script=, downscript=, and vnet_hdr=, " "queues=, and vhostfds= are invalid with helper=" --Stefan] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-16-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 95c35a74fea51e307f6a3967e465a22776056b7e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:59:02 2015 +0200 tap: Finish conversion of tap_open() to Error Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-15-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 576c6eb6700d241c9d4a6883d25720c7bbaaeccd Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:59:01 2015 +0200 tap-solaris: Convert tap_open() to Error Fixes inappropriate use of syslog(). Not fixed: leaks on error paths, suspicious non-fatal errors. FIXMEs added instead. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-14-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 4bce487e14bf8949a91883a3213c2b7fa9d668bc Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:59:00 2015 +0200 tap-bsd: Convert tap_open() to Error Fixes inappropriate use of stderr in monitor command handler. While there, improve some of the messages a bit. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-13-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 47896e2fd3dd80685434b320cb0e10164995e31c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:59 2015 +0200 tap-linux: Convert tap_open() to Error Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-12-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 468dd82408e950d48def28f87e4cffabfd592ace Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:58 2015 +0200 tap: Permit incremental conversion of tap_open() to Error Convert the trivial ones immediately: tap-aix and tap-haiku. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-11-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit ac4fcf5639f44f7d863a35eaa2ad07ff31aabc01 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:57 2015 +0200 tap: Convert launch_script() to Error Fixes inappropriate use of stderr in monitor command handler. While there, improve the messages some. [Fixed Error **err -> Error *err local variable that broke the build. --Stefan] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-10-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 445f116cabe0c4435590244741ac3d0b8f08d91d Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:56 2015 +0200 tap: Convert net_init_tap_one() to Error [Dropped %s from "tap: open vhost char device failed: %s" since error_setg_errno() already prints a human-readable error string and there is no format string argument. --Stefan] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-9-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 80b832c300c2fc39c68e0ab095d408cb9199cfa0 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:55 2015 +0200 tap: Convert tap_set_sndbuf() to Error Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-8-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a8a21be9855e0bb0947a7325d0d1741a8814f21e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:54 2015 +0200 tap: Improve -netdev/netdev_add/-net/... bridge error reporting When -netdev bridge fails, it first reports a specific error, then a generic one, like this: $ qemu-system-x86_64 -netdev bridge,id=foo failed to launch bridge helper qemu-system-x86_64: -netdev bridge,id=foo: Device 'bridge' could not be initialized The first message goes to stderr. Wrong for HMP, because errors need to go to the monitor there. The second message goes to stderr for -netdev, to the monitor for HMP netdev_add, and becomes the error reply for QMP netdev_add. Convert net_bridge_run_helper() to Error, and propagate its errors through net_init_bridge(). This ensures the error gets reported where the user is, and suppresses the unwanted second message. While there, improve the error messages a bit. The above example becomes: $ qemu-system-x86_64 -netdev bridge,id=foo qemu-system-x86_64: -netdev bridge,id=foo: bridge helper failed net_init_tap() also uses net_bridge_run_helper(). Propagate its errors there as well. Improves reporting these errors with -netdev tap & friends. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-7-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit da4a4eac26381c7fce3f147f3c8a7e7bb483be1e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:53 2015 +0200 tap: net_tap_fd_init() can't fail, drop dead error handling Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-6-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 3791f83ca999edc2d11eb2006ccc1091cd712c15 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:52 2015 +0200 net/dump: Improve -net/host_net_add dump error reporting When -net dump fails, it first reports a specific error, then a generic one, like this: $ qemu-system-x86_64 -net dump,id=foo,file=/eperm qemu-system-x86_64: -net dump,id=foo,file=/eperm: -net dump: can't open /eperm qemu-system-x86_64: -net dump,id=foo,file=/eperm: Device 'dump' could not be initialized Convert net_init_tap() to Error. This suppresses the unwanted second message. Improve the error messages to include strerror(errno) where appropriate. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-5-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6630886863d4a9b3b7bcb3b0e2895d83eb269c75 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:51 2015 +0200 net: Improve -net nic error reporting When -net nic fails, it first reports a specific error, then a generic one, like this: $ qemu-system-x86_64 -net nic,netdev=nonexistent qemu-system-x86_64: -net nic,netdev=nonexistent: netdev 'nonexistent' not found qemu-system-x86_64: -net nic,netdev=nonexistent: Device 'nic' could not be initialized Convert net_init_nic() to Error to get rid of the unwanted second error message. While there, tidy up an Overcapitalized Error Message. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-4-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a30ecde6e795682d1473c45acae66a60a76fca2f Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:50 2015 +0200 net: Permit incremental conversion of init functions to Error Error reporting for netdev_add is broken: the net_client_init_fun[] report the actual errors with (at best) error_report(), and their caller net_client_init1() makes up a generic error on top. For command line and HMP, this produces an mildly ugly error cascade. In QMP, the actual errors go to stderr, and the generic error becomes the command's error reply. To fix this, we need to convert the net_client_init_fun[] to Error. To permit fixing them one by one, add an Error ** parameter to the net_client_init_fun[]. If the call fails without returning an Error, make up the same generic Error as before. But if it returns one, use that instead. Since none of them does so far, no functional change. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-3-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit ca7eb1848bb06d9b75784d7760b83c7b0beb1102 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:49 2015 +0200 net: Improve error message for -net hubport a bit Type "hubport" is valid only with -netdev. Unfortunately, that's detected late and the error message doesn't explain why: $ qemu-system-i386 -net hubport,id=foo,hubid=0 qemu-system-i386: -net hubport,id=foo,hubid=0: Device 'hubport' could not be initialized Improve the error message to "Parameter 'type' expects a net type". Not fixed: -net hubport without the parameters required by -netdev hubport still asks for those parameters: $ qemu-system-i386 -net hubport qemu-system-i386: -net hubport: Parameter 'hubid' is missing Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-2-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6a8b4a5be21ad4941c8a6a5db1d355a522aea2fb Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Fri May 15 16:58:24 2015 +0200 net: Change help text to list -netdev instead of -net by default Looking at the output of "qemu-system-xxx -help", you easily get the impression that "-net" is the preferred way instead of "-netdev" to specify host network interface, since the "-net" option is omnipresent but the "-netdev" option is only listed as a one-liner at the end. This is ugly since "-net" is considered as legacy and even might be removed one day. Thus, this patch switches the output to explain the host network interfaces with the "-netdev" option instead, moving the old "-net" option into some few lines at the end. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Message-id: 1431701904-12230-1-git-send-email-thuth@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 0915aed5842bd4dbe396b92d4f3b846ae29ad663 Merge: 0d2ed60 cd6cb73 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 26 11:31:03 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Fri May 22 20:58:44 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/ide-pull-request: ahci: do not remap clb/fis unconditionally macio: move unaligned DMA write code into separate pmac_dma_write() function macio: move unaligned DMA read code into separate pmac_dma_read() function qtest: pre-buffer hex nibs libqos/ahci: Swap memread/write with bufread/write qtest: add memset to qtest protocol qtest: Add base64 encoded read/write qtest: allow arbitrarily long sends qtest/ahci: add migrate halted dma test qtest/ahci: add halted dma test qtest/ahci: add flush migrate test qtest/ahci: add migrate dma test qtest/ahci: Add migration test ich9/ahci: Enable Migration libqos: Add migration helpers libqos/ahci: Fix sector set method libqos/ahci: Add halted command helpers glib: remove stale compat functions configure: require glib 2.22 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cd6cb73beb63e5fa62ca8ed540b9d54063b15c44 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:44 2015 -0400 ahci: do not remap clb/fis unconditionally This continues the IOMMU fix from 2.3, where we should not attempt to remap the CLB or FIS RX buffers if the AHCI device is currently running. The same applies to migration: keep our mitts off these registers unless the device is supposed to be on. Does not impact backwards compatibility for the AHCI device. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1431470173-30847-2-git-send-email-jsnow@xxxxxxxxxx commit bd4214fc92090694aefa17882815c6109f0fd70c Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Fri May 22 14:13:44 2015 -0400 macio: move unaligned DMA write code into separate pmac_dma_write() function Similarly switch the macio IDE routines over to use the new function and tidy-up the remaining code as required. [Maintainer edit: printf format codes adjusted for 32/64bit. --js] Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Acked-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1425939893-14404-3-git-send-email-mark.cave-ayland@xxxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 4827ac1e8f8306b24e61b44ea1f2082ea08099bb Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Fri May 22 14:13:44 2015 -0400 macio: move unaligned DMA read code into separate pmac_dma_read() function This considerably helps simplify the complexity of the macio read routines and by switching macio CDROM accesses to use the new code, fixes the issue with the CDROM device being detected intermittently by Darwin/OS X. [Maintainer edit: printf format codes adjusted for 32/64bit. --js] Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxxx> Acked-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1425939893-14404-2-git-send-email-mark.cave-ayland@xxxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 5560b85a31e6f15a8841b66620d9497943094ee4 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:44 2015 -0400 qtest: pre-buffer hex nibs Instead of converting each byte one-at-a-time and then sending each byte over the wire, use sprintf() to pre-compute all of the hex nibs into a single buffer, then send the entire buffer all at once. This gives a moderate speed boost to memread() and memwrite() functions. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-id: 1431021095-7558-2-git-send-email-jsnow@xxxxxxxxxx commit 91d0374a7ffbd6a9cd0ba159c9160d9f26220cf5 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:44 2015 -0400 libqos/ahci: Swap memread/write with bufread/write Where it makes sense, use the new faster primitives. For generally small reads/writes such as for the PRDT and FIS packets, stick with the more wasteful but easier to debug memread/memwrite. For ahci-test (before migration tests): With this patch: real 0m3.675s user 0m2.582s sys 0m1.718s Without any qtest protocol improvements: real 0m14.171s user 0m12.072s sys 0m12.527s Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1430864578-22072-6-git-send-email-jsnow@xxxxxxxxxx commit 4d00796364ec4edab86b08abc38fd644d5e3c0ad Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:44 2015 -0400 qtest: add memset to qtest protocol Previously, memset was just a frontend to write() and only stupidly sent the pattern many times across the wire. Let's not discuss who stupidly wrote it like that in the first place. (Hint: It was me.) Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1430864578-22072-4-git-send-email-jsnow@xxxxxxxxxx commit 7a6a740d8dcc02f5693315d7935b5de9b963bb96 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:44 2015 -0400 qtest: Add base64 encoded read/write For larger pieces of data that won't need to be debugged and viewing the hex nibbles is unlikely to be useful, we can encode data using base64 instead of encoding each byte as %02x, which leads to some space savings and faster reads/writes. For now, the default is left as hex nibbles in memwrite() and memread(). For the purposes of making qtest io easier to read and debug, some callers may want to specify using the old encoding format for small patches of data where the savings from base64 wouldn't be that profound. memwrite/memread use a data encoding that takes 2x the size of the original buffer, but base64 uses "only" (4/3)x, so for larger buffers we can save a decent amount of time and space. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1430864578-22072-3-git-send-email-jsnow@xxxxxxxxxx commit 332cc7e9b39ddb2feacb4c71dcd18c3e5b0c3147 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:43 2015 -0400 qtest: allow arbitrarily long sends qtest currently has a static buffer of size 1024 that if we overflow, ignores the additional data silently which leads to hangs or stream failures. Use glib's string facilities to allow arbitrarily long data, but split this off into a new function, qtest_sendf. Static data can still be sent using qtest_send, which avoids the malloc/copy overhead. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1430864578-22072-2-git-send-email-jsnow@xxxxxxxxxx commit 5d1cf0917b4f1282ac81bb72697713d14c98a876 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:43 2015 -0400 qtest/ahci: add migrate halted dma test Test migrating a halted DMA transaction. Resume, then test data integrity. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-10-git-send-email-jsnow@xxxxxxxxxx commit 189d1b6126625212fbb50ed3a30a3e9e7ba7ca37 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:43 2015 -0400 qtest/ahci: add halted dma test If we're going to test the migration of halted DMA jobs, we should probably check to make sure we can resume them locally as a first step. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-9-git-send-email-jsnow@xxxxxxxxxx commit a606ce50c29561b567995ab663cbb40067623e82 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:43 2015 -0400 qtest/ahci: add flush migrate test Use blkdebug to inject an error on first flush, then attempt to flush on the first guest. When the error halts the VM, migrate to the second VM, and attempt to resume the command. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-8-git-send-email-jsnow@xxxxxxxxxx commit 88e21f9485f0a41603f0af3483ff3f11c95979ab Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:43 2015 -0400 qtest/ahci: add migrate dma test Write to one guest, migrate, and then read from the other. adjust ahci_io to clear any buffers it creates, so that we can use ahci_io safely on both guests knowing we are using empty buffers and not accidentally re-using data. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-7-git-send-email-jsnow@xxxxxxxxxx commit 278128ab06c36341edb2c8b0bfcfd92760f4db52 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:43 2015 -0400 qtest/ahci: Add migration test Notes: * The migration is performed on QOSState objects. * The migration is performed in such a way that it does not assume consistency between the allocators attached to each. That is to say, you can use each QOSState object completely independently and then at an arbitrary point decide to migrate, and the destination object will now be consistent with the memory within the source guest. The source object that was migrated from will have a completely blank allocator. ahci-test.c: - verify_state is added - ahci_migrate is added as a frontend to migrate - test_migrate_sanity test case is added. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-6-git-send-email-jsnow@xxxxxxxxxx commit 04329029a8c539eb5f75dcb6d8b016f0c53a031a Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:43 2015 -0400 ich9/ahci: Enable Migration Lift the flag preventing the migration of the ICH9/AHCI devices. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-5-git-send-email-jsnow@xxxxxxxxxx commit 085248ae87704f1c1e4e1f929f58beca3ba294a2 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:43 2015 -0400 libqos: Add migration helpers libqos.c: -set_context for addressing which commands go where -migrate performs the actual migration malloc.c: - Structure of the allocator is adjusted slightly with a second-tier malloc to make swapping around the allocators easy when we "migrate" the lists from the source to the destination. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-4-git-send-email-jsnow@xxxxxxxxxx commit 455e861cc625891baacf74e66c31a914883b80ca Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:42 2015 -0400 libqos/ahci: Fix sector set method || probably does not mean the same thing as |. Additionally, allow users to submit a prd_size of 0 to indicate that they'd like to continue using the default. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-3-git-send-email-jsnow@xxxxxxxxxx commit 008b6e123ff2ee421112768e838b0b44bc7f6c45 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:42 2015 -0400 libqos/ahci: Add halted command helpers Sometimes we want a command to halt the VM instead of complete successfully, so it'd be nice to let the libqos/ahci functions cope with such scenarios. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-2-git-send-email-jsnow@xxxxxxxxxx commit 62754b157156c2cd26a00ce534aeec9e74619d95 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:42 2015 -0400 glib: remove stale compat functions Since we're bumping the version to 2.22+, remove the now-stale compat functions. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1431469140-22208-2-git-send-email-jsnow@xxxxxxxxxx commit f40685c62b802c8c3f5c914e8d357dd5c4d4f9cc Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:42 2015 -0400 configure: require glib 2.22 This provides g_ptr_array_new_with_free_func, as well as a few other functions that we've been hacking around in glib-compat.h. Cleaning up the compatibility headers will come later. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1431469140-22208-2-git-send-email-jsnow@xxxxxxxxxx commit 0d2ed6039cf86fe3a78671e32b5e3eb17d725762 Merge: bb2fa17 4120201 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 22 17:20:09 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer core and image format patches # gpg: Signature made Fri May 22 16:21:03 2015 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: (22 commits) MAINTAINERS: Split "Block QAPI, monitor, command line" off core MAINTAINERS: Add header files to Block Layer Core section tests: add test case for encrypted qcow2 read/write qemu-io: prompt for encryption keys when required util: allow \n to terminate password input util: move read_password method out of qemu-img into osdep/oslib qcow2/qcow: protect against uninitialized encryption key qemu-iotests: Make debugging python tests easier qemu-iotests: qemu-img info on afl VMDK image with a huge capacity block: Detect multiplication overflow in bdrv_getlength qemu-io: Use getopt() correctly qcow2: style fixes in qcow2-cache.c qcow2: make qcow2_cache_put() a void function qcow2: use a hash to look for entries in the L2 cache qcow2: remove qcow2_cache_find_entry_to_replace() qcow2: use an LRU algorithm to replace entries from the L2 cache qcow2: simplify qcow2_cache_put() and qcow2_cache_entry_mark_dirty() qcow2: use one single memory block for the L2/refcount cache tables vmdk: Fix overflow if l1_size is 0x20000000 vmdk: Fix next_cluster_sector for compressed write ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bb2fa17f182ee0b45b53474f76679944fc891f04 Merge: 8b6db32 9371557 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 22 16:22:42 2015 +0100 Merge remote-tracking branch 'remotes/bkoppelmann/tags/pull-tricore-20150522' into staging TriCore v1.6.1 ISA and missing v1.6 instructions # gpg: Signature made Fri May 22 16:02:45 2015 BST using RSA key ID 6B69CA14 # gpg: Good signature from "Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx>" * remotes/bkoppelmann/tags/pull-tricore-20150522: target-tricore: add RR_DIV and RR_DIV_U instructions of the v1.6 ISA target-tricore: add FRET instructions of the v1.6 ISA target-tricore: add FCALL instructions of the v1.6 ISA target-tricore: add SYS_RESTORE instruction of the v1.6 ISA target-tricore: add RR_CRC32 instruction of the v1.6.1 ISA target-tricore: add SWAPMSK instructions of the v1.6.1 ISA target-tricore: add CMPSWP instructions of the v1.6.1 ISA target-tricore: Add SRC_MOV_E instruction of the v1.6 ISA target-tricore: introduce ISA v1.6.1 feature target-tricore: Add ISA v1.3.1 cpu and fix tc1796 to using v1.3 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4120201d2fcfc24404fe6eb6b761b66bc35bca16 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed May 20 13:23:46 2015 +0200 MAINTAINERS: Split "Block QAPI, monitor, command line" off core Kevin and Stefan asked me to take care of this part. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4c346e0bb9300afe3036560c21baa7fdfb253d9b Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed May 20 12:03:17 2015 +0200 MAINTAINERS: Add header files to Block Layer Core section Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit f7ac119cfac735b24412db8d53b9be13e5ff23b0 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue May 12 17:09:22 2015 +0100 tests: add test case for encrypted qcow2 read/write Add a simple test case for qemu-iotests that covers read/write with encrypted qcow2 files. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8caf02127e92939fff39b63a7ff1a5834d320191 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue May 12 17:09:21 2015 +0100 qemu-io: prompt for encryption keys when required The qemu-io tool does not check if the image is encrypted so historically would silently corrupt the sectors by writing plain text data into them instead of cipher text. The earlier commit turns this mistake into a fatal abort, so check for encryption and prompt for key when required. This enables us to add unit tests to ensure we don't break the ability of qemu-img to convert existing encrypted qcow2 files into a non-encrypted format. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 6a11d5183fb7564a3d32007b46846312fd61a1c5 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue May 12 17:09:20 2015 +0100 util: allow \n to terminate password input The qemu_read_password() method looks for \r to terminate the reading of the a password. This is what will be seen when reading the password from a TTY. When scripting though, it is useful to be able to send the password via a pipe, in which case we must look for \n to terminate password input. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d57e4e482e3997b1382625c84149ad0b69155fc0 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue May 12 17:09:19 2015 +0100 util: move read_password method out of qemu-img into osdep/oslib The qemu-img.c file has a read_password() method impl that is used to prompt for passwords on the console, with impls for POSIX and Windows. This will be needed by qemu-io.c too, so move it into the QEMU osdep/oslib files where it can be shared without code duplication Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8336aafae1451d54c81dd2b187b45f7c45d2428e Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue May 12 17:09:18 2015 +0100 qcow2/qcow: protect against uninitialized encryption key When a qcow[2] file is opened, if the header reports an encryption method, this is used to set the 'crypt_method_header' field on the BDRVQcow[2]State struct, and the 'encrypted' flag in the BDRVState struct. When doing I/O operations, the 'crypt_method' field on the BDRVQcow[2]State struct is checked to determine if encryption needs to be applied. The crypt_method_header value is copied into crypt_method when the bdrv_set_key() method is called. The QEMU code which opens a block device is expected to always do a check if (bdrv_is_encrypted(bs)) { bdrv_set_key(bs, ....key...); } If code forgets to do this, then 'crypt_method' is never set and so when I/O is performed, QEMU writes plain text data into a sector which is expected to contain cipher text, or when reading, will return cipher text instead of plain text. Change the qcow[2] code to consult bs->encrypted when deciding whether encryption is required, and assert(s->crypt_method) to protect against cases where the caller forgets to set the encryption key. Also put an assert in the set_key methods to protect against the case where the caller sets an encryption key on a block device that does not have encryption Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit aa4f592a1dd9aea5f5c36f6ff4b22b5bd208162a Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon May 18 09:39:12 2015 +0800 qemu-iotests: Make debugging python tests easier Adding "-d" option. The output goes to "tee" so it appears in your console. Also, raise the verbosity of unnitest runner. When testing a topic branch, it's possible that a bug introduced by a code change makes the python test case hang, with debug output, it is much easier to locate the problem. This can also be helpful if you want to watch the progress of a python test, it offers you a way to sense the speed of each test case method you're writing. Note: because there is no easy way to get *both* the verbose output and the output expected by ./check comparison, the case would always fail with an "output mismatch". The sole purpose of using this option is giving developers a quick way to debug when things go wrong. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b93bbf4ee9035ae077679482305d5beb38df4d7d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri May 15 16:36:06 2015 +0800 qemu-iotests: qemu-img info on afl VMDK image with a huge capacity The image is contributed by Richard W.M. Jones. Cc: Richard W.M. Jones <rjones@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4a9c9ea0d318bec2f67848c5ceaf4ad5bcb91d09 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri May 15 16:36:05 2015 +0800 block: Detect multiplication overflow in bdrv_getlength Bogus image may have a large total_sectors that will overflow the multiplication. For cleanness, fix the return code so the error message will be meaningful. Reported-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b062ad86dcd33ab39be5060b0655d8e13834b167 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue May 12 09:10:56 2015 -0600 qemu-io: Use getopt() correctly POSIX says getopt() returns -1 on completion. While Linux happens to define EOF as -1, this definition is not required by POSIX, and there may be platforms where checking for EOF instead of -1 would lead to an infinite loop. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d1b4efe5c4088fd2289e39b95bbdf73b3dcb7432 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon May 11 15:54:59 2015 +0300 qcow2: style fixes in qcow2-cache.c Fix pointer declaration to make it consistent with the rest of the code. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a3f1afb43a09e4577571c044c48f2ba9e6e4ad06 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon May 11 15:54:58 2015 +0300 qcow2: make qcow2_cache_put() a void function This function never receives an invalid table pointer, so we can make it void and remove all the error checking code. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 812e4082cae73e12fd425cace4fd3a715a7c1d32 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon May 11 15:54:57 2015 +0300 qcow2: use a hash to look for entries in the L2 cache The current cache algorithm traverses the array starting always from the beginning, so the average number of comparisons needed to perform a lookup is proportional to the size of the array. By using a hash of the offset as the starting point, lookups are faster and independent from the array size. The hash is computed using the cluster number of the table, multiplied by 4 to make it perform better when there are collisions. In my tests, using a cache with 2048 entries, this reduces the average number of comparisons per lookup from 430 to 2.5. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit fdfbca82a0874916007ca76323cd35f2af8a2ef3 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon May 11 15:54:56 2015 +0300 qcow2: remove qcow2_cache_find_entry_to_replace() A cache miss means that the whole array was traversed and the entry we were looking for was not found, so there's no need to traverse it again in order to select an entry to replace. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 2693310eccccf8351678ddd6f3b050163e51dba0 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon May 11 15:54:55 2015 +0300 qcow2: use an LRU algorithm to replace entries from the L2 cache The current algorithm to evict entries from the cache gives always preference to those in the lowest positions. As the size of the cache increases, the chances of the later elements of being removed decrease exponentially. In a scenario with random I/O and lots of cache misses, entries in positions 8 and higher are rarely (if ever) evicted. This can be seen even with the default cache size, but with larger caches the problem becomes more obvious. Using an LRU algorithm makes the chances of being removed from the cache independent from the position. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit baf07d60f5c5d5d0f0c9e844cde75691f1ceb3d1 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon May 11 15:54:54 2015 +0300 qcow2: simplify qcow2_cache_put() and qcow2_cache_entry_mark_dirty() Since all tables are now stored together, it is possible to obtain the position of a particular table directly from its address, so the operation becomes O(1). Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 72e80b89015bab196f0f0e83b12b0eee75fa0574 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon May 11 15:54:53 2015 +0300 qcow2: use one single memory block for the L2/refcount cache tables The qcow2 L2/refcount cache contains one separate table for each cache entry. Doing one allocation per table adds unnecessary overhead and it also requires us to store the address of each table separately. Since the size of the cache is constant during its lifetime, it's better to have an array that contains all the tables using one single allocation. In my tests measuring freshly created caches with sizes 128MB (L2) and 32MB (refcount) this uses around 10MB of RAM less. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 13c4941cdd8685d28c7e3a09e393a5579b58db46 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Tue May 5 17:28:13 2015 +0800 vmdk: Fix overflow if l1_size is 0x20000000 Richard Jones caught this bug with afl fuzzer. In fact, that's the only possible value to overflow (extent->l1_size = 0x20000000) l1_size: l1_size = extent->l1_size * sizeof(long) => 0x80000000; g_try_malloc returns NULL because l1_size is interpreted as negative during type casting from 'int' to 'gsize', which yields a enormous value. Hence, by coincidence, we get a "not too bad" behavior: qemu-img: Could not open '/tmp/afl6.img': Could not open '/tmp/afl6.img': Cannot allocate memory Values larger than 0x20000000 will be refused by the validation in vmdk_add_extent. Values smaller than 0x20000000 will not overflow l1_size. Cc: qemu-stable@xxxxxxxxxx Reported-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5e82a31eb967db135fc4e688b134fb0972d62de3 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed May 6 20:23:46 2015 +0800 vmdk: Fix next_cluster_sector for compressed write This fixes the bug introduced by commit c6ac36e (vmdk: Optimize cluster allocation). Sometimes, write_len could be larger than cluster size, because it contains both data and marker. We must advance next_cluster_sector in this case, otherwise the image gets corrupted. Cc: qemu-stable@xxxxxxxxxx Reported-by: Antoni Villalonga <qemu-list@xxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit aacd5650c68ef2e9e19079ba60cb0df51e15880c Author: Christoph Hellwig <hch@xxxxxx> Date: Thu Apr 30 11:44:17 2015 +0200 nvme: support NVME_VOLATILE_WRITE_CACHE feature The SCSI emulation in the Linux NVMe driver really wants to know if a device has a volatile write cache. Given that qemu has moved away from a model where we report the backing store WCE bit to one where the WCE bit is supposed to be part of the migratable guest-visible state we always return 1 here. Signed-off-by: Christoph Hellwig <hch@xxxxxx> Acked-by: Keith Busch <keith.busch@xxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ecbda7a22576591a84f44de1be0150faf6001f1c Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed May 6 13:21:51 2015 +0200 qcow2: Flush pending discards before allocating cluster Before a freed cluster can be reused, pending discards for this cluster must be processed. The original assumption was that this was not a problem because discards are only cached during discard/write zeroes operations, which are synchronous so that no concurrent write requests can cause cluster allocations. However, the discard/write zeroes operation itself can allocate a new L2 table (and it has to in order to put zero flags there), so make sure we can cope with the situation. This fixes https://bugs.launchpad.net/bugs/1349972. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 9371557115a734412974f8d4096cbe8a62ca2731 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Mon May 11 14:59:55 2015 +0200 target-tricore: add RR_DIV and RR_DIV_U instructions of the v1.6 ISA Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit 0e045f43c45f675711c3f6836118dc7eabcc2411 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Thu May 7 22:46:50 2015 +0200 target-tricore: add FRET instructions of the v1.6 ISA Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9e14a7b24f4cff93da664fdcfecad41fbd229e2b Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Thu May 7 22:38:16 2015 +0200 target-tricore: add FCALL instructions of the v1.6 ISA Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit bc3551c43308dd77bc1cc9a4e39962b2afd4dffc Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Thu May 7 21:25:42 2015 +0200 target-tricore: add SYS_RESTORE instruction of the v1.6 ISA Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit e5c96c82bc529674b61eacd221734abc2674e264 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Thu May 7 19:55:37 2015 +0200 target-tricore: add RR_CRC32 instruction of the v1.6.1 ISA This instruction was introduced by the new Aurix platform. Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit ddd8cebe3106bdfb2681d8d283296199fd6c7417 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Wed May 6 20:57:10 2015 +0200 target-tricore: add SWAPMSK instructions of the v1.6.1 ISA Those instruction were introduced in the new Aurix platform. Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit 62872ebc38d700ea30b0cd861e40703dccdcae2a Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Wed May 6 20:47:39 2015 +0200 target-tricore: add CMPSWP instructions of the v1.6.1 ISA Those instruction were introduced in the new Aurix platform. Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit fcecf12684e1169653df72ed307ec2a82ca69b18 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Wed May 6 20:22:45 2015 +0200 target-tricore: Add SRC_MOV_E instruction of the v1.6 ISA Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit 6d2afc8a5edc042e4e7c2ceb49f7cabe02aae793 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Wed May 6 20:18:41 2015 +0200 target-tricore: introduce ISA v1.6.1 feature The aurix platform contains of several different cpu models and uses the 1.6.1 ISA. This patch changes the generic aurix model to the more specific tc27x cpu model and sets specific features. Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit fd5ecf31d4c48651de97c1aaf8771762753de9a7 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Sun Mar 22 12:49:12 2015 +0000 target-tricore: Add ISA v1.3.1 cpu and fix tc1796 to using v1.3 Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit 8b6db32a4ec47d1171ccfa21d557096b99f4eef0 Merge: f5790c3 a53f1a9 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 22 13:25:40 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Fri May 22 10:00:53 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: (38 commits) block: get_block_status: use "else" when testing the opposite condition qemu-iotests: Test unaligned sub-block zero write block: Fix NULL deference for unaligned write if qiov is NULL Revert "block: Fix unaligned zero write" block: align bounce buffers to page block: minimal bounce buffer alignment block: return EPERM on writes or discards to read-only devices configure: Add workaround for ccache and clang configure: silence glib unknown attribute __alloc_size__ configure: factor out supported flag check configure: handle clang -nopie argument warning block/parallels: improve image writing performance further block/parallels: optimize linear image expansion block/parallels: add prealloc-mode and prealloc-size open paramemets block/parallels: delay writing to BAT till bdrv_co_flush_to_os block/parallels: create bat_entry_off helper block/parallels: improve image reading performance iotests, parallels: check for incorrectly closed image in tests block/parallels: implement incorrect close detection block/parallels: implement parallels_check method of block driver ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f5790c3bc81702c98c7ddadedb274758cff8cbe7 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 22 12:30:13 2015 +0100 Revert "target-alpha: Add vector implementation for CMPBGE" This reverts commit 32ad48abd74a997220b841e4e913edeb267aa362. Unfortunately the SSE2 code here fails to compile on some versions of gcc: target-alpha/int_helper.c:77:24: error: invalid operands to binary >= (have '__vector(16) unsigned char' and '__vector(16) unsigned char') Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 27e1259a69c49ee2dd53385f4ca4ca14b822191d Merge: 9e549d3 32ad48a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 22 10:06:33 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-axp-20150521' into staging Rewrite fp exceptions # gpg: Signature made Thu May 21 18:35:52 2015 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-axp-20150521: target-alpha: Add vector implementation for CMPBGE target-alpha: Rewrite helper_zapnot target-alpha: Raise IOV from CVTQL target-alpha: Suppress underflow from CVTTQ if DNZ target-alpha: Raise EXC_M_INV properly for fp inputs target-alpha: Disallow literal operand to 1C.30 to 1C.37 target-alpha: Implement WH64EN target-alpha: Fix integer overflow checking insns target-alpha: Fix cvttq vs inf target-alpha: Fix cvttq vs large integers target-alpha: Raise IOV from CVTTQ target-alpha: Set EXC_M_SWC for exceptions from /S insns target-alpha: Set fpcr_exc_status even for disabled exceptions target-alpha: Tidy FPCR representation target-alpha: Set PC correctly for floating-point exceptions target-alpha: Forget installed round mode after MT_FPCR target-alpha: Rename floating-point subroutines target-alpha: Move VAX helpers to a new file Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a53f1a95f9605f300fbafbc8b60b8a8c67e9c4b4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu May 14 12:35:02 2015 +0200 block: get_block_status: use "else" when testing the opposite condition A bit of Boolean algebra (and common sense) tells us that the second "if" here is looking for blocks that are not allocated. This is the opposite of the "if" that sets BDRV_BLOCK_ALLOCATED, and thus it can use an "else". Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1431599702-10431-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit ab53c44718305d3fde3d9d2251889f1cab694be2 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed May 13 13:12:01 2015 +0000 qemu-iotests: Test unaligned sub-block zero write Test zero write in byte range 512~1024 for 4k alignment. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1431522721-3266-4-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 9eeb6dd1b27bd57eb4e3869290e87feac8e8b226 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed May 13 13:12:00 2015 +0000 block: Fix NULL deference for unaligned write if qiov is NULL For zero write, callers pass in NULL qiov (qemu-io "write -z" or scsi-disk "write same"). Commit fc3959e466 fixed bdrv_co_write_zeroes which is the common case for this bug, but it still exists in bdrv_aio_write_zeroes. A simpler fix would be in bdrv_co_do_pwritev which is the NULL dereference point and covers both cases. So don't access it in bdrv_co_do_pwritev in this case, use three aligned writes. [Initialize ret to 0 in bdrv_co_do_zero_pwritev() to avoid uninitialized variable warning with gcc 4.9.2. --Stefan] Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1431522721-3266-3-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d01c07f2221ca39ab2dd9e55932d99db98103b30 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed May 13 13:11:59 2015 +0000 Revert "block: Fix unaligned zero write" This reverts commit fc3959e4669a1c2149b91ccb05101cfc7ae1fc05. The core write code already handles the case, so remove this duplication. Because commit 61007b316 moved the touched code from block.c to block/io.c, the change is manually reverted. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1431522721-3266-2-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 459b4e66129d091a11e9886ecc15a8bf9f7f3d92 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue May 12 17:30:56 2015 +0300 block: align bounce buffers to page The following sequence int fd = open(argv[1], O_RDWR | O_CREAT | O_DIRECT, 0644); for (i = 0; i < 100000; i++) write(fd, buf, 4096); performs 5% better if buf is aligned to 4096 bytes. The difference is quite reliable. On the other hand we do not want at the moment to enforce bounce buffering if guest request is aligned to 512 bytes. The patch changes default bounce buffer optimal alignment to MAX(page size, 4k). 4k is chosen as maximal known sector size on real HDD. The justification of the performance improve is quite interesting. From the kernel point of view each request to the disk was split by two. This could be seen by blktrace like this: 9,0 11 1 0.000000000 11151 Q WS 312737792 + 1023 [qemu-img] 9,0 11 2 0.000007938 11151 Q WS 312738815 + 8 [qemu-img] 9,0 11 3 0.000030735 11151 Q WS 312738823 + 1016 [qemu-img] 9,0 11 4 0.000032482 11151 Q WS 312739839 + 8 [qemu-img] 9,0 11 5 0.000041379 11151 Q WS 312739847 + 1016 [qemu-img] 9,0 11 6 0.000042818 11151 Q WS 312740863 + 8 [qemu-img] 9,0 11 7 0.000051236 11151 Q WS 312740871 + 1017 [qemu-img] 9,0 5 1 0.169071519 11151 Q WS 312741888 + 1023 [qemu-img] After the patch the pattern becomes normal: 9,0 6 1 0.000000000 12422 Q WS 314834944 + 1024 [qemu-img] 9,0 6 2 0.000038527 12422 Q WS 314835968 + 1024 [qemu-img] 9,0 6 3 0.000072849 12422 Q WS 314836992 + 1024 [qemu-img] 9,0 6 4 0.000106276 12422 Q WS 314838016 + 1024 [qemu-img] and the amount of requests sent to disk (could be calculated counting number of lines in the output of blktrace) is reduced about 2 times. Both qemu-img and qemu-io are affected while qemu-kvm is not. The guest does his job well and real requests comes properly aligned (to page). Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1431441056-26198-3-git-send-email-den@xxxxxxxxxx CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 4196d2f0308cb1ae13ed450424ab7dfe154acda9 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue May 12 17:30:55 2015 +0300 block: minimal bounce buffer alignment The patch introduces new concept: minimal memory alignment for bounce buffers. Original so called "optimal" value is actually minimal required value for aligment. It should be used for validation that the IOVec is properly aligned and bounce buffer is not required. Though, from the performance point of view, it would be better if bounce buffer or IOVec allocated by QEMU will be aligned stricter. The patch does not change any alignment value yet. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1431441056-26198-2-git-send-email-den@xxxxxxxxxx CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit eaf5fe2dd4ec001d645ff3b343f466457badaa64 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu May 7 17:45:48 2015 +0200 block: return EPERM on writes or discards to read-only devices This is the behavior in the operating system, for example Linux's blkdev_write_iter has the following: if (bdev_read_only(I_BDEV(bd_inode))) return -EPERM; This does not apply to opening a device for read/write, when the device only supports read-only operation. In this case any of EACCES, EPERM or EROFS is acceptable depending on why writing is not possible. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1431013548-22492-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit fd0e60530f10078f488fa3e9591cc7db5732989c Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Mar 25 18:57:39 2015 -0400 configure: Add workaround for ccache and clang Test if ccache is interfering with semantic analysis of macros, disable its habit of trying to compile already pre-processed versions of code if so. ccache attempts to save time by compiling pre-processed versions of code, but this disturbs clang's static analysis enough to produce false positives. ccache allows us to disable this feature, opting instead to compile the original version instead of its preprocessed version. This makes ccache much slower for cache misses, but at least it becomes usable with QEMU/clang. This workaround only activates for users using ccache AND clang, and only if their configuration is observed to be producing warnings. You may need to clear your ccache for builds started without -Werror, as those may continue to produce warnings from the cache. Thanks to Peter Eisentraut for his writeup on the issue: http://peter.eisentraut.org/blog/2014/12/01/ccache-and-clang-part-3/ Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427324259-1481-5-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit bbbf2e04e5ea347d877c7fa8ee02e4bb647a48fc Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Mar 25 18:57:38 2015 -0400 configure: silence glib unknown attribute __alloc_size__ The glib headers use GCC attributes. Unfortunately the __GNUC__ and __GNUC_MINOR__ version macros are also defined by clang, but clang doesn't support the same attributes as GCC. clang 3.5.0 does not support the __alloc_size__ attribute: https://github.com/llvm-mirror/clang/commit/c047507a9a79e89fc8339e074fa72822a7e7ea73 The following warning is produced: gstrfuncs.h:257:44: warning: unknown attribute '__alloc_size__' ignored [-Wunknown-attributes] G_GNUC_MALLOC G_GNUC_ALLOC_SIZE(2); gmacros.h:67:45: note: expanded from macro 'G_GNUC_ALLOC_SIZE' #define G_GNUC_ALLOC_SIZE(x) __attribute__((__alloc_size__(x))) This patch checks whether glib headers cause warnings and disables -Wunknown-attributes if it is able to. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427324259-1481-4-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 93b25869228a3c0c632a6aa66624cc4e549ba14a Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Mar 25 18:57:37 2015 -0400 configure: factor out supported flag check Factor out the function that checks if a compiler flag is supported or not. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427324259-1481-3-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e4a7b344df40b1f4b2e732ddb0d68079ce658d89 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Mar 25 18:57:36 2015 -0400 configure: handle clang -nopie argument warning gcc 4.9.2 treats -nopie as an error: cc: error: unrecognized command line option â??-nopieâ?? clang 3.5.0 treats -nopie as a warning: clang: warning: argument unused during compilation: '-nopie' The causes ./configure to fail with clang: ERROR: configure test passed without -Werror but failed with -Werror. Make the -nopie test use -Werror so that compile_prog works for both gcc and clang. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427324259-1481-2-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit ddd2ef2ce8d693b6e2635a0c20f65744641ff8df Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:47:00 2015 +0300 block/parallels: improve image writing performance further Try to perform IO for the biggest continuous block possible. All blocks abscent in the image are accounted in the same type and preallocation is made for all of them at once. The performance for sequential write is increased from 200 Mb/sec to 235 Mb/sec on my SSD HDD. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-28-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 19f5dc15912dfb6af06c97e4975023e545e85c72 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:59 2015 +0300 block/parallels: optimize linear image expansion Plain image expansion spends a lot of time to update image file size. This seriously affects the performance. The following simple test qemu_img create -f parallels -o cluster_size=64k ./1.hds 64G qemu_io -n -c "write -P 0x11 0 1024M" ./1.hds could be improved if the format driver will pre-allocate some space in the image file with a reasonable chunk. This patch preallocates 128 Mb using bdrv_write_zeroes, which should normally use fallocate() call inside. Fallback to older truncate() could be used as a fallback using image open options thanks to the previous patch. The benefit is around 15%. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Karan <rkagan@xxxxxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-27-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d61790112fa861fbbbb02b53f9c3beb9ca7f8419 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:58 2015 +0300 block/parallels: add prealloc-mode and prealloc-size open paramemets This is preparational commit for tweaks in Parallels image expansion. The idea is that enlarge via truncate by one data block is slow. It would be much better to use fallocate via bdrv_write_zeroes and expand by some significant amount at once. Original idea with sequential file writing to the end of the file without fallocate/truncate would be slower than this approach if the image is expanded with several operations: - each image expanding means file metadata update, i.e. filesystem journal write. Truncate/write to newly truncated space update file metadata twice thus truncate removal helps. With fallocate call inside bdrv_write_zeroes file metadata is updated only once and this should happen infrequently thus this approach is the best one for the image expansion - tail writes are ordered, i.e. the guest IO queue could not be sent immediately to the host introducing additional IO delays This patch just adds proper parameters into BDRVParallelsState and performs options parsing in parallels_open. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-26-git-send-email-den@xxxxxxxxxx CC: Roman Kagan <rkagan@xxxxxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 0d31c7c200b3dca2aeeaa6f74ff3fd539aad803a Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:57 2015 +0300 block/parallels: delay writing to BAT till bdrv_co_flush_to_os The idea is that we do not need to immediately sync BAT to the image as from the guest point of view there is a possibility that IO is lost even in the physical controller until flush command was finished. bdrv_co_flush_to_os is exactly the right place for this purpose. Technically the patch uses loaded BAT data as a cache and performs actual on-disk metadata updates in parallels_co_flush_to_os callback. This patch speed ups qemu-img create -f parallels -o cluster_size=64k ./1.hds 64G qemu-io -f parallels -c "write -P 0x11 0 1024k" 1.hds writing from 50-60 Mb/sec to 80-90 Mb/sec on rotational media and from 160 Mb/sec to 190 Mb/sec on SSD disk. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-25-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 2d68e22e94e8bc5a0d32a38b53c592c320db8261 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:56 2015 +0300 block/parallels: create bat_entry_off helper calculate offset of the BAT entry in the image file. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-24-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6953d920784466dfaea77f7cfd23df2ad8b772a0 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:55 2015 +0300 block/parallels: improve image reading performance Try to perform IO for the biggest continuous block possible. The performance for sequential read is increased from 220 Mb/sec to 360 Mb/sec for continous image on my SSD HDD. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-23-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a6be831e99f89d72a8c4a114347d5512c326af29 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:54 2015 +0300 iotests, parallels: check for incorrectly closed image in tests Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-22-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6dd6b9f1440c37811ad963b49a48bf80a8bde377 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:53 2015 +0300 block/parallels: implement incorrect close detection The software driver must set inuse field in Parallels header to 0x746F6E59 when the image is opened in read-write mode. The presence of this magic in the header on open forces image consistency check. There is an unfortunate trick here. We can not check for inuse in parallels_check as this will happen too late. It is possible to do that for simple check, but during the fix this would always report an error as the image was opened in BDRV_O_RDWR mode. Thus we save the flag in BDRVParallelsState for this. On the other hand, nothing should be done to clear inuse in parallels_check. Generic close will do the job right. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-21-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 49ad6467313d17486af9029413debb709dc971a8 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:52 2015 +0300 block/parallels: implement parallels_check method of block driver The check is very simple at the moment. It calculates necessary stats and fix only the following errors: - space leak at the end of the image. This would happens due to preallocation - clusters outside the image are zeroed. Nothing else could be done here Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-20-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 23d6bd3bd1225e8c8ade6ed829eabcf90ddfa6f7 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:51 2015 +0300 block/parallels: move parallels_open/probe to the very end of the file This will help to avoid forward declarations for upcoming parallels_check Some very obvious formatting fixes were made to the moved code to make checkpatch happy. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-19-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 9eae9cca95e76afc2f2288a665e08a64953f2820 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:50 2015 +0300 block/parallels: read parallels image header and BAT into single buffer This metadata cache would allow to properly batch BAT updates to disk in next patches. These updates will be properly aligned to avoid read-modify-write transactions on block level. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-18-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit dd97cdc064f24484a2ebc141a4ec6bba35f56007 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:49 2015 +0300 block/parallels: keep BAT bitmap data in little endian in memory This will allow to use this data as buffer to BAT update directly without any intermediate buffers. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-17-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 555cc9d9fc5c71be6bd3f288eaf1e5628732088f Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:48 2015 +0300 block/parallels: create bat2sect helper deduplicate copy/paste arithmetcs Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-16-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 369f7de9d57e4dd2f312255fc12271d5749c0a4e Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:47 2015 +0300 block/parallels: rename catalog_ names to bat_ BAT means 'block allocation table'. Thus this name is clean and shorter on writing. Some obvious formatting fixes in the old code were made to make checkpatch happy. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-15-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit cc5690f20fcc075940a213380b362ae2054c03ba Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:46 2015 +0300 parallels: change copyright information in the image header Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-14-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit ca9c4e0675f9cb98138e1069605114f45746d985 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:45 2015 +0300 iotests, parallels: test for newly created parallels image via qemu-img Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-13-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 74cf6c5026fef6e327f09786445f626df02cbdf0 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:44 2015 +0300 block/parallels: support parallels image creation Do not even care to create WithoutFreeSpace image, it is obsolete. Always create WithouFreSpacExt one. The code also does not spend a lot of efforts to fill cylinders and heads fields, they are not used actually in a real life neither in QEMU nor in Parallels products. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-12-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 50ffd8fd3cfceede87cec1f7f9a04cd7b9147271 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:43 2015 +0300 iotests, parallels: test for write into Parallels image Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-11-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5a41e1fa95f379e236883f38dacda292f6c48e6f Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:42 2015 +0300 block/parallels: _co_writev callback for Parallels format Support write on Parallels images. The code is almost the same as one in the previous patch implemented scatter-gather IO for read. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-10-git-send-email-den@xxxxxxxxxx CC: Roman Kagan <rkagan@xxxxxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d0e61ce56d1520cade573eb344fdb136993d2279 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:41 2015 +0300 block/parallels: mark parallels format driver as zero inited From the guest point of view unallocated blocks are zeroed. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-9-git-send-email-den@xxxxxxxxxx CC: Roman Kagan <rkagan@xxxxxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 912f31281a683a24b552a8cc6c293ab389b62013 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:40 2015 +0300 block/parallels: replace magic constants 4, 64 with proper sizeofs simple purification.. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-8-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 481fb9cf18925eab19e4af8a44bd86b82eb897ad Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:39 2015 +0300 block/parallels: provide _co_readv routine for parallels format driver Main approach is taken from qcow2_co_readv. The patch drops coroutine lock for the duration of IO operation and peforms normal scatter-gather IO using standard QEMU backend. The patch also adds comment about locking considerations in the driver. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-7-git-send-email-den@xxxxxxxxxx CC: Roman Kagan <rkagan@xxxxxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit dd3bed16ff229496b30cc77224b0c0ae645c4dae Author: Roman Kagan <rkagan@xxxxxxxxxxxxx> Date: Tue Apr 28 10:46:38 2015 +0300 block/parallels: add get_block_status Implement VFS method for get_block_status to Parallels format driver. qemu_co_mutex_lock is not necessary yet (the driver is read-only) but will be necessary very soon when write will be supported. Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Message-id: 1430207220-24458-6-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 9de9da17d8304576e8402697bcee72c88ce499b8 Author: Roman Kagan <rkagan@xxxxxxxxxxxxx> Date: Tue Apr 28 10:46:37 2015 +0300 block/parallels: read up to cluster end in one go Teach parallels_read() to do reads in coarser granularity than just a single sector: if requested, read up to the cluster end in one go. Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1430207220-24458-5-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 2944256997dd8b080f8b0cc062e4b663cb2ec09c Author: Roman Kagan <rkagan@xxxxxxxxxxxxx> Date: Tue Apr 28 10:46:36 2015 +0300 block/parallels: switch to bdrv_read Switch the .bdrv_read method implementation from using bdrv_pread() to bdrv_read() on the underlying file, since the latter is subject to i/o throttling while the former is not. Besides, since bdrv_read() operates in sectors rather than bytes, adjust the helper functions to do so too. Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Message-id: 1430207220-24458-4-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 0789890467d30e2ab10d84b5398bdc903db8cb91 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:35 2015 +0300 block/parallels: rename parallels_header to ParallelsHeader this follows QEMU coding convention Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1430207220-24458-3-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d134cf73b10e9d0283e1d2531299c8f9ab13b5eb Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:34 2015 +0300 iotests, parallels: quote TEST_IMG in 076 test to be path-safe suggested by Jeff Cody Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1430207220-24458-2-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 32ad48abd74a997220b841e4e913edeb267aa362 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 18 10:19:06 2014 -0700 target-alpha: Add vector implementation for CMPBGE While conditionalized on SSE2, it's a "portable" gcc generic vector implementation, which could be enabled on other hosts. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 8d8d324e3424bf891d41e9c7758dcc09cf3c38b9 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Jul 15 12:07:05 2014 -0700 target-alpha: Rewrite helper_zapnot This form produces significantly smaller code on x86_64. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9e549d36e989b14423279fb991b71728a2a4ae7c Merge: eba05e9 0ef705a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu May 21 09:07:19 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-20150520-1' into staging vnc: misc fixes. # gpg: Signature made Wed May 20 09:32:45 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vnc-20150520-1: qemu-sockets: Report explicit error if unlink fails vnc: Tweak error when init fails vnc: Don't assert if opening unix socket fails ui: remove check for failure of qemu_acl_init() Strip brackets from vnc host Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0ef705a2653f09c15e44a644a98b6febc761431e Author: Cole Robinson <crobinso@xxxxxxxxxx> Date: Tue May 5 11:07:19 2015 -0400 qemu-sockets: Report explicit error if unlink fails Consider this case: $ ls -ld ~/root-owned/ drwx--x--x. 2 root root 4096 Apr 29 12:55 /home/crobinso/root-owned/ $ ls -l ~/root-owned/foo.sock -rwxrwxrwx. 1 crobinso crobinso 0 Apr 29 12:55 /home/crobinso/root-owned/foo.sock $ qemu-system-x86_64 -vnc unix:~/root-owned/foo.sock qemu-system-x86_64: -vnc unix:/home/crobinso/root-owned/foo.sock: Failed to start VNC server: Failed to bind socket to /home/crobinso/root-owned/foo.sock: Address already in use ...which is techinically true, but the real error is that we failed to unlink. So report it. This may seem pathological but it's a real possibility via libvirt. Signed-off-by: Cole Robinson <crobinso@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit bc119048d7377ec8335ecde5946df629a1b72b46 Author: Cole Robinson <crobinso@xxxxxxxxxx> Date: Tue May 5 11:07:18 2015 -0400 vnc: Tweak error when init fails Before: qemu-system-x86_64: -display vnc=unix:/root/foo.sock: Failed to start VNC server on `(null)': Failed to bind socket to /root/foo.sock: Permission denied After: qemu-system-x86_64: -display vnc=unix:/root/foo.sock: Failed to start VNC server: Failed to bind socket to /root/foo.sock: Permission denied Rather than tweak the string possibly show unix: value as well, just drop the explicit display reporting. We already get the cli string in the error message, that should be sufficient. Signed-off-by: Cole Robinson <crobinso@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 3d00ac1a2ee0294fc3d460e6013a5cdd9c73ea6c Author: Cole Robinson <crobinso@xxxxxxxxxx> Date: Tue May 5 11:07:17 2015 -0400 vnc: Don't assert if opening unix socket fails Reproducer: $ qemu-system-x86_64 -display vnc=unix:/root/i-cant-access-you.sock qemu-system-x86_64: iohandler.c:60: qemu_set_fd_handler2: Assertion `fd >= 0' failed. Aborted (core dumped) Signed-off-by: Cole Robinson <crobinso@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2b2c1a38eeaba5d8bfe92281e9e680361e09ee3b Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri May 1 11:44:46 2015 +0100 ui: remove check for failure of qemu_acl_init() The qemu_acl_init() function has long since stopped being able to return NULL, since g_malloc will abort on OOM. As such the checks for NULL were unreachable code. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 274c3b52e10466a4771d591f6298ef61e8354ce0 Author: Ján Tomko <jtomko@xxxxxxxxxx> Date: Mon Apr 27 17:03:14 2015 +0200 Strip brackets from vnc host Commit v2.2.0-1530-ge556032 vnc: switch to inet_listen_opts bypassed the use of inet_parse in inet_listen, making literal IPv6 addresses enclosed in brackets fail: qemu-kvm: -vnc [::1]:0: Failed to start VNC server on `(null)': address resolution failed for [::1]:5900: Name or service not known Strip the brackets to make it work again. Signed-off-by: Ján Tomko <jtomko@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit eba05e922e8e7f307bc5d4104a78797e55124e97 Merge: fdbe454 a48da7b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 14:10:33 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-serial-20150519-1' into staging serial: fix multi-pci card error cleanup. # gpg: Signature made Tue May 19 11:47:29 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-serial-20150519-1: serial: fix multi-pci card error cleanup. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a48da7b5bc1f0c98e7a124337140efd47049066c Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed May 6 12:58:19 2015 +0200 serial: fix multi-pci card error cleanup. Put the number of serial ports into a local variable in multi_serial_pci_realize, then increment the port count (pci->ports) as we initialize the serial port cores. Now pci->ports always holds the number of successfully initialized ports and we can use multi_serial_pci_exit to properly cleanup the already initialized bits in case of a init failure. https://bugzilla.redhat.com/show_bug.cgi?id=970551 Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fdbe454a242105fcfe48b9c44b5499b80ff84160 Merge: faa261a 176c324 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 11:47:03 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20150519-1' into staging hw/display: qomify vga cards # gpg: Signature made Tue May 19 11:23:09 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vga-20150519-1: vga-pci: QOMify qxl: QOMify cirrus_vga: QOMify Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 176c324febd76d6f164347583f5af35b3cb4e5fb Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue May 12 17:27:08 2015 +0800 vga-pci: QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit c69f6c7dcf6164ee0ee3b00bec27dfdec4e8b661 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue May 12 17:27:10 2015 +0800 qxl: QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit d338bae33a76d02678ea706622dfcc26b8b8325c Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue May 12 17:27:09 2015 +0800 cirrus_vga: QOMify QOMify pci-cirrus-vga like isa-cirrus-vga device. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit faa261a7fb254866bdd5b6a25ad94677945f21b4 Merge: 62bf3df b4c6a11 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 10:25:59 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20150519' into staging cocoa queue: * fix various issues with full screen in the OSX UI * set an icon for our binary file * add entries to the View menu for QEMU consoles * fix various warnings that are produced when building on 10.10 (largely deprecated interfaces) # gpg: Signature made Tue May 19 09:17:23 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-cocoa-20150519: ui/cocoa: Add console items to the View menu ui/cocoa: Avoid deprecated NSOKButton/NSCancelButton constants ui/cocoa: Don't use NSWindow useOptimizedDrawing on OSX 10.10 and up ui/cocoa: Declare that QemuCocoaAppController implements NSApplicationDelegate ui/cocoa: openPanelDidEnd returnCode should be NSInteger, not int ui/cocoa: Remove compatibility ifdefs for OSX 10.4 ui/cocoa: Drop tests for CGImageCreateWithImageInRect support Makefile.target: set icon for binary file on Mac OS X ui/cocoa: Make -full-screen option work on Mac OS X ui/cocoa: Fix several full screen issues on Mac OS X Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b4c6a112dcfa1d24b905e6cccc763e02000937f1 Author: Programmingkid <programmingkidx@xxxxxxxxx> Date: Tue May 19 09:11:18 2015 +0100 ui/cocoa: Add console items to the View menu Add any console that is available to the current emulator as a menu item under the View menu. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> [PMM: Adjusted to apply after zoom-to-fit menu item was added; create the View menu at the same time as all the others, and only add the dynamically-determined items to it later] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8617989eae7398e9e782a73857fc53a548692b31 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 09:11:18 2015 +0100 ui/cocoa: Avoid deprecated NSOKButton/NSCancelButton constants In OSX 10.10, the NSOKButton and NSCancelButton constants are deprecated and provoke compiler warnings. Avoid them by using the NSFileHandlingPanelCancelButton and NSFileHandlingPanelOKButton constants instead. These are the documented correct constants for the 10.6-and-up beginSheetModalForWindow API we use. We also use the same method for the pre-10.6 compatibility code path, but conveniently the constant values are the same and the constant names have been present since 10.0. Preferring the constant names that match the non-legacy API makes more sense anyway. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1431296361-16981-7-git-send-email-peter.maydell@xxxxxxxxxx commit 81801ae21333d81a8e7887bc6b11c601b6ecbee6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 09:11:18 2015 +0100 ui/cocoa: Don't use NSWindow useOptimizedDrawing on OSX 10.10 and up Starting in OSX 10.10, NSWindow useOptimizedDrawing is deprecated, so don't use it there. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1431296361-16981-6-git-send-email-peter.maydell@xxxxxxxxxx commit 2a4c8c53dabf564142d5329b9ff8a82468324fd6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 09:11:18 2015 +0100 ui/cocoa: Declare that QemuCocoaAppController implements NSApplicationDelegate Our class QemuCocoaAppController implements the NSApplicationDelegate interface, and we pass an object of this class to [NSApp setDelegate]. However, we weren't declaring in the class definition that we implemented this interface; in OSX 10.10 this provokes the following (slighly misleading) warning: ui/cocoa.m:1031:24: warning: sending 'QemuCocoaAppController *' to parameter of incompatible type 'id<NSFileManagerDelegate>' [NSApp setDelegate:appController]; ^~~~~~~~~~~~~ /System/Library/Frameworks/Foundation.framework/Headers/NSFileManager.h:109:47: note: passing argument to parameter 'delegate' here @property (assign) id <NSFileManagerDelegate> delegate NS_AVAILABLE(10_5, 2_0); ^ Annoyingly, this interface wasn't formally defined until OSX 10.6, so we have to surround the relevant part of the @interface line with an ifdef. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1431296361-16981-5-git-send-email-peter.maydell@xxxxxxxxxx commit de1aadee289722478c19f211f0fa3a38e7e66b6f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 09:11:18 2015 +0100 ui/cocoa: openPanelDidEnd returnCode should be NSInteger, not int The type for openPanelDidEnd's returnCode argument should be NSInteger, not int. This only matters for the OSX 10.5 code path where we pass the method directly to an OSX function to call. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1431296361-16981-4-git-send-email-peter.maydell@xxxxxxxxxx commit 89424ff32f5c106f90627c7abe019c81c716fd13 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 09:11:17 2015 +0100 ui/cocoa: Remove compatibility ifdefs for OSX 10.4 Remove compatibility ifdefs that work around OSX 10.4 not providing various typedefs and functions. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1431296361-16981-3-git-send-email-peter.maydell@xxxxxxxxxx commit b63901d84cc22a06f82900620fdbe01ff16511ec Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 09:11:17 2015 +0100 ui/cocoa: Drop tests for CGImageCreateWithImageInRect support The code that tries to test at both compiletime and runtime for whether CGImageCreateWithImageInRect is supported provokes a compile warning on OSX 10.3: ui/cocoa.m:378:13: warning: comparison of function 'CGImageCreateWithImageInRect' equal to a null pointer is always false[-Wtautological-pointer-compare] if (CGImageCreateWithImageInRect == NULL) { // test if "CGImageCreateWithImageInRect" is supported on host at runtime ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~ The simplest way to deal with this is just to drop this code, since we don't in practice support OSX 10.4 anyway. (10.5 was released in 2007 and is the last PPC version, so is the earliest we really need to continue to support at all.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1431296361-16981-2-git-send-email-peter.maydell@xxxxxxxxxx commit 4e34017c21485e5606beda7e6218c36d3568b363 Author: Programmingkid <programmingkidx@xxxxxxxxx> Date: Tue May 19 09:11:17 2015 +0100 Makefile.target: set icon for binary file on Mac OS X Implements setting the icon for the binary file in Mac OS X. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> [PMM: tweaked makefile to use $@ and quiet-command] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 43227af88a36faed50cedb0c7cef71a49c0be9d2 Author: Programmingkid <programmingkidx@xxxxxxxxx> Date: Tue May 19 09:11:17 2015 +0100 ui/cocoa: Make -full-screen option work on Mac OS X This patch makes the -full-screen option actually instruct QEMU to enter fullscreen at startup, on Mac OS X. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5d1b2eef58632974494b4b94f8970846aa0bffb9 Author: Programmingkid <programmingkidx@xxxxxxxxx> Date: Tue May 19 09:11:17 2015 +0100 ui/cocoa: Fix several full screen issues on Mac OS X This patch makes several changes: - Minimizes distorted full screen display by respecting aspect ratios. - Makes full screen mode available on Mac OS 10.7 and higher. - Allows user to decide if video should be stretched to fill the screen, using a menu item called "Zoom To Fit". - Hides the normalWindow so it won't show up in full screen mode. - Allows user to exit full screen mode. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> [PMM: minor whitespace tweaks, remove incorrectly duplicated use of 'f' menu accelerator key] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 57a808b6d7f52a62111f6070933dfca6cd88a0fd Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Jul 8 10:42:55 2014 -0700 target-alpha: Raise IOV from CVTQL Even if an exception isn't taken, the status flags need updating and the result should be written to the destination. Move the body of cvtql out of line, since we now always need a call. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 4ed069ab5334a495b49d0704795524fa34e8dbfc Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Jul 8 10:14:09 2014 -0700 target-alpha: Suppress underflow from CVTTQ if DNZ I.e. respect flush_inputs_to_zero. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit b99e80694cc635aa6ed5a3716e89645a8afa261c Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Jul 8 10:11:06 2014 -0700 target-alpha: Raise EXC_M_INV properly for fp inputs Ignore DNZ if software completion isn't used. Raise INV for denormals in system mode so the OS completion handler sees them. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit ed0851380c8ed181ddd6ed3542b14fcb0bca6700 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Jul 7 06:18:20 2014 -0700 target-alpha: Disallow literal operand to 1C.30 to 1C.37 Before 64f45e49 we used to have literal checks for 4 of these 8 opcodes. Confirmed that real hardware doesn't allow them. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2517def6f82bec9eba9333a37f85a6f368ba52ee Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Jul 3 21:04:26 2014 -0700 target-alpha: Implement WH64EN Backward compatible cache insn introduced for EV7. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 4d1628e832dfc6ec02b0d196f6cc250aaa7bf3b3 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Jul 3 13:18:26 2014 -0700 target-alpha: Fix integer overflow checking insns We need to write the result to the destination register before raising any exception. Thus inline the code for each insn, and check for any exception after we're done. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 7b4dde839e86ca6c254d4e3cd28260e9d668afb5 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Jul 3 12:37:59 2014 -0700 target-alpha: Fix cvttq vs inf We should raise INV for infinities as well, not OVR+INE. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 7f2e40020cfc827f7e59670f8c400b0b9a704481 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Jul 3 12:36:34 2014 -0700 target-alpha: Fix cvttq vs large integers The range +- 2**63 - 2**64 was returning the wrong truncated result. We also incorrectly signaled overflow for -2**63. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit c24a8a0b6dad5a33d84f5fb846edb28c43312c71 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Jun 28 12:57:03 2014 -0700 target-alpha: Raise IOV from CVTTQ Floating-point overflow is a different bit from integer overflow. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit f6b6b7b8a775f97edab43eb672d5991f534c2e61 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Jun 30 09:53:46 2014 -0700 target-alpha: Set EXC_M_SWC for exceptions from /S insns Previously forgotten, the kernel needs the software completion bit to know that it needs to emulate software completion qualified insns. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 471d4930470aee38dffe6fc4890ede3d8eaf23c4 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Jun 28 11:08:28 2014 -0700 target-alpha: Set fpcr_exc_status even for disabled exceptions The qualifiers can suppress the raising of exceptions, but real hardware still records that the exceptions occurred. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit f3d3aad4a920a4436a9f5397d7a2963aefe141a9 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 8 12:17:07 2014 -1000 target-alpha: Tidy FPCR representation Store the fpcr as the hardware represents it. Convert the softfpu representation of exceptions into the fpcr representation. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit ba9c5de5f2d33d468a07a8794121472ea031a0b5 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Jun 28 13:06:19 2014 -0700 target-alpha: Set PC correctly for floating-point exceptions PC should be one past the faulting insn. Add better commentary for the machine-check exception path. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9d5a626b2c3fa98761b35b5e2ac86f7adb231002 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Jun 28 10:25:36 2014 -0700 target-alpha: Forget installed round mode after MT_FPCR When we use QUAL_RM_D, we copy fpcr_dyn_round to float_status. When we install a new FPCR value, we update fpcr_dyn_round. Reset the status of the cache so that we re-copy for the next fp insn that requires dynamic rounding. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 3da653fa05579579b0ba55a02ffa2aa3d466f01b Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 8 10:54:35 2014 -1000 target-alpha: Rename floating-point subroutines ... to match the instructions, which have no leading "f". Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9354452c39fef1ab2491da5989e6944d8bb2e16a Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 8 10:42:45 2014 -1000 target-alpha: Move VAX helpers to a new file Keep the IEEE and VAX floating point emulation separate. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 62bf3df432d93fa6eb0f355c460d6d784b7cbc1a Merge: 385057c 18084b2 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon May 18 20:23:16 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150518-3' into staging target-arm: * New board model: xlnx-ep108 * Some more preparation for AArch64 EL2/EL3 * Fix bugs in access checking for generic counter registers * Remove a stray '+' sign # gpg: Signature made Mon May 18 20:13:05 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150518-3: (21 commits) target-arm: Remove unneeded '+' target-arm: Correct accessfn for CNTV_TVAL_EL0 target-arm: Correct accessfn for CNTP_{CT}VAL_EL0 target-arm: Add WFx syndrome function target-arm: Add EL3 and EL2 TCR checking target-arm: Add TTBR regime function and use linux-user/arm: Correct TARGET_NR_timerfd to TARGET_NR_timerfd_create arm: xlnx-ep108: Add bootloading arm: xlnx-ep108: Add external RAM arm: Add xlnx-ep108 machine arm: xlnx-zynqmp: Add UART support char: cadence_uart: Split state struct and type into header char: cadence_uart: Clean up variable names arm: xlnx-zynqmp: Add GEM support net: cadence_gem: Split state struct and type into header net: cadence_gem: Clean up variable names arm: xlnx-zynqmp: Connect CPU Timers to GIC arm: xlnx-zynqmp: Add GIC arm: Introduce Xilinx ZynqMP SoC target-arm: cpu64: Add support for Cortex-A53 ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 18084b2f71b22b3ec3bf4828b8cb83d1d39e8502 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Wed May 13 16:52:28 2015 +1000 target-arm: Remove unneeded '+' Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1431499963-1019-4-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b65c08ee1a05760c1c5a786a6cedf240f924c53e Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Wed May 13 16:52:27 2015 +1000 target-arm: Correct accessfn for CNTV_TVAL_EL0 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1431499963-1019-3-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 12cde08aaf571de65d3fbbdf93c83f0a4321267f Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Wed May 13 16:52:26 2015 +1000 target-arm: Correct accessfn for CNTP_{CT}VAL_EL0 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1431499963-1019-2-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 06fbb2fdf7a7ac468d62c66cfe4537d3c71f7bb9 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Wed Apr 22 12:09:20 2015 -0500 target-arm: Add WFx syndrome function Adds a utility function for creating a WFx exception syndrome Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Acked-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1429722561-12651-9-git-send-email-greg.bellows@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 88e8add8b6656c349a96b447b074688d02dc5415 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Wed Apr 22 12:09:19 2015 -0500 target-arm: Add EL3 and EL2 TCR checking Updated get_phys_addr_lpae to check the appropriate TTBCR/TCR depending on the current EL. Support includes using the different TCR format as well as checks to insure TTBR1 is not used when in EL2 or EL3. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Acked-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1429722561-12651-8-git-send-email-greg.bellows@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit aef878be4e7ab1bdb30b408007320400b0a29c83 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Wed Apr 22 12:09:18 2015 -0500 target-arm: Add TTBR regime function and use Add a utility function for choosing the correct TTBR system register based on the specified MMU index. Add use of function on physical address lookup. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Acked-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1429722561-12651-7-git-send-email-greg.bellows@xxxxxxxxxx [PMM: fixed regime_ttbr() return type to be uint64_t] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d82322e175d58c0c8951cbc905da1ca9ee2e008c Author: Timothy Baldwin <T.E.Baldwin99@xxxxxxxxxxxxxxxxxxx> Date: Wed Apr 8 21:40:52 2015 +0100 linux-user/arm: Correct TARGET_NR_timerfd to TARGET_NR_timerfd_create Misspelled system call name in macro was causing timerfd_create not to be supported for the ARM target. Signed-off-by: Timothy Edward Baldwin <T.E.Baldwin99@xxxxxxxxxxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 082587b741efc5329380b4a156d86f2bdbfa2d70 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:30 2015 -0700 arm: xlnx-ep108: Add bootloading Add bootloader support using standard ARM bootloader. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: b829abaf2b70d02b28e79301553cbd74afc416a1.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b79b9d28f6b8f7879c50b6c053b4e3796de5b7d0 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:27 2015 -0700 arm: xlnx-ep108: Add external RAM Zynq MPSoC supports external DDR RAM. Add a RAM at 0 to the model. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 2c25e2a4198402a6477aef2975d5df7c415dd341.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 859a0c5b5fb8be0c1ed78d96695a162c9210e1e6 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:24 2015 -0700 arm: Add xlnx-ep108 machine Add a machine model for the Xilinx ZynqMP SoC EP108 board. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 3896b34c862f370dc0679e4428bf3848d1f9f83c.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3bade2a9e6336e0eb7cc5ad7425994f1143c5cfa Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:21 2015 -0700 arm: xlnx-zynqmp: Add UART support There are 2x Cadence UARTs in Zynq MP. Add them. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: e30795536f77599fabc1052278d846ccd52322e2.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8ae57b2fa35dae9aa4b50db5e632156eded9bec0 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:18 2015 -0700 char: cadence_uart: Split state struct and type into header Create a new header for Cadence UART to allow using the device with modern SoC programming conventions. The state struct needs to be visible to embed the device in SoC containers. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 46a0fbd45b6b205f54c4a8c778deb75c77f8abdf.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e86da3cb40d6f70ce99d8e64952c49df8ad78848 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:15 2015 -0700 char: cadence_uart: Clean up variable names Clean up some variable names in preparation for migrating the state struct and type cast macro to a public header. The acronym "UART" on it's own is not specific enough to be used in a more global namespace so preface with "cadence". Fix the capitalisation of "uart" in the state type while touching the typename. Preface macros used by the state struct itself with CADENCE_UART so they don't conflict in namespace either. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 3812b7426c338beae9e082557f3524a99310ddc6.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 14ca2e462ee137974d81729b1d88d9d39cf2f22c Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:12 2015 -0700 arm: xlnx-zynqmp: Add GEM support There are 4x Cadence GEMs in ZynqMP. Add them. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 7d3e68e5495d145255f0ee567046415e3a26d67e.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f49856d4e65703e347ee3e2277a87282ce601bcd Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:09 2015 -0700 net: cadence_gem: Split state struct and type into header Create a new header for Cadence GEM to allow using the device with modern SoC programming conventions. The state struct needs to be visible to embed the device in SoC containers. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: a98b5df6440c5bff8f813a26bb53ce1cfefb4c4c.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 448f19e23155021e42878e7effc3da895921ad4e Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:07 2015 -0700 net: cadence_gem: Clean up variable names Cleanup some variable names in preparation for migrating the state struct and type cast macro to a public header. The acronym "GEM" on its own is not specific enough to be used in a more global namespace so preface with "cadence". Fix the capitalisation of "gem" in the state type while touching the typename. Also preface the GEM_MAXREG macro as this will need to migrate to public header. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 8e2b0687b3a7b7a3fde5ba2f3bee6f3b911e84ef.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bf4cb10966a7685bba3aeaf14434902889ef535d Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:04 2015 -0700 arm: xlnx-zynqmp: Connect CPU Timers to GIC Connect the GPIO outputs from the individual CPUs for the timers to the GIC. Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: a7866a4f0c903c91fa3034210b4d2879aa4bfcb9.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7729e1f4b3c670eca38cc0ee0d96c1177efbc1e3 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:01 2015 -0700 arm: xlnx-zynqmp: Add GIC Add the GIC and connect IRQ outputs to the CPUs. The GIC regions are under-decoded through a 64k address region so implement aliases accordingly. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 5853189965728d676106d9e94e76b9bb87981cb5.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f0a902f76452211cadbdf1d25ef9b94732b096e8 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:22:58 2015 -0700 arm: Introduce Xilinx ZynqMP SoC With quad Cortex-A53 CPUs. Use SMC PSCI, with the standard policy of secondaries starting in power-off. Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: a16202a6c7b79e446e5289d38cb18d2ee4b897a0.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e35310260ec57d20301c65a5714ca55369e971cc Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:22:55 2015 -0700 target-arm: cpu64: Add support for Cortex-A53 Add the ARM Cortex-A53 processor definition. Similar to A57, but with different L1 I cache policy, phys addr size and different cache geometries. The cache sizes is implementation configurable, but use these values (from Xilinx Zynq MPSoC) as a default until cache size configurability is added. Acked-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: db439ff834cf0431bc192b05272a3b28fe2045d0.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ee804264ddc4d3cd36a5183a09847e391da0fc66 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:22:52 2015 -0700 target-arm: cpu64: generalise name of A57 regs Rename some A57 CP register variables in preparation for support for Cortex A53. Use "a57_a53" to describe the shareable features. Some of the CP15 registers (such as ACTLR) are specific to implementation, but we currently just RAZ them so continue with that as the policy for both A57 and A53 processors under a shared definition. Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 5a5f957994677d91435190b3be1cefa6f657e274.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 385057cbec9b4a0eb6150330c572e875ed714965 Merge: 99e7627 4180978 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 15 17:51:20 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-05-15' into staging qapi: Fix qapi mangling of downstream names, and more # gpg: Signature made Fri May 15 17:41:31 2015 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-05-15: (26 commits) qapi: Inline gen_command_decl_prologue(), gen_command_def_prologue() qapi: Drop pointless flush() before close() qapi: Factor open_output(), close_output() out of generators qapi: Turn generators' mandatory option -i into an argument qapi: Fix generators to report command line errors decently qapi: Factor parse_command_line() out of the generators qapi: qapi-commands.py option --type is unused, drop it qapi: qapi-event.py option -b does nothing, drop it tests: Add missing dependencies on $(qapi-py) qapi: Support downstream events and commands qapi: Support downstream alternates qapi: Support downstream flat unions qapi: Support downstream simple unions qapi: Support downstream structs qapi: Support downstream enums qapi: Make c_type() consistently convert qapi names qapi: Tidy c_type() logic qapi: Move camel_to_upper(), c_enum_const() to closely related code qapi: Use c_enum_const() in generate_alternate_qtypes() qapi: Simplify c_enum_const() ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 99e7627a70d1a23e30a514e5a4798005cf4eb3aa Merge: 1eeace9 dfb3630 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 15 16:02:08 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150514' into staging Per-memop alignment # gpg: Signature made Thu May 14 20:17:27 2015 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20150514: tcg: Add MO_ALIGN, MO_UNALN tcg: Push merged memop+mmu_idx parameter to softmmu routines tcg: Merge memop and mmu_idx parameters to qemu_ld/st Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dfb36305626636e2e07e0c5acd3a002a5419399e Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed May 13 11:25:20 2015 -0700 tcg: Add MO_ALIGN, MO_UNALN These modifiers control, on a per-memory-op basis, whether unaligned memory accesses are allowed. The default setting reflects the target's definition of ALIGNED_ONLY. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 3972ef6f830d65e9bacbd31257abedc055fd6dc8 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed May 13 09:10:33 2015 -0700 tcg: Push merged memop+mmu_idx parameter to softmmu routines The extra information is not yet used but it is now available. This requires minor changes through all of the tcg backends. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 59227d5d45bb3c31dc2118011691c35b3c00879c Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue May 12 11:51:44 2015 -0700 tcg: Merge memop and mmu_idx parameters to qemu_ld/st At the tcg opcode level, not at the tcg-op.h generator level. This requires minor changes through all of the tcg backends, but none of the cpu translators. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 4180978c9205c50acd2d6c385def9b3e81911696 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 14:52:55 2015 +0200 qapi: Inline gen_command_decl_prologue(), gen_command_def_prologue() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 09896d3f48078a93e3d2dbd8ef86436b85ebda7c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 14:49:29 2015 +0200 qapi: Drop pointless flush() before close() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 12f8e1b9ff57e99dafbb13f89cd5a99ad5c28527 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 14:46:39 2015 +0200 qapi: Factor open_output(), close_output() out of generators Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 16d80f61814745bd3f5bb9f47ae3b00edf9e1e45 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 13:32:16 2015 +0200 qapi: Turn generators' mandatory option -i into an argument Mandatory option is silly, and the error handling is missing: the programs crash when -i isn't supplied. Make it an argument, and check it properly. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit b45409683e829770000a4560ed21e704f87df74c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 13:17:34 2015 +0200 qapi: Fix generators to report command line errors decently Report to stderr, prefix with the program name. Also reject extra arguments. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 2114f5a98d0d80774306279e1694de074ca86aa0 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 13:12:21 2015 +0200 qapi: Factor parse_command_line() out of the generators Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 72aaa73a4acef06bfaed750064c40a597f0cf745 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 11:41:22 2015 +0200 qapi: qapi-commands.py option --type is unused, drop it Anything but --type sync (which is the default) suppresses output entirely, which makes no sense. Dates back to the initial commit c17d990. Commit message says "Currently only generators for synchronous qapi/qmp functions are supported", so maybe output other than "synchronous qapi/qmp" was planned at the time, to be selected with --type. Should other kinds of output ever materialize, we can put the option back. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit c70cef5bd48c7be603f75a7b5346db032a31b470 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 11:40:21 2015 +0200 qapi: qapi-event.py option -b does nothing, drop it Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit df3e21a0e0edd30ea2e7c9b09b05feaaa297c718 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 13:38:48 2015 +0200 tests: Add missing dependencies on $(qapi-py) Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit e3c4c3d796c1147d32f66fa1413d5d7c49d5aa37 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:51:01 2015 -0600 qapi: Support downstream events and commands Enhance the testsuite to cover downstream events and commands. Events worked without more tweaks, but commands needed a few final updates in the generator to mangle names in the appropriate places. In making those tweaks, it was easier to drop type_visitor() and inline its actions instead. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit d1f07c86c05706facf950b0b0dba370f71fd5ef6 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:51:00 2015 -0600 qapi: Support downstream alternates Enhance the testsuite to cover downstream alternates, including whether the branch name or type is downstream. Update the generator to mangle alternate names in the appropriate places. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 857af5f06c3fb097d1bb6bc8a23b9992aac99e75 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:50:59 2015 -0600 qapi: Support downstream flat unions Enhance the testsuite to cover downstream flat unions, including the base type, discriminator name and type, and branch name and type. Update the generator to mangle the union names in the appropriate places. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit bb33729043ceda56b4068db13bdc17786ebd0ed0 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:50:58 2015 -0600 qapi: Support downstream simple unions Enhance the testsuite to cover downstream simple unions, including when a union branch is a downstream name. Update the generator to mangle the union names in the appropriate places. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 83a02706bb1fd31c93eab755de543dfe228682d4 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:50:57 2015 -0600 qapi: Support downstream structs Enhance the testsuite to cover downstream structs, including struct members and base structs. Update the generator to mangle the struct names in the appropriate places. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit fce384b8e5193e02421f6b2c2880f3684abcbdc0 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:50:56 2015 -0600 qapi: Support downstream enums Enhance the testsuite to cover a downstream enum type and enum string. Update the generator to mangle the enum name in the appropriate places. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit c6405b54b7b09a876f2f2fba2aa6f8ac87189cb9 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:50:55 2015 -0600 qapi: Make c_type() consistently convert qapi names Continuing the string of cleanups for supporting downstream names containing '.', this patch focuses on ensuring c_type() can handle a downstream name. This patch alone does not fix the places where generator output should be calling this function but was open-coding things instead, but it gets us a step closer. In particular, the changes to c_list_type() and type_name() mean that type_name(FOO) now handles the case when FOO contains '.', '-', or is a ticklish identifier other than a builtin (builtins are exempted because ['int'] must remain mapped to 'intList' and not 'q_intList'). Meanwhile, ['unix'] now maps to 'q_unixList' rather than 'unixList', to match the fact that 'unix' is ticklish; however, our naming conventions state that complex types should start with a capital, so no type name following conventions will ever have the 'q_' prepended. Likewise, changes to c_type() mean that c_type(FOO) properly handles an enum or complex type FOO with '.' or '-' in the name, or is a ticklish identifier (again, a ticklish identifier as a type name violates conventions). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit d557344628e32771f07e5b6a2a818ee3d8e7a65f Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:50:54 2015 -0600 qapi: Tidy c_type() logic c_type() is designed to be called on both string names and on array designations, so 'name' is a bit misleading because it operates on more than strings. Also, no caller ever passes an empty string. Finally, + notation is a bit nicer to read than '%s' % value for string concatenation. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 849bc5382e42b3b9590c6a50ba30c2fd2450308c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu May 14 06:50:53 2015 -0600 qapi: Move camel_to_upper(), c_enum_const() to closely related code Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> commit b42e91484df9772bb0c26aa0f05390a92d564d6f Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu May 14 06:50:52 2015 -0600 qapi: Use c_enum_const() in generate_alternate_qtypes() Missed in commit b0b5819. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> commit 02e20c7e593363c564aae96e3c5bdc58630ce584 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu May 14 06:50:51 2015 -0600 qapi: Simplify c_enum_const() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> commit 7c81c61f9c2274f66ba947eafd9618d60da838a6 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu May 14 06:50:50 2015 -0600 qapi: Rename generate_enum_full_value() to c_enum_const() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> commit fa6068a1e8ef3c878ac9ee2399bb01eeaf61c366 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu May 14 06:50:49 2015 -0600 qapi: Rename _generate_enum_string() to camel_to_upper() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> commit 18df515ebbefa9f13474b128b8050d5fa346ea1e Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:50:48 2015 -0600 qapi: Rename identical c_fun()/c_var() into c_name() Now that the two functions are identical, we only need one of them, and we might as well give it a more descriptive name. Basically, the function serves as the translation from a QAPI name into a (portion of a) C identifier, without regards to whether it is a variable or function name. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 47299262de424af0cb69965d082e5e70b2314183 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu May 14 06:50:47 2015 -0600 qapi: Fix C identifiers generated for names containing '.' c_fun() maps '.' to '_', c_var() doesn't. Nothing prevents '.' in QAPI names that get passed to c_var(). Which QAPI names get passed to c_fun(), to c_var(), or to both is not obvious. Names of command parameters and struct type members get passed to c_var(). c_var() strips a leading '*', but this cannot happen. c_fun() doesn't. Fix c_var() to work exactly like c_fun(). Perhaps they should be replaced by a single mapping function. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> [add 'import string'] Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> commit 777abdfe7bb47e582c8eb87dd6cecdf3fd9f86fc Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon May 11 17:17:49 2015 +0200 doc: fix qmp event type Event name for hot unplug errors was wrong. Make doc match code. Cc: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reported-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 58f88d4b7e9e5578b8dd2c5acfe555b85b35af88 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 8 16:04:22 2015 -0300 qmp: Add qom_path field to query-cpus command This will allow clients to query additional information directly using qom-get on the CPU objects. Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 1eeace9c237a729d11c7acd7c0338ab4562af637 Merge: 4d2d2d8 57af728 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed May 13 16:06:07 2015 +0100 Merge remote-tracking branch 'remotes/agraf/tags/signed-s390-for-upstream' into staging Patch queue for s390 - 2015-05-13 A few TCG fixes for the s390x target. Nothing special, but with these applied I can run most of the SLE12 binaries in Linux-user emulation. # gpg: Signature made Wed May 13 13:49:25 2015 BST using RSA key ID 03FEDC60 # gpg: Good signature from "Alexander Graf <agraf@xxxxxxx>" # gpg: aka "Alexander Graf <alex@xxxxxxxxx>" * remotes/agraf/tags/signed-s390-for-upstream: s390x: Add interlocked access facility 1 instructions s390x: Add some documentation in opcode list s390x: Fix stoc direction Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4d2d2d8b21779d7becbdffd7cd7983a7ccb55b54 Merge: 968bb75 e907746 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed May 13 13:57:44 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-cve-pull-request' into staging # gpg: Signature made Wed May 13 12:52:19 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/ide-cve-pull-request: fdc: force the fifo access to be in bounds of the allocated buffer Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 57af7289f276ce70b65f2fbb4981833f04264aac Author: Alexander Graf <agraf@xxxxxxx> Date: Fri May 8 03:07:53 2015 +0200 s390x: Add interlocked access facility 1 instructions We're currently missing all instructions defined by the "interlocked-access facility 1" which is part of zEC12. This patch implements all of them except for LPD and LPDG. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit 13f67dd5825a7dfd7a4904a5fb0cf0a3f95d2d45 Author: Alexander Graf <agraf@xxxxxxx> Date: Fri May 8 03:06:41 2015 +0200 s390x: Add some documentation in opcode list I find it really hard to grasp what each field in the opcode list means. Slowly walking through its semantics myself, I figured I'd write a small summary at the top of the file to make life easier for me and whoever looks at the file next. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit c095ed731ce4fecf166e4ac02ddc606b408f5e1f Author: Alexander Graf <agraf@xxxxxxx> Date: Wed Apr 15 03:45:41 2015 +0200 s390x: Fix stoc direction The store conditional instruction wants to store when the condition is fulfilled, so we should branch out when it's not true. The code today branches out when the condition is true, clearly reversing the logic. Fix it up by negating the condition. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit e907746266721f305d67bc0718795fedee2e824c Author: Petr Matousek <pmatouse@xxxxxxxxxx> Date: Wed May 6 09:48:59 2015 +0200 fdc: force the fifo access to be in bounds of the allocated buffer During processing of certain commands such as FD_CMD_READ_ID and FD_CMD_DRIVE_SPECIFICATION_COMMAND the fifo memory access could get out of bounds leading to memory corruption with values coming from the guest. Fix this by making sure that the index is always bounded by the allocated memory. This is CVE-2015-3456. Signed-off-by: Petr Matousek <pmatouse@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 968bb75c348a401b85e08d5eb1887a3e6c3185f5 Merge: 19fbe50 5ae79fe Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 12 12:11:32 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150512' into staging target-arm queue: * Support TZ and grouping in the GIC * hw/sd: sd_reset cleanup * armv7m_nvic: fix bug in systick device # gpg: Signature made Tue May 12 12:02:26 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150512: hw/arm/highbank.c: Wire FIQ between CPU <> GIC hw/arm/vexpress.c: Wire FIQ between CPU <> GIC hw/arm/virt.c: Wire FIQ between CPU <> GIC hw/intc/arm_gic: Add grouping support to gic_update() hw/intc/arm_gic: Change behavior of IAR writes hw/intc/arm_gic: Change behavior of EOIR writes hw/intc/arm_gic: Handle grouping for GICC_HPPIR hw/intc/arm_gic: Restrict priority view hw/intc/arm_gic: Implement Non-secure view of RPR hw/intc/arm_gic: Make ICCICR/GICC_CTLR banked hw/intc/arm_gic: Make ICCBPR/GICC_BPR banked hw/intc/arm_gic: Make ICDDCR/GICD_CTLR banked hw/intc/arm_gic_kvm.c: Save and restore GICD_IGROUPRn state hw/intc/arm_gic: Add Interrupt Group Registers hw/intc/arm_gic: Switch to read/write callbacks with tx attributes hw/intc/arm_gic: Add Security Extensions property hw/intc/arm_gic: Create outbound FIQ lines hw/sd: Don't pass BlockBackend to sd_reset() armv7m_nvic: systick: Reload the RELOAD value and count down only if ENABLE bit is set Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5ae79fe825bedc89db8b6bde9d0ed0bb5d59558c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 12 11:57:19 2015 +0100 hw/arm/highbank.c: Wire FIQ between CPU <> GIC Connect FIQ output of the GIC CPU interfaces to the CPUs. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-18-git-send-email-peter.maydell@xxxxxxxxxx commit 27192e390d064489dcb23d5fcceb21cabf86d789 Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:18 2015 +0100 hw/arm/vexpress.c: Wire FIQ between CPU <> GIC Connect FIQ output of the GIC CPU interfaces to the CPUs. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-17-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-3-git-send-email-greg.bellows@xxxxxxxxxx [PMM: minor format tweak] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8e7b4ca08b968c9e195bcae9c6cb827c8564871a Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Tue May 12 11:57:18 2015 +0100 hw/arm/virt.c: Wire FIQ between CPU <> GIC Connect FIQ output of the GIC CPU interfaces to the CPUs. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-16-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-4-git-send-email-greg.bellows@xxxxxxxxxx [PMM: minor format tweak] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dadbb58f5955053c5f5dc2252a4b183f90d7bfce Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 12 11:57:18 2015 +0100 hw/intc/arm_gic: Add grouping support to gic_update() Add support to gic_update() for determining the current IRQ and FIQ status when interrupt grouping is supported. This simply requires that instead of always raising IRQ we check the group of the highest priority pending interrupt and the GICC_CTLR.FIQEn bit to see whether we should raise IRQ or FIQ. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1430502643-25909-15-git-send-email-peter.maydell@xxxxxxxxxx commit c5619bf9e8935aeb972c0bd935549e9ee0a739f2 Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:18 2015 +0100 hw/intc/arm_gic: Change behavior of IAR writes Grouping (GICv2) and Security Extensions change the behavior of IAR reads. Acknowledging Group0 interrupts is only allowed from Secure state and acknowledging Group1 interrupts from Secure state is only allowed if AckCtl bit is set. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-14-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-14-git-send-email-greg.bellows@xxxxxxxxxx [PMM: simplify significantly by reusing the existing gic_get_current_pending_irq() rather than reimplementing the same logic here] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f9c6a7f1395c6d88a3bb1a0cb48811994709966e Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:18 2015 +0100 hw/intc/arm_gic: Change behavior of EOIR writes Grouping (GICv2) and Security Extensions change the behavior of EOIR writes. Completing Group0 interrupts is only allowed from Secure state. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-13-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-13-git-send-email-greg.bellows@xxxxxxxxxx [PMM: Rather than go to great lengths to ignore the UNPREDICTABLE case of a Secure EOI of a Group1 (NS) irq with AckCtl == 0, we just let it fall through; add a comment about it.] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7c0fa108d918ab818e49c4588ab290004d6b532e Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:18 2015 +0100 hw/intc/arm_gic: Handle grouping for GICC_HPPIR Grouping (GICv2) and Security Extensions change the behaviour of reads of the highest priority pending interrupt register (ICCHPIR/GICC_HPPIR). Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-12-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-12-git-send-email-greg.bellows@xxxxxxxxxx [PMM: make utility fn static; coding style fixes; AckCtl has an effect for GICv2 without security extensions as well; removed checks on enable bits because these are done when we set current_pending[cpu]] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8150847061f8d2606101bfff77cc6ec86b081ab0 Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:17 2015 +0100 hw/intc/arm_gic: Restrict priority view GICs with Security Extensions restrict the non-secure view of the interrupt priority and priority mask registers. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-11-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-15-git-send-email-greg.bellows@xxxxxxxxxx [PMM: minor code tweaks; fixed missing masking in gic_set_priority_mask and gic_set_priority] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 08efa9f2d1bb27d64fbedcc2879ca45ae6832c20 Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:17 2015 +0100 hw/intc/arm_gic: Implement Non-secure view of RPR For GICs with Security Extensions Non-secure reads have a restricted view on the current running priority. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-10-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-11-git-send-email-greg.bellows@xxxxxxxxxx [PMM: make function static, minor comment tweak] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 32951860834f09d1c1a0b81d8d7d5529e2d0e074 Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:17 2015 +0100 hw/intc/arm_gic: Make ICCICR/GICC_CTLR banked ICCICR/GICC_CTLR is banked in GICv1 implementations with Security Extensions or in GICv2 in independent from Security Extensions. This makes it possible to enable forwarding of interrupts from the CPU interfaces to the connected processors for Group0 and Group1. We also allow to set additional bits like AckCtl and FIQEn by changing the type from bool to uint32. Since the field does not only store the enable bit anymore and since we are touching the vmstate, we use the opportunity to rename the field to cpu_ctlr. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-9-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-9-git-send-email-greg.bellows@xxxxxxxxxx [PMM: rewrote to store state in a single uint32_t rather than keeping the NS and S banked variants separate; this considerably simplifies the get/set functions] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 822e9cc310484f77e0b1c16fbef763a5d0eec80a Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:17 2015 +0100 hw/intc/arm_gic: Make ICCBPR/GICC_BPR banked This register is banked in GICs with Security Extensions. Storing the non-secure copy of BPR in the abpr, which is an alias to the non-secure copy for secure access. ABPR itself is only accessible from secure state if the GIC implements Security Extensions. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-8-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-10-git-send-email-greg.bellows@xxxxxxxxxx [PMM: rewrote to fix style issues and correct handling of GICv2 without security extensions] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 679aa175e84f5f80b32b307fce5a6b92729e0e61 Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:17 2015 +0100 hw/intc/arm_gic: Make ICDDCR/GICD_CTLR banked ICDDCR/GICD_CTLR is banked if the GIC has the security extensions, and the S (or only) copy has separate enable bits for Group0 and Group1 enable if the GIC implements interrupt groups. EnableGroup0 (Bit [1]) in GICv1 is architecturally IMPDEF. Since this bit (Enable Non-secure) is present in the integrated GIC of the Cortex-A9 MPCore, we support this bit in our GICv1 implementation too. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-7-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-8-git-send-email-greg.bellows@xxxxxxxxxx [PMM: rewritten to store the state in a single s->ctlr uint32, with the NS register handled as an alias of bit 1 in that value; added vmstate version bump] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit eb8b9530b0c618d4f2e728eae10d89239d35b0c0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 12 11:57:17 2015 +0100 hw/intc/arm_gic_kvm.c: Save and restore GICD_IGROUPRn state Now that the GIC base class has state fields for the GICD_IGROUPRn registers, make kvm_arm_gic_get() and kvm_arm_gic_put() write and read them. This allows us to remove the check that made us fail migration if the guest had set any of the group register bits. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-6-git-send-email-peter.maydell@xxxxxxxxxx commit c27a5ba94874cb3a29e21b3ad4bd5e504aea93b2 Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:17 2015 +0100 hw/intc/arm_gic: Add Interrupt Group Registers The Interrupt Group Registers allow the guest to configure interrupts into one of two groups, where Group0 are higher priority and may be routed to IRQ or FIQ, and Group1 are lower priority and always routed to IRQ. (In a GIC with the security extensions Group0 is Secure interrupts and Group 1 is NonSecure.) The GICv2 always supports interrupt grouping; the GICv1 does only if it implements the security extensions. This patch implements the ability to read and write the registers; the actual functionality the bits control will be added in a subsequent patch. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-5-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-7-git-send-email-greg.bellows@xxxxxxxxxx [PMM: bring GIC_*_GROUP macros into line with the others, ie a simple SET/CLEAR/TEST rather than GROUP0/GROUP1; utility gic_has_groups() function; minor style fixes; bump vmstate version] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a9d853533cc1a27dc09b10c7ab89677f9c5dd8f4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 12 11:57:16 2015 +0100 hw/intc/arm_gic: Switch to read/write callbacks with tx attributes Switch the GIC's MMIO callback functions to the read_with_attrs and write_with_attrs functions which provide MemTxAttrs. This will allow the GIC to correctly handle secure and nonsecure register accesses. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1430502643-25909-4-git-send-email-peter.maydell@xxxxxxxxxx commit 5543d1abb6e218a9d3b8887b777fd3947c86c4cf Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:16 2015 +0100 hw/intc/arm_gic: Add Security Extensions property Add a QOM property which allows the GIC Security Extensions to be enabled. These are an optional part of the GICv1 and GICv2 architecture. This commit just adds the property and some sanity checks that it is only enabled on GIC revisions that support it. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-3-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-5-git-send-email-greg.bellows@xxxxxxxxxx [PMM: changed property name, added checks that it isn't set for older GIC revisions or if using the KVM VGIC; reworded commit message] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 44f552964714a41ccd41b5e8ac4cbd2478249db1 Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:16 2015 +0100 hw/intc/arm_gic: Create outbound FIQ lines Create the outbound FIQ lines from the GIC to the CPUs; these are used if the GIC has security extensions or grouping support. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-2-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-2-git-send-email-greg.bellows@xxxxxxxxxx [PMM: added FIQ lines to kvm-arm-gic so its interface is the same; tweaked commit message] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 16b781aaef69c90d5f4f5456615f0c26a4f45740 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 12 11:57:16 2015 +0100 hw/sd: Don't pass BlockBackend to sd_reset() The only valid BlockBackend to pass to sd_reset() is the one for the SD card, which is sd->blk. Drop the second argument from this function in favour of having it just use sd->blk. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-id: 1430683444-9797-1-git-send-email-peter.maydell@xxxxxxxxxx commit 165cdaf857dc850f676fff0b5b873a51865baa9c Author: Adrian Huang <adrianhuang0701@xxxxxxxxx> Date: Tue May 12 11:57:16 2015 +0100 armv7m_nvic: systick: Reload the RELOAD value and count down only if ENABLE bit is set Consider the following pseudo code to configure SYSTICK (The recommended programming sequence from "the definitive guide to the arm cortex-m3"): SYSTICK Reload Value Register = 0xffff SYSTICK Current Value Register = 0 SYSTICK Control and Status Register = 0x7 The pseudo code "SYSTICK Current Value Register = 0" leads to invoking systick_reload(). As a consequence, the systick.tick member is updated and the systick timer starts to count down when the ENABLE bit of SYSTICK Control and Status Register is cleared. The worst case is that: during the system initialization, the reset value of the SYSTICK Control and Status Register is 0x00000000. When the code "SYSTICK Current Value Register = 0" is executed, the systick.tick member is accumulated with "(s->systick.reload + 1) * systick_scale(s)". The systick_scale() gets the external_ref_clock scale because the CLKSOURCE bit of the SYSTICK Control and Status Register is cleared. This is the incorrect behavior because of the code "SYSTICK Control and Status Register = 0x7". Actually, we want the processor clock instead of the external reference clock. This incorrect behavior defers the generation of the first interrupt. The patch fixes the above-mentioned issue by setting the systick.tick member and modifying the systick timer only if the ENABLE bit of the SYSTICK Control and Status Register is set. In addition, the Cortex-M3 Devices Generic User Guide mentioned that "When ENABLE is set to 1, the counter loads the RELOAD value from the SYST RVR register and then counts down". This patch adheres to the statement of the user guide. Signed-off-by: Adrian Huang <adrianhuang0701@xxxxxxxxx> Reviewed-by: Jim Huang <jserv.tw@xxxxxxxxx> [PMM: minor tweak to comment text] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 19fbe5084c1da6af95177c86e4cab64241d479a8 Merge: 704eb1c 7db161f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 12 10:40:31 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Mon May 11 16:25:58 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: rocker: timestamp on the debug logs helps correlate with events in the VM MAINTAINERS: add rocker rocker: add tests rocker: add new rocker switch device pci: add network device class 'other' for network switches pci: add rocker device ID rocker: add register programming guide virtio-net: use qemu_mac_strdup_printf net: add MAC address string printer Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 704eb1c09963149db4a3407d5ba173ba2a9244bb Merge: 0403b0f 1ceca07 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 12 09:01:51 2015 +0100 Merge remote-tracking branch 'remotes/qmp-unstable/tags/for-upstream' into staging QMP pull request # gpg: Signature made Mon May 11 14:15:19 2015 BST using RSA key ID E24ED5A7 # gpg: Good signature from "Luiz Capitulino <lcapitulino@xxxxxxxxx>" * remotes/qmp-unstable/tags/for-upstream: scripts: qmp-shell: Add verbose flag scripts: qmp-shell: add transaction subshell scripts: qmp-shell: Expand support for QMP expressions scripts: qmp-shell: refactor helpers MAINTAINERS: New maintainer for QMP and QAPI json-parser: Accept 'null' in QMP qobject: Add a special null QObject qobject: Clean up around qtype_code QJSON: Use OBJECT_CHECK Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0403b0f539f40a21da60409b825b4653b273ab39 Merge: 266745c bc1f7c4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon May 11 16:21:50 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging pc, virtio enhancements Memory hot-unplug support for pc, MSI-X mapping update speedup for virtio-pci, misc refactorings and bugfixes. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Mon May 11 08:23:43 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: (28 commits) acpi: update expected files for memory unplug virtio-scsi: Move DEFINE_VIRTIO_SCSI_FEATURES to virtio-scsi virtio-net: Move DEFINE_VIRTIO_NET_FEATURES to virtio-net pci: Merge pci_nic_init() into pci_nic_init_nofail() acpi: add a missing backslash to the \_SB scope. qmp-event: add event notification for memory hot unplug error acpi: add hardware implementation for memory hot unplug acpi: fix "Memory device control fields" register acpi: extend aml_field() to support UpdateRule acpi, mem-hotplug: add unplug cb for memory device acpi, mem-hotplug: add unplug request cb for memory device acpi, mem-hotplug: add acpi_memory_slot_status() to get MemStatus docs: update documentation for memory hot unplug virtio: coding style tweak pci: remove hard-coded bar size in msix_init_exclusive_bar() virtio-pci: speedup MSI-X masking and unmasking virtio: introduce vector to virtqueues mapping virtio-ccw: using VIRTIO_NO_VECTOR instead of 0 for invalid virtqueue monitor: check return value of qemu_find_net_clients_except() monitor: replace the magic number 255 with MAX_QUEUE_NUM ... Conflicts: hw/s390x/s390-virtio-bus.c [PMM: fixed conflict in s390_virtio_scsi_properties and s390_virtio_net_properties arrays; since the result of the two conflicting patches is to empty the property arrays completely, the conflict resolution is to remove them entirely.] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 266745cacb848d7cd0ae8889ae262e8718ace4d4 Merge: 9ad2c8c 3446a11 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon May 11 15:07:12 2015 +0100 Merge remote-tracking branch 'remotes/bkoppelmann/tags/pull-tricore-20150511' into staging TriCore bugfixes # gpg: Signature made Mon May 11 13:26:40 2015 BST using RSA key ID 6B69CA14 # gpg: Good signature from "Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx>" * remotes/bkoppelmann/tags/pull-tricore-20150511: target-tricore: fix rfe not restoring the PC target-tricore: fix rslcx restoring the upper context instead of the lower target-tricore: fix BO_OFF10_SEXT calculating the wrong offset target-tricore: fix SLR_LD_W and SLR_LD_W_POSTINC insn being a 2 byte memory access insted of 4 target-tricore: Fix LOOP using wrong register for compare Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7db161f6dd144760b2912026d992837ef80ca7e7 Author: David Ahern <dsahern@xxxxxxxxx> Date: Fri Mar 13 21:09:33 2015 -0700 rocker: timestamp on the debug logs helps correlate with events in the VM Signed-off-by: David Ahern <dsahern@xxxxxxxxx> Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: Jiri Pirko <jiri@xxxxxxxxxxx> Message-id: 1426306173-24884-10-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit de24d3f1013dbee65b42f34cb825f056647861a5 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Fri Mar 13 21:09:32 2015 -0700 MAINTAINERS: add rocker Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: Jiri Pirko <jiri@xxxxxxxxxxx> Message-id: 1426306173-24884-9-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 63d2ada2f55a85c3143ecf69a5aeecf6b3f3ffc9 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Fri Mar 13 21:09:31 2015 -0700 rocker: add tests Add some basic test for rocker to test L2/L3/L4 functionality. Requires an external test environment, simp, located here: https://github.com/scottfeldman/simp To run tests, simp environment must be installed and a suitable VM image built and installed with a Linux 3.18 (or greater) kernel with rocker driver support enabled. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Message-id: 1426306173-24884-8-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit dc488f888060afdc129e0cc8812cf50c4c083423 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Fri Mar 13 21:09:30 2015 -0700 rocker: add new rocker switch device Rocker is a simulated ethernet switch device. The device supports up to 62 front-panel ports and supports L2 switching and L3 routing functions, as well as L2/L3/L4 ACLs. The device presents a single PCI device for each switch, with a memory-mapped register space for device driver access. Rocker device is invoked with -device, for example a 4-port switch: -device rocker,name=sw1,len-ports=4,ports[0]=dev0,ports[1]=dev1, \ ports[2]=dev2,ports[3]=dev3 Each port is a netdev and can be paired with using -netdev id=<port name>. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: Jiri Pirko <jiri@xxxxxxxxxxx> Acked-by: Scott Feldman <sfeldma@xxxxxxxxx> Acked-by: Jiri Pirko <jiri@xxxxxxxxxxx> Signed-off-by: David Ahern <dsahern@xxxxxxxxx> Message-id: 1426306173-24884-7-git-send-email-sfeldma@xxxxxxxxx rocker: fix clang compiler errors Consolidate all forward typedef declarations to rocker.h. Signed-off-by: David Ahern <dsahern@xxxxxxxxx> Acked-by: Scott Feldman <sfeldma@xxxxxxxxx> Acked-by: Jiri Pirko <jiri@xxxxxxxxxxx> rocker: add support for flow modification We had support for flow add/del. This adds support for flow mod. I needed this for L3 support where an existing route is modified using NLM_F_REPLACE. For example: ip route add 12.0.0.0/30 nexthop via 11.0.0.1 dev swp1 ip route change 12.0.0.0/30 nexthop via 11.0.0.9 dev swp2 The first cmd adds the route. The second cmd changes the existing route by changing its nexthop info. In the device, a mod operation results in the matching flow enty being modified with the new settings. This is atomic to the device. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit dc407ae8a75d03cf48e114d3812d077fa29a8bd9 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Fri Mar 13 21:09:29 2015 -0700 pci: add network device class 'other' for network switches Rocker is an ethernet switch device, so add 'other' network device class as defined by PCI to cover these types of devices. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: Jiri Pirko <jiri@xxxxxxxxxxx> Message-id: 1426306173-24884-6-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5dcc26371dcc72976777c51f0251127716a59ed8 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Fri Mar 13 21:09:28 2015 -0700 pci: add rocker device ID Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: Jiri Pirko <jiri@xxxxxxxxxxx> Message-id: 1426306173-24884-5-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit bbc53c7e2580264fe2b6ea84bd8f3480bcc7c845 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Fri Mar 13 21:09:27 2015 -0700 rocker: add register programming guide This is the register programming guide for the Rocker device. It's intended for driver writers and device writers. It covers the device's PCI space, the register set, DMA interface, and interrupts. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: Jiri Pirko <jiri@xxxxxxxxxxx> Message-id: 1426306173-24884-4-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b0575ba4a52c9259357af29d842950e978306fa4 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Fri Mar 13 21:09:26 2015 -0700 virtio-net: use qemu_mac_strdup_printf Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1426306173-24884-3-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 890ee6abb385d6508bba7f5273c74a8e43bea6af Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Fri Mar 13 21:09:25 2015 -0700 net: add MAC address string printer We can use this in virtio-net code as well as new Rocker driver code, so up-level this. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1426306173-24884-2-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1ceca07e48ead0dd2e41576c81d40e6a91cafefd Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Apr 29 15:14:04 2015 -0400 scripts: qmp-shell: Add verbose flag Add a verbose flag that shows the QMP command that was constructed, to allow for later copy/pasting, reference, debugging, etc. The QMP is converted from a Python literal to JSON first, to ensure that it is viable input to the actual QMP parser. As a side-effect, this JSON output will helpfully show all the necessary conversions that were performed on the input, illustrating that "True" was transformed back into "true", literal values are now escaped with "" instead of '', and so on. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Tested-by: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 30bd6815efbaf5bae70885feac9a35e149e2f1ad Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Apr 29 15:14:03 2015 -0400 scripts: qmp-shell: add transaction subshell Add a special processing mode to craft transactions. By entering "transaction(" the shell will enter a special mode where each subsequent command will be saved as a transaction instead of executed as an individual command. The transaction can be submitted by entering ")" on a line by itself. Examples: Separate lines: (QEMU) transaction( TRANS> block-dirty-bitmap-add node=drive0 name=bitmap1 TRANS> block-dirty-bitmap-clear node=drive0 name=bitmap0 TRANS> ) With a transaction action included on the first line: (QEMU) transaction( block-dirty-bitmap-add node=drive0 name=bitmap2 TRANS> block-dirty-bitmap-add node=drive0 name=bitmap3 TRANS> ) As a one-liner, with just one transaction action: (QEMU) transaction( block-dirty-bitmap-add node=drive0 name=bitmap0 ) As a side-effect of this patch, blank lines are now parsed as no-ops, regardless of which shell mode you are in. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Tested-by: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 6092c3ecc4bdafee5bf07061be78a4a2cc5a5088 Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Apr 29 15:14:02 2015 -0400 scripts: qmp-shell: Expand support for QMP expressions This includes support for [] expressions, single-quotes in QMP expressions (which is not strictly a part of JSON), and the ability to use "True", "False" and "None" literals instead of JSON's equivalent true, false, and null literals. qmp-shell currently allows you to describe values as JSON expressions: key={"key":{"key2":"val"}} But it does not currently support arrays, which are needed for serializing and deserializing transactions: key=[{"type":"drive-backup","data":{...}}] qmp-shell also only currently accepts doubly quoted strings as-per JSON spec, but QMP allows single quotes. Lastly, python allows you to utilize "True" or "False" as boolean literals, but JSON expects "true" or "false". Expand qmp-shell to allow the user to type either, converting to the correct type. As a consequence of the above, the key=val parsing is also improved to give better error messages if a key=val token is not provided. CAVEAT: The parser is still extremely rudimentary and does not expect to find spaces in {} nor [] expressions. This patch does not improve this functionality. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Tested-by: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit a7430a0badc59bd6295936e06c1869e8fe32649d Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Apr 29 15:14:01 2015 -0400 scripts: qmp-shell: refactor helpers Refactor the qmp-shell command line processing function into two components. This will be used to allow sub-expressions, which will assist us in adding transactional support to qmp-shell. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Tested-by: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 9740618cd2a0ed85b9c1648f05f3066f525f4b2e Author: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Date: Tue May 5 10:39:15 2015 -0400 MAINTAINERS: New maintainer for QMP and QAPI Markus is taking over maintership of QMP and the QAPI from me. Markus has always been a great reviewer and contributor to those subsystems. In the last few months he's also doing pull requests that are a lot more relevant than the ones I was able to do. So, this is a natural move. I'm still the maintainer of HMP and QObjects, but I'm looking for someone to take over those too. PS: This commit also fixes the file listing for the QMP entry. Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit e549e7161f37416ff66971d77d021d30057045ca Author: Eric Blake <eblake@xxxxxxxxxx> Date: Wed Apr 29 15:35:06 2015 -0600 json-parser: Accept 'null' in QMP We document that in QMP, the client may send any json-value for the optional "id" key, and then return that same value on reply (both success and failures, insofar as the failure happened after parsing the id). [Note that the output may not be identical to the input, as whitespace may change and since we may reorder keys within a json-object, but that this still constitutes the same json-value]. However, we were not handling the JSON literal null, which counts as a json-value per RFC 7159. Also, down the road, given the QAPI schema of {'*foo':'str'} or {'*foo':'ComplexType'}, we could decide to allow the QMP client to pass { "foo":null } instead of the current representation of { } where omitting the key is the only way to get at the default NULL value. Such a change might be useful for argument introspection (if a type in older qemu lacks 'foo' altogether, then an explicit "foo":null probe will force an easily distinguished error message for whether the optional "foo" key is even understood in newer qemu). And if we add default values to optional arguments, allowing an explicit null would be required for getting a NULL value associated with an optional string that has a non-null default. But all that can come at a later day. The 'check-unit' testsuite is enhanced to test that parsing produces the same object as explicitly requesting a reference to the special qnull object. In addition, I tested with: $ ./x86_64-softmmu/qemu-system-x86_64 -qmp stdio -nodefaults {"QMP": {"version": {"qemu": {"micro": 91, "minor": 2, "major": 2}, "package": ""}, "capabilities": []}} {"execute":"qmp_capabilities","id":null} {"return": {}, "id": null} {"id":{"a":null,"b":[1,null]},"execute":"quit"} {"return": {}, "id": {"a": null, "b": [1, null]}} {"timestamp": {"seconds": 1427742379, "microseconds": 423128}, "event": "SHUTDOWN"} Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 481b002cc81ed7fc7b06e32e9d4d495d81739d14 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Apr 29 15:35:05 2015 -0600 qobject: Add a special null QObject I'm going to fix the JSON parser to recognize null. The obvious representation of JSON null as (QObject *)NULL doesn't work, because the parser already uses it as an error value. Perhaps we should change it to free NULL for null, but that's more than I can do right now. Create a special null QObject instead. The existing QDict, QList, and QString all represent something that is a pointer in C and could therefore be associated with NULL. But right now, all three of these sub-types are always non-null once created, so the new null sentinel object is intentionally unrelated to them. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit a7c31816288a8f20fc387d69d441413e7a8c9ff1 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Apr 29 15:35:04 2015 -0600 qobject: Clean up around qtype_code QTYPE_NONE is a sentinel value. No QObject has this type code. Document it properly. Fix dump_qobject() to abort() on QTYPE_NONE, just like for any other invalid type code. Fix to_json() to abort() on all invalid type codes, not just QTYPE_MAX. Clean up Property member qtype's type: it's a qtype_code. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 4cf2d837340589155acfda993c51e66eb5800416 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Sat Apr 25 12:28:06 2015 -0300 QJSON: Use OBJECT_CHECK The QJSON code used casts to (QJSON*) directly, instead of OBJECT_CHECK. There were even some functions using object_dynamic_cast() calls followed by assert(), which is exactly what OBJECT_CHECK does (by calling object_dynamic_cast_assert()). Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 9ad2c8cd41a086020e21aa6d616b73bd5e2a800b Merge: b951cda 0caef8f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon May 11 13:54:00 2015 +0100 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-05-09' into staging trivial patches for 2015-05-09 # gpg: Signature made Fri May 8 22:58:42 2015 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-05-09: docs: update BLOCK_IMAGE_CORRUPTED documentation glib-compat.h: change assert to g_assert Remove various unused functions sheepdog: fix resource leak with sd_snapshot_create xhci: remove unused code Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3446a11181c6e8263dbd9c13c28986df4317099e Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Tue May 5 19:41:10 2015 +0200 target-tricore: fix rfe not restoring the PC Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> commit bc72f8aaf23fa11833e0e04c10b5c0e1036c2609 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Tue May 5 19:39:18 2015 +0200 target-tricore: fix rslcx restoring the upper context instead of the lower Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> commit 4959d6b3662d94a5add5811ba1ff5243116b8987 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Tue May 5 19:36:55 2015 +0200 target-tricore: fix BO_OFF10_SEXT calculating the wrong offset The lower part of the combined offset was sign extended and could lead to wrong results. Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> commit 7bd0eaec311d188412123a034abb44595deb7dae Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Fri Apr 3 14:29:22 2015 +0200 target-tricore: fix SLR_LD_W and SLR_LD_W_POSTINC insn being a 2 byte memory access insted of 4 Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> commit 250ef8c76861c756354ed1c67f0a4524e5339369 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Tue Dec 9 16:04:46 2014 +0000 target-tricore: Fix LOOP using wrong register for compare Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> commit b951cda21d6b232f138ccf008e12bce8ddc95465 Merge: ec62ad1 ca44148 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon May 11 12:01:09 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging - build bugfix from Fam and new configure check from Emilio - two improvements to "info mtere" from Gerd - KVM support for memory transaction attributes - one more small step towards unlocked MMIO dispatch - one piece of the qemu-nbd errno fixes - trivial-ish patches from Denis and Thomas # gpg: Signature made Fri May 8 13:47:29 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: qemu-nbd: only send a limited number of errno codes on the wire rules.mak: Force CFLAGS for all objects in DSO configure: require __thread support exec: move rcu_read_lock/unlock to address_space_translate callers kvm: add support for memory transaction attributes mtree: also print disabled regions mtree: tag & indent a bit better apic_common: improve readability of apic_reset_common kvm: Silence warning from valgrind Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ec62ad1e27ffd1f7ff2172a916d161cc385e73bd Merge: 4ae740c 1271f7f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon May 11 10:43:08 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-gtk-20150508-1' into staging gtk: add ui_info support, cleanups + fixes. # gpg: Signature made Fri May 8 12:47:04 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-gtk-20150508-1: gtk: update mouse position in mouse_set() gtk: create gtk.h gtk: add ui_info support console: add dpy_ui_info_supported console: delayed ui_info guest notification Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4ae740cc0e4a123047b40c373e699e28031d420e Merge: fc85cf4 ca5a21c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon May 11 09:42:20 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20150508-1' into staging usb: qomify, bugfixes for xhci & uhci. # gpg: Signature made Fri May 8 12:39:28 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-usb-20150508-1: uhci: controller is halted after reset usb: usb-serial QOMify usb: usb-redir QOMify usb: usb-wacom-tablet QOMify usb: usb-uas QOMify usb: usb-storage QOMify usb: usb-ccid QOMify usb: usb-net QOMify usb-mtp: fix segmentation fault usb: usb-mtp QOMify usb: usb-hub QOMify usb: usb-hid QOMify usb: usb-bt QOMify usb: usb-audio QOMify uhci: QOMify xhci: fix events for setup trb. Revert "xhci: generate a Transfer Event for each Transfer TRB with the IOC bit set" xhci: set timer to retry xfers usb: fix usb-net segfault Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bc1f7c4c915a7c727741c4d27a2795e1039eacd3 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon May 11 09:21:37 2015 +0200 acpi: update expected files for memory unplug commit c06b2ffb02bfcc642c67300d2c4dffd5aa54932b acpi: add hardware implementation for memory hot unplug Changed both the DSDT and the SSDT. Update the expected files accordingly. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fc85cf4a8199a657fdfd5fb902f1835973406454 Merge: f8340b3 3cda44f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun May 10 21:40:54 2015 +0100 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20150508' into staging Assorted s390x patches: - updates for virtio-ccw and s390-virtio, making them more similar to virtio-pci - improvements regarding per-vcpu interrupts and migration # gpg: Signature made Fri May 8 09:45:09 2015 BST using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20150508: s390x/kvm: migrate vcpu interrupt state s390x: move fpu regs into a subsection of the vmstate s390x/kvm: use ioctl KVM_S390_IRQ for vcpu interrupts virtio-ccw: implement ->device_plugged virtio-ccw: change realization sequence s390-virtio: clear {used,avail}_event_idx on reset as well s390-virtio: use common features s390-virtio: Accommodate guests using virtqueues too early Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ca4414804114fd0095b317785bc0b51862e62ebb Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu May 7 17:25:10 2015 +0200 qemu-nbd: only send a limited number of errno codes on the wire Right now, NBD includes potentially platform-specific error values in the wire protocol. Luckily, most common error values are more or less universal: in particular, of all errno values <= 34 (up to ERANGE), they are all the same on supported platforms except for 11 (which is EAGAIN on Windows and Linux, but EDEADLK on Darwin and the *BSDs). So, in order to guarantee some portability, only keep a handful of possible error codes and squash everything else to EINVAL. This patch defines a limited set of errno values that are valid for the NBD protocol, and specifies recommendations for what error to return in specific corner cases. The set of errno values is roughly based on the errors listed in the read(2) and write(2) man pages, with some exceptions: - ENOMEM is added for servers that implement copy-on-write or other formats that require dynamic allocation. - EDQUOT is not part of the universal set of errors; it can be changed to ENOSPC on the wire format. - EFBIG is part of the universal set of errors, but it is also changed to ENOSPC because it is pretty similar to ENOSPC or EDQUOT. Incoming values will in general match system errno values, but not on the Hurd which has different errno values (they have a "subsystem code" equal to 0x10 in bits 24-31). The Hurd is probably not something to which QEMU has been ported, but still do the right thing and reverse-map the NBD errno values to the system errno values. The corresponding patch to the NBD protocol description can be found at http://article.gmane.org/gmane.linux.drivers.nbd.general/3154. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d24697e1824467f3921c84a94f011f43d6466403 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu May 7 14:55:15 2015 +0800 rules.mak: Force CFLAGS for all objects in DSO Because of the trick of process-archive-undefs, all .mo objects, even with --enable-modules, are dependencies of executables. This breaks CFLAGS propogation because the compiling of module object will happen too early before building for DSO. With GCC 5, the linking would fail because .o doesn't have -fPIC. Also, BUILD_DSO will be missed. (module-common.o will have it, so the stamp symbol was still liked in .so). Fix the problem by forcing the CFLAGS on individual .o-cflags during unnest-vars. Reported-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx # 2.3 Message-Id: <1430981715-31465-1-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0caef8f6df4a9426bd6333ab843ce51ce005d7d0 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Thu May 7 17:58:26 2015 +0300 docs: update BLOCK_IMAGE_CORRUPTED documentation Label the "size" and "offset" fields in BLOCK_IMAGE_CORRUPTED as optional, and clarify that the latter refers to the host's offset into the image. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f20f2a1f339b99f5b840367236ddce9d9736247c Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Thu May 7 13:38:02 2015 +0300 glib-compat.h: change assert to g_assert include/glib-compat.h defines a bunch of functions based on glib primitives, and uses assert() without including assert.h. Replace assert() with g_assert() to make the file more self-contained, and to fix compilation breakage after 28507a415a9b1e. Reported-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> Tested-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> commit ac9541579eb95b0b8c93ca58d0a074e1f22cd55a Author: Thomas Huth <huth@xxxxxxxxxxxxx> Date: Sun May 3 10:47:22 2015 +0200 Remove various unused functions The functions tpm_backend_thread_tpm_reset() and iothread_find() are completely unused, let's remove them. Signed-off-by: Thomas Huth <huth@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 973a8529c54f9e4410a0e4a18ca1dcb2b085ca7e Author: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Date: Tue May 5 09:48:03 2015 +0800 sheepdog: fix resource leak with sd_snapshot_create Signed-off-by: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit e5a88b0cf3c902d6e9b342a90f0a4a4d5d954f7a Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue Apr 28 17:11:03 2015 +0800 xhci: remove unused code Value from xfer->packet.ep is assigned to ep here, but that stored value is not used before it is overwritten. Remove it. Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ca5a21c40d95d7a4e26ea0a304fd2cd8ad4e6ae1 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu May 7 09:24:00 2015 +0200 uhci: controller is halted after reset ... and the status register should say so. Fixes "usbus0: controller did not stop" error printed by freebsd. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit cdf0d7694d877f19936d7404fd10b580f6e9a9b1 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:36 2015 +0800 usb: usb-serial QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit d371cbc778e1868b18faa8d6764602b1f4806100 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:35 2015 +0800 usb: usb-redir QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 924e567e1e6641f4af7e927f9c420cc7b4464073 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:34 2015 +0800 usb: usb-wacom-tablet QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 0b06d099b0ab9b055414508ca55133b200d675f8 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:33 2015 +0800 usb: usb-uas QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 79e2590cbf9887a99a65d2aa62da78c6dfd9cdb8 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:32 2015 +0800 usb: usb-storage QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 61b4887b41b270bc837ead57bc502d904af023bb Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:31 2015 +0800 usb: usb-ccid QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit fe47db72210dc17b794954f978ef1d1236cbeb72 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:30 2015 +0800 usb: usb-net QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e60baebd409d547292c778d599111ea1623dd4b5 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:29 2015 +0800 usb-mtp: fix segmentation fault When x-root property not be configured, will cause segfault because of null pointer accessing. Add a check for s->root property avoid segfault. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 7c03a899e6e4030a88bd42c4d494e3a7521806ea Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:28 2015 +0800 usb: usb-mtp QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e81b13ad94803bf13491bb71c8a76a5d7db9ddf1 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:27 2015 +0800 usb: usb-hub QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f56691295e38429bbfe476d57676c53bcb1fd437 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:26 2015 +0800 usb: usb-hid QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit a293e82bbef666f66be733993e276998319568e1 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:25 2015 +0800 usb: usb-bt QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 0389a0b10967b639ac7444453274b910a4b6f2ed Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:24 2015 +0800 usb: usb-audio QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 49184b6253a50385c5e934cc4eb813b79cc956f2 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:23 2015 +0800 uhci: QOMify Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit df0f1692db9236a469496cc09fc7bd5faf31efad Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Apr 28 09:31:44 2015 +0200 xhci: fix events for setup trb. When we find a IOC bit set on a setup trb and therefore queue an event, that should not stop events being generated for following data trbs. So clear the 'reported' flag. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 88dbed3f5946b74cf02c1bb0082b8c50037720ea Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Apr 28 09:19:35 2015 +0200 Revert "xhci: generate a Transfer Event for each Transfer TRB with the IOC bit set" This makes xhci generate multiple short packet events in case of multi-trb transfers. Which is wrong. We need to fix this in a different way. This reverts commit aa6857891df614c620e6e9fc4bc4af6e0e49cafd. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 4e8cfbe1143d8384387595b500212d7a7f11aeae Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Apr 28 09:19:14 2015 +0200 xhci: set timer to retry xfers Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 278412d0e710e2e848c6e510f8308e5b1ed4d03e Author: Michal Kazior <michal.kazior@xxxxxxxxx> Date: Wed Apr 29 11:34:59 2015 +0000 usb: fix usb-net segfault The dev->config pointer isn't set until guest system initializes usb devices (via usb_desc_set_config). However qemu networking can go through some motions prior to that, e.g.: #0 is_rndis (s=0x555557261970) at hw/usb/dev-network.c:653 #1 0x000055555585f723 in usbnet_can_receive (nc=0x55555641e820) at hw/usb/dev-network.c:1315 #2 0x000055555587635e in qemu_can_send_packet (sender=0x5555572660a0) at net/net.c:470 #3 0x0000555555878e34 in net_hub_port_can_receive (nc=0x5555562d7800) at net/hub.c:101 #4 0x000055555587635e in qemu_can_send_packet (sender=0x5555562d7980) at net/net.c:470 #5 0x000055555587dbca in tap_can_send (opaque=0x5555562d7980) at net/tap.c:172 The command to reproduce most reliably was: qemu-system-i386 -usb -device usb-net,vlan=0 -net tap,vlan=0 This wasn't strictly a problem with tap. Other networking endpoints (vde, user) could trigger this problem as well. Fixes: https://bugs.launchpad.net/qemu/+bug/1050823 Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Michal Kazior <michal.kazior@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 768b7855c86c4f46b605183ae9451e9af64ca288 Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Wed Apr 29 13:09:02 2015 +0200 configure: require __thread support The codebase doesn't build without __thread support. Formalise this requirement by adding a check for it in the configure script. Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3cda44f7bae5c9feddc11630ba6eecb2e3bed425 Author: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Date: Mon Mar 2 17:44:24 2015 +0100 s390x/kvm: migrate vcpu interrupt state This patch adds support to migrate vcpu interrupts. We use ioctl KVM_S390_GET_IRQ_STATE and _SET_IRQ_STATE to get/set the complete interrupt state for a vcpu. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 46c804def4bda2491c546e8e33b86fe4981e4b68 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Mon Mar 30 13:22:47 2015 +0200 s390x: move fpu regs into a subsection of the vmstate Let's move the floating point registers into a seperate subsection and bump up the version id. This cleans up the current vmstate and will allow for a future extension with vector registers in a compatible way. This patch is based on a patch from Eric Farman. Reviewed-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 1191c94963f36b3f9631fcd1ec2e9296631b407e Author: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Date: Thu Dec 18 17:38:05 2014 +0100 s390x/kvm: use ioctl KVM_S390_IRQ for vcpu interrupts KVM_S390_INT uses only two parameter fields. This is not enough to pass all required information for certain interrupts. A new ioctl KVM_S390_IRQ is available which allows us to inject all local interrupts as defined in the Principles of Operation. It takes a struct kvm_s390_irq as a parameter which can store interrupt payload data for all interrupts. Let's use the new ioctl for injecting vcpu interrupts. Tested-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit fb846a094fdee7bb6a88b48aeed0d97a8080a20d Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Apr 21 16:36:56 2015 +0200 virtio-ccw: implement ->device_plugged Let's move operations that are only valid after the backend has been realized to a ->device_plugged callback, just as virtio-pci does. Also reorder setting up the host feature bits to the sequence used by virtio-pci. While we're at it, also add a ->device_unplugged callback to stop ioeventfd, just to be on the safe side. Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Message-Id: <1429627016-30656-3-git-send-email-cornelia.huck@xxxxxxxxxx> commit 1fa755234e24697cc76f326782edbb09bd0a3a53 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Apr 21 16:36:55 2015 +0200 virtio-ccw: change realization sequence virtio-ccw has an odd sequence of realizing devices: first the device-specific relization (net, block, ...), then the generic realization. It feels less odd to have the generic realization callback trigger the device-specific realization instead (and this also matches what virtio-pci does). One thing to note: We need to defer initializing the cu model in the sense id data until after the device-specific realization has been performed, as we need to refer to the virtio device's device_id. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Message-Id: <1429627016-30656-2-git-send-email-cornelia.huck@xxxxxxxxxx> commit 77ae0b2a6e731ab7b97e9fae401c579397edb31c Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Mon May 4 15:27:25 2015 +0200 s390-virtio: clear {used,avail}_event_idx on reset as well The old s390-virtio transport clears the vring used/avail indices in the shared area on reset. When we enabled event_idx for virtio-blk, we noticed that this is not enough: We also need to clear the published used/avail event indices, or reboot will fail. Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit f50616a81b7f88a9adac16f3ea0236311a748eca Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Wed Apr 29 15:30:58 2015 +0200 s390-virtio: use common features We used to avoid enabling event_idx for virtio-blk devices via s390-virtio, but we now have a workaround in place for guests trying to use the device before setting DRIVER_OK. Therefore, let's add DEFINE_VIRTIO_COMMON_FEATURES to the base device so all devices get those common features - and make s390-virtio use the same mechanism as the other transports do. Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit cb927b8aee7c3993a43cb829f7341071f873857b Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Thu Apr 30 17:53:13 2015 +0200 s390-virtio: Accommodate guests using virtqueues too early Feature updates are not a synchronuous operation for the legacy s390-virtio transport. This transport syncs the guest feature bits (those from finalize) on the set_status hypercall. Before that qemu thinks that features are zero, which means QEMU will misbehave, e.g. it will not write the event index, even if the guest asks for it. Let's detect the case where a kick happens before the driver is ready and force sync the features. With this workaround, it is now safe to switch to the common feature bit handling code as used by all other transports. Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit f8340b360b9bc29d48716ba8aca79df2b9544979 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Wed Sep 10 18:33:58 2014 +1000 hw/ptimer: Do not artificially limit timers when using icount Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 838686357b1a175e9a32569700a153b207a9e10f Merge: 38003ae 362ba4e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu May 7 18:22:03 2015 +0100 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20150507-1' into staging migration/next for 20150507 # gpg: Signature made Thu May 7 17:42:19 2015 BST using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20150507-1: migration: Fix migration state update issue migration: avoid divide by zero in xbzrle cache miss rate migration: Add hmp interface to set and query parameters migration: Add qmp commands to set and query parameters migration: Use an array instead of 3 parameters migration: Add interface to control compression migration: Add the core code for decompression migration: Make compression co-work with xbzrle migration: Add the core code of multi-thread compression migration: Split save_zero_page from ram_save_page arch_init: Add and free data struct for decompression arch_init: Alloc and free data struct for compression qemu-file: Add compression functions to QEMUFile migration: Add the framework of multi-thread decompression migration: Add the framework of multi-thread compression docs: Add a doc about multiple thread compression Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 362ba4e3ee801e8f5e28d72d0009547384222927 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Fri May 8 02:31:22 2015 +0800 migration: Fix migration state update issue If live migration is very fast and can be completed in 1 second, the dirty_sync_count of MigrationState will not be updated. Then you will see "dirty sync count: 0" in qemu monitor even if the actual dirty sync count is not 0. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr.David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 27ff42e29a1d12e9d9dbc473bbca36a50baf278b Author: Michael Chapman <mike@xxxxxxxxxxxxxxxxx> Date: Wed Apr 15 13:59:14 2015 +1000 migration: avoid divide by zero in xbzrle cache miss rate This bug manifested itself as a VM that could not be resumed by libvirt following a migration: # virsh resume example error: Failed to resume domain example error: internal error: cannot parse json {"return": {"xbzrle-cache": {..., "cache-miss-rate": -nan, ...}, ... } }: lexical error: malformed number, a digit is required after the minus sign. This patch also ensures xbzrle_cache_miss_prev and iterations_prev are cleared at the start of the migration. Signed-off-by: Michael Chapman <mike@xxxxxxxxxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 50e9a629c6c92e73260cd3d7c2e3f5bfd84e47e2 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:29 2015 +0800 migration: Add hmp interface to set and query parameters Add the hmp interface to tune and query the parameters used in live migration. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 85de83231ecde075c6b25897f2e74cd1767880e3 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:28 2015 +0800 migration: Add qmp commands to set and query parameters Add the qmp commands to tune and query the parameters used in live migration. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 43c60a81ba15ea040709be5809a279a4ca59b26b Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:27 2015 +0800 migration: Use an array instead of 3 parameters Put the three parameters related to multiple thread (de)compression into an int array, and use an enum type to index the parameter. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit dde4e694ae576462990b2ce711e62565e085c261 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:26 2015 +0800 migration: Add interface to control compression The multiple compression threads can be turned on/off through qmp and hmp interface before doing live migration. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Dr.David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 68ae113646dc84637359472e89669e5547dc5ee3 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:25 2015 +0800 migration: Add the core code for decompression Implement the core logic of multiple thread decompression, the decompression can work now. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 98f1138902195bd9ab8a753d0ee2cf2a0a88b6e8 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:24 2015 +0800 migration: Make compression co-work with xbzrle Now, multiple thread compression can co-work with xbzrle. when xbzrle is on, multiple thread compression will only work at the first round of RAM data sync. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Dr.David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 20eb617eacf7a0ce76d9dd10ff246d6ae7f0b4e1 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:23 2015 +0800 migration: Add the core code of multi-thread compression Implement the core logic of the multiple thread compression. At this point, multiple thread compression can't co-work with xbzrle yet. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit e2102428c09901788a5e585f32f9e805137f5967 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:22 2015 +0800 migration: Split save_zero_page from ram_save_page Split the function save_zero_page from ram_save_page so that we can reuse it later. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 3caf633dbde8a347cff49e960691c7fa6a82afa1 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:21 2015 +0800 arch_init: Add and free data struct for decompression Define the data structure and variables used to do multiple thread decompression, and add the code to initialize and free them. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Dr.David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 474ddaf6e3aebc470f4665ef4f7ce6578448c6d1 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:20 2015 +0800 arch_init: Alloc and free data struct for compression Define the data structure and variables used to do multiple thread compression, and add the code to initialize and free them. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Dr.David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 44f0eadc338f55d3bffe4fccefb1d4241defa418 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:19 2015 +0800 qemu-file: Add compression functions to QEMUFile qemu_put_compression_data() compress the data and put it to QEMUFile. qemu_put_qemu_file() put the data in the buffer of source QEMUFile to destination QEMUFile. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 3fcb38c223510cf88c6101f5d218ce0840d1354c Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:18 2015 +0800 migration: Add the framework of multi-thread decompression Add the code to create and destroy the multiple threads those will be used to do data decompression. Left some functions empty just to keep clearness, and the code will be added later. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Dr.David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 8706d2d566cbf4bad2c5597bb57358e3d5f5caf0 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:17 2015 +0800 migration: Add the framework of multi-thread compression Add the code to create and destroy the multiple threads those will be used to do data compression. Left some functions empty to keep clearness, and the code will be added later. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Dr.David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 263170e679dfb456f8812a0100073990586cecb5 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:16 2015 +0800 docs: Add a doc about multiple thread compression Give some details about the multiple thread (de)compression and how to use it in live migration. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Dr.David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 38003aee196a96edccd4d64471beb1b67e9b2b17 Merge: 233353e 00c8fa9 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed May 6 11:16:35 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/tcg-next-20150505' into staging size reduction merge # gpg: Signature made Wed May 6 00:21:43 2015 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/tcg-next-20150505: tcg: optimise memory layout of TCGTemp Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1271f7f7c60e0b0a3cc031921008a69dfd53bd34 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Jul 1 19:12:45 2014 +0200 gtk: update mouse position in mouse_set() Without that the next mouse motion event uses the old position as base for relative move calculation, giving wrong results and making your mouse pointer jump around. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit dc7ff344187db6a94294a87d63cf8332e8ed0e6f Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Mar 4 15:37:27 2015 +0100 gtk: create gtk.h Move various gtk bits (includes, data structures) to a header file. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 1301e515eff267d4b8684e74a5b2c1b5cf03f103 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Mar 13 12:47:00 2015 +0100 gtk: add ui_info support Pass new display size to the guest after window resizes. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit b7fb49f0c709a406f79372be397367ff2550373b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Mar 13 12:21:14 2015 +0100 console: add dpy_ui_info_supported Allow ui code to check whenever the emulated display supports display change notifications. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit cf1ecc82ab84dbfb4b6eea02c329bf9c2aa856ec Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Mar 12 12:51:13 2015 +0100 console: delayed ui_info guest notification So we don't flood the guest with display change notifications while the user resizes the window. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 233353ec93e4541fa7ab1c53a922a6d5c2bfce7a Merge: 874e9ae ff55d72 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 5 18:22:12 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-qmp-2015-05-05' into staging drop qapi nested structs # gpg: Signature made Tue May 5 17:40:40 2015 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qmp-2015-05-05: (40 commits) qapi: Check for member name conflicts with a base class qapi: Support (subset of) \u escapes in strings qapi: Tweak doc references to QMP when QGA is also meant qapi: Drop dead visitor code related to nested structs qapi: Drop support for inline nested types qapi: Drop inline nested structs in query-pci qapi: Drop inline nested struct in query-version qapi: Drop tests for inline nested structs qapi: Merge UserDefTwo and UserDefNested in tests qapi: Forbid 'type' in schema qapi: Use 'struct' instead of 'type' in schema qapi: Document 'struct' metatype qapi: Prefer 'struct' over 'type' in generator qapi: More rigorous checking for type safety bypass qapi: Whitelist commands that don't return dictionary qapi: Require valid names qapi: More rigourous checking of types qapi: Add some type check tests qapi: Unify type bypass and add tests qapi: Allow true, false and null in schema json ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ff55d72eaf9628e7d58e7b067b361cdbf789c9f4 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:37 2015 -0600 qapi: Check for member name conflicts with a base class Our type inheritance for both 'struct' and for flat 'union' merges key/value pairs from the base class with those from the type in question. Although the C code currently boxes things so that there is a distinction between which member is referred to, the QMP wire format does not allow passing a key more than once in a single object. Besides, if we ever change the generated C code to not be quite so boxy, we'd want to avoid duplicate member names there, too. Fix a testsuite entry added in an earlier patch, as well as adding a couple more tests to ensure we have appropriate coverage. Ensure that collisions are detected, regardless of whether there is a difference in opinion on whether the member name is optional. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit a7f5966b297330f6492020019544ae87c45d699b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:36 2015 -0600 qapi: Support (subset of) \u escapes in strings The handling of \ inside QAPI strings was less than ideal, and really only worked JSON's \/, \\, \", and our extension of \' (an obvious extension, when you realize we use '' instead of "" for strings). For other things, like '\n', it resulted in a literal 'n' instead of a newline. Of course, at the moment, we really have no use for escaped characters, as QAPI has to map to C identifiers, and we currently support ASCII only for that. But down the road, we may add support for default values for string parameters to a command or struct; if that happens, it would be nice to correctly support all JSON escape sequences, such as \n or \uXXXX. This gets us closer, by supporting Unicode escapes in the ASCII range. Since JSON does not require \OCTAL or \xXX escapes, and our QMP implementation does not understand them either, I intentionally reject it here, but it would be an easy addition if we desired it. Likewise, intentionally refusing the NUL byte means we don't have to worry about C strings being shorter than the qapi input. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 363b4262a10a52f6d7ac1073bab5e6648da4051b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:35 2015 -0600 qapi: Tweak doc references to QMP when QGA is also meant We have more than one qapi schema in use by more than one protocol. Add a new term 'Client JSON Protocol' for use throughout the document, to avoid confusion on whether something refers only to QMP and not QGA. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit a82b982e2bddf7cd7cb490f83643e952e17d4523 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:34 2015 -0600 qapi: Drop dead visitor code related to nested structs Now that we no longer have nested structs to visit, the use of prefix strings is no longer required. Remove the code that is no longer reachable. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 6b5abc7df7ef9aadb3ff0eba6ccf4f1f0181e2e1 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:33 2015 -0600 qapi: Drop support for inline nested types A future patch will be using a 'name':{dictionary} entry in the QAPI schema to specify a default value for an optional argument (see previous commit messages for more details why); but existing use of inline nested structs conflicts with that goal. Now that all commands have been changed to avoid inline nested structs, nuke support for them, and turn it into a hard error. Update the testsuite to reflect tighter parsing rules. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 9fa02cd194a131aca75ab646ece975b6835400e1 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:32 2015 -0600 qapi: Drop inline nested structs in query-pci A future patch will be using a 'name':{dictionary} entry in the QAPI schema to specify a default value for an optional argument (see previous commit message for more details why); but existing use of inline nested structs conflicts with that goal. This patch fixes one of only two commands relying on nested types, by breaking the nesting into an explicit type; it means that the type is now boxed instead of unboxed in C code, but the QMP wire format is unaffected by this change. Prefer the safer g_new0() while making the conversion, and reduce some long lines. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 4752cdbbf330ac7c593a6f337b97a79648f3f878 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:31 2015 -0600 qapi: Drop inline nested struct in query-version A future patch will be using a 'name':{dictionary} entry in the QAPI schema to specify a default value for an optional argument (see previous commit message for more details why); but existing use of inline nested structs conflicts with that goal. This patch fixes one of only two commands relying on nested types, by breaking the nesting into an explicit type; it means that the type is now boxed instead of unboxed in C code, but the QMP wire format is unaffected by this change. Prefer the safer g_new0() while making the conversion. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 6446a592760155bb3e2e248d56bab97a34af0336 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:30 2015 -0600 qapi: Drop tests for inline nested structs A future patch will be using a 'name':{dictionary} entry in the QAPI schema to specify a default value for an optional argument; but existing use of inline nested structs conflicts with that goal. More precisely, a definition in the QAPI schema associates a name with a set of properties: Example 1: { 'struct': 'Foo', 'data': { MEMBERS... } } associates the global name 'Foo' with properties (meta-type struct) and MEMBERS... Example 2: 'mumble': TYPE within MEMBERS... above associates 'mumble' with properties (type TYPE) and (optional false) within type Foo The syntax of example 1 is extensible; if we need another property, we add another name/value pair to the dictionary (such as 'base':TYPE). The syntax of example 2 is not extensible, because the right hand side can only be a type. We have used name encoding to add a property: "'*mumble': 'int'" associates 'mumble' with (type int) and (optional true). Nice, but doesn't scale. So the solution is to change our existing uses to be syntactic sugar to an extensible form: NAME: TYPE --> NAME: { 'type': TYPE, 'optional': false } *ONAME: TYPE --> ONAME: { 'type': TYPE, 'optional': true } This patch fixes the testsuite to avoid inline nested types, by breaking the nesting into explicit types; it means that the type is now boxed instead of unboxed in C code, but makes no difference on the wire (and if desired, a later patch could change the generator to not do so much boxing in C). When touching code to add new allocations, also convert existing allocations to consistently prefer typesafe g_new0 over g_malloc0 when a type name is involved. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit b6fcf32d9b851a83dedcb609091236b97cc4a985 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:29 2015 -0600 qapi: Merge UserDefTwo and UserDefNested in tests In the testsuite, UserDefTwo and UserDefNested were identical structs other than the member names. Reduce code duplication by having just one type, and choose names that also favor reuse. This will also make it easier for a later patch to get rid of inline nested types in QAPI. When touching code related to allocations, convert g_malloc0(sizeof(Type)) to the more typesafe g_new0(Type, 1). Ensure that 'make check-qapi-schema check-unit' still passes. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 3e391d355644b2bff7c9f187759aadb46c6e051f Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:28 2015 -0600 qapi: Forbid 'type' in schema Referring to "type" as both a meta-type (built-in, enum, union, alternate, or struct) and a specific type (the name that the schema uses for declaring structs) is confusing. Finish up the conversion to using "struct" in qapi schema by removing the hack in the generator that allowed 'type'. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 895a2a80e0e054f0d5d3715aa93d10d15e49f9f7 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:27 2015 -0600 qapi: Use 'struct' instead of 'type' in schema Referring to "type" as both a meta-type (built-in, enum, union, alternate, or struct) and a specific type (the name that the schema uses for declaring structs) is confusing. Do the bulk of the conversion to "struct" in qapi schema, with a fairly mechanical: for f in `find -name '*.json'; do sed -i "s/'type'/'struct'/"; done followed by manually filtering out the places where we have a 'type' embedded in 'data'. Then tweak a couple of tests whose output changes slightly due to longer lines. I also verified that the generated files for QMP and QGA (such as qmp-commands.h) are the same before and after, as assurance that I didn't leave in any accidental member name changes. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 3b2a8b85322f3677525a65c0b35deadf45fb704b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:26 2015 -0600 qapi: Document 'struct' metatype Referring to "type" as both a meta-type (built-in, enum, union, alternate, or struct) and a specific type (the name that the schema uses for declaring structs) is confusing. Now that the generator accepts 'struct' as a synonym for 'type', update all documentation to use saner wording. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit fd41dd4eae5f7ea92f10c04cb3f217727fcee91f Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:25 2015 -0600 qapi: Prefer 'struct' over 'type' in generator Referring to "type" as both a meta-type (built-in, enum, union, alternate, or struct) and a specific type (the name that the schema uses for declaring structs) is confusing. The confusion is only made worse by the fact that the generator mostly already refers to struct even when dealing with expr['type']. This commit changes the generator to consistently refer to it as struct everywhere, plus a single back-compat tweak that allows accepting the existing .json files as-is, so that the meat of this change is separate from the mindless churn of that change. Fix the testsuite fallout for error messages that change, and in some cases, become more legible. Improve comments to better match our intentions where a struct (rather than any complex type) is required. Note that in some cases, an error message now refers to 'struct' while the schema still refers to 'type'; that will be cleaned up in the later commit to the schema. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 2cbf09925ad45401673a79ab77f67de2f04a826c Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:24 2015 -0600 qapi: More rigorous checking for type safety bypass Now that we have a way to validate every type, we can also be stricter about enforcing that callers that want to bypass type safety in generated code. Prior to this patch, it didn't matter what value was associated with the key 'gen', but it looked odd that 'gen':'yes' could result in bypassing the generated code. These changes also enforce the changes made earlier in the series for documentation and consolidation of using '**' as the wildcard type, as well as 'gen':false as the canonical spelling for requesting type bypass. Note that 'gen':false is a one-way switch away from the default; we do not support 'gen':true (similar for 'success-response'). In practice, this doesn't matter. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 10d4d997f86cf2a4ce89145df5658952d5722e56 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:23 2015 -0600 qapi: Whitelist commands that don't return dictionary ...or an array of dictionaries. Although we have to cater to existing commands, returning a non-dictionary means the command is not extensible (no new name/value pairs can be added if more information must be returned in parallel). By making the whitelist explicit, any new command that falls foul of this practice will have to be self-documenting, which will encourage developers to either justify the action or rework the design to use a dictionary after all. It's a little bit sloppy that we share a single whitelist among three clients (it's too permissive for each). If this is a problem, a future patch could tighten things by having the generator take the whitelist as an argument (as in scripts/qapi-commands.py --legacy-returns=...), or by having the generator output C code that requires explicit use of the whitelist (as in: #ifndef FROBNICATE_LEGACY_RETURN_OK # error Command 'frobnicate' should return a dictionary #endif then having the callers define appropriate macros). But until we need such fine-grained separation (if ever), this patch does the job just fine. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit c9e0a798691d8c45747b082206e789c8f50523c9 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:22 2015 -0600 qapi: Require valid names Previous commits demonstrated that the generator overlooked various bad naming situations: - types, commands, and events need a valid name - enum members must be valid names, when combined with prefix - union and alternate branches cannot be marked optional Valid upstream names match [a-zA-Z][a-zA-Z0-9_-]*; valid downstream names match __[a-zA-Z][a-zA-Z0-9._-]*. Enumerations match the weaker [a-zA-Z0-9._-]+ (in part thanks to QKeyCode picking an enum that starts with a digit, which we can't change now due to backwards compatibility). Rather than call out three separate regex, this patch just uses a broader combination that allows both upstream and downstream names, as well as a small hack that realizes that any enum name is merely a suffix to an already valid name prefix (that is, any enum name is valid if prepending _ fits the normal rules). We could reject new enumeration names beginning with a digit by whitelisting existing exceptions. We could also be stricter about the distinction between upstream names (no leading underscore, no use of dot) and downstream (mandatory leading double underscore), but it is probably not worth the bother. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit dd883c6f0547f02ae805d02852ff3691f6d08f85 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:21 2015 -0600 qapi: More rigourous checking of types Now that we know every expression is valid with regards to its keys, we can add further tests that those keys refer to valid types. With this patch, all uses of a type (the 'data': of command, type, union, alternate, and event; the 'returns': of command; the 'base': of type and union) must resolve to an appropriate subset of metatypes declared by the current qapi parse; this includes recursing into each member of a data dictionary. Dealing with '**' and nested anonymous structs will be done in later patches. Update the testsuite to match improved output. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 0d8b9fb5f296a96723d98a45a6a00bfd4e45e1b9 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:20 2015 -0600 qapi: Add some type check tests Demonstrate that the qapi generator silently parses confusing types, which may cause other errors later on. Later patches will update the expected results as the generator is made stricter. Most of the new tests focus on blatant errors. But returns-whitelist is a case where we have historically allowed returning something other than a JSON object from particular commands; we have to keep that behavior to avoid breaking clients, but it would be nicer to avoid adding such commands in the future, because any return that is not an (array of) object cannot be easily extended if future qemu wants to return additional information. The QMP protocol already documents that clients should ignore unknown dictionary keys, but does not require clients to have to handle more than one type of JSON object. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit d708cdbe8792a55f53e90c1c787e871d527e8d4b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:19 2015 -0600 qapi: Unify type bypass and add tests For a few QMP commands, we are forced to pass an arbitrary type without tracking it properly in QAPI. Among the existing clients, this unnamed type was spelled 'dict', 'visitor', and '**'; this patch standardizes on '**', matching the documentation changes earlier in the series. Meanwhile, for the 'gen' key, we have been ignoring the value, although the schema consistently used "'no'" ('success-response' was hard-coded to checking for 'no'). But now that we can support a literal "false" in the schema, we might as well use that rather than ignoring the value or special-casing a random string. Note that these are one-way switches (use of 'gen':true is not the same as omitting 'gen'). Also, the use of '**' requires 'gen':false, but the use of 'gen':false does not mandate the use of '**'. There is no difference to the generated code. Add some tests on what we'd like to guarantee, although it will take later patches to clean up test results and actually enforce the use of a bool parameter. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit e53188ada516c814a729551be2448684d6d8ce08 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon May 4 09:05:18 2015 -0600 qapi: Allow true, false and null in schema json In the near term, we will use it for a sensible-looking 'gen':false inside command declarations, instead of the current ugly 'gen':'no'. In the long term, it will allow conversion from shorthand with defaults mentioned only in side-band documentation: 'data':{'*flag':'bool', '*string':'str'} into an explicit default value documentation, as in: 'data':{'flag':{'type':'bool', 'optional':true, 'default':true}, 'string':{'type':'str', 'optional':true, 'default':null}} We still don't parse integer values (also necessary before we can allow explicit defaults), but that can come in a later series. Update the testsuite to match an improved error message. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 4dc2e6906e1084fdd37bf67385c5dcd2c72ae22b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:17 2015 -0600 qapi: Better error messages for duplicated expressions The previous commit demonstrated that the generator overlooked duplicate expressions: - a complex type or command reusing a built-in type name - redeclaration of a type name, whether by the same or different metatype - redeclaration of a command or event - collision of a type with implicit 'Kind' enum for a union - collision with an implicit MAX enum constant Since the c_type() function in the generator treats all names as being in the same namespace, this patch adds a global array to track all known names and their source, to prevent collisions before it can cause further problems. While valid .json files won't trigger any of these cases, we might as well be nicer to developers that make a typo while trying to add new QAPI code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit cfdd5bcad515a8371af59dba9625e31a6f6f733e Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:16 2015 -0600 qapi: Add tests of redefined expressions Demonstrate that the qapi generator doesn't deal very well with redefined expressions. At the parse level, they are silently accepted; and while the testsuite just stops at parsing, I've further tested that many of them cause generator crashes or invalid C code if they were appended to qapi-schema-test.json. A later patch will tighten things up and adjust the testsuite to match. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 0545f6b8874c28d97369f2c83e5077e0461d4f12 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:15 2015 -0600 qapi: Better error messages for bad expressions The previous commit demonstrated that the generator overlooked some fairly basic broken expressions: - missing metataype - metatype key has a non-string value - unknown key in relation to the metatype - conflicting metatype (this patch treats the second metatype as an unknown key of the first key visited, which is not necessarily the first key the user typed) Add check_keys to cover these situations, and update testcases to match. A couple other tests (enum-missing-data, indented-expr) had to change since the validation added here occurs so early. Conversely, changes to ident-with-escape results show that we still have problems where our handling of escape sequences differs from true JSON, which will matter down the road if we allow arbitrary default string values for optional parameters (but for now is not too bad, as we currently can avoid unicode escaping as we don't need to represent anything beyond C identifier material). While valid .json files won't trigger any of these cases, we might as well be nicer to developers that make a typo while trying to add new QAPI code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 9050c65b71ac1d197330e6db221f63189e21bad5 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:14 2015 -0600 qapi: Add some expr tests Demonstrate that the qapi generator doesn't deal well with expressions that aren't up to par. Later patches will improve the expected results as the generator is made stricter. Only a few of the the added tests actually behave sanely at rejecting obvious problems or demonstrating success. Note that in some cases, we reject bad QAPI merely because our pseudo-JSON parser does not yet know how to parse numbers. This series does not address that, but when a later series adds support for numeric defaults of integer fields, the testsuite will ensure that we don't lose the error (and hopefully that the error message quality is improved). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ab916faddd16f0165e9cc2551f90699be8efde53 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:13 2015 -0600 qapi: Use 'alternate' to replace anonymous union Previous patches have led up to the point where I create the new meta-type "'alternate':'Foo'". See the previous patches for documentation; I intentionally split as much work into earlier patches to minimize the size of this patch, but a lot of it is churn due to testsuite fallout after updating to the new type. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 7b1b98c420355ccea98d8bd55c9193ee6b7cef97 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:12 2015 -0600 qapi: Document new 'alternate' meta-type The next patch will quit special-casing "'union':'Foo', 'discriminator':{}" and instead use "'alternate':'Foo'". Separating docs from implementation makes it easier to focus on wording without holding up code. In particular, making alternate a separate type makes for a nice type hierarchy: /-------- meta-type ------\ / | \ simple types alternate complex types | | | | built-in enum type(struct) union | \ / / \ numeric string simple flat A later patch will then clean up 'type' vs. 'struct' confusion. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ab045267447d52e63a79c0e18f89ae4411f5420b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:11 2015 -0600 qapi: Rename anonymous union type in test Reduce churn in the future patch that replaces anonymous unions with a new metatype 'alternate' by changing 'AnonUnion' to 'Alternate'. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 811d04fd0cff1229480d3f5b2e349f646ab6e3c1 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:10 2015 -0600 qapi: Segregate anonymous unions into alternates in generator Special-casing 'discriminator == {}' for handling anonymous unions is getting awkward; since this particular type is not always a dictionary on the wire, it is easier to treat it as a completely different class of type, "alternate", so that if a type is listed in the union_types array, we know it is not an anonymous union. This patch just further segregates union handling, to make sure that anonymous unions are not stored in union_types, and splitting up check_union() into separate functions. A future patch will change the qapi grammar, and having the segregation already in place will make it easier to deal with the distinct meta-type. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 268a1c5eb10832c2e4476d3fe199ea547dabecb7 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:09 2015 -0600 qapi: Prepare for catching more semantic parse errors This patch widens the scope of a try block (with the attending reindentation required by Python) in preparation for a future patch adding more instances of QAPIExprError inside the block. It's easier to separate indentation from semantic changes, so this patch has no real behavior change. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 44bd1276a7dea747c41f250cb71ab65965343a7f Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:08 2015 -0600 qapi: Tighten checking of unions Previous commits demonstrated that the generator had several flaws with less-than-perfect unions: - a simple union that listed the same branch twice (or two variant names that map to the same C enumerator, including the implicit MAX sentinel) ended up generating invalid C code - an anonymous union that listed two branches with the same qtype ended up generating invalid C code - the generator crashed on anonymous union attempts to use an array type - the generator was silently ignoring a base type for anonymous unions - the generator allowed unknown types or nested anonymous unions as a branch in an anonymous union Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit a8d4a2e4d7e1a0207699de47142c9bdbf2cc8675 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:07 2015 -0600 qapi: Forbid base without discriminator in unions None of the existing QMP or QGA interfaces uses a union with a base type but no discriminator; it is easier to avoid this in the generator to save room for other future extensions more likely to be useful. An earlier commit added a union-base-no-discriminator test to ensure that we eventually give a decent error message; likewise, removing UserDefUnion outright is okay, because we moved all the tests we wish to keep into the tests of the simple union UserDefNativeListUnion in the previous commit. Now is the time to actually forbid simple union with base, and remove the last vestiges from the testsuite. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 805017b7791200f1b72deef17dc98fd272b941eb Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:06 2015 -0600 qapi: Clean up test coverage of simple unions The tests of UserDefNativeListUnion serve to validate code generation of simple unions without a base type, except that it did not have full coverage in the strict test. The next commits will remove tests and support for simple unions with a base type, so there is no real loss at repurposing that test here as opposed to churn of adding a new test then deleting the old one. Fix some indentation and long lines while at it. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 3d0c48292633260269cb21551d9bab006b2f2781 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:05 2015 -0600 qapi: Add some union tests Demonstrate that the qapi generator doesn't deal well with unions that aren't up to par. Later patches will update the expected reseults as the generator is made stricter. A few tests work as planned, but most show poor or missing error messages. Of particular note, qapi-code-gen.txt documents 'base' only for flat unions, but the tests here demonstrate that we currently allow a 'base' to a simple union, although it is exercised only in the testsuite. Later patches will remove this undocumented feature, to give us more flexibility in adding other future extensions to union types. For example, one possible extension is the idea of a type-safe simple enum, where added fields tie the discriminator to a user-defined enum type rather than creating an implicit enum from the names in 'data'. But adding such safety on top of a simple enum with a base type could look ambiguous with a flat enum; besides, the documentation also mentions how any simple union can be represented by an equivalent flat union. So it will be simpler to just outlaw support for something we aren't using. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit cf3935907b5df16f667d54ad6761c7e937dcf425 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:04 2015 -0600 qapi: Better error messages for bad enums The previous commit demonstrated that the generator had several flaws with less-than-perfect enums: - an enum that listed the same string twice (or two variant strings that map to the same C enumerator) ended up generating an invalid C enum - because the generator adds a _MAX terminator to each enum, the use of an enum member 'max' can also cause this clash - if an enum omits 'data', the generator left a python stack trace rather than a graceful message - an enum that used a non-array 'data' was silently accepted by the parser - an enum that used non-string members in the 'data' member was silently accepted by the parser Add check_enum to cover these situations, and update testcases to match. While valid .json files won't trigger any of these cases, we might as well be nicer to developers that make a typo while trying to add new QAPI code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ad11dbb93752ffd4bd1d5f31da7e2d9c40a68e8a Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:03 2015 -0600 qapi: Add some enum tests Demonstrate that the qapi generator doesn't deal well with enums that aren't up to par. Later patches will update the expected results as the generator is made stricter. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit fe2a9303c9e511462f662a415c2e9d2defe9b7ca Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:02 2015 -0600 qapi: Require ASCII in schema Python 2 and Python 3 have a wild history of whether strings default to ascii or unicode, where Python 3 requires checking isinstance(foo, basestr) to cover all strings, but where that code is not portable to Python 2. It's simpler to just state that we don't care about Unicode strings, and to just always use the simpler isinstance(foo, str) everywhere. I'm no python expert, so I'm basing it on this conversation: https://lists.gnu.org/archive/html/qemu-devel/2014-09/msg05278.html Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit cb17f79eef0d161e81ac457e4c1f124405be2a18 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:01 2015 -0600 qapi: Fix generation of 'size' builtin type We were missing the 'size' builtin type (which means that QAPI using [ 'size' ] would fail to compile). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit b52c4b9cf0bbafdf8cede4ea1f62770d86815718 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:00 2015 -0600 qapi: Simplify builtin type handling There was some redundancy between builtin_types[] and builtin_type_qtypes{}. Merge them into one. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit e790e666518e68134ca0570b6b4a707169ea3cb1 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:04:59 2015 -0600 qapi: Document type-safety considerations Go into more details about the various types of valid expressions in a qapi schema, including tweaks to document fixes being done later in the current patch series. Also fix some stale and missing documentation in the QMP specification. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 6fb55451728e6dc74ae4e67e4f5ab557468f084e Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:04:58 2015 -0600 qapi: Add copyright declaration on docs While our top-level COPYING with its GPLv2+ license applies to any documentation file that omits explicit instructions, these days it's better to be a good example of calling out our intentions. Correct use of GPL requires the use of a copyright statement, so I'm adding notice to two QAPI documents, by attributing these files to the initial authors and major contributors. I used: $ git blame --line-porcelain $file \ | sed -n 's/^author //p' | sort | uniq -c | sort -rn to determine authorship of these two files. qmp-spec.txt blames entirely to Red Hat (easy, since my contribution falls in that category); while qapi-code-gen.txt has multiple contributors representing multiple entities. But since it was originally supplied by Michael Roth, the notice I added there copies the notice he has used in other files. As there is no intended change in license from the implicit one previously present from the top level, I have not bothered to CC other contributors; if we want to weaken things to something looser (such as LGPL) so that there is no question that someone re-implementing the spec is not forced to use GPL, that would be a different commit. CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 00c8fa9ffeee7458e5ed62c962faf638156c18da Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Thu Apr 2 20:07:53 2015 -0400 tcg: optimise memory layout of TCGTemp This brings down the size of the struct from 56 to 32 bytes on 64-bit, and to 20 bytes on 32-bit. This leads to memory savings: Before: $ find . -name 'tcg.o' | xargs size text data bss dec hex filename 41131 29800 88 71019 1156b ./aarch64-softmmu/tcg/tcg.o 37969 29416 96 67481 10799 ./x86_64-linux-user/tcg/tcg.o 39354 28816 96 68266 10aaa ./arm-linux-user/tcg/tcg.o 40802 29096 88 69986 11162 ./arm-softmmu/tcg/tcg.o 39417 29672 88 69177 10e39 ./x86_64-softmmu/tcg/tcg.o After: $ find . -name 'tcg.o' | xargs size text data bss dec hex filename 40883 29800 88 70771 11473 ./aarch64-softmmu/tcg/tcg.o 37473 29416 96 66985 105a9 ./x86_64-linux-user/tcg/tcg.o 38858 28816 96 67770 108ba ./arm-linux-user/tcg/tcg.o 40554 29096 88 69738 1106a ./arm-softmmu/tcg/tcg.o 39169 29672 88 68929 10d41 ./x86_64-softmmu/tcg/tcg.o Note that using an entire byte for some enums that need less than that wastes a few bits (noticeable in 32 bits, where we use 20 bytes instead of 16) but avoids extraction code, which overall is a win--I've tested several variations of the patch, and the appended is the best performer for OpenSSL's bntest by a very small margin: Before: $ taskset -c 0 perf stat -r 15 -- x86_64-linux-user/qemu-x86_64 img/bntest-x86_64 >/dev/null [...] Performance counter stats for 'x86_64-linux-user/qemu-x86_64 img/bntest-x86_64' (15 runs): 10538.479833 task-clock (msec) # 0.999 CPUs utilized ( +- 0.38% ) 772 context-switches # 0.073 K/sec ( +- 2.03% ) 0 cpu-migrations # 0.000 K/sec ( +-100.00% ) 2,207 page-faults # 0.209 K/sec ( +- 0.08% ) 10.552871687 seconds time elapsed ( +- 0.39% ) After: $ taskset -c 0 perf stat -r 15 -- x86_64-linux-user/qemu-x86_64 img/bntest-x86_64 >/dev/null Performance counter stats for 'x86_64-linux-user/qemu-x86_64 img/bntest-x86_64' (15 runs): 10459.968847 task-clock (msec) # 0.999 CPUs utilized ( +- 0.30% ) 739 context-switches # 0.071 K/sec ( +- 1.71% ) 0 cpu-migrations # 0.000 K/sec ( +- 68.14% ) 2,204 page-faults # 0.211 K/sec ( +- 0.10% ) 10.473900411 seconds time elapsed ( +- 0.30% ) Suggested-by: Stefan Weil <sw@xxxxxxxxxxx> Suggested-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 874e9aeeeb74c5459639a93439a502d262847e68 Merge: b4c5df7 e444ea3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 5 14:06:12 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-sdl-20150505-1' into staging sdl2: add opengl support # gpg: Signature made Tue May 5 10:36:25 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-sdl-20150505-1: sdl2: Fix RGB555 sdl2: add support for display rendering using opengl. sdl2: move SDL_* includes to sdl2.h console-gl: add opengl rendering helper functions opengl: add shader helper functions. opengl: add shader build infrastructure Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b4c5df7a15dad2417bc05d08a470b82ab89d56ea Merge: 5bccbb0 2e1c92d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 5 10:23:22 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-cov-model-2015-05-05' into staging coverity: fix address_space_rw model # gpg: Signature made Tue May 5 09:44:26 2015 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-cov-model-2015-05-05: coverity: fix address_space_rw model Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e444ea34f8ec27acfa9ead7eaa9904238c831e69 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Tue Mar 3 12:25:27 2015 -0500 sdl2: Fix RGB555 Reproducable with: $ x86_64-softmmu/qemu-system-x86_64 \ -kernel $vmlinuz_of_your_choice \ -append vga=0x313 -sdl Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 0b71a5d5caa4f709d37fa1d7786dffc2c94f8414 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Nov 11 16:54:45 2014 +0100 sdl2: add support for display rendering using opengl. Add new sdl2-gl.c file, with display rendering functions using opengl. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 19dadfccd0124804e2790e7cb075c9df7cd3154f Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Nov 19 14:19:49 2014 +0100 sdl2: move SDL_* includes to sdl2.h Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit cd2bc889e5b30c69926fc1511b6522e7cb4c705d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jan 9 11:40:23 2015 +0100 console-gl: add opengl rendering helper functions Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 985e1c9b008e5e8b6eac41546266d3abcfa6282a Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Apr 24 07:48:45 2015 +0200 opengl: add shader helper functions. Helper functions to compile, link and run opengl shader programs. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2e1c92daff752c056ae10087e6b1702b0460af88 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon May 4 14:18:09 2015 +0200 coverity: fix address_space_rw model If the is_write argument is true, address_space_rw writes to memory and thus reads from the buffer. The opposite holds if is_write is false. Fix the model. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit d98bc0b654b97d130338e76e0928296f84e6d6fd Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jan 16 13:59:17 2015 +0100 opengl: add shader build infrastructure perl script to transform shader programs into c include files with static string constands containing the shader programs, so we can easily embed them into qemu. Also some Makefile logic for them. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 5bccbb04a4abba7af4398de992bf06d585fd1333 Merge: f90f5b9 4a4d614 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Apr 30 20:34:54 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block patches # gpg: Signature made Thu Apr 30 19:51:16 2015 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: Enable NVMe start controller for Windows guest. MAINTAINERS: Add qemu-block list where missing MAINTAINERS: make block layer core Kevin Wolf's responsibility MAINTAINERS: make image fuzzer Stefan Hajnoczi's responsibility MAINTAINERS: make block I/O path Stefan Hajnoczi's responsibility MAINTAINERS: split out image formats MAINTAINERS: make virtio-blk Stefan Hajnoczi's responsibility Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 41063e1e7afcb2f13e103720fe96221657f5dbbc Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Mar 18 14:21:43 2015 +0100 exec: move rcu_read_lock/unlock to address_space_translate callers Once address_space_translate will be called outside the BQL, the returned MemoryRegion might disappear as soon as the RCU read-side critical section ends. Avoid this by moving the critical section to the callers. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1426684909-95030-3-git-send-email-pbonzini@xxxxxxxxxx> commit 4c6637525290dc863a00be7f58fc11d07b780bd4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 8 13:30:58 2015 +0200 kvm: add support for memory transaction attributes Let kvm_arch_post_run convert fields in the kvm_run struct to MemTxAttrs. These are then passed to address_space_rw. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f8a9f720dd2fa5c1560838c26c6dad396a0cef5b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Apr 8 12:57:11 2015 +0200 mtree: also print disabled regions Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e48816aac6eef50c851e3833add886f0403b6f11 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Apr 8 12:53:47 2015 +0200 mtree: tag & indent a bit better Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 813297541196698f60525d611dd09007fa60b45b Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 7 16:53:52 2015 +0300 apic_common: improve readability of apic_reset_common Replace call of cpu_is_bsp(s->cpu) which really returns !!(s->apicbase & MSR_IA32_APICBASE_BSP) with directly collected value. Due to this the tracepoint trace_cpu_get_apic_base((uint64_t)s->apicbase); will not be hit anymore in apic_reset_common. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1428414832-3104-1-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 03a96b83b539498510e22aab585e41015ba18247 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Mon Apr 27 18:59:04 2015 +0200 kvm: Silence warning from valgrind valgrind complains here about uninitialized bytes with the following message: ==17814== Syscall param ioctl(generic) points to uninitialised byte(s) ==17814== at 0x466A780: ioctl (in /usr/lib64/power8/libc-2.17.so) ==17814== by 0x100735B7: kvm_vm_ioctl (kvm-all.c:1920) ==17814== by 0x10074583: kvm_set_ioeventfd_mmio (kvm-all.c:574) Let's fix it by using a proper struct initializer in kvm_set_ioeventfd_mmio(). Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Message-Id: <1430153944-24368-1-git-send-email-thuth@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f90f5b9a9aa41e5ea47dc7a0f3e1f99196f485c3 Merge: 4981475 5530293 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Apr 30 15:18:30 2015 +0100 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-04-30' into staging trivial patches for 2015-04-30 # gpg: Signature made Thu Apr 30 14:07:50 2015 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-04-30: (42 commits) openrisc: cpu: Remove unused cpu_get_pc microblaze: fix memory leak tcg: Delete unused cpu_pc_from_tb() kvm: Silence warning from valgrind vhost-user: remove superfluous '\n' around error_report() target-mips: fix memory leak qmp-commands: Fix typo linux-user/elfload: use QTAILQ_FOREACH instead of open-coding it coroutine: remove unnecessary parentheses in qemu_co_queue_empty qemu-char: remove unused list node from FDCharDriver input: remove unused mouse_handlers list cpus: use first_cpu macro instead of QTAILQ_FIRST(&cpus) microblaze: cpu: delete unused cpu_interrupts_enabled microblaze: cpu: Renumber EXCP_* constants to close gap microblaze: cpu: Delete EXCP_NMI microblaze: cpu: Remove unused CC_OP enum microblaze: cpu: Remote unused cpu_get_pc microblaze: mmu: Delete flip_um fn prototype defconfigs: Piggyback microblazeel on microblaze libcacard: do not use full paths for include files in the same dir ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4a4d614ff56b4cf15e83629946afe51dc116053f Author: Daniel Stekloff <dan@xxxxxxxxxx> Date: Fri Apr 24 11:55:42 2015 -0700 Enable NVMe start controller for Windows guest. Windows seems to send two separate calls to NVMe controller configuration. The first sends configuration info and the second the enable bit. I couldn't enable the Windows 8.1 in-box NVMe driver with base Qemu. I made the following change to store the configuration data and then handle enable and NVMe driver works on Windows 8.1. I am not a Windows expert and I'm not entirely sure this is the correct approach. I'm offering it for anyone who wishes to use NVMe on Windows 8.1 using Qemu. I have tested this change with Linux and Windows guests with NVMe devices. Signed-off-by: Daniel Stekloff <dan@xxxxxxxxxx> Acked-by: Keith Busch <keith.busch@xxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 498147529d1f8e902e6528a0115143b53475791e Merge: 06feaac 2c80e99 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Apr 30 14:15:56 2015 +0100 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20150430' into staging First pile of s390x patches for 2.4, including: - some cleanup patches - sort most of the s390x devices into categories - support for the new STSI post handler, used to insert vm name and friends - support for the new MEM_OP ioctl (including access register mode) for accessing guest memory # gpg: Signature made Thu Apr 30 12:56:58 2015 BST using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20150430: kvm: better advice for failed s390x startup s390x/kvm: Support access register mode for KVM_S390_MEM_OP ioctl s390x/mmu: Use ioctl for reading and writing from/to guest memory s390x/kvm: Put vm name, extended name and UUID into STSI322 SYSIB linux-headers: update s390x/mmu: Use access type definitions instead of magic values s390x/ipl: sort into categories sclp: sort into categories s390-virtio: sort into categories virtio-ccw: sort into categories Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c95e4c0e53c774dd82a78ae751ea24f537e38778 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 30 15:15:13 2015 +0200 MAINTAINERS: Add qemu-block list where missing Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 17f1e8f5acf0016bf0b14ef9ec591d3f5081fc60 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Apr 29 15:13:29 2015 +0100 MAINTAINERS: make block layer core Kevin Wolf's responsibility Kevin is now sole maintainer of the core block layer, including BlockDriverState graphs and monitor commands. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit abfe4e9408a9e82bec9e9834eabc65f53907f281 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Apr 29 15:13:28 2015 +0100 MAINTAINERS: make image fuzzer Stefan Hajnoczi's responsibility Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d55053b16e22d46db0d98819814a31ae5c33e2c7 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Apr 29 15:13:27 2015 +0100 MAINTAINERS: make block I/O path Stefan Hajnoczi's responsibility The block I/O path includes the asynchronous I/O machinery and read/write/flush/discard processing. It somewhat arbitrarily also includes block migration, which I've found myself reviewing patches for over the years. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e7c6e631b191c99eecb4a06fe19302e863f033c6 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Apr 29 15:13:26 2015 +0100 MAINTAINERS: split out image formats Block driver submaintainers has proven to be a good model. Kevin and Stefan are splitting up the unclaimed block drivers so each has a dedicated maintainer. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b457a5f54cd857815401dc4708a4c778481ec562 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Apr 29 15:13:25 2015 +0100 MAINTAINERS: make virtio-blk Stefan Hajnoczi's responsibility Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 553029351bac9f5b4f9ea72793e55f02e7677ec2 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Apr 30 00:38:52 2015 -0700 openrisc: cpu: Remove unused cpu_get_pc This function is not used by anything. Remove. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 4d850406a859d3a5dcfca74eb9caa76ccc064ab3 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Thu Mar 5 11:05:20 2015 +0800 microblaze: fix memory leak When not assign a -dtb argument, the variable dtb_filename storage returned from qemu_find_file(), which should be freed after use. Alternatively we define a local variable filename, with 'char *' type, free after use. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit fee068e4f190a36ef3bda9aa7c802f90434ef8e5 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Wed Apr 29 00:52:21 2015 -0700 tcg: Delete unused cpu_pc_from_tb() No code uses the cpu_pc_from_tb() function. Delete from tricore and arm which each provide an unused implementation. Update the comment in tcg.h to reflect that this is obsoleted by synchronize_from_tb. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 2ed0c3dad769ab747e1f5448b70eeaf134c76982 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Mon Apr 27 18:59:04 2015 +0200 kvm: Silence warning from valgrind valgrind complains here about uninitialized bytes with the following message: ==17814== Syscall param ioctl(generic) points to uninitialised byte(s) ==17814== at 0x466A780: ioctl (in /usr/lib64/power8/libc-2.17.so) ==17814== by 0x100735B7: kvm_vm_ioctl (kvm-all.c:1920) ==17814== by 0x10074583: kvm_set_ioeventfd_mmio (kvm-all.c:574) Let's fix it by using a proper struct initializer in kvm_set_ioeventfd_mmio(). Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ab7c5aaf31213f5fc96018514e3d258e951d520f Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue Apr 28 17:11:04 2015 +0800 vhost-user: remove superfluous '\n' around error_report() Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 3ad9fd5a257794d516db515c217c78a5806112fe Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue Apr 28 17:11:02 2015 +0800 target-mips: fix memory leak Coveristy reports that variable prom_buf/params_buf going out of scope leaks the storage it points to. Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 5403432f39fc09ce1973cc8c1a62e16502358bf7 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:20:41 2015 -0400 qmp-commands: Fix typo Just a trivial patch to correct a QMP example in qmp-commands.hx. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 52a53afebd2604af957d50fd4f3ce2012350a40d Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Mon Apr 27 12:45:33 2015 -0400 linux-user/elfload: use QTAILQ_FOREACH instead of open-coding it Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b1201addc7ceb8f1fcdc378071ec6f5ab5b3f7ab Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Mon Apr 27 12:45:32 2015 -0400 coroutine: remove unnecessary parentheses in qemu_co_queue_empty Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 63d229c32b72767461262ade78a5cb98dbe0f1b4 Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Mon Apr 27 12:45:30 2015 -0400 qemu-char: remove unused list node from FDCharDriver Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit dfbf272b77cfb6b74131746a67c82271ab009f2f Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Mon Apr 27 12:45:29 2015 -0400 input: remove unused mouse_handlers list Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit c28e399cadbeaa996e2a3d334368edd4cd6b6889 Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Mon Apr 27 12:45:28 2015 -0400 cpus: use first_cpu macro instead of QTAILQ_FIRST(&cpus) Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 93100f67c723f5812d0fa9a026208cf320ef46e6 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Apr 26 12:10:24 2015 -0700 microblaze: cpu: delete unused cpu_interrupts_enabled This function is unused. Remove. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 2161be35ce57ed5b0da0b98f902d003bfebac2c9 Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Wed Apr 29 08:34:29 2015 +0300 microblaze: cpu: Renumber EXCP_* constants to close gap After removal of EXCP_NMI there's a gap in EXCP_* numbering. Let's remove it. Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 059ec9aa34fd3c5bfe65141741c671b3e80ac6e7 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Apr 26 12:10:23 2015 -0700 microblaze: cpu: Delete EXCP_NMI This define is unused. Remove. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 004f979fbb83397349c9158946ec5d4f0036632b Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Apr 26 12:10:22 2015 -0700 microblaze: cpu: Remove unused CC_OP enum This enum is not used by anything. Remove. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b133b09a9d8ae280bba279a1aba9af73a805e198 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Apr 26 12:10:21 2015 -0700 microblaze: cpu: Remote unused cpu_get_pc This function is not used by anything. Remove. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 19191a6bc537b2290e18430e1877de9c2db20510 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Apr 26 12:10:20 2015 -0700 microblaze: mmu: Delete flip_um fn prototype This is not implemented or used. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a0970d91c94241c74b2b8027268d2a7e8fe19ae3 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Apr 26 12:10:19 2015 -0700 defconfigs: Piggyback microblazeel on microblaze Theres no difference in defconfig. Going forward microblazeel should superset microblaze so use an include. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f66759d3aec208651a7ad0cd37f4fec8d86fa7c1 Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Mon Apr 27 16:29:58 2015 +0300 libcacard: do not use full paths for include files in the same dir Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 28507a415a9b1e897aa8cdab658c6cdc00eff6cd Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Apr 27 12:34:18 2015 +0200 libcacard: stop including qemu-common.h This is a small step towards making libcacard standalone. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit d3e4abdddfcf70b2e678de1c6b9b1c6cd3ce541e Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Mon Apr 27 13:32:35 2015 +0200 docs/atomics.txt: fix two typos Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 5ecaa4ed882aa6040d2ddbfc6f487d8b4bcd3b83 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Apr 26 19:14:26 2015 -0700 configure: alphabetize tricore in target list tricore was out of alphabetical order in the target list. Fix. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ef1d27f4b17c4238ed3395724026910973026d2b Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Apr 26 18:38:18 2015 -0700 arm: cpu.h: Remove unused typdefs These CP accessor function prototypes are unused. Remove them. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 3bf2af7b40281f73d0e33ecca4095078feed07b1 Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Sat Mar 14 07:19:33 2015 +0100 util: Remove unused functions Delete the unused functions qemu_signalfd_available(), qemu_send_full() and qemu_recv_full(). Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ec29ea1b2b5ffed569d52393ad8e8d3f4215b9b3 Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Sat Mar 14 07:19:32 2015 +0100 usb: Remove unused functions Delete set_usb_string(), usb_ep_get_ifnum(), usb_ep_get_max_packet_size() usb_ep_get_max_streams() and usb_ep_set_pipeline() since they are not used anymore. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 26b93109c0dff55aab67da66ebbace2cc39becfc Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Sat Mar 14 07:19:31 2015 +0100 monitor: Remove unused functions The functions ringbuf_read_completion() and monitor_get_rs() are not used anywhere anymore, so let's remove them. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Cc: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 04768b985e8da35cba67b60dab02865a4d8ecdca Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Sat Mar 14 07:19:30 2015 +0100 pci: Remove unused function ich9_d2pbr_init() The function ich9_d2pbr_init() is completely unused and thus can be deleted. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 9dcfda1298662223af1b99f7aef1bcf94df134a8 Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Sat Mar 14 07:19:29 2015 +0100 vmxnet: Remove unused function vmxnet_rx_pkt_get_num_frags() The function is not used anymore and thus can be deleted. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Cc: Dmitry Fleytman <dmitry@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 825976153ee4c787326e0beb31144906f0a3c210 Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Mon Apr 27 11:12:49 2015 +0300 qemu-options: trivial spelling fix (messsage) Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit c2cb2b041b56e113e43da78528c9dfd8257e0206 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Fri Apr 24 19:41:26 2015 +0200 hostmem: Fix mem-path property name in error report The subtle difference between "property not found" and "property not set" is already confusing enough. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 29b558d87710a962203a45d9dd57bf7eab19dca0 Author: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Date: Wed Apr 15 10:18:55 2015 -0400 tpm: fix coding style Fix coding style in one instance. Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 1897b212b780a02a5605ad934a6dd16c76571fe3 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Apr 13 17:28:27 2015 +0200 qemu-config: remove stray inclusions of hw/ files Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f2fbb40ea32445b281696a1b3f16de670951de2e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Apr 13 17:28:26 2015 +0200 range: remove useless inclusions Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 631b22ea206300f09b9d1bb9249169e0f0092639 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Thu Apr 9 20:32:39 2015 +0200 misc: Fix new collection of typos All of them were reported by codespell. Most typos are in comments, one is in an error message. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit c9f88ce330c3d9107adfabdde33bdf10dcc05934 Author: Chih-Min Chao <cmchao@xxxxxxxxx> Date: Thu Apr 9 02:04:14 2015 +0800 hw/display : remove 'struct' from 'typedef QXL struct' Signed-off-by: Chih-Min Chao <cmchao@xxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 9425c004fe287bfe95e2bf64634d6a618c2b596c Author: Chih-Min Chao <cmchao@xxxxxxxxx> Date: Thu Apr 9 02:04:13 2015 +0800 ui/console : remove 'struct' from 'typedef struct' type Signed-off-by: Chih-Min Chao <cmchao@xxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 4769a881cbe1130e7ba4650471ef37e2cf998a9c Author: Chih-Min Chao <cmchao@xxxxxxxxx> Date: Thu Apr 9 02:04:12 2015 +0800 ui/vnc : remove 'struct' of 'typedef struct' Signed-off-by: Chih-Min Chao <cmchao@xxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 494cb81741f867319f11ecfa0949168baf9f01d7 Author: Chih-Min Chao <cmchao@xxxxxxxxx> Date: Thu Apr 9 02:04:11 2015 +0800 ui/vnc : fix coding style reported by checkpatch.pl Signed-off-by: Chih-Min Chao <cmchao@xxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 4188e39055bfaf6d76b7d98294b0aeb8e4f3082d Author: Chih-Min Chao <cmchao@xxxxxxxxx> Date: Thu Apr 9 02:04:10 2015 +0800 bitops : fix coding style don't mix tab and space. The rule is 4 spaces Signed-off-by: Chih-Min Chao <cmchao@xxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 4d1ba9c4f8a4d68b9d053946d551ffa8f1006b77 Author: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Date: Tue Mar 31 14:49:10 2015 -0400 tpm: Modify DPRINTF to enable -Wformat checking Modify DPRINTF to always enable -Wformat checking. Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 070c7607f62f9623be9ff14623a43b0ca195c572 Author: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Date: Tue Mar 31 14:49:09 2015 -0400 tpm: Cast 64bit variables to int when used in DPRINTF Cast 64bit variables to int when used in DPRINTF. They only contain 32bit of data. Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 2c80e996e427ae31982f3405a762859578a6261d Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Apr 23 17:03:46 2015 +0200 kvm: better advice for failed s390x startup If KVM_CREATE failed on s390x, we print a hint to enable the switch_amode kernel parameter. This only applies to old kernels, and only if the error was -EINVAL. Moreover, with new kernels, the most likely reason for -EINVAL is that pgstes were not enabled. Let's update the error message to give a better hint on where things may need fixing. Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 6cb1e49de58cab8f243b05a971a9a1f80ab3223d Author: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Date: Thu Mar 5 12:36:48 2015 +0300 s390x/kvm: Support access register mode for KVM_S390_MEM_OP ioctl Access register mode is one of the modes that control dynamic address translation. In this mode the address space is specified by values of the access registers. The effective address-space-control element is obtained from the result of the access register translation. See the "Access-Register Introduction" section of the chapter 5 "Program Execution" in "Principles of Operations" for more details. When the CPU is in AR mode, the s390_cpu_virt_mem_rw() function must know which access register number to use for address translation. This patch does several things: - add new parameter 'uint8_t ar' to that function - decode ar number from intercepted instructions - pass the ar number to s390_cpu_virt_mem_rw(), which in turn passes it to the KVM_S390_MEM_OP ioctl. Signed-off-by: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit a9bcd1b8719dea2e91512238d810e2a0037e174d Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Fri Feb 6 15:54:58 2015 +0100 s390x/mmu: Use ioctl for reading and writing from/to guest memory Add code to make use of the new ioctl for reading from / writing to virtual guest memory. By using the ioctl, the memory accesses are now protected with the so-called ipte-lock in the kernel. [CH: moved error message into kvm_s390_mem_op()] Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit f07177a5599fb204e42a007db4820ceda1bc85ba Author: Ekaterina Tumanova <tumanova@xxxxxxxxxxxxxxxxxx> Date: Tue Mar 3 18:35:27 2015 +0100 s390x/kvm: Put vm name, extended name and UUID into STSI322 SYSIB KVM prefills the SYSIB, returned by STSI 3.2.2. This patch allows userspace to intercept execution, and fill in the values, that are known to qemu: machine name (8 chars), extended machine name (256 chars), extended machine name encoding (equals 2 for UTF-8) and UUID. STSI322 qemu handler also finds a highest virtualization level in level-3 virtualization stack that doesn't support Extended Names (Ext Name delimiter) and propagates zero Ext Name to all levels below, because this level is not capable of managing Extended Names of lower levels. Signed-off-by: Ekaterina Tumanova <tumanova@xxxxxxxxxxxxxxxxxx> Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 7a52ce8a160739c5d37469b0e344d3239eb86462 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Mar 31 16:07:08 2015 +0200 linux-headers: update This updates linux-headers against master 4.1-rc1 (commit b787f68c36d49bb1d9236f403813641efa74a031). Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 217a4acb211d603f33199cf94ada9fce3ac419b5 Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Thu Mar 19 15:04:50 2015 +0100 s390x/mmu: Use access type definitions instead of magic values Since there are now proper definitions for the MMU access type, let's use them in the s390x MMU code, too, instead of the hard-to-understand magic values. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit b4ab4572b319f2c26435b2ed18cfd3fb602c7439 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Mar 20 10:17:08 2015 +0100 s390x/ipl: sort into categories The s390 ipl device has no real home (it's not really a storage device), so let's sort it into the misc category. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 183f6b8d7e7adf6b892523644e38b534c5954be1 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Mar 17 13:44:39 2015 +0100 sclp: sort into categories Sort the sclp consoles into the input category, just as virtio-serial. Various other sclp devices don't have an obvious category, sort them into misc. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 4d1866de9422c4b359f61819ee01efc9b988187b Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Mar 17 13:43:26 2015 +0100 s390-virtio: sort into categories Sort the various s390-virtio devices into the same categories as their virtio-pci counterparts. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit cd20d61634092a9fa19c8c6f0a749526e9958374 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Mar 17 13:42:03 2015 +0100 virtio-ccw: sort into categories Sort the various virtio-ccw devices into the same categories as their virtio-pci counterparts. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 06feaacfb4cfef10cc0c93d97df7bfc8a71dbc7e Merge: a1fe58f d064d9f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Apr 30 12:04:11 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging - miscellaneous cleanups for TCG (Emilio) and NBD (Bogdan) - next part in the thread-safe address_space_* saga: atomic access to the bounce buffer and the map_clients list, from Fam - optional support for linking with tcmalloc, also from Fam - reapplying Peter Crosthwaite's "Respect as_translate_internal length clamp" after fixing the SPARC fallout. - build system fix from Wei Liu - small acpi-build and ioport cleanup by myself # gpg: Signature made Wed Apr 29 09:34:00 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: (22 commits) nbd/trivial: fix type cast for ioctl translate-all: use bitmap helpers for PageDesc's bitmap target-i386: disable LINT0 after reset Makefile.target: prepend $libs_softmmu to $LIBS milkymist: do not modify libs-softmmu configure: Add support for tcmalloc exec: Respect as_translate_internal length clamp ioport: reserve the whole range of an I/O port in the AddressSpace ioport: loosen assertions on emulation of 16-bit ports ioport: remove wrong comment ide: there is only one data port gus: clean up MemoryRegionPortio sb16: remove useless mixer_write_indexw sun4m: fix slavio sysctrl and led register sizes acpi-build: remove dependency from ram_addr.h memory: add memory_region_ram_resize dma-helpers: Fix race condition of continue_after_map_failure and dma_aio_cancel exec: Notify cpu_register_map_client caller if the bounce buffer is available exec: Protect map_client_list with mutex linux-user, bsd-user: Remove two calls to cpu_exec_init_all ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a1fe58f6ad2282399da256b8579b49b43527e486 Merge: 52b7aba c836867 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Apr 30 10:10:31 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Wed Apr 29 00:03:44 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/ide-pull-request: qtest: Add assertion that required environment variable is set qtest/ahci: add flush retry test libqos: add blkdebug_prepare_script libqtest: add qmp_async libqtest: add qmp_eventwait qtest/ahci: Allow override of default CLI options qtest/ahci: Add simple flush test qtest/ahci: test different disk sectors qtest/ahci: add qcow2 support to ahci-test fdc: remove sparc sun4m mutations Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d064d9f381b00538e41f14104b88a1ae85d78865 Author: Bogdan Purcareata <bogdan.purcareata@xxxxxxxxxxxxx> Date: Fri Apr 3 11:01:54 2015 +0000 nbd/trivial: fix type cast for ioctl This fixes ioctl behavior on powerpc e6500 platforms with 64bit kernel and 32bit userspace. The current type cast has no effect there and the value passed to the kernel is still 0. Probably an issue related to the compiler, since I'm assuming the same configuration works on a similar setup on x86. Also ensure consistency with previous type cast in TRACE message. Signed-off-by: Bogdan Purcareata <bogdan.purcareata@xxxxxxxxxxxxx> Message-Id: <1428058914-32050-1-git-send-email-bogdan.purcareata@xxxxxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx [Fix parens as noticed by Michael. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 510a647fa27a12b66be40da4c2c098430003225c Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Wed Apr 22 17:50:52 2015 -0400 translate-all: use bitmap helpers for PageDesc's bitmap Here we have an open-coded byte-based bitmap implementation. Get rid of it since there's a ulong-based implementation to be used by all code. Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b8eb5512fd8a115f164edbbe897cdf8884920ccb Author: Nadav Amit <namit@xxxxxxxxxxxxxxxxx> Date: Mon Apr 13 02:32:08 2015 +0300 target-i386: disable LINT0 after reset Due to old Seabios bug, QEMU reenable LINT0 after reset. This bug is long gone and therefore this hack is no longer needed. Since it violates the specifications, it is removed. Signed-off-by: Nadav Amit <namit@xxxxxxxxxxxxxxxxx> Message-Id: <1428881529-29459-2-git-send-email-namit@xxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7398dfc7799a50097803db4796c7edb6cd7d47a1 Author: Wei Liu <wei.liu2@xxxxxxxxxx> Date: Mon Mar 9 14:54:33 2015 +0000 Makefile.target: prepend $libs_softmmu to $LIBS I discovered a problem when trying to build QEMU statically with gcc. libm is an element of LIBS while libpixman-1 is an element in libs_softmmu. Libpixman references functions in libm, so the original ordering makes linking fail. This fix is to reorder $libs_softmmu and $LIBS to make -lm appear after -lpixman-1. However I'm not quite sure if this is the right fix, hence the RFC tag. Normally QEMU is built with c++ compiler which happens to link in libm (at least this is the case with g++), so building QEMU statically normally just works and nobody notices this issue. Signed-off-by: Wei Liu <wei.liu2@xxxxxxxxxx> Message-Id: <1425912873-21215-1-git-send-email-wei.liu2@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 738e4171de478da2516180c7a139f1b762443618 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Mar 10 11:17:48 2015 +0100 milkymist: do not modify libs-softmmu This is better and prepares for the next patch. When we copy libs_softmmu's value into LIBS with a := assignment, we cannot anymore modify libs_softmmu in the Makefiles. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2847b46958ab0bd604e1b3fcafba0f5ba4375833 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Mar 26 11:03:12 2015 +0800 configure: Add support for tcmalloc This adds "--enable-tcmalloc" and "--disable-tcmalloc" to allow linking to libtcmalloc from gperftools. tcmalloc is a malloc implementation that works well with threads and is fast, so it is good for performance. It is disabled by default, because the MALLOC_PERTURB_ flag we use in tests doesn't work with tcmalloc. However we can enable tcmalloc specific heap checker and profilers later. An IOPS gain can be observed with virtio-blk-dataplane, other parts of QEMU will directly benefit from it as well: ========================================================== glibc malloc ---------------------------------------------------------- rw bs iodepth bw iops latency read 4k 1 150 38511 24 ---------------------------------------------------------- ========================================================== tcmalloc ---------------------------------------------------------- rw bs iodepth bw iops latency read 4k 1 156 39969 23 ---------------------------------------------------------- Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1427338992-27057-1-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c8368674980b299604e3cfe9215c4105acefa516 Author: Ed Maste <emaste@xxxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 qtest: Add assertion that required environment variable is set Signed-off-by: Ed Maste <emaste@xxxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1427911244-22565-1-git-send-email-emaste@xxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit cf5aa89e9d32ae39bd9df27c9b2aec03c0d240b2 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 qtest/ahci: add flush retry test Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1426018503-821-7-git-send-email-jsnow@xxxxxxxxxx commit 72c85e949fd162b039614d588d94393ff3e2dae3 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 libqos: add blkdebug_prepare_script Pull this helper out of ide-test and into libqos, to be shared with ahci-test. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1426018503-821-6-git-send-email-jsnow@xxxxxxxxxx commit ba4ed39346c1bdbfefd1d781b39009f90822b956 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 libqtest: add qmp_async Add qmp_async, which lets us send QMP commands asynchronously. This is useful when we want to send commands that will trigger event responses, but we don't know in what order to expect them. Sometimes the event responses may arrive even before the command confirmation will show up, so it is convenient to leave the responses in the stream. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1426018503-821-5-git-send-email-jsnow@xxxxxxxxxx commit 8fe941f749b2db3735abade1c298552de4eab496 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 libqtest: add qmp_eventwait Allow the user to poll until a desired interrupt occurs. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1426018503-821-4-git-send-email-jsnow@xxxxxxxxxx commit debaaa114a8877a939533ba846e64168fb287b7b Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 qtest/ahci: Allow override of default CLI options Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1426018503-821-3-git-send-email-jsnow@xxxxxxxxxx commit 4e217074ca3f704d9a1c3bd1ebb03eb7621ab882 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 qtest/ahci: Add simple flush test Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1426018503-821-2-git-send-email-jsnow@xxxxxxxxxx commit 727be1a7550b5caad0b94098a41de8033ad43f85 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 qtest/ahci: test different disk sectors Test sector offset 0, 1, and the last sector(s) in LBA28 and LBA48 modes. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Acked-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1426274523-22661-3-git-send-email-jsnow@xxxxxxxxxx commit 122fdf2d8822699482723e6f50f34c9c3933360b Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 qtest/ahci: add qcow2 support to ahci-test This will enable the testing of high offsets without wasting a lot of disk space, and does not impact the previous tests. mkimg and mkqcow2 are added to libqos for other tests. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Acked-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1426274523-22661-2-git-send-email-jsnow@xxxxxxxxxx commit 24a5c62cfe3cbe3fb4722f79661b9900a2579316 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 fdc: remove sparc sun4m mutations They were introduced in 6f7e9aec5eb5bdfa57a9e458e391b785c283a007 and 82407d1a4035e5bfefb53ffdcb270872f813b34c and lots of bug fixes were done after that. This fixes (at least) the detection of the floppy controller on Debian 4.0r9/SPARC, and SS-5's OBP initialization routine still works. Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Tested-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Message-id: 1426351846-6497-1-git-send-email-hpoussin@xxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 52b7aba62f02cf90f57ee7e02f67d2d8445e7e40 Merge: a9392bc 5655f93 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Apr 28 18:58:15 2015 +0100 Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150428.0' into staging VFIO updates - Correction to BAR overflow - Fix error sign - Reset workaround for AMD Bonaire & Hawaii GPUs # gpg: Signature made Tue Apr 28 18:26:43 2015 BST using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex@xxxxxxxxxxx>" # gpg: aka "Alex Williamson <alwillia@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex.l.williamson@xxxxxxxxx>" * remotes/awilliam/tags/vfio-update-20150428.0: vfio-pci: Reset workaround for AMD Bonaire and Hawaii GPUs vfio-pci: Fix error path sign vfio-pci: Further fix BAR size overflow Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5655f931abcfa5f100d12d021eaed606c2d4ef52 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Tue Apr 28 11:14:02 2015 -0600 vfio-pci: Reset workaround for AMD Bonaire and Hawaii GPUs Somehow these GPUs manage not to respond to a PCI bus reset, removing our primary mechanism for resetting graphics cards. The result is that these devices typically work well for a single VM boot. If the VM is rebooted or restarted, the guest driver is not able to init the card from the dirty state, resulting in a blue screen for Windows guests. The workaround is to use a device specific reset. This is not 100% reliable though since it depends on the incoming state of the device, but it substantially improves the usability of these devices in a VM. Credit to Alex Deucher <alexander.deucher@xxxxxxx> for his guidance. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit c6d231e2fd3773ef9a566ca24962f2314cb78f73 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Tue Apr 28 11:14:02 2015 -0600 vfio-pci: Fix error path sign This is an impossible error path due to the fact that we're reading a kernel provided, rather than user provided link, which will certainly always fit in PATH_MAX. Currently it returns a fixed 26 char path plus %d group number, which typically maxes out at double digits. However, the caller of the initfn certainly expects a less-than zero return value on error, not just a non-zero value. Therefore we should correct the sign here. Reported-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 07ceaf98800519ef9c5dc893af00f1fe1f9144e4 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Tue Apr 28 11:14:02 2015 -0600 vfio-pci: Further fix BAR size overflow In an analysis by Laszlo, the resulting type of our calculation for the end of the MSI-X table, and thus the start of memory after the table, is uint32_t. We're therefore not correctly preventing the corner case overflow that we intended to fix here where a BAR >=4G could place the MSI-X table to end exactly at the 4G boundary. The MSI-X table offset is defined by the hardware spec to 32bits, so we simply use a cast rather than changing data structure types. This scenario is purely theoretically, typically the MSI-X table is located at the front of the BAR. Reported-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit a9392bc93c8615ad1983047e9f91ee3fa8aae75f Merge: 84cbd63 61007b3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Apr 28 16:55:03 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block patches # gpg: Signature made Tue Apr 28 15:35:05 2015 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: (76 commits) block: move I/O request processing to block/io.c block: extract bdrv_setup_io_funcs() block: add bdrv_set_dirty()/bdrv_reset_dirty() to block_int.h block: replace bdrv_states iteration with bdrv_next() vmdk: Widen before shifting 32 bit header field block/dmg: make it modular block/mirror: Always call block_job_sleep_ns() iotests: add incremental backup granularity tests iotests: add incremental backup failure recovery test iotests: add simple incremental backup case iotests: add QMP event waiting queue iotests: add invalid input incremental backup tests hbitmap: truncate tests block: Resize bitmaps on bdrv_truncate block: Ensure consistent bitmap function prototypes block: add BdrvDirtyBitmap documentation qmp: Add dirty bitmap status field in query-block qmp: add block-dirty-bitmap-clear qmp: Add support of "dirty-bitmap" sync mode for drive-backup block: Add bitmap successors ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit da2f84d1270d203027d82f778d5bcc1f7a49bab0 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue Apr 28 19:51:13 2015 +0800 virtio-scsi: Move DEFINE_VIRTIO_SCSI_FEATURES to virtio-scsi So far virtio-scsi-device can't expose host features to guest while using virtio-mmio because it doesn't set DEFINE_VIRTIO_SCSI_FEATURES on backend or transport. The host features belong to the backends while virtio-scsi-pci, virtio-scsi-s390 and virtio-scsi-ccw set the DEFINE_VIRTIO_SCSI_FEATURES on transports. But they already have the ability to forward property accesses to the backend child. So if we move the host features to backends, it doesn't break the backwards compatibility for them and make host features work while using virtio-mmio. Move DEFINE_VIRTIO_SCSI_FEATURES to the backend virtio-scsi. The transports just sync the host features from backends. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit da3e8a23492dbc13c4b70d90b6ae42970624e63a Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue Apr 28 19:51:12 2015 +0800 virtio-net: Move DEFINE_VIRTIO_NET_FEATURES to virtio-net So far virtio-net-device can't expose host features to guest while using virtio-mmio because it doesn't set DEFINE_VIRTIO_NET_FEATURES on backend or transport. So the performance is low. The host features belong to the backend while virtio-net-pci, virtio-net-s390 and virtio-net-ccw set the DEFINE_VIRTIO_NET_FEATURES on transports. But they already have the ability to forward property accesses to the backend child. So if we move the host features to backends, it doesn't break the backwards compatibility for them and make host features work while using virtio-mmio. Here we move DEFINE_VIRTIO_NET_FEATURES to the backend virtio-net. The transports just sync the host features from backend. Meanwhile move virtio_net_set_config_size to virtio-net to make sure the config size is correct and don't expose it. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 51f7cb974ba1af9f68302f2bae4bf0161fb0ab03 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Tue Apr 28 12:50:07 2015 +0200 pci: Merge pci_nic_init() into pci_nic_init_nofail() The error reporting in pci_nic_init() is quite erratic: Some errors are printed directly with error_report(), and some are passed back to the caller pci_nic_init_nofail() via an Error pointer. Since pci_nic_init() is only used by pci_nic_init_nofail(), the functions can be simply merged to clean up this inconsistency. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 61007b316cd71ee7333ff7a0a749a8949527575f Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Apr 28 14:27:52 2015 +0100 block: move I/O request processing to block/io.c The block.c file has grown to over 6000 lines. It is time to split this file so there are fewer conflicts and the code is easier to maintain. Extract I/O request processing code: * Read * Write * Zero writes and making the image empty * Flush * Discard * ioctl * Tracked requests and queuing * Throttling and copy-on-read * Block status and allocated functions * Refreshing block limits * Reading/writing vmstate * qemu_blockalign() and friends The patch simply moves code from block.c into block/io.c. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 0eb7217e49b84553bb30f97bc34380633fd846fe Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Apr 28 14:27:51 2015 +0100 block: extract bdrv_setup_io_funcs() Move the code to install coroutine and aio emulation function pointers in a BlockDriver to its own function. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e0c47b6cb1de430fbc6f828f7acffa851c580840 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Apr 28 14:27:50 2015 +0100 block: add bdrv_set_dirty()/bdrv_reset_dirty() to block_int.h The dirty bitmap functions are called from the block I/O processing code. Make them visible to block_int.h users so they can be used outside block.c. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4f5472cb2d3d37ec3282cc3829612f9d696c2df7 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Apr 28 14:27:49 2015 +0100 block: replace bdrv_states iteration with bdrv_next() The bdrv_states list is a static variable in block.c. bdrv_drain_all() and bdrv_flush_all() use this variable to iterate over all drives. The next patch will move bdrv_drain_all() and bdrv_flush_all() out of block.c so it's necessary to switch to the public bdrv_next() interface. Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7237aecd7e8fcc3ccf7fded77b6c127b4df5d3ac Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Apr 27 22:23:01 2015 +0800 vmdk: Widen before shifting 32 bit header field Coverity spotted this. The field is 32 bits, but if it's possible to overflow in 32 bit left shift. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5505e8b76f86f925c35ecc2b2d311886bb36534c Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Mon Apr 27 14:51:56 2015 +0300 block/dmg: make it modular dmg can optionally utilize libbz2, make it modular Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 001c95b740b2ed3d8b486952f68b5f06e609f1f2 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Apr 27 13:07:31 2015 +0200 block/mirror: Always call block_job_sleep_ns() The mirror block job is trying to take a clever shortcut if delay_ns is 0 and skips block_job_sleep_ns() in that case. But that function must be called in every block job iteration, because otherwise it is for example impossible to pause the job. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 59fc5d844fe192494308d0f07507b712ec395129 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:09 2015 -0400 iotests: add incremental backup granularity tests Test what happens if you fiddle with the granularity. Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-22-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 24618f5381da650bd50c78feea07b35cf82e7d6c Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:08 2015 -0400 iotests: add incremental backup failure recovery test Test the failure case for incremental backups. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-21-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a3d715958c4456afea402e891288864fe4e51547 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:07 2015 -0400 iotests: add simple incremental backup case Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-20-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7898f74e78a5900fc079868e255b65d807fa8a8f Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:06 2015 -0400 iotests: add QMP event waiting queue A filter is added to allow callers to request very specific events to be pulled from the event queue, while leaving undesired events still in the stream. This allows us to poll for completion data for multiple asynchronous events in any arbitrary order. A new timeout context is added to the qmp pull_event method's wait parameter to allow tests to fail if they do not complete within some expected period of time. Also fixed is a bug in qmp.pull_event where we try to retrieve an event from an empty list if we attempt to retrieve an event with wait=False but no events have occurred. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-19-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9f7264f57c8307bca32e78427348b8b323d5db21 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:05 2015 -0400 iotests: add invalid input incremental backup tests Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-18-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a94e87c08cfff73ac4b179adc3d0d9c3b8d2ddef Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:04 2015 -0400 hbitmap: truncate tests The general approach is to set bits close to the boundaries of where we are truncating and ensure that everything appears to have gone OK. We test growing and shrinking by different amounts: - Less than the granularity - Less than the granularity, but across a boundary - Less than sizeof(unsigned long) - Less than sizeof(unsigned long), but across a ulong boundary - More than sizeof(unsigned long) Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-17-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ce1ffea8cdcea41533bde87759b8390f0e3a9ad3 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:03 2015 -0400 block: Resize bitmaps on bdrv_truncate Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-16-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 20dca81075e712ebcbc151eed9b1a02d4e5d08f5 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:02 2015 -0400 block: Ensure consistent bitmap function prototypes We often don't need the BlockDriverState for functions that operate on bitmaps. Remove it. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-15-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit aa0c7ca506bb3f661be673b3d5c1320f37e52fdb Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:01 2015 -0400 block: add BdrvDirtyBitmap documentation Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-14-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a113534ffb8f2580d323e6397e6908d5f4bfa0b7 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:00 2015 -0400 qmp: Add dirty bitmap status field in query-block Add the "frozen" status booleans, to inform clients when a bitmap is occupied doing a task. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1429314609-29776-13-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e74e6b78e6fe0c9ee426d1278fff45f5fa0af766 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:59 2015 -0400 qmp: add block-dirty-bitmap-clear Add bdrv_clear_dirty_bitmap and a matching QMP command, qmp_block_dirty_bitmap_clear that enables a user to reset the bitmap attached to a drive. This allows us to reset a bitmap in the event of a full drive backup. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1429314609-29776-12-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d58d84539784d27c826924a79d9436178b07ff69 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:58 2015 -0400 qmp: Add support of "dirty-bitmap" sync mode for drive-backup For "dirty-bitmap" sync mode, the block job will iterate through the given dirty bitmap to decide if a sector needs backup (backup all the dirty clusters and skip clean ones), just as allocation conditions of "top" sync mode. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-11-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9bd2b08f27b9c27bb40d73b6466321b8c635086e Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:57 2015 -0400 block: Add bitmap successors A bitmap successor is an anonymous BdrvDirtyBitmap that is intended to be created just prior to a sensitive operation (e.g. Incremental Backup) that can either succeed or fail, but during the course of which we still want a bitmap tracking writes. On creating a successor, we "freeze" the parent bitmap which prevents its deletion, enabling, anonymization, or creating a bitmap with the same name. On success, the parent bitmap can "abdicate" responsibility to the successor, which will inherit its name. The successor will have been tracking writes during the course of the backup operation. The parent will be safely deleted. On failure, we can "reclaim" the successor from the parent, unifying them such that the resulting bitmap describes all writes occurring since the last successful backup, for instance. Reclamation will thaw the parent, but not explicitly re-enable it. BdrvDirtyBitmap operations that target a single bitmap are protected by assertions that the bitmap is not frozen and/or disabled. BdrvDirtyBitmap operations that target a group of bitmaps, such as bdrv_{set,reset}_dirty will ignore frozen/disabled drives with a conditional instead. Internal functions that enable/disable dirty bitmaps have assertions added to them to prevent modifying frozen bitmaps. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1429314609-29776-10-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b8e6fb752e43b45b428487c244cab35f0ab94b10 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:56 2015 -0400 block: Add bitmap disabled status Add a status indicating the enabled/disabled state of the bitmap. A bitmap is by default enabled, but you can lock the bitmap into a read-only state by setting disabled = true. A previous version of this patch added a QMP interface for changing the state of the bitmap, but it has since been removed for now until a use case emerges where this state must be revealed to the user. The disabled state WILL be used internally for bitmap migration and bitmap persistence. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-9-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit be58721dbf882fa8830f3669f499b0a5b501e90f Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:55 2015 -0400 hbitmap: add hbitmap_merge We add a bitmap merge operation to assist in error cases where we wish to combine two bitmaps together. This is algorithmically O(bits) provided HBITMAP_LEVELS remains constant. For a full bitmap on a 64bit machine: sum(bits/64^k, k, 0, HBITMAP_LEVELS) ~= 1.01587 * bits We may be able to improve running speed for particularly sparse bitmaps by using iterators, but the running time for dense maps will be worse. We present the simpler solution first, and we can refine it later if needed. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-8-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8515efbef1759b9143f06e9722c8f4e145032181 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:54 2015 -0400 hbitmap: cache array lengths As a convenience: between incremental backups, bitmap migrations and bitmap persistence we seem to need to recalculate these a lot. Because the lengths are a little bit-twiddly, let's just solidly cache them and be done with it. Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-7-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 592fdd02ae987a439a2ba25a2a973673f1484805 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:53 2015 -0400 block: Introduce bdrv_dirty_bitmap_granularity() This returns the granularity (in bytes) of dirty bitmap, which matches the QMP interface and the existing query interface. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-6-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 341ebc2f81b14862347e4d4c1fcb3759f815237a Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:52 2015 -0400 qmp: Add block-dirty-bitmap-add and block-dirty-bitmap-remove The new command pair is added to manage a user created dirty bitmap. The dirty bitmap's name is mandatory and must be unique for the same device, but different devices can have bitmaps with the same names. The granularity is an optional field. If it is not specified, we will choose a default granularity based on the cluster size if available, clamped to between 4K and 64K to mirror how the 'mirror' code was already choosing granularity. If we do not have cluster size info available, we choose 64K. This code has been factored out into a helper shared with block/mirror. This patch also introduces the 'block_dirty_bitmap_lookup' helper, which takes a device name and a dirty bitmap name and validates the lookup, returning NULL and setting errp if there is a problem with either field. This helper will be re-used in future patches in this series. The types added to block-core.json will be re-used in future patches in this series, see: 'qapi: Add transaction support to block-dirty-bitmap-{add, enable, disable}' Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1429314609-29776-5-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5fba6c0e50b66691568b34d5a2f4be0b39f5e20a Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:51 2015 -0400 qmp: Ensure consistent granularity type We treat this field with a variety of different types everywhere in the code. Now it's just uint32_t. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-4-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 0db6e54a8a2c6e16780356422da671b71f862341 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 17 19:49:50 2015 -0400 qapi: Add optional field "name" to block dirty bitmap This field will be set for user created dirty bitmap. Also pass in an error pointer to bdrv_create_dirty_bitmap, so when a name is already taken on this BDS, it can report an error message. This is not global check, two BDSes can have dirty bitmap with a common name. Implemented bdrv_find_dirty_bitmap to find a dirty bitmap by name, will be used later when other QMP commands want to reference dirty bitmap by name. Add bdrv_dirty_bitmap_make_anon. This unsets the name of dirty bitmap. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-3-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit efcfa278dca27f1c9db8b8283eac54f5e19074e7 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:49 2015 -0400 docs: incremental backup documentation Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1429314609-29776-2-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9eac3622a2b1159ab50b10540e822f3e58fdc383 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:33 2015 +0200 block/iscsi: use the allocationmap also if cache.direct=on the allocationmap has only a hint character. The driver always double checks that blocks marked unallocated in the cache are still unallocated before taking the fast path and return zeroes. So using the allocationmap is migration safe and can also be enabled with cache.direct=on. Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-10-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 03e40fef4678f9a42846c91a804b6d3c820e8b90 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:32 2015 +0200 block/iscsi: bump year in copyright notice Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-9-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e380aff831c24b37c023010852e7ddd2ae1ec385 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:31 2015 +0200 block/iscsi: handle SCSI_STATUS_TASK_SET_FULL a target may issue a SCSI_STATUS_TASK_SET_FULL status if there is more than one "BUSY" command queued already. Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-8-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 59dd0a22ca4c3ac70c37263208b9e49cfeacf2e4 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:30 2015 +0200 block/iscsi: increase retry count The idea is that a command is retried in a BUSY condition up a time of approx. 60 seconds before it is failed. This should be far higher than any command timeout in the guest. Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-7-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 73b5394e2e4af3bbe01e221fa395373facc67f78 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:29 2015 +0200 block/iscsi: optimize WRITE10/16 if cache.writeback is not set SCSI allowes to tell the target to not return from a write command if the date is not written to the disk. Use this so called FUA bit if it is supported to optimize WRITE commands if writeback is not allowed. In this case qemu always issues a WRITE followed by a FLUSH. This is 2 round trip times. If we set the FUA bit we can ignore the following FLUSH. Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-6-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 752ce45150d3d70aabc4eb46a7a9cdfd8b4640fd Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:28 2015 +0200 block/iscsi: store DPOFUA bit from the modesense command Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-5-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7191f2080c70228c6483b6604cc1c18943d8d766 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:27 2015 +0200 block/iscsi: rename iscsi_write_protected and let it return void Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-4-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 0a386e48527d16e5dedbc1ff62aa0042a1cbdac5 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:26 2015 +0200 block/iscsi: change all iscsilun properties from uint8_t to bool Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-3-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 20474e9aa040b9a255c63127f1eb873c29c54f68 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:25 2015 +0200 block/iscsi: do not forget to logout from target We actually were always impolitely dropping the connection and not cleanly logging out. CC: qemu-stable@xxxxxxxxxx Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-2-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d5a8ee60a0fbc20a2c2d02f3bda1bb1bd365f1ee Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Fri Apr 17 14:52:43 2015 +0300 qmp: fill in the image field in BlockDeviceInfo The image field in BlockDeviceInfo is supposed to contain an ImageInfo object. However that is being filled in by bdrv_query_info(), not by bdrv_block_device_info(), which is where BlockDeviceInfo is actually created. Anyone calling bdrv_block_device_info() directly will get a null image field. As a consequence of this, the HMP command 'info block -n -v' crashes QEMU. This patch moves the code that fills in that field from bdrv_query_info() to bdrv_block_device_info(). Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1429271563-3765-1-git-send-email-berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9419874f709469de16c1bced7731bfecb07fe1cf Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Apr 22 11:15:10 2015 +0100 Revert "hmp: fix crash in 'info block -n -v'" This reverts commit 638b8366200130cc7cf7a026630bc6bfb63b0c4c. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit dc881b441d74b8fc6c9c007cd03d5d05bca388dd Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Apr 8 12:29:20 2015 +0300 block: add 'node-name' field to BLOCK_IMAGE_CORRUPTED Since this event can occur in nodes that cannot have a device name associated, include also a field with the node name. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: 147cec5b3594f4bec0cb41c98afe5fcbfb67567c.1428485266.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 81e5f78a9f4f13548ec1edddaf780d339f18e2d2 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Apr 8 12:29:19 2015 +0300 block: use bdrv_get_device_or_node_name() in error messages There are several error messages that identify a BlockDriverState by its device name. However those errors can be produced in nodes that don't have a device name associated. In those cases we should use bdrv_get_device_or_node_name() to fall back to the node name and produce a more meaningful message. The messages are also updated to use the more generic term 'node' instead of 'device'. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 9823a1f0514fdb0692e92868661c38a9e00a12d6.1428485266.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9b2aa84f87f5b95cb0295dcae38fbfbf115df2be Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Apr 8 12:29:18 2015 +0300 block: add bdrv_get_device_or_node_name() This function gets the device name associated with a BlockDriverState, or its node name if the device name is empty. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 4fa30aa8d61d9052ce266fd5429a59a14e941255.1428485266.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ec683d604069dcdaaa516789274bc0cdc14e5247 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Apr 15 11:43:42 2015 +0100 block: document block-stream in qmp-commands.hx The 'block-stream' QMP command is documented in block-core.json but not qmp-commands.hx. Add a summary of the command to qmp-commands.hx (similar to the documentation for 'block-commit'). Reported-by: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: 1429094622-26218-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit c485cf9c9277ca9b3d5227c99a13c374e812f42b Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Apr 15 10:43:44 2015 +0100 m25p80: fix s->blk usage before assignment Delay the call to blk_blockalign() until s->blk has been assigned. This never caused a crash because blk_blockalign(NULL, size) defaults to 4096 alignment but it's technically incorrect. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1429091024-25098-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d07063e46047242c4f010ff9ddbff5e02f15d9e7 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Apr 14 17:29:47 2015 +0200 m25p80: add missing blk_attach_dev_nofail Of the block devices that poked into -drive options via drive_get_next, m25p80 was the only one who also did not attach itself to the BlockBackend. Since sd does it, and all other devices go through a "drive" property, with this change all block backends attached to the guest will have a non-NULL result for blk_get_attached_dev(). Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1429025387-11077-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4eb867e98c1815d9d7a2a9380182005df12064a7 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Sun Apr 12 17:55:17 2015 +0200 virtio_blk: comment fix update virtio blk header from latest linux, include comment fixups. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1428854036-12806-1-git-send-email-mst@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 0b5a24454fc551f0294fe93821e8c643214a55f5 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Sat Mar 28 07:37:18 2015 +0100 block: avoid unnecessary bottom halves bdrv_aio_* APIs can use coroutines to achieve asynchronicity. However, the coroutine may terminate without having yielded back to the caller (for example because of something that invokes a nested event loop, or because the coroutine is doing nothing at all). In this case, the bdrv_aio_* API must delay the completion to the next iteration of the main loop, because bdrv_aio_* will never invoke the callback before returning. This can be done with a bottom half, and indeed bdrv_aio_* is always using one for simplicity. It is possible to gain some performance (~3%) by avoiding this in the common case. A new field in the BlockAIOCBCoroutine struct is set to true until the first time the corotine has yielded to its creator, and completion goes through a new function bdrv_co_complete. If the flag is false, bdrv_co_complete invokes the callback immediately. If it is true, the caller will notice that the coroutine has completed and schedule the bottom half itself. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427524638-28157-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a7282330c01364ef00260749bc6a37c7f16ec047 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 3 22:05:21 2015 +0800 blockjob: Update function name in comments Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1428069921-2957-5-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e62303a437af72141c8d04c36799521a56d6f4f6 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 3 22:05:20 2015 +0800 qemu-iotests: Test that "stop" doesn't drain block jobs Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1428069921-2957-4-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 69da3b0b47c8f6016e9109fcfa608e9e7e99bc05 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 3 22:05:19 2015 +0800 block: Pause block jobs in bdrv_drain_all This is necessary to suppress more IO requests from being generated from block job coroutines. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1428069921-2957-3-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 751ebd76e654bd1e65da08ecf694325282b4cfcc Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 3 22:05:18 2015 +0800 blockjob: Allow nested pause This patch changes block_job_pause to increase the pause counter and block_job_resume to decrease it. The counter will allow calling block_job_pause/block_job_resume unconditionally on a job when we need to suspend the IO temporarily. From now on, each block_job_resume must be paired with a block_job_pause to keep the counter balanced. The user pause from QMP or HMP will only trigger block_job_pause once until it's resumed, this is achieved by adding a user_paused flag in BlockJob. One occurrence of block_job_resume in mirror_complete is replaced with block_job_enter which does what is necessary. In block_job_cancel, the cancel flag is good enough to instruct coroutines to quit loop, so use block_job_enter to replace the unpaired block_job_resume. Upon block job IO error, user is notified about the entering to the pause state, so this pause belongs to user pause, set the flag accordingly and expect a matching QMP resume. [Extended doc comments as suggested by Paolo Bonzini <pbonzini@xxxxxxxxxx>. --Stefan] Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1428069921-2957-2-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 199667a8c843d268f0fe80f09041b8c7193f1ba5 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Apr 1 09:45:40 2015 +0800 MAINTAINERS: Add Fam Zheng as Null block driver maintainer Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427852740-24315-4-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 1c2b49a17282f3abd9ccf71b65d0be62d3b3192e Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Apr 1 09:45:39 2015 +0800 block/null: Support reopen Reopen is used in block-commit. With this always-succeed operation, it is now possible to test committing to a null drive, by specifying "null-aio://" or "null-co://" as the backing image when creating the qcow2 image. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427852740-24315-3-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e5e51dd3af6a0872dedce290ee41437b5aeed109 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Apr 1 09:45:38 2015 +0800 block/null: Latency simulation by adding new option "latency-ns" Aio context switch should just work because the requests will be drained, so the scheduled timer(s) on the old context will be freed. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427852740-24315-2-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9eddd6a4b3b187ba50038800b6e4aeda4973b365 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Mar 26 22:42:34 2015 +0000 scripts: add 'qemu coroutine' command to qemu-gdb.py The 'qemu coroutine <coroutine-address>' GDB command prints the backtrace for a CoroutineUContext. This is useful for peeking inside yielded coroutines that are waiting for file descriptor events, timers, etc. For example: $ gdb tests/test-coroutine (gdb) b test_yield (gdb) r (gdb) b qemu_coroutine_enter (gdb) c (gdb) c Continuing. Breakpoint 2, qemu_coroutine_enter (co=0x555555c66520, opaque=0x0) at qemu-coroutine.c:103 103 { (gdb) source scripts/qemu-gdb.py (gdb) qemu coroutine 0x555555c66520 #0 0x000055555557a740 in qemu_coroutine_switch (from_=<optimized out>, to_=0x7ffff7f90a70, action=COROUTINE_YIELD) at coroutine-ucontext.c:177 #1 0x0000555555566af9 in yield_5_times (opaque=0x7fffffffdbb7) at tests/test-coroutine.c:107 #2 0x000055555557a7aa in coroutine_trampoline (i0=<optimized out>, i1=<optimized out>) at coroutine-ucontext.c:80 #3 0x00007ffff08de000 in __start_context () at /lib64/libc.so.6 Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427409754-8556-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 1faa5bb73247339bf3d797433a9ade990ef0fb32 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Apr 2 17:39:22 2015 +0100 thread-pool: clean up thread_pool_completion_bh() This patch simplifies thread_pool_completion_bh(). The function first checks elem->state: if (elem->state != THREAD_DONE) { continue; } It then goes on to check elem->state == THREAD_DONE although we already know this must be the case. The QLIST_REMOVE() is duplicated down both branches of an if-else statement so that can be lifted out as well. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1427992762-10126-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d1a126c53ddc563b7b731cee013e0362f7a5f22f Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Apr 14 16:36:16 2015 +0200 vhdx: Fix zero-fill iov length Fix the length of the zero-fill for the back, which was accidentally using the same value as for the front. This is caught by qemu-iotests 033. For consistency, change the code for the front as well to use the length stored in the iov (it is the same value, copied four lines above). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Acked-by: Jeff Cody <jcody@xxxxxxxxxx> commit 8eedfbd4a50299f03b3630659c34ad1b01f69370 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Apr 14 16:32:45 2015 +0200 blkdebug: Add bdrv_truncate() This is, amongst others, required for qemu-iotests 033 to run as intended on VHDX, which uses explicit bdrv_truncate() calls to bs->file when allocating new blocks. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> commit e4f587492331df0ac50bad6131ea273d527af796 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Mar 19 13:33:33 2015 +0100 qemu-iotests: Some qemu-img convert tests This adds a regression test for some problems that the qemu-img convert rewrite just fixed. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 690c7301600162421b928c7f26fd488fd8fa464e Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Mar 19 13:33:32 2015 +0100 qemu-img convert: Rewrite copying logic The implementation of qemu-img convert is (a) messy, (b) buggy, and (c) less efficient than possible. The changes required to beat some sense into it are massive enough that incremental changes would only make my and the reviewers' life harder. So throw it away and reimplement it from scratch. Let me give some examples what I mean by messy, buggy and inefficient: (a) The copying logic of qemu-img convert has two separate branches for compressed and normal target images, which roughly do the same - except for a little code that handles actual differences between compressed and uncompressed images, and much more code that implements just a different set of optimisations and bugs. This is unnecessary code duplication, and makes the code for compressed output (unsurprisingly) suffer from bitrot. The code for uncompressed ouput is run twice to count the the total length for the progress bar. In the first run it just takes a shortcut and runs only half the loop, and when it's done, it toggles a boolean, jumps out of the loop with a backwards goto and starts over. Works, but pretty is something different. (b) Converting while keeping a backing file (-B option) is broken in several ways. This includes not writing to the image file if the input has zero clusters or data filled with zeros (ignoring that the backing file will be visible instead). It also doesn't correctly limit every iteration of the copy loop to sectors of the same status so that too many sectors may be copied to in the target image. For -B this gives an unexpected result, for other images it just does more work than necessary. Conversion with a compressed target completely ignores any target backing file. (c) qemu-img convert skips reading and writing an area if it knows from metadata that copying isn't needed (except for the bug mentioned above that ignores a status change in some cases). It does, however, read from the source even if it knows that it will read zeros, and then search for non-zero bytes in the read buffer, if it's possible that a write might be needed. This reimplementation of the copying core reorganises the code to remove the duplication and have a much more obvious code flow, by essentially splitting the copy iteration loop into three parts: 1. Find the number of contiguous sectors of the same status at the current offset (This can also be called in a separate loop before the copying loop in order to determine the total sectors for the progress bar.) 2. Read sectors. If the status implies that there is no data there to read (zero or unallocated cluster), don't do anything. 3. Write sectors depending on the status. If it's data, write it. If we want the backing file to be visible (with -B), don't write it. If it's zeroed, skip it if you can, otherwise use bdrv_write_zeroes() to optimise the write at least where possible. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 0df89e8e6f62aea32a7302e73a86b7bfe5821018 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Mar 19 13:33:31 2015 +0100 block-backend: Expose bdrv_write_zeroes() Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit a0710f7995f914e3044e5899bd8ff6c43c62f916 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Feb 20 17:26:52 2015 +0100 iothread: release iothread around aio_poll This is the first step towards having fine-grained critical sections in dataplane threads, which resolves lock ordering problems between address_space_* functions (which need the BQL when doing MMIO, even after we complete RCU-based dispatch) and the AioContext. Because AioContext does not use contention callbacks anymore, the unit test has to be changed. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1424449612-18215-4-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 49110174f8835ec3d5ca7fc076ee1f51c18564fe Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Feb 20 17:26:51 2015 +0100 AioContext: acquire/release AioContext during aio_poll This is the first step in pushing down acquire/release, and will let rfifolock drop the contention callback feature. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1424449612-18215-3-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e98ab097092e54999f046e9efa1ca1dd52f0c9e5 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Feb 20 17:26:50 2015 +0100 aio-posix: move pollfds to thread-local storage By using thread-local storage, aio_poll can stop using global data during g_poll_ns. This will make it possible to drop callbacks from rfifolock. [Moved npfd = 0 assignment to end of walking_handlers region as suggested by Paolo. This resolves the assert(npfd == 0) assertion failure in pollfds_cleanup(). --Stefan] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1424449612-18215-2-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit de50a20a4cc368d241d67c600f8c0f667186a8b5 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Mar 25 15:27:26 2015 +0800 block: Switch to host monotonic clock for IO throttling Currently, throttle timers won't make any progress when VCPU is not running, which would stall the request queue in utils, qtest, vm suspending, and live migration, without special handling. Block jobs are confusingly inconsistent between with and without throttling: if user sets a bps limit, stops the vm, then start a block job, the block job will not make any progress; in contrary, if user unsets the bps limit, or if it's not set, the block job will run normally. After this patch, with the host clock, even if the VCPUs are stopped, the throttle queues will be processed. This patch also enables potential to add throttle to bdrv_drain_all. Currently all requests are drained immediately. In other words whenever it is called, IO throttling goes ineffective (examples: system reset, migration and many block job operations.). This is a loophole that guest could exploit. If we use the host clock, we can later just trust the nested poll. This could be done on top. Note that for qemu-iotests case 093, which uses qtest, we still keep vm clock so the script can control the clock stepping in order to be deterministic. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1427268446-6426-1-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8b6ee9aeb3f0508ed2a41381cde13bdb8707b7be Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 23 15:29:31 2015 +0000 checkpatch: complain about ffs(3) calls The ffs(3) family of functions is not portable. MinGW doesn't always provide the function. Use ctz32() or ctz64() instead. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-10-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit f450a85899585776ccd0913d2361dd8f82666e44 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 23 15:29:30 2015 +0000 os-win32: drop ffs(3) prototype The lack of ffs(3) in the MinGW headers is a hint that we shouldn't rely on it. MinGW 4.9.2 does not make it available for linking when QEMU's ./configure --enable-debug is used (release builds are fine though). Now that all QEMU code has been switched to ctz32() there is no need for ffs(3). Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-9-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 41074f3d3ff0e9a3c6f638627c12ebbf6d757cea Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 15:29:29 2015 +0000 omap_intc: convert ffs(3) to ctz32() in omap_inth_sir_update() Rewrite the loop using level &= level - 1 to clear the least significant bit after each iteration. This simplifies the loop and makes it easy to replace ffs(3) with ctz32(). Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-8-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit c9d933185181cb1cf81bc4c9e5c3a10a5934b017 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 23 15:29:28 2015 +0000 sd: convert sd_normal_command() ffs(3) call to ctz32() ffs() cannot be replaced with ctz32() when the argument might be zero, because ffs(0) returns 0 while ctz32(0) returns 32. The ffs(3) call in sd_normal_command() is a special case though. It can be converted to ctz32() + 1 because the argument is never zero: if (!(req.arg >> 8) || (req.arg >> (ctz32(req.arg & ~0xff) + 1))) { ~~~~~~~~~~~~~~~ ^--------------- req.arg cannot be zero Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-7-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit bd2a88840e2496e29442f333c8fdd6491e831a35 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 23 15:29:27 2015 +0000 Convert ffs() != 0 callers to ctz32() There are a number of ffs(3) callers that do roughly: bit = ffs(val); if (bit) { do_something(bit - 1); } This pattern can be converted to ctz32() like this: zeroes = ctz32(val); if (zeroes != 32) { do_something(zeroes); } Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-6-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 786a4ea82ec9c87e3a895cf41081029b285a5fe5 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 23 15:29:26 2015 +0000 Convert (ffs(val) - 1) to ctz32(val) This commit was generated mechanically by coccinelle from the following semantic patch: @@ expression val; @@ - (ffs(val) - 1) + ctz32(val) The call sites have been audited to ensure the ffs(0) - 1 == -1 case never occurs (due to input validation, asserts, etc). Therefore we don't need to worry about the fact that ctz32(0) == 32. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-5-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5863d374a32c98a7adb4c5e49d62de3cdc16d2ea Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 23 15:29:25 2015 +0000 uninorth: convert ffs(3) to ctz32() It is not clear from the code how a 0 parameter should be handled by the hardware. Keep the same behavior as ffs(0) - 1 == -1. Cc: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-4-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ad5f5fdca83cccd1a4c269b1fd8ba2fce8d1ba26 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 23 15:29:24 2015 +0000 hw/arm/nseries: convert ffs(3) to ctz32() It is not clear from the code how a 0 parameter should be handled by the hardware. Keep the same behavior as ffs(0) - 1 == -1. Cc: Andrzej Zaborowski <balrog@xxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-3-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 588ef9d411339012fc3c94bfad8911e9d0a517a2 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 23 15:29:23 2015 +0000 bt-sdp: fix broken uuids power-of-2 calculation The binary search in sdp_uuid_match() only works when the number of elements to search is a power of two. lo = record->uuid; hi = record->uuids; while (hi >>= 1) if (lo[hi] <= val) lo += hi; return *lo == val; I noticed that the record->uuids calculation in sdp_service_record_build() was suspect: record->uuids = 1 << ffs(record->uuids - 1); Unlike most ffs(val) - 1 users, the expression is ffs(val - 1)! Actually ffs() is the wrong function to use for power-of-2. Use pow2ceil() to achieve the correct effect. Now the record->uuid[] array is sized correctly and the binary search in sdp_uuid_match() should work. I'm not sure how to run/test this code. Cc: Andrzej Zaborowski <balrog@xxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-2-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ecdda9e03d73d2cc1c82c00cccc02f087741b6a5 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Mar 16 18:22:05 2015 +0200 MAINTAINERS: Add myself as the maintainer of the Quorum driver Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1426522925-14444-1-git-send-email-berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 407bc15033b2a8faeb7ca42aab63b7bcede76e10 Author: Yi Wang <up2wing@xxxxxxxxx> Date: Thu Mar 12 22:54:42 2015 +0800 savevm: create snapshot failed when id_str already exists The command "virsh create" will fail in such condition: vm has two disks: vda and vdb. vda has snapshot s1 with id "1", vdb doesn't have s1 but has snapshot s2 with id "1". When we want to run command "virsh create s1", del_existing_snapshots() only deletes s1 in vda, and bdrv_snapshot_create() tries to create vdb's snapshot s1 with id "1", but id "1" alreay exists in vdb with name "s2"! The simplest way is call find_new_snapshot_id() unconditionally. Signed-off-by: Yi Wang <up2wing@xxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 84cbd63f87c1d246f51ec8eee5367a5588f367fd Merge: 54965ee 726a8ff Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Apr 28 12:22:20 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 queue, 2015-04-27 (v2) # gpg: Signature made Mon Apr 27 19:42:39 2015 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-pull-request: target-i386: Remove AMD feature flag aliases from CPU model table target-i386: X86CPU::xlevel2 QOM property target-i386: Make "level" and "xlevel" properties static qemu-config: Accept empty option values MAINTAINERS: Change status of X86 to Maintained MAINTAINERS: Add myself to X86 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 54965ee61dbc114e98777f456b7cd6a778fbb412 Merge: da378d0 2f54eb9 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Apr 28 11:33:47 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging NUMA queue, 2015-04-27 # gpg: Signature made Mon Apr 27 19:02:19 2015 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/numa-pull-request: MAINTAINERS: Add myself as NUMA code maintainer Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit da378d014d27fe3a243bd8e7e060e9eb8c1a272b Merge: 3d27b09 4eb2764 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Apr 28 10:31:03 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150427' into staging target-arm queue: * memory system updates to support transaction attributes * set user-mode and secure attributes for accesses made by ARM CPUs * rename c1_coproc to cpacr_el1 * adjust id_aa64pfr0 when has_el3 CPU property disabled * allow ARMv8 SCR.SMD updates # gpg: Signature made Mon Apr 27 16:14:30 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150427: Allow ARMv8 SCR.SMD updates target-arm: Adjust id_aa64pfr0 when has_el3 CPU property disabled target-arm: rename c1_coproc to cpacr_el1 target-arm: Check watchpoints against CPU security state target-arm: Use attribute info to handle user-only watchpoints target-arm: Add user-mode transaction attribute target-arm: Use correct memory attributes for page table walks target-arm: Honour NS bits in page tables Switch non-CPU callers from ld/st*_phys to address_space_ld/st* exec.c: Capture the memory attributes for a watchpoint hit exec.c: Add new address_space_ld*/st* functions exec.c: Make address_space_rw take transaction attributes exec.c: Convert subpage memory ops to _with_attrs Add MemTxAttrs to the IOTLB Make CPU iotlb a structure rather than a plain hwaddr memory: Replace io_mem_read/write with memory_region_dispatch_read/write memory: Define API for MemoryRegionOps to take attrs and return status Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7824df3889499acc7466317175a3fb24a0824002 Author: Gal Hammer <ghammer@xxxxxxxxxx> Date: Tue Apr 21 11:26:12 2015 +0300 acpi: add a missing backslash to the \_SB scope. A predefined scope in the ACPI specs is precede with a backslash. Signed-off-by: Gal Hammer <ghammer@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit bc09e06113e79e5d70cf2b37015a26f2102cc03e Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Mon Apr 27 16:47:22 2015 +0800 qmp-event: add event notification for memory hot unplug error When memory hot unplug fails, this patch adds support to send QMP event to notify mgmt about this failure. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c06b2ffb02bfcc642c67300d2c4dffd5aa54932b Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Mon Apr 27 16:47:21 2015 +0800 acpi: add hardware implementation for memory hot unplug - implements QEMU hardware part of memory hot unplug protocol described at "docs/spec/acpi_mem_hotplug.txt" - handles memory remove notification event - handles device eject notification Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 660e8ec70065c8b1fd68b2cb137de16d831959f4 Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Mon Apr 27 16:47:20 2015 +0800 acpi: fix "Memory device control fields" register 0 bit in Memory device control fields must be cleared before writing to register. But now this field isn't cleared when other fields are written. To solve this bug, This patch fixes UpdateRule to WriteAsZeros in "Memory device control fields" register. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit af5098973136029211848b4999ad5d38bc90180f Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Mon Apr 27 16:47:19 2015 +0800 acpi: extend aml_field() to support UpdateRule The flags field is declared with default update rule 'Preserve', this patch extends aml_field() to support UpdateRule so that we can specify different values per field. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit f7d3e29db5a5900a1f0ed10f8313f7c3f28e5b59 Author: Tang Chen <tangchen@xxxxxxxxxxxxxx> Date: Mon Apr 27 16:47:18 2015 +0800 acpi, mem-hotplug: add unplug cb for memory device This patch adds unplug cb for memory device. It resets memory status "is_enabled" in acpi_memory_unplug_cb(), removes the corresponding memory region, unregisters vmstate, and unparents the object. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Tang Chen <tangchen@xxxxxxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 64fec58e8ab62490edd2638e4214d8c9f84518c9 Author: Tang Chen <tangchen@xxxxxxxxxxxxxx> Date: Mon Apr 27 16:47:17 2015 +0800 acpi, mem-hotplug: add unplug request cb for memory device This patch adds unplug request cb for memory device, and adds the is_removing boolean field to MemStatus. This field is used to indicate whether the memory device in slot has been requested to be ejected. This field is set to true in acpi_memory_unplug_request_cb(). Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Tang Chen <tangchen@xxxxxxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4aae99b63333e71b2097b106bb15a6fde7f9b55b Author: Tang Chen <tangchen@xxxxxxxxxxxxxx> Date: Mon Apr 27 16:47:16 2015 +0800 acpi, mem-hotplug: add acpi_memory_slot_status() to get MemStatus Add a new API named acpi_memory_slot_status() to obtain a single memory slot status. Doing this is because this procedure will be used by other functions in the next coming patches. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Tang Chen <tangchen@xxxxxxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4fccb4834d0455519ff6d7a81551a8dfd360fefa Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Mon Apr 27 16:47:15 2015 +0800 docs: update documentation for memory hot unplug Add specification about how to use memory hot unplug, and add a flow diagram to explain memory hot unplug process. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 850d00700ba787988b6c5404e8c1a3add7141db1 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Apr 27 21:01:20 2015 +0200 virtio: coding style tweak no space needed after *. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit a0ccd2123ee2f83a1f081e4c39013c3316f9ec7a Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:49 2015 +0800 pci: remove hard-coded bar size in msix_init_exclusive_bar() This patch lets msix_init_exclusive_bar() can calculate the bar and pba size based on the number of MSI-X vectors other than using a hard-coded limit 4096. This is needed to allow device to have more than 128 MSI_X vectors. To keep migration compatibility, keep using 4096 as bar size and 2048 for pba offset. Notes: We don't care about the case that using vectors > 128 for legacy machine type. Since we limit the queue max to 64, so vectors >= 65 is meaningless. Virtio device will be the first user for this. Cc: Keith Busch <keith.busch@xxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 851c2a75a6e80c8aa5e713864d98cfb512e7229b Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:47 2015 +0800 virtio-pci: speedup MSI-X masking and unmasking This patch tries to speed up the MSI-X masking and unmasking through the mapping between vector and queues. With this patch it will there's no need to go through all possible virtqueues, which may help to reduce the time spent when doing MSI-X masking/unmasking a single vector when more than hundreds or even thousands of virtqueues were supported. Tested with 80 queue pairs virito-net-pci by changing the smp affinity in the background and doing netperf in the same time: Before the patch: 5711.70 Gbits/sec After the patch: 6830.98 Gbits/sec About 19.6% improvements in throughput. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit e0d686bf4b9d018ba5449f057b486bb5e1fa1a0d Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:46 2015 +0800 virtio: introduce vector to virtqueues mapping Currently we will try to traverse all virtqueues to find a subset that using a specific vector. This is sub optimal when we will support hundreds or even thousands of virtqueues. So this patch introduces a method which could be used by transport to get all virtqueues that using a same vector. This is done through QLISTs and the number of QLISTs was queried through a transport specific method. When guest setting vectors, the virtqueue will be linked and helpers for traverse the list was also introduced. The first user will be virtio pci which will use this to speed up MSI-X masking and unmasking handling. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 955cc8c9541779e09895a9c5ccbf8ace15d884f5 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:40 2015 +0800 virtio-ccw: using VIRTIO_NO_VECTOR instead of 0 for invalid virtqueue It's a bad idea to need to use vector 0 for invalid virtqueue. So this patch changes to using VIRTIO_NO_VECTOR instead. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> CC: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit bcfa4d60144fb879f0ffef0a6d174faa37b2df82 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:39 2015 +0800 monitor: check return value of qemu_find_net_clients_except() qemu_find_net_clients_except() may return a value which is greater than the size of array we provided. So we should check this value before using it, otherwise this may cause unexpected memory access. This patch fixes the net related command completion when we have a virtio-net nic with more than 255 queues. Cc: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit eaed483c1b3db1ac312116fca5d20c45b4b418b2 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:38 2015 +0800 monitor: replace the magic number 255 with MAX_QUEUE_NUM This patch replace the magic number 255, and increase it to MAX_QUEUE_NUM which is maximum number of queues supported by a nic. Cc: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d25228e7befac33b665cd9250292de47ae6b78b5 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:37 2015 +0800 ppc: spapr: add 2.4 machine type The following patches will limit the following things to legacy machine type: - maximum number of virtqueues for virtio-pci were limited to 64 Cc: Alexander Graf <agraf@xxxxxxx> Cc: qemu-ppc@xxxxxxxxxx Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Alexander Graf <agraf@xxxxxxx> commit 3d27b09cf6f62ec61c1330d0a811811a91e7514d Merge: 3f9d69b 700cd85 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Apr 27 20:00:57 2015 +0100 Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20150427-1' into staging spice: misc fixes. # gpg: Signature made Mon Apr 27 12:03:16 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/spice/tags/pull-spice-20150427-1: spice: learn to hide cursor spice: set pointer position on hotspot spice: fix mouse cursor position spice: fix simple display on bigendian hosts monitor: Make client_migrate_info synchronous Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b0e966d0209fa5c93d510d1756a87dd4229b1f8a Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:36 2015 +0800 spapr: add machine type specific instance init function This patches adds machine type specific instance initialization functions. Those functions will be used by following patches to compat class properties for legacy machine types. Cc: Alexander Graf <agraf@xxxxxxx> Cc: qemu-ppc@xxxxxxxxxx Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 5cb50e0acc7ba6063b87664404103cce217c0493 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:35 2015 +0800 pc: add 2.4 machine types The following patches will limit the following things to legacy machine type: - maximum number of virtqueues for virtio-pci were limited to 64 - auto msix bar size for virtio-net-pci were disabled by default Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 27a46dcf5038e20451101ed2d5414aebf3846e27 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:34 2015 +0800 virtio-net: fix the upper bound when trying to delete queues Virtqueue were indexed from zero, so don't delete virtqueue whose index is n->max_queues * 2 + 1. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: qemu-stable <qemu-stable@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 294ce717e0f212ed0763307f3eab72b4a1bdf4d0 Author: Luke Gorrie <luke@xxxxxxxx> Date: Sun Apr 26 15:00:49 2015 +0200 vhost-user: Send VHOST_RESET_OWNER on vhost stop Ensure that the vhost-user slave knows when the vrings are valid and when they are invalid, for example during a guest reboot. The vhost-user protocol says this of VHOST_RESET_OWNER: Issued when a new connection is about to be closed. The Master will no longer own this connection (and will usually close it). Send this message to tell the vhost-user slave that the vhost session has ended and that session state (e.g. vrings) is no longer valid. Signed-off-by: Luke Gorrie <luke@xxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 658c27181bf3b08a9cf2fab00ecce7f76065f6af Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri Apr 3 18:03:34 2015 +0800 hw/i386/acpi-build: move generic acpi building helpers into dedictated file Move generic acpi building helpers into dedictated file and this can be shared with other machines. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 395e5fb4421a03c9d3a002bbb55d56b74024a568 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri Apr 3 18:03:33 2015 +0800 hw/i386: Move ACPI header definitions in an arch-independent location The ACPI related header file acpi-defs.h, includes definitions that apply on other architectures as well. Move it in `include/hw/acpi/` to sanely include it from other architectures. Signed-off-by: Alvise Rigo <a.rigo@xxxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 853cff8e2815c99429d53baa71110416c1de2798 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Apr 15 10:55:46 2015 +0200 acpi-build: close } in comment missing } confuses editors Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 726a8ff68677d8d5fba17eb0ffb85076bfb598dc Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Apr 10 14:45:00 2015 -0300 target-i386: Remove AMD feature flag aliases from CPU model table When CPU vendor is AMD, the AMD feature alias bits on CPUID[0x80000001].EDX are already automatically copied from CPUID[1].EDX on x86_cpu_realizefn(). When CPU vendor is Intel, those bits are reserved and should be zero. On either case, those bits shouldn't be set in the CPU model table. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 01431f3ce0f31e123172cc99c12c98c0ddbe9917 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Apr 2 17:22:27 2015 -0300 target-i386: X86CPU::xlevel2 QOM property We already have "level" and "xlevel", only "xlevel2" is missing. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit b9472b76d273c7796d877c49af50969c0a879c50 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Apr 2 17:21:53 2015 -0300 target-i386: Make "level" and "xlevel" properties static Static properties require only 1 line of code, much simpler than the existing code that requires writing new getters/setters. As a nice side-effect, this fixes an existing bug where the setters were incorrectly allowing the properties to be changed after the CPU was already realized. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit d9f7e29ee5a6915caa049ba64c0a9f28766351d2 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Apr 8 14:57:31 2015 -0300 qemu-config: Accept empty option values Currently it is impossible to set an option in a config file to an empty string, because the parser matches only lines containing non-empty strings between double-quotes. As sscanf() "[" conversion specifier only matches non-empty strings, add a special case for empty strings. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit b203a4ba93fc25bf1eb49039a8ec4b260b446211 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Apr 8 08:36:24 2015 -0300 MAINTAINERS: Change status of X86 to Maintained "Odd Fixes" doesn't reflect the current status of target-i386. We have people looking after it, now. Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit e1a0433956bbe68b56853e6ae633a5004b1f6351 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Apr 8 08:34:56 2015 -0300 MAINTAINERS: Add myself to X86 Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 3f9d69ba12da6f2874631f6e426a7ef148ba4c82 Merge: 0d81cdd 1a01716 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Apr 27 19:06:08 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-gtk-20150427-1' into staging gtk: support text consoles without vte, bugfixes. # gpg: Signature made Mon Apr 27 14:34:15 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-gtk-20150427-1: gtk: Avoid accel key leakage into guest on console switch gtk: Fix VTE focus grabbing console/gtk: add qemu_console_get_label gtk: bind to text terminal consoles too gtk: handle switch_surface(NULL) properly Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2f54eb98c3255154dc6bdbb8b38982af9b3f3a8f Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Apr 8 08:34:33 2015 -0300 MAINTAINERS: Add myself as NUMA code maintainer The "srat" and "numa" keywords will help get_maintainer.pl catch NUMA-related code in other files too. Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 0d81cdddaa40a1988b24657aeac19959cfad0fde Merge: e1a5476 2d5a834 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Apr 27 17:28:41 2015 +0100 Merge remote-tracking branch 'remotes/qmp-unstable/tags/for-upstream' into staging Four little fixes # gpg: Signature made Fri Apr 24 19:56:51 2015 BST using RSA key ID E24ED5A7 # gpg: Good signature from "Luiz Capitulino <lcapitulino@xxxxxxxxx>" * remotes/qmp-unstable/tags/for-upstream: qmp: Give saner messages related to qmp_capabilities misuse qmp-commands: fix incorrect uses of ":O" specifier qapi: Drop dead genlist parameter balloon: improve error msg when adding second device Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 23820dbfc79d1c9dce090b4c555994f2bb6a69b3 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Mon Mar 16 22:35:54 2015 -0700 exec: Respect as_translate_internal length clamp address_space_translate_internal will clamp the *plen length argument based on the size of the memory region being queried. The iommu walker logic in addresss_space_translate was ignoring this by discarding the post fn call value of *plen. Fix by just always using *plen as the length argument throughout the fn, removing the len local variable. This fixes a bootloader bug when a single elf section spans multiple QEMU memory regions. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-Id: <1426570554-15940-1-git-send-email-peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 4080a13c11398d684668d286da27b6f8ee668e44 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 30 12:35:00 2015 +0200 ioport: reserve the whole range of an I/O port in the AddressSpace When an I/O port is more than 1 byte long, ioport.c is currently creating "short" regions, for example 0x1ce-0x1ce for the 16-bit Bochs index port. When I/O ports are memory mapped, and thus accessed via a subpage_ops memory region, subpage_accepts gets confused because it finds a hole at 0x1cf and rejects the access. In order to fix this, modify registration of the region to cover the whole size of the I/O port. Attempts to access an invalid port will be blocked by find_portio returning NULL. This only affects the VBE DISPI regions. For all other cases, the MemoryRegionPortio entries for 2- or 4-byte accesses overlap an entry for 1-byte accesses, thus the size of the memory region is not affected. Reported-by: Zoltan Balaton <balaton@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 147ed379838176d4780688157891c06f49403b19 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 30 12:49:40 2015 +0200 ioport: loosen assertions on emulation of 16-bit ports Right now, ioport.c assumes that the entire range specified with MemoryRegionPortio includes a region with size == 1. This however is not true for the VBE DISPI ports, which are 16-bit only. The next patch will make these regions' length equal to two, which can cause the assertions to trigger. Replace them with simple conditionals. Also, ioport.c will emulate a 16-bit ioport with two distinct reads or writes, even if one of the two accesses is out of the bounds given by the MemoryRegionPortio array. Do not do this anymore, instead discard writes to the incorrect register and read it as all-ones. This ensures that the mrp->read and mrp->write callbacks get an in-range ioport number. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 30476b2282c69c9ec1e44e33a4c0b5d5f4bc884e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 30 12:50:36 2015 +0200 ioport: remove wrong comment ioport.c has not been using an alias since commit b40acf9 (ioport: Switch dispatching to memory core layer, 2013-06-24). Remove the obsolete comment. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e477317cce98c399a2299d025bcb6bf0fd69df49 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 30 13:19:16 2015 +0200 ide: there is only one data port IDE PIO data must be written, for example, at 0x1f0. You cannot do word or dword writes to 0x1f1..0x1f3 to access the data register. Adjust the ide_portio_list accordingly. Cc: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 54da54e543eea8e689a625fcb3dada1b296f5d3d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 30 13:12:32 2015 +0200 gus: clean up MemoryRegionPortio Remove 16-bit reads/writes, since ioport.c is able to synthesize them. Remove the two MIDI registers (0x300 and 0x301) from gus_portio_list1, and add the second MIDI register (0x301) to gus_portio_list2. Tested with Second Reality. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3337d0b2794131425d0b5cb525e67c5989f4a9dd Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 30 12:34:17 2015 +0200 sb16: remove useless mixer_write_indexw ioport.c is already able to split a 16-bit access into two 8-bit accesses to consecutive ports. Tested with Epic Pinball. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0e1cd6576c55269b6e5251dc739a7fc819f9b4a6 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Thu Apr 2 16:09:30 2015 +0100 sun4m: fix slavio sysctrl and led register sizes These were being incorrectly declared as MISC_SIZE (1 byte) rather than 4 bytes and 2 bytes respectively. As a result accesses clamped to the real register size would unexpectedly fail. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1427987370-15897-1-git-send-email-mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 339240b5cd42bd13d4f6629f2aedf8b4b07459fb Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:24:16 2015 +0100 acpi-build: remove dependency from ram_addr.h ram_addr_t is an internal interface, everyone should go through MemoryRegion. Clean it up by making rom_add_blob return a MemoryRegion* and using the new qemu_ram_resize infrastructure. Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 37d7c08413cd4307f53c83d43b1b06cf2701d7a7 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:21:46 2015 +0100 memory: add memory_region_ram_resize This is a simple MemoryRegion wrapper for qemu_ram_resize. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e95205e1f9cd2c4262b7a7b1c992a94512c86d0e Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Mar 16 17:03:37 2015 +0800 dma-helpers: Fix race condition of continue_after_map_failure and dma_aio_cancel If DMA's owning thread cancels the IO while the bounce buffer's owning thread is notifying the "cpu client list", a use-after-free happens: continue_after_map_failure dma_aio_cancel ------------------------------------------------------------------ aio_bh_new qemu_bh_delete qemu_bh_schedule (use after free) Also, the old code doesn't run the bh in the right AioContext. Fix both problems by passing a QEMUBH to cpu_register_map_client. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1426496617-10702-6-git-send-email-famz@xxxxxxxxxx> [Remove unnecessary forward declaration. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 33b6c2edf6214f02b9beaea61b169506c01f90aa Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Mar 16 17:03:36 2015 +0800 exec: Notify cpu_register_map_client caller if the bounce buffer is available The caller's workflow is like if (!address_space_map()) { ... cpu_register_map_client(); } If bounce buffer became available after address_space_map() but before cpu_register_map_client(), the caller could miss it and has to wait for the next bounce buffer notify, which may never happen in the worse case. Just notify the list in cpu_register_map_client(). Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1426496617-10702-5-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 38e047b50d2bfd1df99fbbca884c9f1db0785ff4 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Mar 16 17:03:35 2015 +0800 exec: Protect map_client_list with mutex So that accesses from multiple threads are safe. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1426496617-10702-4-git-send-email-famz@xxxxxxxxxx> [Remove #if from cpu_exec_init_all. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 02f4035c47b4d34cdc61780292ee288f400b9c49 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Mar 16 17:03:34 2015 +0800 linux-user, bsd-user: Remove two calls to cpu_exec_init_all The function is a nop for user mode, so just remove them. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1426496617-10702-3-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c2cba0ffe495b60c4cc58080281e99c7a6580d4b Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Mar 16 17:03:33 2015 +0800 exec: Atomic access to bounce buffer There could be a race condition when two processes call address_space_map concurrently and both want to use the bounce buffer. Add an in_use flag in BounceBuffer to sync it. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1426496617-10702-2-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e3a0abfda71db1fa83be894dcff7c4871b36cc8d Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Thu Apr 9 16:07:33 2015 -0400 translate-all: use glib for all page descriptor allocations Since commit b7b5233a "bsd-user/mmap.c: Don't try to override g_malloc/g_free" the exception we make here for usermode has been unnecessary. Get rid of it. Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Message-Id: <1428610053-26148-1-git-send-email-cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 700cd855def54c2a9f2b6a016dcebf75fe19c238 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Date: Tue Mar 24 17:50:13 2015 +0100 spice: learn to hide cursor Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit dc8dceee64f45820c20f3ffa3c3fecd7b6539990 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Date: Tue Mar 24 17:50:12 2015 +0100 spice: set pointer position on hotspot The Spice protocol uses cursor position on hotspot: the client is applying hotspot offset when drawing the cursor. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit d0df04a1569c75f6442123fdda0b2e9aadc3fcc7 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Date: Tue Mar 24 17:50:11 2015 +0100 spice: fix mouse cursor position Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit c1d37cd353be3ea4c5773fc227ba8459c1f20470 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Apr 14 08:56:21 2015 +0200 spice: fix simple display on bigendian hosts Denis Kirjanov is busy getting spice run on ppc64 and trapped into this one. Spice wire format is little endian, so we have to explicitly say we want little endian when letting pixman convert the data for us. Reported-by: Denis Kirjanov <kirjanov@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 3b5704b2f80189b2f9fdddf1690998e566eeacab Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 09:30:16 2015 +0100 monitor: Make client_migrate_info synchronous Live migration with spice works like this today: (1) client_migrate_info monitor cmd (2) spice server notifies client, client connects to target host. (3) qemu waits until spice client connect is finished. (4) send over vmstate (i.e. main part of live migration). (5) spice handover to target host. (3) is implemented by making client_migrate_info a async monitor command. This is the only async monitor command we have. The original reason to implement this dance was that qemu did not accept new tcp connections while the incoming migration was running, so (2) and (4) could not be done in parallel. That issue was fixed long ago though. Qemu version 1.3.0 (released Dec 2012) and newer happily accept tcp connects while the incoming migration runs. Time to drop step (3). This patch does exactly that, by making the monitor command synchronous and removing the code needed to handle the async monitor command in ui/spice-core.c Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 1a01716a307387e5cf1336f61a96f772dddadc90 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Sun Apr 26 21:04:21 2015 +0200 gtk: Avoid accel key leakage into guest on console switch GTK2 sends the accel key to the guest when switching to the graphic console via that shortcut. Resolve this by ignoring any keys until the next key-release event. However, do not ignore keys when switching via the menu or when on GTK3. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 9d677e1c2fa479336fb7a2b90aea78c10d037e98 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Sun Apr 26 21:04:20 2015 +0200 gtk: Fix VTE focus grabbing At least on GTK2, the VTE terminal has to be specified as target of gtk_widget_grab_focus. Otherwise, switching from one VTE terminal to another causes the focus to get lost. CC: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> [ kraxel: fixed build with CONFIG_VTE=n ] Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 4eb276408363aef5435a72a8e818f24220b5edd0 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Sun Apr 26 16:49:26 2015 +0100 Allow ARMv8 SCR.SMD updates Updated scr_write to always allow updates to the SCR.SMD bit on ARMv8 regardless of whether virtualization (EL2) is enabled or not. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Message-id: 1429888797-4378-1-git-send-email-greg.bellows@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3d5c84ff21a8a7a3bfb3a75154be8905e62f51db Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Sun Apr 26 16:49:26 2015 +0100 target-arm: Adjust id_aa64pfr0 when has_el3 CPU property disabled Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1429669112-29835-1-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7ebd5f2e03a00889619bb97e83062d27066d4a26 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Sun Apr 26 16:49:25 2015 +0100 target-arm: rename c1_coproc to cpacr_el1 Rename the field holding CPACR_EL1 system register state in AArch64 naming style. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> [PMM: also fixed a couple of missed occurrences in cpu.c] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ef7bab8d73580b48bda83b8d16b5eea8a3ac43fe Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:25 2015 +0100 target-arm: Check watchpoints against CPU security state Fix a TODO in bp_wp_matches() now that we have a function for testing whether the CPU is currently in Secure mode or not. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit 9e1fc5bdfdf94564abf7621c0ef644599196360f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:25 2015 +0100 target-arm: Use attribute info to handle user-only watchpoints Now that we have memory access attribute information in the watchpoint checking code, we can correctly implement handling of watchpoints which should match only on userspace accesses, where LDRT/STRT/LDT/STT from EL1 are treated as userspace accesses. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit 0995bf8cd91b81ec9c1078e37b808794080dc5c0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:25 2015 +0100 target-arm: Add user-mode transaction attribute Add a transaction attribute indicating that a memory access is being done from user-mode (unprivileged). This corresponds to an equivalent signal in ARM AMBA buses. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit ebca90e4c3aaaae5ed1ee7c569dea00d5d6ed476 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:25 2015 +0100 target-arm: Use correct memory attributes for page table walks Factor out the page table walk memory accesses into their own function, so that we can specify the correct S/NS memory attributes for them. This will also provide a place to use the correct endianness and handle the need for a stage-2 translation when virtualization is supported. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit 8bf5b6a9c1911d2c8473385fc0cebfaaeef42dbc Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:25 2015 +0100 target-arm: Honour NS bits in page tables Honour the NS bit in ARM page tables: * when adding entries to the TLB, include the Secure/NonSecure transaction attribute * set the NS bit in the PAR when doing ATS operations Note that we don't yet correctly use the NSTable bit to cause the page table walk itself to use the right attributes. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit 42874d3a8c6267ff7789a0396843c884b1d0933a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:24 2015 +0100 Switch non-CPU callers from ld/st*_phys to address_space_ld/st* Switch all the uses of ld/st*_phys to address_space_ld/st*, except for those cases where the address space is the CPU's (ie cs->as). This was done with the following script which generates a Coccinelle patch. A few over-80-columns lines in the result were rewrapped by hand where Coccinelle failed to do the wrapping automatically, as well as one location where it didn't put a line-continuation '\' when wrapping lines on a change made to a match inside a macro definition. ===begin=== #!/bin/sh -e # Usage: # ./ldst-phys.spatch.sh > ldst-phys.spatch # spatch -sp_file ldst-phys.spatch -dir . | sed -e '/^+/s/\t/ /g' > out.patch # patch -p1 < out.patch for FN in ub uw_le uw_be l_le l_be q_le q_be uw l q; do cat <<EOF @ cpu_matches_ld_${FN} @ expression E1,E2; identifier as; @@ ld${FN}_phys(E1->as,E2) @ other_matches_ld_${FN} depends on !cpu_matches_ld_${FN} @ expression E1,E2; @@ -ld${FN}_phys(E1,E2) +address_space_ld${FN}(E1,E2, MEMTXATTRS_UNSPECIFIED, NULL) EOF done for FN in b w_le w_be l_le l_be q_le q_be w l q; do cat <<EOF @ cpu_matches_st_${FN} @ expression E1,E2,E3; identifier as; @@ st${FN}_phys(E1->as,E2,E3) @ other_matches_st_${FN} depends on !cpu_matches_st_${FN} @ expression E1,E2,E3; @@ -st${FN}_phys(E1,E2,E3) +address_space_st${FN}(E1,E2,E3, MEMTXATTRS_UNSPECIFIED, NULL) EOF done ===endit=== Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit 66b9b43c42049bcae37668e890fedde9a72c8167 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:24 2015 +0100 exec.c: Capture the memory attributes for a watchpoint hit Capture the memory attributes for the transaction which triggered a watchpoint; this allows CPU specific code to implement features like ARM's "user-mode only WPs also hit for LDRT/STRT accesses made from privileged code". This change also correctly passes through the memory attributes to the underlying device when a watchpoint access doesn't hit. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit 500131154d677930fce35ec3a6f0b5a26bcd2973 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:24 2015 +0100 exec.c: Add new address_space_ld*/st* functions Add new address_space_ld*/st* functions which allow transaction attributes and error reporting for basic load and stores. These are named to be in line with the address_space_read/write/rw buffer operations. The existing ld/st*_phys functions are now wrappers around the new functions. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit 5c9eb0286c819c1836220a32f2e1a7b5004ac79a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:24 2015 +0100 exec.c: Make address_space_rw take transaction attributes Make address_space_rw take transaction attributes, rather than always using the 'unspecified' attributes. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit f25a49e0057bbfcc2b1111f60785d919b6ddaeea Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:24 2015 +0100 exec.c: Convert subpage memory ops to _with_attrs Convert the subpage memory ops to _with_attrs; this will allow us to pass the attributes through to the underlying access functions. (Nothing uses the attributes yet.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit fadc1cbe85c6b032d5842ec0d19d209f50fcb375 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:24 2015 +0100 Add MemTxAttrs to the IOTLB Add a MemTxAttrs field to the IOTLB, and allow target-specific code to set it via a new tlb_set_page_with_attrs() function; pass the attributes through to the device when making IO accesses. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit e469b22ffda40188954fafaf6e3308f58d50f8f8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:23 2015 +0100 Make CPU iotlb a structure rather than a plain hwaddr Make the CPU iotlb a structure rather than a plain hwaddr; this will allow us to add transaction attributes to it. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit 3b6434953934e6d4a776ed426d8c6d6badee176f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:23 2015 +0100 memory: Replace io_mem_read/write with memory_region_dispatch_read/write Rather than retaining io_mem_read/write as simple wrappers around the memory_region_dispatch_read/write functions, make the latter public and change all the callers to use them, since we need to touch all the callsites anyway to add MemTxAttrs and MemTxResult support. Delete io_mem_read and io_mem_write entirely. (All the callers currently pass MEMTXATTRS_UNSPECIFIED and convert the return value back to bool or ignore it.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit cc05c43ad942165ecc6ffd39e41991bee43af044 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:23 2015 +0100 memory: Define API for MemoryRegionOps to take attrs and return status Define an API so that devices can register MemoryRegionOps whose read and write callback functions are passed an arbitrary pointer to some transaction attributes and can return a success-or-failure status code. This will allow us to model devices which: * behave differently for ARM Secure/NonSecure memory accesses * behave differently for privileged/unprivileged accesses * may return a transaction failure (causing a guest exception) for erroneous accesses This patch defines the new API and plumbs the attributes parameter through to the memory.c public level functions io_mem_read() and io_mem_write(), where it is currently dummied out. The success/failure response indication is also propagated out to io_mem_read() and io_mem_write(), which retain the old-style boolean true-for-error return. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit e1a5476354d396773e4c555f126d752d4ae58fa9 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sat Apr 25 22:05:07 2015 +0100 Open 2.4 development tree Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2d5a8346a484250934526a15b3a522bdba7e6772 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Wed Apr 15 09:19:23 2015 -0600 qmp: Give saner messages related to qmp_capabilities misuse Pretending that QMP doesn't understand a command merely because we are not in the right mode doesn't help first-time users figure out what to do to correct things. Although the documentation for QMP calls out capabilities negotiation, we should also make it clear in our error messages what we were expecting. With this patch, I now get the following transcript: $ ./x86_64-softmmu/qemu-system-x86_64 -qmp stdio -nodefaults {"QMP": {"version": {"qemu": {"micro": 93, "minor": 2, "major": 2}, "package": ""}, "capabilities": []}} {"execute":"huh"} {"error": {"class": "CommandNotFound", "desc": "The command huh has not been found"}} {"execute":"quit"} {"error": {"class": "CommandNotFound", "desc": "Expecting capabilities negotiation with 'qmp_capabilities' before command 'quit'"}} {"execute":"qmp_capabilities"} {"return": {}} {"execute":"qmp_capabilities"} {"error": {"class": "CommandNotFound", "desc": "Capabilities negotiation is already complete, command 'qmp_capabilities' ignored"}} {"execute":"quit"} {"return": {}} {"timestamp": {"seconds": 1429110729, "microseconds": 181935}, "event": "SHUTDOWN"} Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Tested-By: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Reviewed-by: Paulo Vital <paulo.vital@xxxxxxxxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 43d0a2c1af5bc77ed067636db956209779351dfe Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 15 13:30:04 2015 +0200 qmp-commands: fix incorrect uses of ":O" specifier As far as the QMP parser is concerned, neither the 'O' nor the 'q' format specifiers put any constraint on the command. However, there are two differences: 1) from a documentation point of view 'O' says that this command takes a dictionary. The dictionary will be converted to QemuOpts in the handler to match the corresponding HMP command. 2) 'O' sets QMP_ACCEPT_UNKNOWNS, resulting in the command accepting invalid extra arguments. For example the following is accepted: { "execute": "send-key", "arguments": { "keys": [ { "type": "qcode", "data": "ctrl" }, { "type": "qcode", "data": "alt" }, { "type": "qcode", "data": "delete" } ], "foo": "bar" } } Neither send-key nor migrate-set-capabilities take a QemuOpts-like dictionary; they take an array of dictionaries. And neither command really wants to have extra unknown arguments. Thus, the right specifier to use in this case is 'q'; with this patch the above command fails with {"error": {"class": "GenericError", "desc": "Invalid parameter 'foo'"}} as intended. Reported-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 6540e9f35bfeea2baf4509745516172070dca412 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Fri Apr 10 15:07:59 2015 -0600 qapi: Drop dead genlist parameter Defaulting a parameter to True, then having all callers omit or pass an explicit True for that parameter, is pointless. Looks like it has been dead since introduction in commit 06d64c6, more than 4 years ago. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 46abb8124006887d071921c5e657eeec3c50a9e2 Author: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Date: Tue Mar 31 13:00:26 2015 -0400 balloon: improve error msg when adding second device A VM supports only one balloon device, but due to several changes in infrastructure the error message got messed up when trying to add a second device. Fix it. Before this fix Command-line: qemu-qmp: -device virtio-balloon-pci,id=balloon0: Another balloon device already registered qemu-qmp: -device virtio-balloon-pci,id=balloon0: Adding balloon handler failed qemu-qmp: -device virtio-balloon-pci,id=balloon0: Device 'virtio-balloon-pci' could not be initialized HMP: Another balloon device already registered Adding balloon handler failed Device 'virtio-balloon-pci' could not be initialized QMP: { "execute": "device_add", "arguments": { "driver": "virtio-balloon-pci", "id": "balloon0" } } { "error": { "class": "GenericError", "desc": "Adding balloon handler failed" } } After this fix Command-line: qemu-qmp: -device virtio-balloon-pci,id=balloon0: Only one balloon device is supported qemu-qmp: -device virtio-balloon-pci,id=balloon0: Device 'virtio-balloon-pci' could not be initialized HMP: (qemu) device_add virtio-balloon-pci,id=balloon0 Only one balloon device is supported Device 'virtio-balloon-pci' could not be initialized (qemu) QMP: { "execute": "device_add", "arguments": { "driver": "virtio-balloon-pci", "id": "balloon0" } } { "error": { "class": "GenericError", "desc": "Only one balloon device is supported" } } Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit e5b3a24181ea0cebf1c5b20f44d016311b7048f0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Apr 24 15:05:06 2015 +0100 Update version for v2.3.0 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 779ce88fbd3f977112bc77ccb028b0ace762105e Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Feb 17 10:41:08 2015 +0100 console/gtk: add qemu_console_get_label Add a new function to get a nice label for a given QemuConsole. Drop the labeling code in gtk.c and use the new function instead. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f8c223f69ac58488ea830597281b7ddd33037c4c Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu May 22 11:08:54 2014 +0200 gtk: bind to text terminal consoles too This way gtk has text terminal consoles even when building without vte. Most notably you'll get a monitor tab on windows now. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f98f43eab0fcc536c5f95df3a94943d5dff5ccdc Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Feb 27 14:36:09 2015 +0100 gtk: handle switch_surface(NULL) properly Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f2a581010cb8e3a2564a45a2863a33a732cc2fc7 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Apr 20 17:13:16 2015 +0100 Update version for v2.3.0-rc4 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e05ca8200216149008fa1b1d1d847bf16691f6b4 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Fri Apr 17 17:13:24 2015 +0200 vhost: fix log base address VHOST_SET_LOG_BASE got an incorrect address, causing migration errors and potentially even memory corruption. Reported-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Amos Kong <akong@xxxxxxxxxx> Message-id: 1429283565-32265-1-git-send-email-mst@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 638b8366200130cc7cf7a026630bc6bfb63b0c4c Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Fri Apr 17 15:44:48 2015 +0300 hmp: fix crash in 'info block -n -v' The image field in BlockDeviceInfo should never be null, however bdrv_block_device_info() is not filling it in. This makes the 'info block -n -v' command crash QEMU. The proper solution is probably to move the relevant code from bdrv_query_info() to bdrv_block_device_info(), but since we're too close to the release for that this simpler workaround solves the crash. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1429274688-8115-1-git-send-email-berto@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 87a8adc0876c11a434d3ecdfb10cd797259ddaaa Merge: b6df74c 0ca4f94 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Apr 17 12:54:46 2015 +0100 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150417-2' into staging MIPS patches 2015-04-17 Changes: * fix broken fulong2e # gpg: Signature made Fri Apr 17 12:14:37 2015 BST using RSA key ID 0B29DA6B # gpg: Can't check signature: public key not found * remotes/lalrae/tags/mips-20150417-2: mips: fix broken fulong2e machine Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b6df74c46528646f3163890cf16b74af551c3494 Merge: 993ebe4 6cec43e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Apr 17 12:37:38 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-fwcfg-20150414-1' into staging fw_cfg: add documentation file (docs/specs/fw_cfg.txt) # gpg: Signature made Tue Apr 14 12:22:20 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-fwcfg-20150414-1: fw_cfg: add documentation file (docs/specs/fw_cfg.txt) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0ca4f94195cce77b624edc6d9abcf14a3bf01f06 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Apr 16 21:11:23 2015 +0100 mips: fix broken fulong2e machine After commit 5312bd8 the bonito_readl() and bonito_writel() have been accessing incorrect addresses. Consequently QEMU is crashing when trying to boot Linux kernel on fulong2e machine. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 993ebe4a0be9aa4e4821818a81fab00b1ab1a79a Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Fri Apr 17 08:16:49 2015 +0100 target-ppc: don't invalidate msr MSR_HVB bit in cpu_post_load The invalidation code introduced in commit 2360b works by inverting most bits of env->msr to ensure that hreg_store_msr() will forcibly update the CPU env state to reflect the new msr value post-migration. Unfortunately hreg_store_msr() is called with alter_hv set to 0 which preserves the MSR_HVB state from the CPU env which is now the opposite value to what it should be. Ensure that we don't invalidate the msr MSR_HVB bit during cpu_post_load so that the correct value is restored. This fixes suspend/resume for PPC64. Reported-by: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: Alexander Graf <agraf@xxxxxxx> Message-id: 1429255009-12751-1-git-send-email-mark.cave-ayland@xxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6cec43e178cde38a3eac43a2cd741ce741b10f36 Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Thu Apr 9 10:40:01 2015 -0400 fw_cfg: add documentation file (docs/specs/fw_cfg.txt) This document covers the guest-side hardware interface, as well as the host-side programming API of QEMU's firmware configuration (fw_cfg) device. Signed-off-by: Jordan Justen <jordan.l.justen@xxxxxxxxx> Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit b8df9208f357d2b36e1b19634aea973618dc7ba8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Apr 13 17:35:44 2015 +0100 Update version for v2.3.0-rc3 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ae6e8ef11e6cb43ec83a5846e8f3b266834cf280 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Apr 10 13:58:01 2015 +0100 Revert seccomp tests that allow it to be used on non-x86 architectures Unfortunately it turns out that libseccomp 2.2 still does not work correctly on non-x86 architectures; return to the previous configure setup of insisting on libseccomp 2.1 or better and i386/x86_64 and disabling seccomp support in all other situations. This reverts the two commits: * "seccomp: libseccomp version varying according to arch" (commit 896848f0d3e2393905845ef2b244bb2601f9df0c) * "seccomp: update libseccomp version and remove arch restriction" (commit 8e27fc200457e3f2473d0069263774d4ba17bd85) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1428670681-23032-1-git-send-email-peter.maydell@xxxxxxxxxx commit 4d0ecde44ae6dab3aa9d10c23e61d9d43789731a Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu Apr 9 15:32:45 2015 +0200 pci: Fix crash with illegal "-net nic, model=xxx" option Current QEMU crashes when specifying an illegal model with the "-net nic,model=xxx" option, e.g.: $ qemu-system-x86_64 -net nic,model=n/a qemu-system-x86_64: Unsupported NIC model: n/a Program received signal SIGSEGV, Segmentation fault. The gdb backtrace looks like this: 0x0000555555965fe0 in error_get_pretty (err=0x0) at util/error.c:152 152 return err->msg; (gdb) bt 0 0x0000555555965fe0 in error_get_pretty (err=0x0) at util/error.c:152 1 0x0000555555965ffd in error_report_err (err=0x0) at util/error.c:157 2 0x0000555555809c90 in pci_nic_init_nofail (nd=0x555555e49860 <nd_table>, rootbus=0x5555564409b0, default_model=0x55555598c37b "e1000", default_devaddr=0x0) at hw/pci/pci.c:1663 3 0x0000555555691e42 in pc_nic_init (isa_bus=0x555556f71900, pci_bus=0x5555564409b0) at hw/i386/pc.c:1506 4 0x000055555569396b in pc_init1 (machine=0x5555562abbf0, pci_enabled=1, kvmclock_enabled=1) at hw/i386/pc_piix.c:248 5 0x0000555555693d27 in pc_init_pci (machine=0x5555562abbf0) at hw/i386/pc_piix.c:310 6 0x000055555572ddf5 in main (argc=3, argv=0x7fffffffe018, envp=0x7fffffffe038) at vl.c:4226 The problem is that pci_nic_init_nofail() does not check whether the err parameter from pci_nic_init has been set up and thus passes a NULL pointer to error_report_err(). Fix it by correctly checking the err parameter. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 342b0711cd62ddc08d334d879eac57b68f925fd5 Author: Andreas Färber <afaerber@xxxxxxx> Date: Fri Apr 10 16:37:56 2015 +0200 stm32f205: Fix SoC type name The type name for the SoC device, unlike those of its sub-devices, did not follow the QOM naming conventions. While the usage is internal only, this is exposed through QMP and HMP, so fix it before release. Cc: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> Reviewed-by: Alistair Francis <alistair@xxxxxxxxxxxxx> Message-id: 1428676676-23056-1-git-send-email-afaerber@xxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c0c8584142a13e728178e51f2477c23a84ce74b4 Author: Dirk Müller <dirk@xxxxxxxx> Date: Sat Apr 4 14:15:10 2015 +0200 cris: memory: Replace memory_region_init_ram with memory_region_allocate_system_memory Commit 0b183fc871:"memory: move mem_path handling to memory_region_allocate_system_memory" split memory_region_init_ram and memory_region_init_ram_from_file. Also it moved mem-path handling a step up from memory_region_init_ram to memory_region_allocate_system_memory. Therefore for any board that uses memory_region_init_ram directly, -mem-path is not supported. Fix this by replacing memory_region_init_ram with memory_region_allocate_system_memory. Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Cc: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxx> Signed-off-by: Dirk Mueller <dmueller@xxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 58c24a4775ef7ccf16cfcd695753dfdf149fe29d Author: Dirk Müller <dirk@xxxxxxxx> Date: Sat Apr 4 14:14:14 2015 +0200 alpha: memory: Replace memory_region_init_ram with memory_region_allocate_system_memory Commit 0b183fc871:"memory: move mem_path handling to memory_region_allocate_system_memory" split memory_region_init_ram and memory_region_init_ram_from_file. Also it moved mem-path handling a step up from memory_region_init_ram to memory_region_allocate_system_memory. Therefore for any board that uses memory_region_init_ram directly, -mem-path is not supported. Fix this by replacing memory_region_init_ram with memory_region_allocate_system_memory. Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Dirk Mueller <dmueller@xxxxxxxx> Acked-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: CAL5wTH64_ykF17cw2T1Axq8P3vCWm=6WbUJ3qJrLF-u+-MmzUw@xxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b7ccb83f44eca09e48c61866a090425c762598f0 Author: Dirk Müller <dirk@xxxxxxxx> Date: Sat Apr 4 14:16:18 2015 +0200 lm32: memory: Replace memory_region_init_ram with memory_region_allocate_system_memory Commit 0b183fc871:"memory: move mem_path handling to memory_region_allocate_system_memory" split memory_region_init_ram and memory_region_init_ram_from_file. Also it moved mem-path handling a step up from memory_region_init_ram to memory_region_allocate_system_memory. Therefore for any board that uses memory_region_init_ram directly, -mem-path is not supported. Fix this by replacing memory_region_init_ram with memory_region_allocate_system_memory. Cc: Michael Walle <michael@xxxxxxxx> Signed-off-by: Dirk Mueller <dmueller@xxxxxxxx> Acked-by: Michael Walle <michael@xxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 81b23ef82cd1be29ca3d69ab7e98b5b5e55926ce Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Mar 31 15:18:03 2015 +0100 xen: limit guest control of PCI command register Otherwise the guest can abuse that control to cause e.g. PCIe Unsupported Request responses (by disabling memory and/or I/O decoding and subsequently causing [CPU side] accesses to the respective address ranges), which (depending on system configuration) may be fatal to the host. This is CVE-2015-2756 / XSA-126. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx> Message-id: alpine.DEB.2.02.1503311510300.7690@xxxxxxxxxxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6a460ed18a3fda0eb2d9c96b8b01817b4dcbded4 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Apr 9 14:52:18 2015 +0100 configure: disable Archipelago by default and warn about libxseg GPLv3 license libxseg has changed license to GPLv3. QEMU includes GPL "v2 only" code which is not compatible with GPLv3. This means the resulting binaries may not be redistributable! Disable Archipelago (libxseg) by default to prevent accidental license violations. Also warn if linking against libxseg is enabled to remind the user. Note that this commit does not constitute any advice about software licensing. If you have doubts you should consult a lawyer. Cc: Chrysostomos Nanakos <cnanakos@xxxxxxxx> Suggested-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reported-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Message-id: 1428587538-8765-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a6f2cb037a82fb8679e70e175cfbc879dd829e06 Merge: cf811ff 05b685f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Apr 9 12:05:00 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Thu Apr 9 10:55:11 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: block/iscsi: handle zero events from iscsi_which_events aio: strengthen memory barriers for bottom half scheduling virtio-blk: correctly dirty guest memory qcow2: Fix header update with overridden backing file Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cf811fff2ae20008f00455d0ab2212a4dea0b56f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Apr 8 20:57:09 2015 +0100 tcg/tcg-op.c: Fix ld/st of 64 bit values on 32-bit bigendian hosts Commit 951c6300f7 out-of-lined the 32-bit-host versions of tcg_gen_{ld,st}_i64, but in the process it inadvertently changed an #ifdef HOST_WORDS_BIGENDIAN to #ifdef TCG_TARGET_WORDS_BIGENDIAN. Since the latter doesn't get defined anywhere this meant we always took the "LE host" codepath, and stored the two halves of the value in the wrong order on BE hosts. This typically breaks any 64-bit guest on a 32-bit BE host completely, and will have possibly more subtle effects even for 32-bit guests. Switch the ifdef back to HOST_WORDS_BIGENDIAN. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Tested-by: Andreas Färber <afaerber@xxxxxxx> Message-id: 1428523029-13620-1-git-send-email-peter.maydell@xxxxxxxxxx commit 05b685fbabb7fdcab72cb42b27db916fd74b2265 Author: Peter Lieven <pl@xxxxxxx> Date: Tue Apr 7 22:08:15 2015 +0200 block/iscsi: handle zero events from iscsi_which_events newer libiscsi versions may return zero events from iscsi_which_events. In this case iscsi_service will return immediately without any progress. To avoid busy waiting for iscsi_which_events to change we deregister all read and write handlers in this case and schedule a timer to periodically check iscsi_which_events for changed events. Next libiscsi version will introduce async reconnects and zero events are returned while libiscsi is waiting for a reconnect retry. Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1428437295-29577-1-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e8d3b1a25f284cdf9705b7cf0412281cc9ee3a36 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Apr 7 17:16:19 2015 +0200 aio: strengthen memory barriers for bottom half scheduling There are two problems with memory barriers in async.c. The fix is to use atomic_xchg in order to achieve sequential consistency between the scheduling of a bottom half and the corresponding execution. First, if bh->scheduled is already 1 in qemu_bh_schedule, QEMU does not execute a memory barrier to order any writes needed by the callback before the read of bh->scheduled. If the other side sees req->state as THREAD_ACTIVE, the callback is not invoked and you get deadlock. Second, the memory barrier in aio_bh_poll is too weak. Without this patch, it is possible that bh->scheduled = 0 is not "published" until after the callback has returned. Another thread wants to schedule the bottom half, but it sees bh->scheduled = 1 and does nothing. This causes a lost wakeup. The memory barrier should have been changed to smp_mb() in commit 924fe12 (aio: fix qemu_bh_schedule() bh->ctx race condition, 2014-06-03) together with qemu_bh_schedule()'s. Guess who reviewed that patch? Both of these involve a store and a load, so they are reproducible on x86_64 as well. It is however much easier on aarch64, where the libguestfs test suite triggers the bug fairly easily. Even there the failure can go away or appear depending on compiler optimization level, tracing options, or even kernel debugging options. Paul Leveille however reported how to trigger the problem within 15 minutes on x86_64 as well. His (untested) recipe, reproduced here for reference, is the following: 1) Qcow2 (or 3) is critical â?? raw files alone seem to avoid the problem. 2) Use â??cache=directsyncâ?? rather than the default of â??cache=noneâ?? to make it happen easier. 3) Use a server with a write-back RAID controller to allow for rapid IO rates. 4) Run a random-access load that (mostly) writes chunks to various files on the virtual block device. a. I use â??diskload.exe c:25â??, a Microsoft HCT load generator, on Windows VMs. b. Iometer can probably be configured to generate a similar load. 5) Run multiple VMs in parallel, against the same storage device, to shake the failure out sooner. 6) IvyBridge and Haswell processors for certain; not sure about others. A similar patch survived over 12 hours of testing, where an unpatched QEMU would fail within 15 minutes. This bug is, most likely, also the cause of failures in the libguestfs testsuite on AArch64. Thanks to Laszlo Ersek for initially reporting this bug, to Stefan Hajnoczi for suggesting closer examination of qemu_bh_schedule, and to Paul for providing test input and a prototype patch. Reported-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reported-by: Paul Leveille <Paul.Leveille@xxxxxxxxxxx> Reported-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1428419779-26062-1-git-send-email-pbonzini@xxxxxxxxxx Suggested-by: Paul Leveille <Paul.Leveille@xxxxxxxxxxx> Suggested-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c8623c0215e18eb4a8ec73eba014d97e51ed707e Author: Dirk Müller <dirk@xxxxxxxx> Date: Sat Apr 4 14:24:38 2015 +0200 arm: memory: Replace memory_region_init_ram with memory_region_allocate_system_memory Commit 0b183fc871:"memory: move mem_path handling to memory_region_allocate_system_memory" split memory_region_init_ram and memory_region_init_ram_from_file. Also it moved mem-path handling a step up from memory_region_init_ram to memory_region_allocate_system_memory. Therefore for any board that uses memory_region_init_ram directly, -mem-path is not supported. Fix this by replacing memory_region_init_ram with memory_region_allocate_system_memory. Signed-off-by: Dirk Mueller <dmueller@xxxxxxxx> Message-id: CAL5wTH4UHYKpJF=dLJfFzxpufjY189chnCow47-ySuLf8GLbug@xxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2a6cdd6d35158bc7a6aacd92b5b0302f28ec480e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Apr 2 19:50:44 2015 +0200 virtio-blk: correctly dirty guest memory After qemu_iovec_destroy, the QEMUIOVector's size is zeroed and the zero size ultimately is used to compute virtqueue_push's len argument. Therefore, reads from virtio-blk devices did not migrate their results correctly. (Writes were okay). Save the size in virtio_blk_handle_request, and use it when the request is completed. Based on a patch by Wen Congyang. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Tested-by: Li Zhijian <lizhijian@xxxxxxxxxxxxxx> Message-id: 1427997044-392-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e4603fe139e2161464d7e75faa3a650e31f057fc Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Apr 7 15:03:16 2015 +0200 qcow2: Fix header update with overridden backing file In recent qemu versions, it is possible to override the backing file name and format that is stored in the image file with values given at runtime. In such cases, the temporary override could end up in the image header if the qcow2 header was updated, while obviously correct behaviour would be to leave the on-disk backing file path/format unchanged. Fix this and add a test case for it. Reported-by: Michael Tokarev <mjt@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1428411796-2852-1-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5a24f20a7208a58fb80d78ca0521bba6f4d7b145 Merge: f2155a0 9be6e69 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Apr 7 14:33:46 2015 +0100 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-04-04' into staging trivial patches for 2015-04-04 # gpg: Signature made Sat Apr 4 08:07:49 2015 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-04-04: vhost: fix typo in vq_index description gitignore: Ignore more .pod files. target-tricore: Fix check which was always false target-i386: remove superfluous TARGET_HAS_SMC macro pcspk: Fix I/O port name Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9be6e69f12bc65e9c43ee5b8eb026412f11b8b71 Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Thu Mar 26 12:10:29 2015 +0100 vhost: fix typo in vq_index description Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Acked-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 085feb61dbc6130bfd2e6c3f59d03220ff9e1bb3 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Fri Mar 20 10:30:44 2015 -0600 gitignore: Ignore more .pod files. kvm_stat.{1,pod} started showing up as untracked files in my directory, and I nearly accidentally merged them into a commit with my usual habit of 'git add .'. Rather than spelling out each such file, just ignore the entire pattern. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 7b4b0b5795e934a9b7efb916af86715b68555be9 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Sat Mar 21 14:44:58 2015 +0100 target-tricore: Fix check which was always false With a mask value of 0x00400000, the result will never be 1. This fixes a Coverity warning. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 9c04146ad4696b20c440bfbb4a6ab27ea254e7ca Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Sat Mar 21 13:29:09 2015 -0400 target-i386: remove superfluous TARGET_HAS_SMC macro Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ecf2e5a46d7559f258a2c914131ba25d3c5326bf Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Thu Mar 19 13:08:40 2015 +0100 pcspk: Fix I/O port name Probably a copy&paste bug. Fixing it helps identifying the device model behind port 0x61. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Reviewed-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> For bisection revision-tuple graph see: http://logs.test-lab.xenproject.org/osstest/results/bisect/qemu-mainline/test-amd64-i386-xl-qemuu-debianhvm-amd64.debian-hvm-install.html Revision IDs in each graph node refer, respectively, to the Trees above. ---------------------------------------- Running cs-bisection-step --graph-out=/home/logs/results/bisect/qemu-mainline/test-amd64-i386-xl-qemuu-debianhvm-amd64.debian-hvm-install --summary-out=tmp/65229.bisection-summary --basis-template=64579 --blessings=real,real-bisect qemu-mainline test-amd64-i386-xl-qemuu-debianhvm-amd64 debian-hvm-install Searching for failure / basis pass: 65147 fail [host=nocera1] / 65121 [host=rimava1] 65100 [host=pinot1] 65078 [host=fiano1] 65054 [host=huxelrebe0] 65005 [host=italia1] 64965 [host=rimava0] 64797 [host=huxelrebe1] 64579 [host=chardonnay1] 64450 [host=baroque0] 64290 [host=italia0] 64095 [host=fiano1] 63957 [host=pinot1] 63705 [host=italia1] 63585 [host=huxelrebe1] 63527 [host=rimava0] 63466 [host=huxelrebe0] 63384 [host=baroque0] 63363 [host=rimava1] 63346 [host=merlot1] 63202 [host=elbling1] 63117 [host=baroque1] 63086 [host=pinot1] 63064 [host=huxelrebe1] 63029 [host=pinot0] 63010 [host=rimava1] 62950 [host=italia1] 62943 [host=fiano1] 62934 [host=chardonnay1] 62795 [host=italia0] 62748 [host=huxelrebe0] 62696 [host=pinot1] 62649 [host=chardonnay0] 62594 [host=chardonnay0] 62525 [host=elbling1] 62424 [host=pinot0] 62339 [host=rimava1] 62280 [host=chardonnay1] 62173 [host=huxelrebe1] 61883 [host=chardonnay0] 61767 [host=elbling1] 61573 [host=merlot0] 61516 [host=merlot1] 61288 [host=elbling0] 61006 [host=italia0] 60958 [host=rimava1] 60879 [host=pinot1] 60846 [host=chardonnay1] 60777 [host=italia1] 60713 [host=fiano0] 60685 [host=merlot0] 60664 [host=pinot1] 60616 [host=pinot0] 60583 [host=italia0] 60374 [host=italia0] 60164 [host=italia0] 60029 [host=italia0] 59965 [host=italia0] 59932 [host=italia0] 59908 [host=italia0] 59877 [host=italia0] 59850 [host=italia0] 59810 [host=italia0] 59791 [host=italia0] 59769 [host=italia0] 59715 [host=italia0] 59695 [host=italia0] 59661 [host=italia0] 59634 [host=italia0] 59616 [host=italia0] 59598 [host=italia0] 59579 [host=italia0] 59556 [host=italia0] 59530 [host=italia0] 59505 [host=italia0] 59483 [host=italia0] 59465 [host=italia0] 59435 [host=italia0] 59387 [host=italia0] 59307 [host=italia0] 59214 [host=italia0] 59169 [host=italia0] 59109 [host=elbling0] 59059 [host=elbling1] 59035 [host=fiano1] 59023 [host=chardonnay1] 59010 [host=pinot1] 58980 [host=rimava1] 58973 [host=italia1] 58964 [host=pinot0] 58934 [host=huxelrebe1] 58904 [host=chardonnay0] 58876 [host=huxelrebe0] 58844 [host=italia0] 58829 [host=elbling0] 58819 [host=merlot1] 58753 [host=fiano0] 58732 [host=merlot0] 58721 [host=fiano1] 58708 [host=pinot1] 58672 [host=elbling1] 58473 [host=huxelrebe1] 58416 [host=chardonnay0] 58387 [host=huxelrebe0] 58318 [host=pinot0] 58241 [host=italia0] 58195 [host=elbling0] 58150 [host=elbling0] 57925 [host=elbling0] 57872 [host=pinot1] 57815 [host=fiano1] 57737 [host=italia1] 57591 [host=rimava1] 57513 [host=fiano0] 57448 [host=pinot1] 57404 [host=merlot0] 57288 [host=italia0] 57266 [host=chardonnay0] 57174 [host=italia1] 57141 [host=italia1] 57112 [host=merlot1] 57078 [host=pinot0] 56989 [host=elbling0] 56946 [host=huxelrebe0] 56911 [host=fiano0] 56831 [host=huxelrebe1] 56784 [host=italia0] 56727 [host=fiano1] 56682 [host=chardonnay0] 56512 [host=chardonnay1] 56435 [host=elbling0] 56374 [host=pinot1] 55881 [host=merlot0] 55418 [host=elbling1] 55331 [host=merlot1] 55268 [host=baroque0] 54832 [host=italia1] 53914 [host=baroque1] 53811 [host=pinot0] 53190 [host=fiano1] 52652 [host=pinot1] 50428 [host=pinot0] 50406 [host=italia0] 50391 [host=nocera0] 50371 [host=italia1] 50337 ok. Failure / basis pass flights: 65147 / 50337 (tree with no url: ovmf) (tree with no url: seabios) Tree: linux git://xenbits.xen.org/linux-pvops.git Tree: linuxfirmware git://xenbits.xen.org/osstest/linux-firmware.git Tree: qemu git://xenbits.xen.org/qemu-xen-traditional.git Tree: qemuu git://git.qemu.org/qemu.git Tree: xen git://xenbits.xen.org/xen.git Latest 769b79eb206ad5b0249a08665fefb913c3d1998e c530a75c1e6a472b0eb9558310b518f0dfcd8860 bc00cad75d8bcc3ba696992bec219c21db8406aa b04fc428356a540fdb9065fa8c3c71ee476c2031 713b7e4ef2aa4ec3ae697cde9c81d5a57548f9b1 Basis pass 8a5f782c33c04ea5c9b3ca6fb32d6039e2e5c0c9 c530a75c1e6a472b0eb9558310b518f0dfcd8860 a4b276b4ce49c8d70dd841ff885b900ec652b994 f2155a089600e80cf7bcdc814520ef3304882cc4 3a28f760508fb35c430edac17a9efde5aff6d1d5 Generating revisions with ./adhoc-revtuple-generator git://xenbits.xen.org/linux-pvops.git#8a5f782c33c04ea5c9b3ca6fb32d6039e2e5c0c9-769b79eb206ad5b0249a08665fefb913c3d1998e git://xenbits.xen.org/osstest/linux-firmware.git#c530a75c1e6a472b0eb9558310b518f0dfcd8860-c530a75c1e6a472b0eb9558310b518f0dfcd8860 git://xenbits.xen.org/qemu-xen-traditional.git#a4b276b4ce49c8d70dd841ff885b900ec652b994-bc00cad75d8bcc3ba696992bec219c21db8406aa git://git.qemu.org/qemu.git#f2155a089600e80cf7bcdc814520ef3304882cc4-b04fc428356a540fdb9065fa8c3c71ee476c2031 git://xenbits.xen.org/xen.git#3a28f760508fb35c430edac17a9efde5aff6d1d5-713b7e4ef2aa4ec3ae697cde9c81d5a57548f9b1 adhoc-revtuple-generator: tree discontiguous: linux-pvops adhoc-revtuple-generator: tree discontiguous: qemu adhoc-revtuple-generator: tree discontiguous: xen Loaded 1006 nodes in revision graph Searching for test results: 34710 [host=rice-weevil] 34711 [host=rice-weevil] 34716 [host=rice-weevil] 34721 [host=rice-weevil] 34727 [host=rice-weevil] 34730 [host=rice-weevil] 34734 [host=rice-weevil] 34738 [host=rice-weevil] 34744 [host=rice-weevil] 34748 [host=rice-weevil] 34759 [host=rice-weevil] 63957 [host=pinot1] 34896 [host=rice-weevil] 34909 [host=rice-weevil] 34920 [host=rice-weevil] 34937 [host=rice-weevil] 34952 [host=rice-weevil] 34957 [host=rice-weevil] 34961 [host=rice-weevil] 34967 [host=rice-weevil] 34979 [host=rice-weevil] 34983 [host=rice-weevil] 34988 [host=rice-weevil] 34993 [host=rice-weevil] 34996 [host=rice-weevil] 35004 [host=rice-weevil] 35011 [host=rice-weevil] 35021 [host=rice-weevil] 35028 [host=rice-weevil] 35033 [host=rice-weevil] 35052 [host=rice-weevil] 35063 [host=rice-weevil] 35077 [host=rice-weevil] 35098 [host=rice-weevil] 35101 [host=rice-weevil] 35119 [host=rice-weevil] 35133 [host=rice-weevil] 35147 [host=rice-weevil] 35157 [host=rice-weevil] 35169 [host=rice-weevil] 35179 [host=rice-weevil] 35187 [host=rice-weevil] 35196 [host=rice-weevil] 35212 [host=rice-weevil] 35220 [host=rice-weevil] 35228 [host=rice-weevil] 35237 [host=rice-weevil] 35251 [host=rice-weevil] 35269 [host=rice-weevil] 35283 [host=rice-weevil] 35290 [host=rice-weevil] 35296 [host=rice-weevil] 35298 [host=grain-weevil] 35303 [host=rice-weevil] 35314 [host=rice-weevil] 35319 [host=rice-weevil] 35336 [host=rice-weevil] 35344 [host=rice-weevil] 35364 [host=rice-weevil] 35371 [host=rice-weevil] 35377 [host=rice-weevil] 35387 [host=rice-weevil] 35394 [host=rice-weevil] 35408 [host=rice-weevil] 35427 [host=rice-weevil] 35436 [host=rice-weevil] 35455 [host=rice-weevil] 35477 [host=rice-weevil] 35489 [host=rice-weevil] 35491 [host=rice-weevil] 35499 [host=rice-weevil] 35505 [host=rice-weevil] 35511 [host=rice-weevil] 35516 [host=rice-weevil] 35519 [host=rice-weevil] 35531 [host=rice-weevil] 35537 [host=rice-weevil] 35543 [host=rice-weevil] 35551 [host=rice-weevil] 35560 [host=rice-weevil] 35565 [host=rice-weevil] 35571 [host=rice-weevil] 35572 [host=grain-weevil] 35819 [host=lace-bug] 35893 [host=scape-moth] 36522 [host=leaf-beetle] 36586 [host=itch-mite] 36709 [host=scape-moth] 36760 [host=lace-bug] 50272 [host=fiano0] 50290 [host=pinot0] 50320 [host=fiano1] 50337 pass 8a5f782c33c04ea5c9b3ca6fb32d6039e2e5c0c9 c530a75c1e6a472b0eb9558310b518f0dfcd8860 a4b276b4ce49c8d70dd841ff885b900ec652b994 f2155a089600e80cf7bcdc814520ef3304882cc4 3a28f760508fb35c430edac17a9efde5aff6d1d5 50371 [host=italia1] 50259 [] 64095 [host=fiano1] 50406 [host=italia0] 50391 [host=nocera0] 50428 [host=pinot0] 64177 [] 64290 [host=italia0] 64450 [host=baroque0] 64579 [host=chardonnay1] 64797 [host=huxelrebe1] 64965 [host=rimava0] 65005 [host=italia1] 52624 [] 52652 [host=pinot1] 65121 [host=rimava1] 65054 [host=huxelrebe0] 65078 [host=fiano1] 65100 [host=pinot1] 65147 fail 769b79eb206ad5b0249a08665fefb913c3d1998e c530a75c1e6a472b0eb9558310b518f0dfcd8860 bc00cad75d8bcc3ba696992bec219c21db8406aa b04fc428356a540fdb9065fa8c3c71ee476c2031 713b7e4ef2aa4ec3ae697cde9c81d5a57548f9b1 65198 pass 8a5f782c33c04ea5c9b3ca6fb32d6039e2e5c0c9 c530a75c1e6a472b0eb9558310b518f0dfcd8860 734b9a8f05418c6cdb21b4c3d24b9d35960595eb f2155a089600e80cf7bcdc814520ef3304882cc4 3a28f760508fb35c430edac17a9efde5aff6d1d5 65169 pass 8a5f782c33c04ea5c9b3ca6fb32d6039e2e5c0c9 c530a75c1e6a472b0eb9558310b518f0dfcd8860 a4b276b4ce49c8d70dd841ff885b900ec652b994 f2155a089600e80cf7bcdc814520ef3304882cc4 3a28f760508fb35c430edac17a9efde5aff6d1d5 65221 fail 769b79eb206ad5b0249a08665fefb913c3d1998e c530a75c1e6a472b0eb9558310b518f0dfcd8860 bc00cad75d8bcc3ba696992bec219c21db8406aa b04fc428356a540fdb9065fa8c3c71ee476c2031 713b7e4ef2aa4ec3ae697cde9c81d5a57548f9b1 65185 fail 769b79eb206ad5b0249a08665fefb913c3d1998e c530a75c1e6a472b0eb9558310b518f0dfcd8860 bc00cad75d8bcc3ba696992bec219c21db8406aa b04fc428356a540fdb9065fa8c3c71ee476c2031 713b7e4ef2aa4ec3ae697cde9c81d5a57548f9b1 65211 fail 769b79eb206ad5b0249a08665fefb913c3d1998e c530a75c1e6a472b0eb9558310b518f0dfcd8860 bc00cad75d8bcc3ba696992bec219c21db8406aa b04fc428356a540fdb9065fa8c3c71ee476c2031 713b7e4ef2aa4ec3ae697cde9c81d5a57548f9b1 65188 pass 8a5f782c33c04ea5c9b3ca6fb32d6039e2e5c0c9 c530a75c1e6a472b0eb9558310b518f0dfcd8860 3b050c69ee3171997d33bb8b2c111a4ebea169fd f2155a089600e80cf7bcdc814520ef3304882cc4 3a28f760508fb35c430edac17a9efde5aff6d1d5 65201 pass 769b79eb206ad5b0249a08665fefb913c3d1998e c530a75c1e6a472b0eb9558310b518f0dfcd8860 bc00cad75d8bcc3ba696992bec219c21db8406aa f2155a089600e80cf7bcdc814520ef3304882cc4 3a28f760508fb35c430edac17a9efde5aff6d1d5 65191 pass 8a5f782c33c04ea5c9b3ca6fb32d6039e2e5c0c9 c530a75c1e6a472b0eb9558310b518f0dfcd8860 e6af340b9e32e78fd980d46d939aa0939f51ebd4 f2155a089600e80cf7bcdc814520ef3304882cc4 3a28f760508fb35c430edac17a9efde5aff6d1d5 65194 pass 8a5f782c33c04ea5c9b3ca6fb32d6039e2e5c0c9 c530a75c1e6a472b0eb9558310b518f0dfcd8860 9da9f80538c8ff891886cfe3d987ca17bd240d19 f2155a089600e80cf7bcdc814520ef3304882cc4 3a28f760508fb35c430edac17a9efde5aff6d1d5 65229 fail 769b79eb206ad5b0249a08665fefb913c3d1998e c530a75c1e6a472b0eb9558310b518f0dfcd8860 bc00cad75d8bcc3ba696992bec219c21db8406aa b04fc428356a540fdb9065fa8c3c71ee476c2031 713b7e4ef2aa4ec3ae697cde9c81d5a57548f9b1 65206 pass 769b79eb206ad5b0249a08665fefb913c3d1998e c530a75c1e6a472b0eb9558310b518f0dfcd8860 bc00cad75d8bcc3ba696992bec219c21db8406aa f2155a089600e80cf7bcdc814520ef3304882cc4 713b7e4ef2aa4ec3ae697cde9c81d5a57548f9b1 65216 pass 769b79eb206ad5b0249a08665fefb913c3d1998e c530a75c1e6a472b0eb9558310b518f0dfcd8860 bc00cad75d8bcc3ba696992bec219c21db8406aa f2155a089600e80cf7bcdc814520ef3304882cc4 713b7e4ef2aa4ec3ae697cde9c81d5a57548f9b1 65224 pass 769b79eb206ad5b0249a08665fefb913c3d1998e c530a75c1e6a472b0eb9558310b518f0dfcd8860 bc00cad75d8bcc3ba696992bec219c21db8406aa f2155a089600e80cf7bcdc814520ef3304882cc4 713b7e4ef2aa4ec3ae697cde9c81d5a57548f9b1 53190 [host=fiano1] 53811 [host=pinot0] 53914 [host=baroque1] 54832 [host=italia1] 55268 [host=baroque0] 55331 [host=merlot1] 55418 [host=elbling1] 55881 [host=merlot0] 56374 [host=pinot1] 56435 [host=elbling0] 56512 [host=chardonnay1] 56682 [host=chardonnay0] 56727 [host=fiano1] 56831 [host=huxelrebe1] 56784 [host=italia0] 56911 [host=fiano0] 56946 [host=huxelrebe0] 57078 [host=pinot0] 56989 [host=elbling0] 57174 [host=italia1] 57112 [host=merlot1] 57141 [host=italia1] 57266 [host=chardonnay0] 57288 [host=italia0] 57404 [host=merlot0] 57513 [host=fiano0] 57448 [host=pinot1] 57591 [host=rimava1] 57737 [host=italia1] 57872 [host=pinot1] 57815 [host=fiano1] 57925 [host=elbling0] 58150 [host=elbling0] 58195 [host=elbling0] 58241 [host=italia0] 58318 [host=pinot0] 58387 [host=huxelrebe0] 58416 [host=chardonnay0] 58473 [host=huxelrebe1] 58648 [] 58638 [] 58625 [] 58632 [] 58658 [] 58672 [host=elbling1] 58664 [] 58708 [host=pinot1] 58721 [host=fiano1] 58732 [host=merlot0] 58753 [host=fiano0] 58819 [host=merlot1] 58829 [host=elbling0] 58844 [host=italia0] 58904 [host=chardonnay0] 58876 [host=huxelrebe0] 58934 [host=huxelrebe1] 58973 [host=italia1] 58964 [host=pinot0] 58980 [host=rimava1] 59010 [host=pinot1] 59023 [host=chardonnay1] 59035 [host=fiano1] 59059 [host=elbling1] 59169 [host=italia0] 59109 [host=elbling0] 59307 [host=italia0] 59214 [host=italia0] 59387 [host=italia0] 59435 [host=italia0] 59465 [host=italia0] 59483 [host=italia0] 59505 [host=italia0] 59530 [host=italia0] 59556 [host=italia0] 59579 [host=italia0] 59598 [host=italia0] 59616 [host=italia0] 59634 [host=italia0] 59661 [host=italia0] 59695 [host=italia0] 59715 [host=italia0] 59810 [host=italia0] 59791 [host=italia0] 59850 [host=italia0] 59877 [host=italia0] 59760 [] 59769 [host=italia0] 59832 [host=italia0] 59932 [host=italia0] 59965 [host=italia0] 60004 [] 59908 [host=italia0] 60029 [host=italia0] 60164 [host=italia0] 60374 [host=italia0] 60616 [host=pinot0] 60583 [host=italia0] 60713 [host=fiano0] 60685 [host=merlot0] 60664 [host=pinot1] 60777 [host=italia1] 60846 [host=chardonnay1] 60958 [host=rimava1] 60879 [host=pinot1] 61006 [host=italia0] 61128 [] 61288 [host=elbling0] 61516 [host=merlot1] 61573 [host=merlot0] 61767 [host=elbling1] 61883 [host=chardonnay0] 62028 [host=huxelrebe0] 62173 [host=huxelrebe1] 62339 [host=rimava1] 62280 [host=chardonnay1] 62424 [host=pinot0] 62525 [host=elbling1] 62594 [host=chardonnay0] 62683 [host=chardonnay0] 62649 [host=chardonnay0] 62681 [host=chardonnay0] 62696 [host=pinot1] 62795 [host=italia0] 62748 [host=huxelrebe0] 62950 [host=italia1] 62934 [host=chardonnay1] 62943 [host=fiano1] 63029 [host=pinot0] 63010 [host=rimava1] 63064 [host=huxelrebe1] 63086 [host=pinot1] 63117 [host=baroque1] 63202 [host=elbling1] 63346 [host=merlot1] 63363 [host=rimava1] 63384 [host=baroque0] 63466 [host=huxelrebe0] 63527 [host=rimava0] 63585 [host=huxelrebe1] 63705 [host=italia1] 34146 [host=rice-weevil] 34262 [host=rice-weevil] 34244 [host=rice-weevil] 34187 [host=rice-weevil] 34241 [host=rice-weevil] 34248 [host=rice-weevil] 34259 [host=rice-weevil] 34188 [host=rice-weevil] 34254 [host=rice-weevil] 34337 [host=rice-weevil] 34357 [host=rice-weevil] 34330 [host=rice-weevil] 34323 [host=rice-weevil] 34320 [host=rice-weevil] 34347 [host=rice-weevil] 34335 [host=rice-weevil] 34339 [host=rice-weevil] 34354 [host=rice-weevil] 34349 [host=rice-weevil] 34393 [host=rice-weevil] 34455 [host=rice-weevil] 34401 [host=rice-weevil] 34402 [host=rice-weevil] 34424 [host=rice-weevil] 34404 [host=rice-weevil] 34412 [host=rice-weevil] 34429 [host=rice-weevil] 34407 [host=rice-weevil] 34410 [host=rice-weevil] 34433 [host=rice-weevil] 34422 [host=rice-weevil] 34427 [host=grain-weevil] 34449 [host=rice-weevil] 34430 [host=rice-weevil] 34441 [host=rice-weevil] 34445 [host=rice-weevil] 34438 [host=rice-weevil] 34452 [host=rice-weevil] 34458 [host=rice-weevil] 34460 [host=rice-weevil] 34463 [host=rice-weevil] 34466 [host=rice-weevil] 34470 [host=rice-weevil] 34473 [host=rice-weevil] 34543 [host=grain-weevil] 34475 [host=rice-weevil] 34480 [host=rice-weevil] 34485 [host=rice-weevil] 34489 [host=rice-weevil] 34490 [host=grain-weevil] 34544 [host=grain-weevil] 34577 [host=grain-weevil] 34579 [host=grain-weevil] 34581 [host=grain-weevil] 34583 [host=grain-weevil] 34585 [host=grain-weevil] 34587 [host=grain-weevil] 34633 [host=grain-weevil] 34588 [host=grain-weevil] 34656 [host=rice-weevil] 34635 [host=grain-weevil] 34594 [host=grain-weevil] 34636 [host=grain-weevil] 34646 [host=grain-weevil] 34658 [host=rice-weevil] 34598 [host=grain-weevil] 34631 [host=grain-weevil] 34632 [host=grain-weevil] 34640 [host=grain-weevil] 34644 [host=grain-weevil] 34596 [host=rice-weevil] 34653 [host=grain-weevil] Searching for interesting versions Result found: flight 50337 (pass), for basis pass Result found: flight 65147 (fail), for basis failure Repro found: flight 65169 (pass), for basis pass Repro found: flight 65185 (fail), for basis failure 0 revisions at 769b79eb206ad5b0249a08665fefb913c3d1998e c530a75c1e6a472b0eb9558310b518f0dfcd8860 bc00cad75d8bcc3ba696992bec219c21db8406aa f2155a089600e80cf7bcdc814520ef3304882cc4 713b7e4ef2aa4ec3ae697cde9c81d5a57548f9b1 No revisions left to test, checking graph state. Result found: flight 65206 (pass), for last pass Result found: flight 65211 (fail), for first failure Repro found: flight 65216 (pass), for last pass Repro found: flight 65221 (fail), for first failure Repro found: flight 65224 (pass), for last pass Repro found: flight 65229 (fail), for first failure *** Found and reproduced problem changeset *** Bug is in tree: qemuu git://git.qemu.org/qemu.git Bug introduced: b04fc428356a540fdb9065fa8c3c71ee476c2031 Bug not present: f2155a089600e80cf7bcdc814520ef3304882cc4 Last fail repro: http://logs.test-lab.xenproject.org/osstest/logs/65229/ commit b04fc428356a540fdb9065fa8c3c71ee476c2031 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 26 17:50:12 2015 +0000 Update version for v2.5.0-rc2 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 72f75c76d84e2eefc6806dafca116860ffe847f0 Merge: a5df350 d08e42a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 26 16:50:59 2015 +0000 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging vhost, pc: fixes for 2.5 Minor vhost fixes. HW version tweak for PC. Documentation and test updates. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu 26 Nov 2015 16:40:25 GMT using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: vhost-user-test: fix migration overlap test Fix memory leak on error Revert "vhost: send SET_VRING_ENABLE at start/stop" tests/vhost-user-bridge: read command line arguments tests/vhost-user-bridge: propose GUEST_ANNOUNCE feature vhost-user: clarify start and enable vhost-user: set link down when the char device is closed pc: Don't set hw_version on pc-*-2.5 osdep: Change default value of qemu_hw_version() to "2.5+" Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d08e42a1125d384cb53423f5810b0c7ea52dc6c9 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Nov 26 15:14:02 2015 +0200 vhost-user-test: fix migration overlap test During migration, source does GET_BASE, destination does SET_BASE. Use that as opposed to fds being configured to detect vhost user running on both source and destination. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit a5df35070a4c7fa8e2d9c6bd7175ee8e3e0f7641 Merge: 317e4db df64983 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 26 16:27:26 2015 +0000 Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-11-26' into staging QMP and QObject patches # gpg: Signature made Thu 26 Nov 2015 09:07:18 GMT using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-monitor-2015-11-26: qjson: Limit number of tokens in addition to total size qjson: surprise, allocating 6 QObjects per token is expensive qjson: store tokens in a GQueue qjson: Convert to parser to recursive descent qjson: replace QString in JSONLexer with GString qjson: Inline token_is_escape() and simplify qjson: Inline token_is_keyword() and simplify qjson: Give each of the six structural chars its own token type qjson: Spell out some silent assumptions check-qjson: Add test for JSON nesting depth limit qjson: Don't crash when input exceeds nesting limit qjson: Apply nesting limit more sanely monitor: Plug memory leak on QMP error Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 317e4db6e90421abeeebc78f1a3e8472a76b2e74 Merge: fe4cf57 5120901 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 26 15:56:53 2015 +0000 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging Small patches, without the one that introduces -fwrapv. # gpg: Signature made Thu 26 Nov 2015 15:48:53 GMT using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" * remotes/bonzini/tags/for-upstream: target-i386: kvm: Print warning when clearing mcg_cap bits target-i386: kvm: Use env->mcg_cap when setting up MCE target-i386: kvm: Abort if MCE bank count is not supported by host virtio-scsi: don't crash without a valid device target-sparc: fix 32-bit truncation in fpackfix exec: remove warning about mempath and hugetlbfs Revert "exec: silence hugetlbfs warning under qtest" call bdrv_drain_all() even if the vm is stopped MAINTAINERS: Update TCG CPU cores section Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5120901a378501403d5454b69cf43e666fc29d5b Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Nov 25 18:19:16 2015 +0100 target-i386: kvm: Print warning when clearing mcg_cap bits Instead of silently clearing mcg_cap bits when the host doesn't support them, print a warning when doing that. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> [Avoid \n at end of error_report. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1448471956-66873-10-git-send-email-pbonzini@xxxxxxxxxx> commit 2590f15b13cc57487518996b32bb7626b0d80909 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Nov 25 18:19:15 2015 +0100 target-i386: kvm: Use env->mcg_cap when setting up MCE When setting up MCE, instead of using the MCE_*_DEF macros directly, just filter the existing env->mcg_cap value. As env->mcg_cap is already initialized as MCE_CAP_DEF|MCE_BANKS_DEF at target-i386/cpu.c:mce_init(), this doesn't change any behavior. But it will allow us to change mce_init() in the future, to implement different defaults depending on CPU model, machine-type or command-line parameters. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1448471956-66873-9-git-send-email-pbonzini@xxxxxxxxxx> commit 49b69cbfcd6e32e2178d6ff7e5d60689c3f79c6e Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Nov 25 18:19:14 2015 +0100 target-i386: kvm: Abort if MCE bank count is not supported by host Instead of silently changing the number of banks in mcg_cap based on kvm_get_mce_cap_supported(), abort initialization if the host doesn't support MCE_BANKS_DEF banks. Note that MCE_BANKS_DEF was always 10 since it was introduced in QEMU, and Linux always returned 32 at KVM_CAP_MCE since KVM_CAP_MCE was introduced, so no behavior is being changed and the error can't be triggered by any Linux version. The point of the new check is to ensure we won't silently change the bank count if we change MCE_BANKS_DEF or make the bank count configurable in the future. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> [Avoid Yoda condition and \n at end of error_report. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1448471956-66873-8-git-send-email-pbonzini@xxxxxxxxxx> commit 3e32e8a96e6995cde3d8a13d68e31226ee83f290 Author: Eugene (jno) Dvurechenski <jno@xxxxxxxxxxxxxxxxxx> Date: Thu Nov 26 15:45:35 2015 +0100 virtio-scsi: don't crash without a valid device Make sure that we actually have a device when checking the aio context. Otherwise guests could trigger QEMU crashes. Signed-off-by: "Eugene (jno) Dvurechenski" <jno@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Message-Id: <1448549135-6582-2-git-send-email-jno@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 12a3567c4099be194b44987ac5d7d65b99bcfab7 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Nov 2 15:05:34 2015 +0100 target-sparc: fix 32-bit truncation in fpackfix This is reported by Coverity. The algorithm description at ftp://ftp.icm.edu.pl/packages/ggi/doc/hw/sparc/Sparc.pdf suggests that the 32-bit parts of rs2, after the left shift, is treated as a 64-bit integer. Bits 32 and above are used to do the saturating truncation. Message-Id: <1446473134-4330-1-git-send-email-pbonzini@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bfc2a1a1f41c2861b20e8318c0541d0823427802 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Nov 25 10:52:29 2015 +0000 exec: remove warning about mempath and hugetlbfs The gethugepagesize() method in exec.c printed a warning if the file path for "-mem-path" or "-object memory-backend-file" was not on a hugetlbfs filesystem. This warning is bogus, because QEMU functions perfectly well with the path on a regular tmpfs filesystem. Use of hugetlbfs vs tmpfs is a choice for the management application or end user to make as best fits their needs. As such it is inappropriate for QEMU to have an opinion on whether the user's choice is right or wrong in this case. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1448448749-1332-3-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2c189a4e12a37b1c7cae2a2643c378c5af8f67fc Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Nov 25 10:52:28 2015 +0000 Revert "exec: silence hugetlbfs warning under qtest" This reverts commit 1c7ba94a184df1eddd589d5400d879568d3e5d08. That commit changed QEMU initialization order from - object-initial, chardev, qtest, object-late to - chardev, qtest, object-initial, object-late This breaks chardev setups which need to rely on objects having been created. For example, when chardevs use TLS encryption in the future, they need to have tls credential objects created first. This revert, restores the ordering introduced in commit f08f9271bfe3f19a5eb3d7a2f48532065304d5c8 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 13 17:14:04 2015 +0100 vl: Create (most) objects before creating chardev backends Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1448448749-1332-2-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b2780d325306dc80ec07db9c0c61e9b2ac10e559 Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Fri Nov 20 17:34:38 2015 +0800 call bdrv_drain_all() even if the vm is stopped There are still I/O operations when the vm is stopped. For example, stop the vm, and do block migration. In this case, we don't drain all I/O operation, and may meet the following problem: qemu-system-x86_64: migration/block.c:731: block_save_complete: Assertion `block_mig_state.submitted == 0' failed. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Message-Id: <564EE92E.4070701@xxxxxxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 903a41d3415960240cb3b9f1d66f3707b27010d6 Author: Stefano Dong (è?£å?´æ°´) <opensource.dxs@xxxxxxxxxx> Date: Thu Nov 26 12:00:12 2015 +0000 Fix memory leak on error hw/ppc/spapr.c: Fix memory leak on error, it was introduced in bc09e0611 hw/acpi/memory_hotplug.c: Fix memory leak on error, it was introduced in 34f2af3d Signed-off-by: Stefano Dong (è?£å?´æ°´) <opensource.dxs@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fe4cf57da7a85fa65488448acdc22a65096e832a Merge: b8b0ee0 7fe4a41 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 26 10:58:10 2015 +0000 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-20151126-1' into staging vnc: fix segfault # gpg: Signature made Thu 26 Nov 2015 07:37:43 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vnc-20151126-1: vnc: fix segfault Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b8b0ee0ea3d2789d8ee7372b9a173e7952e18087 Merge: 7ef7ddf 44c6e00 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 26 10:24:18 2015 +0000 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-11-25-v2-tag' into staging qemu-ga patch queue for 2.5 * include additional w32 MSI install components needed for guest-exec * fix 'make install' when compiling with --disable-tools * fix potential data corruption/loss when accessing files bi-directionally via guest-file-{read,write} * explicitly document how integer args for guest-file-seek map to SEEK_SET/SEEK_CUR/etc to avoid platform-specific differences v2: * fixed missing SoB # gpg: Signature made Wed 25 Nov 2015 23:58:45 GMT using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" * remotes/mdroth/tags/qga-pull-2015-11-25-v2-tag: qga: added another non-interactive gspawn() helper file. qga: Better mapping of SEEK_* in guest-file-seek tests: add file-write-read test qga: flush explicitly when needed qga: gspawn() console helper to Windows guest agent msi build makefile: fix qemu-ga make install for --disable-tools Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 449e3578107799817a81249b189f6f82aa9e787d Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Nov 25 13:39:57 2015 +0200 Revert "vhost: send SET_VRING_ENABLE at start/stop" This reverts commit 3a12f32229a046f4d4ab0a3a52fb01d2d5a1ab76. In case of live migration several queues can be enabled and not only the first one. So informing backend that only the first queue is enabled is wrong. Reported-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> Cc: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> commit 7ef7ddf37674f7147ef23c311cbc3c37e908c8b0 Merge: c7933a8 9c73517 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 26 09:44:25 2015 +0000 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Wed 25 Nov 2015 20:25:21 GMT using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" * remotes/jnsnow/tags/ide-pull-request: ide-test: fix timeouts atapi: Fix code indentation atapi: Account for failed and invalid operations in cd_read_sector() ide-test: cdrom_pio_impl fixup Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit df649835fe48f635a93316fdefe96ced7189316e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:33 2015 +0100 qjson: Limit number of tokens in addition to total size Commit 29c75dd "json-streamer: limit the maximum recursion depth and maximum token count" attempts to guard against excessive heap usage by limiting total token size (it says "token count", but that's a lie). Total token size is a rather imprecise predictor of heap usage: many small tokens use more space than few large tokens with the same input size, because there's a constant per-token overhead: 37 bytes on my system. Tighten this up: limit the token count to 2Mi. Chosen to roughly match the 64MiB total token size limit. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1448486613-17634-13-git-send-email-armbru@xxxxxxxxxx> commit 9bada8971173345ceb37ed1a47b00a01a4dd48cf Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Nov 25 22:23:32 2015 +0100 qjson: surprise, allocating 6 QObjects per token is expensive Replace the contents of the tokens GQueue with a simple struct. This cuts the amount of memory allocated by tests/check-qjson from ~500MB to ~20MB, and the execution time from 600ms to 80ms on my laptop. Still a lot (some could be saved by using an intrusive list, such as QSIMPLEQ, instead of the GQueue), but the savings are already massive and the right thing to do would probably be to get rid of json-streamer completely. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1448300659-23559-5-git-send-email-pbonzini@xxxxxxxxxx> [Straightforwardly rebased on my patches] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 95385fe9ace7db156b924da6b6f5c9082b68ba68 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Nov 25 22:23:31 2015 +0100 qjson: store tokens in a GQueue Even though we still have the "streamer" concept, the tokens can now be deleted as they are read. While doing so convert from QList to GQueue, since the next step will make tokens not a QObject and we will have to do the conversion anyway. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1448300659-23559-4-git-send-email-pbonzini@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit d538b25543f4db026bb435066e2403a542522c40 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:30 2015 +0100 qjson: Convert to parser to recursive descent We backtrack in parse_value(), even though JSON is LL(1) and thus can be parsed by straightforward recursive descent. Do exactly that. Based on an almost-correct patch from Paolo Bonzini. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448486613-17634-10-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit d2ca7c0b0d876cf0e219ae7a92252626b0913a28 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Nov 25 22:23:29 2015 +0100 qjson: replace QString in JSONLexer with GString JSONLexer only needs a simple resizable buffer. json-streamer.c can allocate memory for each token instead of relying on reference counting of QStrings. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1448300659-23559-2-git-send-email-pbonzini@xxxxxxxxxx> [Straightforwardly rebased on my patches, checkpatch made happy] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 6b9606f68ec589def27bd2a9cea97ec63cffd581 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:28 2015 +0100 qjson: Inline token_is_escape() and simplify Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448486613-17634-8-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 50e2a467f5315fa36c547fb6330659ba45f6bb83 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:27 2015 +0100 qjson: Inline token_is_keyword() and simplify Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448486613-17634-7-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit c54616608af442edf4cfb7397a1909c2653efba0 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:26 2015 +0100 qjson: Give each of the six structural chars its own token type Simplifies things, because we always check for a specific one. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448486613-17634-6-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit b8d3b1da3cdbb02e180618d6be346c564723015d Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:25 2015 +0100 qjson: Spell out some silent assumptions Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448486613-17634-5-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit f0ae0304c7a41a42b7d4a6cde450da938d3c2cc7 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:24 2015 +0100 check-qjson: Add test for JSON nesting depth limit This would have prevented the regression mentioned in the previous commit. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1448486613-17634-4-git-send-email-armbru@xxxxxxxxxx> commit 0753113a26bb8c77f951b1ea91fd4f36d099c37a Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:23 2015 +0100 qjson: Don't crash when input exceeds nesting limit We limit nesting depth and input size to defend against input triggering excessive heap or stack memory use (commit 29c75dd json-streamer: limit the maximum recursion depth and maximum token count). However, when the nesting limit is exceeded, parser_context_peek_token()'s assertion fails. Broken in commit 65c0f1e "json-parser: don't replicate tokens at each level of recursion". To reproduce stuff 1025 open braces or brackets into QMP. Fix by taking the error exit instead of the normal one. Reported-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1448486613-17634-3-git-send-email-armbru@xxxxxxxxxx> commit 4f2d31fbc0bfdf41feea7d1be49f4f7ffa005534 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Nov 25 22:23:22 2015 +0100 qjson: Apply nesting limit more sanely The nesting limit from commit 29c75dd "json-streamer: limit the maximum recursion depth and maximum token count" applies separately to braces and brackets. This makes no sense. Apply it to their sum, because that's actually a measure of recursion depth. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1448486613-17634-2-git-send-email-armbru@xxxxxxxxxx> commit 3a81a10179b702e031d8f84438193d83a64b4122 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 29 12:15:09 2015 +0100 monitor: Plug memory leak on QMP error Leak introduced in commit 8a4f501..710aec9, v2.4.0. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1446117309-15322-1-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 7fe4a41c262e2529dc79f77f6fe63c5309fa2fd9 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Nov 25 08:04:05 2015 +0100 vnc: fix segfault Commit "c7628bf vnc: only alloc server surface with clients connected" missed one rarely used codepath (cirrus with guest drivers using 2d accel) where we have to check for the server surface being present, to avoid qemu crashing with a NULL pointer dereference. Add the check. Reported-by: Anthony PERARD <anthony.perard@xxxxxxxxxx> Tested-by: Anthony PERARD <anthony.perard@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 44c6e00c3fd85b9c496bd3e74108ace126813a59 Author: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Date: Wed Nov 25 22:02:26 2015 +0300 qga: added another non-interactive gspawn() helper file. With previous commit we added gspawn-win64-helper-console.exe, required for gspawn() mingw implementation. Unfortunatly when running as a service without interactive desktop, gspawn() also requires another helper app. Added gspawn-win64-helper.exe and gspawn-win32-helper.exe for corresponding architectures. Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> * remove trailing whitespace Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 0a982b1bf3953dc8640c4d6e619fb1132ebbebc3 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Wed Nov 25 10:37:15 2015 -0700 qga: Better mapping of SEEK_* in guest-file-seek Exposing OS-specific SEEK_ constants in our qapi was a mistake (if the host has SEEK_CUR as 1, but the guest has it as 2, then the semantics are unclear what should happen); if we had a time machine, we would instead expose only a symbolic enum. It's too late to change the fact that we have an integer in qapi, but we can at least document what mapping we want to enforce for all qga clients (and luckily, it happens to be the mapping that both Linux and Windows use); then fix the code to match that mapping. It also helps us filter out unsupported SEEK_DATA and SEEK_HOLE. In the future, we may wish to move our QGA_SEEK_* constants into qga/qapi-schema.json, along with updating the schema to take an alternate type (either the integer, or the string value of the enum name) - but that's too much risk during hard freeze. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 4eaab85cb1c1ba9c575d29921df81d63c7aa35df Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Wed Nov 25 13:59:12 2015 +0100 tests: add file-write-read test This test exhibits a POSIX behaviour regarding switching between write and read. It's undefined result if the application doesn't ensure a flush between the two operations (with glibc, the flush can be implicit when the buffer size is relatively small). The previous commit fixes this test. Related to: https://bugzilla.redhat.com/show_bug.cgi?id=1210246 Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 895b00f62a7e86724dc7352d67c7808d37366130 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Wed Nov 25 13:59:11 2015 +0100 qga: flush explicitly when needed According to the specification: http://pubs.opengroup.org/onlinepubs/9699919799/functions/fopen.html "the application shall ensure that output is not directly followed by input without an intervening call to fflush() or to a file positioning function (fseek(), fsetpos(), or rewind()), and input is not directly followed by output without an intervening call to a file positioning function, unless the input operation encounters end-of-file." Without this change, an fwrite() followed by an fread() may lose the previously written content, as shown in the following test. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1210246 Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> * don't confuse {write,read}() with f{write,read}() in commit msg (Laszlo) Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 9c73517ca56d6611371376bd298b4b20f3ad6140 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Nov 24 14:36:11 2015 -0500 ide-test: fix timeouts Use explicit timeouts instead of trying to approximate it by counting the cumulative duration of nsleep calls. In practice, the timeout if inb() dwarfed the nsleep delays, and as a result the real timeout value became a lot larger than 5 seconds. So: change the semantics from "Not sooner than 5 seconds" to "no more than 5 seconds" to ensure we don't hang the tester for very long. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1448393771-15483-2-git-send-email-jsnow@xxxxxxxxxx commit f2b608ab80a336b0136d35d9b49419a917656d44 Author: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Date: Thu Nov 19 15:20:37 2015 +0300 qga: gspawn() console helper to Windows guest agent msi build This helper, gspawn-win64-helper-console.exe for 64-bit and gspawn-win32-helper-console.exe for 32-bit environment, is needed for gspawn() mingw implementation, used by guest-exec command. Without these files guest-exec command on Windows will not work with "file not found" diagnostic message. Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 68aa262ad09c81b8b1284340cc0d26b65c605df5 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Mon Nov 23 15:48:58 2015 -0600 makefile: fix qemu-ga make install for --disable-tools ab59e3e introduced a fix for `make install` on w32 that involved filtering out qemu-ga from $TOOLS install recipe so that we could append $(EXESUF) to it before attempting to install the binary via install-prog function. install-prog takes a list of binaries to install to a particular directory. If the list is empty it breaks. We guard against this by ensuring $TOOLS is not empty prior to calling. However, ab59e3e introduces extra filtering after this check which can still result on us attempting to call install-prog with an empty list of binaries. In particular, this occurs if we build with the --disable-tools configure option, which results in qemu-ga being the only member of $TOOLS. Fix this by doing a simple s/qemu-ga/qemu-ga$(EXESUF)/ pass through $TOOLS instead of filtering out qemu-ga to handle it seperately. Reported-by: Steve Ellcey <sellcey@xxxxxxxxxx> Cc: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit c7933a80bc6f3bb79c341f8fc17b4cf76622e2f3 Merge: 1a4dab8 f77dcdb Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 25 16:20:58 2015 +0000 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20151125' into staging migration/next for 20151125 # gpg: Signature made Wed 25 Nov 2015 14:28:47 GMT using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20151125: block-migration: limit the memory usage Assume madvise for (no)hugepage works Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1a4dab849d5d06191ab5e5850f6b8bfcad8ceb47 Merge: e85dda8 8c34d89 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 25 14:47:06 2015 +0000 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches # gpg: Signature made Wed 25 Nov 2015 13:33:14 GMT using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: qemu-iotests: Add -nographic when starting QEMU in 119 and 120 block/qapi: Plug memory leak on query-block error path raw-posix.c: Make GetBSDPath() handle caching options nand: fix flash erase when oob is in memory test-aio: Fix event notifier cleanup tests/Makefile: Add more dependencies for test-timed-average Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f77dcdbc76dbf9bade9739e85e1013639e535835 Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Fri Nov 20 17:37:13 2015 +0800 block-migration: limit the memory usage If we set migration speed in a very large value, block-migration will try to read all data to the memory. Because (block_mig_state.submitted + block_mig_state.read_done) * BLOCK_SIZE will be overflow, and it will be always less than rate limit. There is no need to read too many data into memory when the rate limit is very large. So limit the memory usage can fix the overflow problem. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 1d7414396f926651c4d7a673eb3a10aca5246d76 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 19 15:27:48 2015 +0000 Assume madvise for (no)hugepage works madvise() returns EINVAL in the case of many failures, but also returns it in cases where the host kernel doesn't have THP enabled. Postcopy only really cares that THP is off before it detects faults, and turns it back on afterwards; so we're going to have to assume that if the madvise fails then the host just doesn't do THP and we can carry on with the postcopy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Tested-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 8c34d891b1594840d8394a3c9b92236c13254fd8 Merge: 903c341 4d7f853 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Nov 25 14:33:01 2015 +0100 Merge remote-tracking branch 'mreitz/tags/pull-block-for-kevin-2015-11-25' into queue-block One block patch for qemu 2.5-rc2. # gpg: Signature made Wed Nov 25 14:30:45 2015 CET using RSA key ID E838ACAD # gpg: Good signature from "Max Reitz <mreitz@xxxxxxxxxx>" * mreitz/tags/pull-block-for-kevin-2015-11-25: qemu-iotests: Add -nographic when starting QEMU in 119 and 120 Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4d7f853ff0054989a4f20f1f22d1ec489c669c3b Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 23 10:32:10 2015 +0800 qemu-iotests: Add -nographic when starting QEMU in 119 and 120 Otherwise, a window flashes on my desktop (built with SDL). Add this as other cases have it. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1448245930-15031-1-git-send-email-famz@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 903c341d5742b160e52752eb6fdc1ba9b87dc52e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Nov 20 13:53:35 2015 +0100 block/qapi: Plug memory leak on query-block error path Spotted by Coverity. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 98caa5bc0083ed4fe4833addd3078b56ce2f6cfa Author: Programmingkid <programmingkidx@xxxxxxxxx> Date: Fri Nov 20 19:17:48 2015 -0500 raw-posix.c: Make GetBSDPath() handle caching options Add support for caching options that can be specified from the command line. The CD-ROM raw char device bypasses the host page cache and therefore has alignment requirements. Alignment probing is necessary so only use the raw char device if BDRV_O_NOCACHE is set. This patch fixes -cdrom /dev/cdrom on Mac OS X hosts, where bdrv_read() used to fail due to misaligned requests during image format probing. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8e37ca6d0be8aae2887c167da783fd2d9536c962 Author: Ricard Wanderlof <ricard.wanderlof@xxxxxxxx> Date: Fri Nov 13 14:17:28 2015 +0100 nand: fix flash erase when oob is in memory For the "main area on file, oob in memory" case, fix the shifts so that we erase the correct number of pages. Signed-off-by: Ricard Wanderlöf <ricardw@xxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7595ed743914b9de1d146213dedc1e007283f723 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Nov 23 13:30:23 2015 +0100 test-aio: Fix event notifier cleanup One test case closed an event notifier (event_notifier_cleanup()) without first disabling it (set_event_notifier(..., NULL)). This resulted in a leftover handle 0 that was added to each subsequent WaitForMultipleObjects() call, causing the function to fail (invalid handle). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5e41fbffa115608fe6f7159d345d6caa0019e687 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Nov 23 13:28:12 2015 +0100 tests/Makefile: Add more dependencies for test-timed-average 'make check' failed to compile the test case for mingw because of undefined references. Pull in a few more dependencies so that it builds. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e85dda8070b20dd8765d52daf64de70a9ccf395f Merge: 1aae36d 22037db Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 25 12:09:34 2015 +0000 Merge remote-tracking branch 'remotes/sstabellini/tags/xen-20151125' into staging Xen 2015/11/25 # gpg: Signature made Wed 25 Nov 2015 11:19:26 GMT using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>" * remotes/sstabellini/tags/xen-20151125: xen_disk: Remove ioreq.postsync xen: fix usage of xc_domain_create in domain builder Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2b1641d0a2fc10bdbffb1c0aa9836186af008766 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Nov 13 18:49:54 2015 +0100 MAINTAINERS: Update TCG CPU cores section These are the people that I think have been touching it lately or reviewing patches. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7cf32491eac9dc32fd8ca7933f3edc9d42f884ee Author: Victor Kaplansky <victork@xxxxxxxxxx> Date: Tue Nov 24 12:56:00 2015 +0200 tests/vhost-user-bridge: read command line arguments Now some vhost-user-bridge parameters can be passed from the command line: Usage: prog [-u ud_socket_path] [-l lhost:lport] [-r rhost:rport] -u path to unix doman socket. default: /tmp/vubr.sock -l local host and port. default: 127.0.0.1:4444 -r remote host and port. default: 127.0.0.1:5555 Signed-off-by: Victor Kaplansky <victork@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 85ea9da5b8d8c0b2ab77b493d5ce62599279bf33 Author: Victor Kaplansky <victork@xxxxxxxxxx> Date: Tue Nov 24 12:55:56 2015 +0200 tests/vhost-user-bridge: propose GUEST_ANNOUNCE feature The backend has to know whether VIRTIO_NET_F_GUEST_ANNOUNCE was negotiated, so, as a hack we propose the feature by vhost-user-bridge during the feature negotiation. Signed-off-by: Victor Kaplansky <victork@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c61f09ed855b5009f816242ce281fd01586d4646 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Nov 23 12:48:52 2015 +0200 vhost-user: clarify start and enable It seems that we currently have some duplication between started and enabled states. The actual reason is that enable is not documented correctly: what it does is connecting ring to the backend. This is important for MQ, because a Linux guest expects TX packets to be completed even if it disables some queues temporarily. Cc: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Cc: Victor Kaplansky <victork@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d39c87d70763f2755d1d7a719817b06f0281fb01 Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Wed Nov 11 14:53:29 2015 +0800 vhost-user: set link down when the char device is closed Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> commit 463b52f285164ec3dc0649763e06e40cea9e8a1f Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Nov 12 15:29:55 2015 -0200 pc: Don't set hw_version on pc-*-2.5 Now that qemu_hw_version() returns a fixed "2.5+" string instead of QEMU_VERSION, we don't need to set hw_version on pc-*-2.5 explicitly. Suggested-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fac862ffa605f6fa41f52033b27346d26a96bea5 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Nov 12 15:29:54 2015 -0200 osdep: Change default value of qemu_hw_version() to "2.5+" There are two issues with qemu_hw_version() today: 1) If a machine has hw_version set, the value returned by it is not very useful, because it is not the actual QEMU version. 2) If a machine does't set hw_version, the return value of qemu_hw_version() is broken, because it will change when upgrading QEMU. For those reasons, using qemu_hw_version() is strongly discouraged, and should be used only in code that used QEMU_VERSION in the past and needs to keep compatibility. To fix (2), instead of making every machine broken by default unless they set hw_version, make qemu_hw_version() simply return "2.5+" if qemu_set_hw_version() is not called. Suggested-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1aae36df4b8ed884c6ef6995e70c67fad79b49df Merge: 4b6eda6 1d64924 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 25 11:38:03 2015 +0000 Merge remote-tracking branch 'remotes/armbru/tags/pull-ivshmem-2015-11-25' into staging ivshmem patches for 2.5 # gpg: Signature made Wed 25 Nov 2015 09:25:38 GMT using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-ivshmem-2015-11-25: ivshmem: Rename property memdev to x-memdev for 2.5 ivshmem: Mark questionable socket type test FIXME tests/ivshmem-test: Supply missing initializer in get_device() qemu-doc: Fix ivshmem usage example with shm=... qemu-doc: Fix ivshmem example markup Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 22037db38ccfe497bd13a94edead6657781b9b37 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Nov 25 11:54:14 2015 +0200 xen_disk: Remove ioreq.postsync This code has been dead for three years (since commit 7e7b7cba1). Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 1d649244b3695cb148dd2ae66999db0f6f9566b3 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Nov 24 18:06:29 2015 +0100 ivshmem: Rename property memdev to x-memdev for 2.5 The device's guest interface and its QEMU user interface are flawed^Whotly debated. We'll resolve that in the next development cycle, probably by deprecating the device in favour of a cleaned up, but not quite compatible revision. To avoid adding more baggage to the soon-to-be-deprecated interface, mark property "memdev" as experimental, by renaming it to "x-memdev". It's the only recent user interface change. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448384789-14830-6-git-send-email-armbru@xxxxxxxxxx> [Update of qemu-doc.texi squashed in] Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 2825717c02f5b1367e8e315b222888db00618170 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Nov 24 18:06:28 2015 +0100 ivshmem: Mark questionable socket type test FIXME Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 1613094766602bdb8cae337ceecd8ab68f956197 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Nov 24 18:06:27 2015 +0100 tests/ivshmem-test: Supply missing initializer in get_device() If the device isn't found, the assertion uses dev without initialization. Fix that. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448384789-14830-4-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit a9282c25a5e2e860dfba5eca6d08fb2e42ee4f1a Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Nov 24 18:06:26 2015 +0100 qemu-doc: Fix ivshmem usage example with shm=... The example suggests you can omit "shm". This isn't true; you must specify exactly one of "shm", "chardev", "memdev". Fix it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448384789-14830-3-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 50d34c4e357c41231b1106fc3f46cfd479a31e41 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Nov 24 18:06:25 2015 +0100 qemu-doc: Fix ivshmem example markup Use @var{foo} like we do everywhere else, not <foo>. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1448384789-14830-2-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 73a27d9ac35e3da3a2cf0ebd0bcc2be6de19dd0a Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Nov 24 14:18:00 2015 +0200 atapi: Fix code indentation This was accidentally changed by commit 5f81724d Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 93fb43522e3b8dddb6c709d568919347d9a5ba3f.1448367341.git.berto@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 36be0929f53260cb9b1e2720c7c22f6b5fb5910f Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Nov 24 14:17:59 2015 +0200 atapi: Account for failed and invalid operations in cd_read_sector() Commit 5f81724d made PIO read requests async but didn't add the relevant block_acct_failed() and block_acct_invalid() calls. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 9b87e09d61019c128139b6c999ed0c07f0674170.1448367341.git.berto@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit a421f3c38509ee4ce47230ec68c5c3a184efb538 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Nov 20 17:53:55 2015 -0500 ide-test: cdrom_pio_impl fixup Final tidying: move the interrupt wait into the loop, document that the status read clears the IRQ, and move the final interrupt check outside of the loop. This should be functionally equivalent to how it works currently, but a little less ambiguous and slightly more explicit about the state transitions. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1448060035-31973-3-git-send-email-jsnow@xxxxxxxxxx commit 4b6eda626fdb8bf90472c6868d502a2ac09abeeb Merge: d9636b6 f93c3a8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 24 17:05:06 2015 +0000 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20151124' into staging MIPS patches 2015-11-24 Changes: * Fixes for enabling/disabling 64-bit addressing # gpg: Signature made Tue 24 Nov 2015 14:54:35 GMT using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" * remotes/lalrae/tags/mips-20151124: target-mips: flush QEMU TLB when disabling 64-bit addressing target-mips: Fix exceptions while UX=0 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d9636b6c2b533ab43fad8c9f47633debeef94561 Merge: 229c037 e14f0eb Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 24 14:22:37 2015 +0000 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151124' into staging target-arm queue: * fix minimum RAM check warning on xlnx-ep108 * remove unused define from aarch64-linux-user.mak config * don't mask out bits [47:40] in ARMv8 LPAE descriptors * correct unallocated instruction checks for ldst_excl # gpg: Signature made Tue 24 Nov 2015 14:17:10 GMT using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20151124: target-arm/translate-a64.c: Correct unallocated checks for ldst_excl target-arm: Don't mask out bits [47:40] in LPAE descriptors for v8 default-configs/aarch64-linux-user.mak: Remove unused define xlnx-ep108: Fix minimum RAM check Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e14f0eb12f920fd96b9f79d15cedd437648e8667 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 24 14:12:15 2015 +0000 target-arm/translate-a64.c: Correct unallocated checks for ldst_excl The checks for the unallocated encodings in the ldst_excl group (exclusives and load-acquire/store-release) were not correct. This error meant that in turn we ended up with code attempting to handle the non-existent case of "non-exclusive load-acquire/store-release pair". Delete that broken and now unreachable code. Reported-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> commit 6109769a8b42bd0c3d5b1601c9b35fe7ea6a603e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 24 14:12:15 2015 +0000 target-arm: Don't mask out bits [47:40] in LPAE descriptors for v8 In an LPAE format descriptor in ARMv8 the address field extends up to bit 47, not just bit 39. Correct the masking so we don't give incorrect results if the output address size is greater than 40 bits, as it can be for AArch64. (Note that we don't yet support the new-in-v8 Address Size fault which should be generated if any translation table entry or TTBR contains an address with non-zero bits above the most significant bit of the maximum output address size.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1448029971-9875-1-git-send-email-peter.maydell@xxxxxxxxxx commit f72c0a79f76f1b7ed1a1e0ff8be31f5df06b3269 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 24 14:12:15 2015 +0000 default-configs/aarch64-linux-user.mak: Remove unused define The uses of the CONFIG_GDBSTUB_XML define were removed in commit b77abd95a9484c, but the define in aarch64-linux-user.mak somehow escaped the cull (the patchset probably crossed in the mail with the patches adding aarch64 support). Remove the stray define. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Message-id: 1447690178-4560-1-git-send-email-peter.maydell@xxxxxxxxxx commit 5b4a047fbe8ceb68ad1a78d51f0fadbe2bb12af7 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Nov 24 14:12:15 2015 +0000 xlnx-ep108: Fix minimum RAM check The minimum RAM check logic for the Xiilnx EP108 was off by one, which caused a false positive. Correct the logic to only print warnings when the RAM is below 0x8000000. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Message-id: fba8112ca7b01efd72553332b8045ecf107b7662.1448021100.git.alistair.francis@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f93c3a8d0c0c1038dbe1e957eb8ab92671137975 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Thu Nov 19 19:15:35 2015 +0000 target-mips: flush QEMU TLB when disabling 64-bit addressing CP0.Status.KX/SX/UX bits are responsible for enabling access to 64-bit Kernel/Supervisor/User Segments. If bit is cleared an access to corresponding segment should generate Address Error Exception. However, the guest may still be able to access some pages belonging to the disabled 64-bit segment because we forget to flush QEMU TLB. This patch fixes it. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 7871abb94c2f4adc39f2487f6edf5e69ba872a65 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Tue Nov 17 17:13:54 2015 +0000 target-mips: Fix exceptions while UX=0 Commit 01f728857941 ("target-mips: Status.UX/SX/KX enable 32-bit address wrapping") added a new hflag MIPS_HFLAG_AWRAP, which indicates that 64-bit addressing is disallowed in the current mode, so hflag users don't need to worry about the complexities of working that out, for example checking both MIPS_HFLAG_KSU and MIPS_HFLAG_UX. However when exceptions are taken outside of exception level, mips_cpu_do_interrupt() manipulates the env->hflags directly rather than using compute_hflags() to update them, and this code wasn't updated accordingly. As a result, when UX is cleared, MIPS_HFLAG_AWRAP is set, but it doesn't get cleared on entry back into kernel mode due to an exception. Kernel mode then cannot access the 64-bit segments resulting in a nested exception loop. The same applies to errors and debug exceptions. Fix by updating mips_cpu_do_interrupt() to clear the MIPS_HFLAG_WRAP flag when necessary, according to compute_hflags(). Fixes: 01f728857941 ("target-mips: Status.UX/SX/KX enable 32-bit...") Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 229c0372cf3ca201c41d2bb121627e6752e776ad Merge: 5522a84 466138d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 24 10:27:19 2015 +0000 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Tue 24 Nov 2015 08:04:07 GMT using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: virtio-blk: Move resetting of req->mr_next to virtio_blk_handle_rw_error parallels: dirty BAT properly for continuous allocations Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 466138dc689b6b14f31d5d20316affb4b4efd177 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 23 08:41:20 2015 +0800 virtio-blk: Move resetting of req->mr_next to virtio_blk_handle_rw_error "werror=report" would free the req in virtio_blk_handle_rw_error, we mustn't write to it in that case. Reported-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1448239280-15025-1-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c9f6856ded10602147ca1d1806e7afb545430fd9 Author: Vladimir Sementsov-Ogievskiy <vsementsov@xxxxxxxxxxxxx> Date: Tue Nov 17 20:02:58 2015 +0300 parallels: dirty BAT properly for continuous allocations This patch marks part of the BAT dirty properly. There is a possibility that multy-block allocation could have one block allocated on one BAT page and next block on the next page. The code without the patch could not save updated position to the file. Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Message-id: 1447779778-26062-1-git-send-email-den@xxxxxxxxxx CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5522a841cab5f15ac0f8d207b320c21755a7a1a5 Merge: 68c6128 a3567ba Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Nov 23 16:07:49 2015 +0000 Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging NUMA fix for -rc2 # gpg: Signature made Mon 23 Nov 2015 12:45:34 GMT using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" * remotes/ehabkost/tags/numa-pull-request: hostmem: Ignore ENOSYS while setting MPOL_DEFAULT Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 68c61282fe8a02aa3bddfa7a9c2b7ad7e6177f69 Merge: 541abd1 644da9b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Nov 23 13:54:41 2015 +0000 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20151123' into staging Last minute fix. # gpg: Signature made Mon 23 Nov 2015 12:17:26 GMT using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20151123: tcg: Fix highwater check Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a3567ba1e6171ef7cfad55ae549c0cd8bffb1195 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Tue Oct 27 15:51:31 2015 +0300 hostmem: Ignore ENOSYS while setting MPOL_DEFAULT Currently hostmem backend fails if CONFIG_NUMA is enabled in QEMU (the default) but NUMA is not supported by the kernel. This makes it impossible to use ivshmem in such configurations. This patch fixes the problem by ignoring ENOSYS error if policy is set to MPOL_DEFAULT. This way the code behaves in the same way as if CONFIG_NUMA was not defined. qemu will still fail if the user specifies some other policy, so that the user knows it. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 644da9b39e477caa80bab69d2847dfcb468f0d33 Author: John Clarke <johnc@xxxxxxxxxxx> Date: Thu Nov 19 10:30:50 2015 +0100 tcg: Fix highwater check A simple typo in the variable to use when comparing vs the highwater mark. Reports are that qemu can in fact segfault occasionally due to this mistake. Signed-off-by: John Clarke <johnc@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 541abd10a01da56c5f16582cd32d67114ec22a5c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Nov 20 17:43:46 2015 +0000 Update version for v2.5.0-rc1 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f348daf3d5d2e349519764cd0c3ec3aaca113732 Author: Peter Lieven <pl@xxxxxxx> Date: Fri Nov 20 15:29:02 2015 +0100 tests: fix cdrom_pio_impl in ide-test The check for the cleared BSY flag has to be performed before each data transfer and not just before the first one. Commit 5f81724d revealed this glitch as the BSY flag was not set in ATAPI PIO transfers before. While at it fix the descriptions and add a comment before the nested for loop that transfers the data. Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1448029742-19771-1-git-send-email-pl@xxxxxxx Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 28c3e6ee72a34d3c2c44ef508b599fa460b273bb Merge: 348c327 9f4aa7c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 19 17:54:46 2015 +0000 Merge remote-tracking branch 'remotes/afaerber/tags/qom-devices-for-peter' into staging QOM infrastructure fixes and device conversions * Fix for properties on objects > 4 GiB * Performance improvements for QOM property handling * Assertion cleanups * MAINTAINERS additions # gpg: Signature made Thu 19 Nov 2015 14:32:16 GMT using RSA key ID 3E7E013F # gpg: Good signature from "Andreas Färber <afaerber@xxxxxxx>" # gpg: aka "Andreas Färber <afaerber@xxxxxxxx>" * remotes/afaerber/tags/qom-devices-for-peter: MAINTAINERS: Add check-qom-{interface,proplist} to QOM qom: Clean up assertions to display values on failure qom: Replace object property list with GHashTable qom: Add a test case for complex property finalization net: Convert net filter code to use object property iterators ppc: Convert spapr code to use object property iterators vl: Convert machine help code to use object property iterators qmp: Convert QMP code to use object property iterators qom: Introduce ObjectPropertyIterator struct for iteration qdev: Change Property::offset field to ptrdiff_t type Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 348c32709fdbeb475dd072af49523cfdd75873f1 Merge: c601a24 1c7ba94 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 19 16:26:08 2015 +0000 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging vhost, pc: fixes for 2.5 Fixes all over the place. This also re-enables a test we disabled in 2.5 cycle now that there's a way not to get a warning from it. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu 19 Nov 2015 13:27:43 GMT using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: exec: silence hugetlbfs warning under qtest tests: re-enable vhost-user-test acpi: fix buffer overrun on migration vhost-user: fix log size vhost-user: ignore qemu-only features specs/vhost-user: fix spec to match reality tests/vhost-user-bridge: implement logging of dirty pages i440fx: print an error message if user tries to enable iommu q35: Check propery to determine if iommu is set vhost-user: start/stop all rings vhost-user: print original request on error vhost-user-test: support VHOST_USER_SET_VRING_ENABLE vhost-user: update spec description vhost: don't send RESET_OWNER at stop vhost: let SET_VRING_ENABLE message depends on protocol feature Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c601a244a49f4e0be2539cbc5ffd288727cd4e89 Merge: 80fda8f ce8a1b5 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 19 15:56:50 2015 +0000 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151119' into staging target-arm queue: * add missing condexec updates when emulating architectural breakpoints and coprocessor access checks in Thumb translation (could in theory cause problems when these happened inside a Thumb IT block and an exception was taken) * arm_gic: correctly restore nested IRQ priority # gpg: Signature made Thu 19 Nov 2015 13:29:37 GMT using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20151119: target-arm: Update condexec before arch BP check in AA32 translation target-arm: Update condexec before CP access check in AA32 translation hw/arm_gic: Correctly restore nested irq priority Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 80fda8f609457736ab43f0cb8027abb0e28a67f8 Merge: 8f28030 79b3c12 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 19 15:05:06 2015 +0000 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20151119' into staging migration/next for 20151119 # gpg: Signature made Thu 19 Nov 2015 11:17:07 GMT using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20151119: migration: normalize locking in migration/savevm.c migration: implement bdrv_all_find_vmstate_bs helper migration: reorder processing in hmp_savevm snapshot: create bdrv_all_create_snapshot helper migration: drop find_vmstate_bs check in hmp_delvm snapshot: create bdrv_all_find_snapshot helper migration: factor our snapshottability check in load_vmstate snapshot: create bdrv_all_goto_snapshot helper snapshot: create bdrv_all_delete_snapshot helper snapshot: return error code from bdrv_snapshot_delete_by_id_or_name snapshot: create helper to test that block drivers supports snapshots Unneeded NULL check migration: Dead assignment of current_time Set last_sent_block Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9f4aa7cef2214137db192b252f1d4fc1799d05c7 Author: Andreas Färber <afaerber@xxxxxxx> Date: Wed Nov 18 19:03:29 2015 +0100 MAINTAINERS: Add check-qom-{interface,proplist} to QOM Add the QOM unit tests to the QOM maintenance area so that maintainers get CC'ed on changes and to document QOM test coverage. Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 8438a13543a281e3e61542cc0763bf1b05169016 Author: Andreas Färber <afaerber@xxxxxxx> Date: Mon Nov 16 17:49:20 2015 +0100 qom: Clean up assertions to display values on failure Instead of using g_assert() for integer comparisons, use g_assert_cmpint() so that we can see the respective values. While at it, fix one stray indentation. Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit b604a854e843505007c59d68112c654556102a20 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Tue Oct 13 13:37:45 2015 +0100 qom: Replace object property list with GHashTable ARM GICv3 systems with large number of CPUs create lots of IRQ pins. Since every pin is represented as a property, number of these properties becomes very large. Every property add first makes sure there's no duplicates. Traversing the list becomes very slow, therefore QEMU initialization takes significant time (several seconds for e. g. 16 CPUs). This patch replaces list with GHashTable, making lookup very fast. The only drawback is that object_child_foreach() and object_child_foreach_recursive() cannot add or remove properties during traversal, since GHashTableIter does not have modify-safe version. However, the code seems not to modify objects via these functions. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Tested-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> [AF: Fixed object_property_del_{all,child}() issues; g_hash_table_contains() -> g_hash_table_lookup(), suggested by Daniel] Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 1c7ba94a184df1eddd589d5400d879568d3e5d08 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Wed Nov 18 10:02:58 2015 +0100 exec: silence hugetlbfs warning under qtest vhost-user-test prints a warning. A test should not need to run on hugetlbfs, let's silence the warning under qtest. The condition can't check on qtest_enabled() since vhost-user-test actually doesn't use qtest accel. However, qtest_driver() can be used, if qtest_init() is called early enough. For that reason, move chardev and qtest initialization early. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 421f4448cec3e42f8477499c5c584699e2cf656b Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Mon Oct 26 15:32:00 2015 +0100 tests: re-enable vhost-user-test Commit 7fe34ca9c2e actually disabled vhost-user-test altogether, since CONFIG_VHOST_NET is a per-target config variable. tests/vhost-user-test is already x86/x64 softmmu specific test, in order to enable it correctly, kvm & vhost-net are also conditions. To check that, set CONFIG_VHOST_NET_TEST_$target when kvm is also enabled. Since "check-qtest-x86_64-y = $(check-qtest-i386-y)", avoid duplication when both x86 & x64 are enabled. Other targets than x86 aren't enabled yet, and is intentionally left as a future improvement, since I can't easily test those. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d9a3b33d2c9f996537b7f1d0246dee2d0120cefb Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Nov 19 15:14:07 2015 +0200 acpi: fix buffer overrun on migration ich calls acpi_gpe_init with length ICH9_PMIO_GPE0_LEN so ICH9_PMIO_GPE0_LEN/2 bytes are allocated, but then the full ICH9_PMIO_GPE0_LEN bytes are migrated. As a quick work-around, allocate twice the memory. We'll probably want to tweak code to avoid migrating the extra ICH9_PMIO_GPE0_LEN/2 bytes, but that is a bit trickier to do without breaking migration compatibility. Tested-by: "Dr. David Alan Gilbert" <dgilbert@xxxxxxxxxx> Reported-by: "Dr. David Alan Gilbert" <dgilbert@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ce8a1b5449cd8c4c2831abb581d3208c3a3745a0 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Tue Nov 17 16:38:47 2015 +0300 target-arm: Update condexec before arch BP check in AA32 translation Architectural breakpoint check could raise an exceptions, thus condexec bits should be updated before calling gen_helper_check_breakpoints(). Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1447767527-21268-3-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 43bfa4a100687af8d293fef0a197839b51400fca Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Tue Nov 17 16:38:46 2015 +0300 target-arm: Update condexec before CP access check in AA32 translation Coprocessor access instructions are allowed inside IT block. gen_helper_access_check_cp_reg() can raise an exceptions thus condexec bits should be updated before. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1447767527-21268-2-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a859595791e6ac5c14afe0b8a53634bf1cc21f0f Author: François Baldassari <francois@xxxxxxxxxx> Date: Thu Nov 19 12:09:52 2015 +0000 hw/arm_gic: Correctly restore nested irq priority Upon activating an interrupt, set the corresponding priority bit in the APR/NSAPR registers without touching the currently set bits. In the event of nested interrupts, the GIC will then have the information it needs to restore the priority of the pre-empted interrupt once the higher priority interrupt finishes execution. Signed-off-by: François Baldassari <francois@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 79b3c12ac5714e036a16d1a163a3517d74504f87 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:11 2015 +0300 migration: normalize locking in migration/savevm.c basically all bdrv_* operations must be called under aio_context_acquire except ones with bdrv_all prefix. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> CC: Juan Quintela <quintela@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 7cb14481498e7acd969a76b53be0535cd90f7d53 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:10 2015 +0300 migration: implement bdrv_all_find_vmstate_bs helper The patch also ensures proper locking for the operation. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 0b46160521ab72744da94988583a45d4d45e2986 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:09 2015 +0300 migration: reorder processing in hmp_savevm State deletion can be performed on running VM which reduces VM downtime This approach looks a bit more natural. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a9085f9b5583ba7a02b412ba08f929555112c244 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:08 2015 +0300 snapshot: create bdrv_all_create_snapshot helper to create snapshot for all loaded block drivers. The patch also ensures proper locking. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit c6258b04f19bc690b576b089f621cb5333c533d7 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:07 2015 +0300 migration: drop find_vmstate_bs check in hmp_delvm There is no much sense to do the check and write warning. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 723ccda1a0eecece8e70dbcdd35a603f6c41a475 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:06 2015 +0300 snapshot: create bdrv_all_find_snapshot helper to check that snapshot is available for all loaded block drivers. The check bs != bs1 in hmp_info_snapshots is an optimization. The check for availability of this snapshot will return always true as the list of snapshots was collected from that image. The patch also ensures proper locking. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 849f96e2f71b52444516a0880fd9d12691b63d20 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:05 2015 +0300 migration: factor our snapshottability check in load_vmstate We should check that all inserted and not read-only images support snapshotting. This could be made using already invented helper bdrv_all_can_snapshot(). Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 4c1cdbaad07d067f3d156687d79014ab44387e2c Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:04 2015 +0300 snapshot: create bdrv_all_goto_snapshot helper to switch to snapshot on all loaded block drivers. The patch also ensures proper locking. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 9b00ea376d42e543feb12d7ce5435366d01aab1b Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:03 2015 +0300 snapshot: create bdrv_all_delete_snapshot helper to delete snapshots from all loaded block drivers. The patch also ensures proper locking. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 25af925fffc29f2e4c05aee10c61c823c4cdf398 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:02 2015 +0300 snapshot: return error code from bdrv_snapshot_delete_by_id_or_name this will make code better in the next patch Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit e9ff957ac26e0e11869a3568cfa7423ae33c51e7 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Thu Nov 19 09:42:01 2015 +0300 snapshot: create helper to test that block drivers supports snapshots The patch enforces proper locking for this operation. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 5df5416e639cd75bd85d243af41387c2418fa580 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Nov 18 11:48:41 2015 +0000 Unneeded NULL check The check is unneccesary, we read the value at the start of the thread, use it, and never change it. The value is checked to be non-NULL before thread creation. Spotted by coverity, CID 1339211 Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 95a7788b2faa81ff95675f1e46a3272a612b35de Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Nov 18 11:48:40 2015 +0000 migration: Dead assignment of current_time I set current_time before the postcopy test but never use it; (I think this was from the original version where it was time based). Spotted by coverity, CID 1339208 Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 84e7b80a05c0c44b90533c6cd2f1db5c932ccf77 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Nov 18 11:48:39 2015 +0000 Set last_sent_block In a82d593b61054b3dea43 I accidentally removed the setting of last_sent_block, put it back. Symptoms: Multithreaded compression only uses one thread. Migration is a bit less efficient since it won't use 'cont' flags. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Fixes: a82d593b61054b3dea43 Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 8c4d156c187c84b574d287bd4b9ddf9a6975de7c Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Mon Nov 16 15:37:34 2015 +0000 qom: Add a test case for complex property finalization Devices have some quite complex object child/link relationships which place some requirements on the object_property_del_all() function to consider that properties can be modified while being iterated over. This extends the QOM property test case to replicate the device like structure and expose any potential bugs in the object_property_del_all() function. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 456fb0bfe0b27c54d316be7fe3b362247f732656 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Oct 13 13:37:44 2015 +0100 net: Convert net filter code to use object property iterators Stop directly accessing the Object::properties field data structure and instead use the formal object property iterator APIs. This insulates the code from future data structure changes in the Object struct. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Tested-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 9a842f7d3ce421b39c7edbfe2c47efeac5db6c28 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Oct 13 13:37:43 2015 +0100 ppc: Convert spapr code to use object property iterators Stop directly accessing the Object::properties field data structure and instead use the formal object property iterator APIs. This insulates the code from future data structure changes in the Object struct. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Tested-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 2465bc564d39d9b62fa21b3e84313be3b32dbc16 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Oct 13 13:37:42 2015 +0100 vl: Convert machine help code to use object property iterators Stop directly accessing the Object::properties field data structure and instead use the formal object property iterator APIs. This insulates the code from future data structure changes in the Object struct. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Tested-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 1b30c094dcb69273b7661897c067906f81e5b967 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Oct 13 13:37:41 2015 +0100 qmp: Convert QMP code to use object property iterators Stop directly accessing the Object::properties field data structure and instead use the formal object property iterator APIs. This insulates the code from future data structure changes in the Object struct. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Tested-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit a00c94824126901168bca5b89147f9e334a49e87 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Oct 13 13:37:40 2015 +0100 qom: Introduce ObjectPropertyIterator struct for iteration Some users of QOM need to be able to iterate over properties defined against an object instance. Currently they are just directly using the QTAIL macros against the object properties data structure. This is bad because it exposes them to changes in the data structure used to store properties, as well as changes in functionality such as ability to register properties against the class. This provides an ObjectPropertyIterator struct which will insulate the callers from the particular data structure used to store properties. It can be used thus ObjectProperty *prop; ObjectPropertyIterator *iter; iter = object_property_iter_init(obj); while ((prop = object_property_iter_next(iter))) { ... do something with prop ... } object_property_iter_free(iter); Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Tested-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> [AF: Fixed examples, style cleanups] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 3b6ca4022d150ad273d4cd9556c2f4873389f965 Author: Ildar Isaev <ild@xxxxxxxx> Date: Wed Mar 4 17:09:46 2015 +0300 qdev: Change Property::offset field to ptrdiff_t type Property::offset field is calculated as a diff between two pointers: arrayprop->prop.offset = eltptr - (void *)dev; If offset is declared as int, this subtraction can cause type overflow, thus leading to failure of the subsequent assertion: assert(qdev_get_prop_ptr(dev, &arrayprop->prop) == eltptr); So ptrdiff_t should be used instead. Signed-off-by: Ildar Isaev <ild@xxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 8f280309030331a912fd8924c129d8bd59e1bdc7 Merge: 7199c89 ca4fa82 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 18 17:07:24 2015 +0000 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches # gpg: Signature made Wed 18 Nov 2015 15:28:32 GMT using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: block: Call external_snapshot_clean after blockdev-snapshot blockdev: Add missing bdrv_unref() in drive-backup iotests: fix race in 030 nand: fix address overflow Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 48854f57ce3e6aa4bd13368559e5c292e1c44e49 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Nov 18 16:13:54 2015 +0200 vhost-user: fix log size commit 2b8819c6eee517c1582983773f8555bb3f9ed645 ("vhost-user: modify SET_LOG_BASE to pass mmap size and offset") passes log size in units of 4 byte chunks instead of the expected size in bytes. Fix this up. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 72018d1e1917a56d05e24aedc9f582b7c8385e19 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Nov 17 16:55:17 2015 +0200 vhost-user: ignore qemu-only features Some features (such as ctrl vq) are supported by qemu without need to communicate with the backend. Drop them from the feature mask so we set them unconditionally. Reported-by: Victor Kaplansky <vkaplans@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 7199c89d8c6bbd0eda2cadb0d3fc7149934202bf Merge: ab9b872 08cb175 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 18 16:27:15 2015 +0000 Merge remote-tracking branch 'remotes/berrange/tags/qcrypto-fixes-20151118-1' into staging Pull qcrypto fixes 2015/11/18 v1 # gpg: Signature made Wed 18 Nov 2015 15:44:07 GMT using RSA key ID 15104FDF # gpg: Good signature from "Daniel P. Berrange <dan@xxxxxxxxxxxx>" # gpg: aka "Daniel P. Berrange <berrange@xxxxxxxxxx>" * remotes/berrange/tags/qcrypto-fixes-20151118-1: crypto: avoid passing NULL to access() syscall crypto: fix leaks in TLS x509 helper functions crypto: fix mistaken setting of Error in success code path crypto: fix leak of gnutls_dh_params_t data on credential unload Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 08cb175a24d642a40e41db2fef2892b0a1ab504e Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Nov 18 15:42:26 2015 +0000 crypto: avoid passing NULL to access() syscall The qcrypto_tls_creds_x509_sanity_check() checks whether certs exist by calling access(). It is valid for this method to be invoked with certfile==NULL though, since for client credentials the cert is optional. This caused it to call access(NULL), which happens to be harmless on current Linux, but should none the less be avoided. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit ca4fa82fe66076284f702adcfe7c319ebbf909ec Merge: 0702d3d 4ad6f3d Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Nov 18 16:27:44 2015 +0100 Merge remote-tracking branch 'mreitz/tags/pull-block-for-kevin-2015-11-18' into queue-block One block patch for qemu 2.5-rc1. # gpg: Signature made Wed Nov 18 16:26:59 2015 CET using RSA key ID E838ACAD # gpg: Good signature from "Max Reitz <mreitz@xxxxxxxxxx>" * mreitz/tags/pull-block-for-kevin-2015-11-18: block: Call external_snapshot_clean after blockdev-snapshot Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4ad6f3db7db154d5274274bd0079d6318367ab16 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Fri Nov 13 15:00:24 2015 +0200 block: Call external_snapshot_clean after blockdev-snapshot Otherwise the AioContext will never be released. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1447419624-21918-1-git-send-email-berto@xxxxxxxxxx Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 0702d3d88c2059814212b83f01e14ff3bb7b0c66 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Nov 9 23:39:10 2015 +0100 blockdev: Add missing bdrv_unref() in drive-backup All error paths after a successful bdrv_open() of target_bs should contain a bdrv_unref(target_bs). This one did not yet, so add it. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7b35030eedc26eff82210caa2b0fff2f9d0df453 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Nov 18 14:44:31 2015 +0000 crypto: fix leaks in TLS x509 helper functions The test_tls_get_ipaddr() method forgot to free the returned data from getaddrinfo(). The test_tls_write_cert_chain() method forgot to free the allocated buffer holding the certificate data after writing it out to a file. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 6ef8cd7a4142049707b70b8278aaa9d8ee2bc5f5 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Nov 18 14:42:40 2015 +0000 crypto: fix mistaken setting of Error in success code path The qcrypto_tls_session_check_certificate() method was setting an Error even when the ACL check suceeded. This didn't affect the callers detection of errors because they relied on the function return status, but this did cause a memory leak since the caller would not free an Error they did not expect to be set. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 61b9251a3aaa65e65c4aab3a6800e884bb3b82f9 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Nov 18 14:41:35 2015 +0000 crypto: fix leak of gnutls_dh_params_t data on credential unload The QCryptoTLSCredsX509 object was not free'ing the allocated gnutls_dh_params_t data when unloading the credentials Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 01809194a06d8e6c51c3e69600f14355225f4855 Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Nov 11 15:27:36 2015 -0500 iotests: fix race in 030 the stop_test case tests that we can resume a block-stream command after it has stopped/paused due to error. We cannot always reliably query it before it finishes after resume, though, so make this a conditional. The important thing is that we are still testing that it has stopped, and that it finishes successfully after we send a resume command. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a184e74f24f83935c8fc7cd76c06ad0717f89fdb Author: Rabin Vincent <rabin.vincent@xxxxxxxx> Date: Tue Nov 10 14:25:47 2015 +0100 nand: fix address overflow The shifts of the address mask and value shift beyond 32 bits when there are 5 address cycles. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Rabin Vincent <rabin.vincent@xxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ab9b872ab3147faf3c04e91d525815b9139dd996 Merge: 6b79f25 ab59e3e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 18 12:47:29 2015 +0000 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-11-13-v2-tag' into staging qemu-ga patch queue for 2.5 * fixes for guest-exec gspawn() usage: - inherit default lookup path by default instead of explicitly defining it as being empty. - don't inherit default PATH when PATH/ENV are explicit v2: * added fix for w32 'make install' target * added version check for new g_spawn() flag # gpg: Signature made Tue 17 Nov 2015 22:33:03 GMT using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" * remotes/mdroth/tags/qga-pull-2015-11-13-v2-tag: makefile: fix w32 install target for qemu-ga qga: allow to lookup in PATH from the passed envp for guest-exec qga: fix for default env processing for guest-exec Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6b79f253a37708f21e8d1cd2831b8d8c03f58989 Merge: 55db5ee d66a8fa Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 18 12:16:14 2015 +0000 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Tue 17 Nov 2015 20:06:58 GMT using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" * remotes/jnsnow/tags/ide-pull-request: ide: enable buffered requests for PIO read requests ide: enable buffered requests for ATAPI devices ide: orphan all buffered requests on DMA cancel ide: add support for IDEBufferedRequest block: add blk_abort_aio_request ide/atapi: make PIO read requests async Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ab59e3ecb2c12fafa89f7bedca7d329a078f3870 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Sun Nov 15 09:46:06 2015 -0600 makefile: fix w32 install target for qemu-ga fafcaf1 added a 'qemu-ga' install target on w32, which can be used in place of the existing qemu-ga.exe target to also handle dealing with other components such as DLLs for VSS/fsfreeze and generating an MSI package if appropriate configure options are present. As part of that, qemu-ga$(EXESUF) was removed from $TOOLS in favor of this new qemu-ga target. The install rule however relies on a direct mapping of the $TOOLS entry to the actual resulting binary. In the case of w32, qemu-ga is not identical to qemu-ga$(EXESUF), and the install recipe fails to find the 'qemu-ga' binary. Fix this by essentially remapping 'qemu-ga' back to 'qemu-ga.exe' in the install recipe. This raises the question of whether or not qemu-ga should continue to live in TOOLS as opposed to its own special target, but as a late fix for a regression in 2.5 this commit should be safer, since we rely on qemu-ga's presence in $TOOLS in several places throughout Makefile. Reported-by: Stefan Weil <sw@xxxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 0be40839519215988e207b86bc1638de53567588 Author: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Date: Thu Nov 12 16:36:21 2015 +0300 qga: allow to lookup in PATH from the passed envp for guest-exec This was original behaviour before GLIB gspawn() rework and we rely on this behaviour. Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> * add version check (2.33.2) for G_SPAWN_SEARCH_PATH_FROM_ENVP Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 02a4d82e8c19267ad06b08389b5e914ba668450e Author: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Date: Thu Nov 12 16:36:20 2015 +0300 qga: fix for default env processing for guest-exec envp == NULL must be passed inside gspawn() if it was not passed with the command line. Original code inherits environment from the QGA, which is wrong. Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 55db5eeeb7aa3328515817dc4e45728580e517a0 Merge: c27e901 33b5e8c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 17 22:00:45 2015 +0000 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 fixes, 2015-11-17 Two X86 fixes, hopefully in time for -rc1. # gpg: Signature made Tue 17 Nov 2015 19:06:53 GMT using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" * remotes/ehabkost/tags/x86-pull-request: target-i386: Disable rdtscp on Opteron_G* CPU models target-i386: Fix mulx for identical target regs Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d66a8fa83b00b3b3d631a0e28cdce8c9b5698822 Author: Peter Lieven <pl@xxxxxxx> Date: Tue Nov 17 15:06:39 2015 -0500 ide: enable buffered requests for PIO read requests Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1447345846-15624-7-git-send-email-pl@xxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 02506b20b6609ed4ecb09de9900ba9f1dd20b205 Author: Peter Lieven <pl@xxxxxxx> Date: Tue Nov 17 15:06:33 2015 -0500 ide: enable buffered requests for ATAPI devices Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1447345846-15624-6-git-send-email-pl@xxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 7cda62087c0baf064486f3d803184c2c3b35c04a Author: Peter Lieven <pl@xxxxxxx> Date: Tue Nov 17 15:06:29 2015 -0500 ide: orphan all buffered requests on DMA cancel If the guests canceles a DMA request we can prematurely invoke all callbacks of buffered requests and flag all them as orphaned. Ideally this avoids the need for draining all requests. For CDROM devices this works in 100% of all cases. Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1447345846-15624-5-git-send-email-pl@xxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 1d8c11d631545ee43aff16b0763aff7181b61f20 Author: Peter Lieven <pl@xxxxxxx> Date: Tue Nov 17 15:06:25 2015 -0500 ide: add support for IDEBufferedRequest this patch adds a new aio readv compatible function which copies all data through a bounce buffer. These buffered requests can be flagged as orphaned which means that their original callback has already been invoked and the request has just not been completed by the backend storage. The bounce buffer guarantees that guest memory corruption is avoided when such a orphaned request is completed by the backend at a later stage. This trick only works for read requests as a write request completed at a later stage might corrupt data as there is no way to control if and what data has already been written to the storage. Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1447345846-15624-4-git-send-email-pl@xxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit ca78ecfa72f311cd647b12a41d93e1ce54f18e66 Author: Peter Lieven <pl@xxxxxxx> Date: Tue Nov 17 15:06:21 2015 -0500 block: add blk_abort_aio_request Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1447345846-15624-3-git-send-email-pl@xxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 5f81724d80a1492c73d329242663962139db739b Author: Peter Lieven <pl@xxxxxxx> Date: Tue Nov 17 14:59:52 2015 -0500 ide/atapi: make PIO read requests async PIO read requests on the ATAPI interface used to be sync blk requests. This has two significant drawbacks. First the main loop hangs util an I/O request is completed and secondly if the I/O request does not complete (e.g. due to an unresponsive storage) Qemu hangs completely. Note: Due to possible race conditions requests during an ongoing elementary transfer are still sync. Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1447345846-15624-2-git-send-email-pl@xxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 33b5e8c03ae7a62d320d3c5c1104fe297d5c300d Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Nov 13 17:07:13 2015 -0200 target-i386: Disable rdtscp on Opteron_G* CPU models KVM can't virtualize rdtscp on AMD CPUs yet, so there's no point in enabling it by default on AMD CPU models, as all we are getting are confused users because of the "host doesn't support requested feature" warnings. Disable rdtscp on Opteron_G* models, but keep compatibility on pc-*-2.4 and older (just in case there are people are doing funny stuff using AMD CPU models on Intel hosts). Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 9ecac5dad16722ce2a8c3e88d8eeba5794990031 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Nov 17 12:41:47 2015 +0100 target-i386: Fix mulx for identical target regs The Intel specification clearly indicates that the low part of the result is written first and the high part of the result is written second; thus if ModRM:reg and VEX.vvvv are identical, the final result should be the high part of the result. At present, TCG may either produce incorrect results or crash with --enable-checking. Reported-by: Toni Nedialkov <farmdve@xxxxxxxxx> Reported-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 7ebcfe569211f6ff5402b558b85e2ce1e1066cf6 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Nov 17 13:55:48 2015 +0200 specs/vhost-user: fix spec to match reality We wanted to start/stop rings on VRING_ENABLE, but that is not what QEMU does. Rather than tweaking code some more, with risk to stability, let's just document it as it is. We'll be able to fix this in the future with a new protocol feature bit. Reported-by: Victor Kaplansky <victork@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 5c93c47338dbaa8a21a8ccc9d95dc5ade3f7fa19 Author: Victor Kaplansky <victork@xxxxxxxxxx> Date: Tue Nov 17 12:04:06 2015 +0200 tests/vhost-user-bridge: implement logging of dirty pages During migration devices continue writing to the guest's memory. The writes has to be reported to QEMU. This change implements minimal support in vhost-user-bridge required for successful migration of a guest with virtio-net device. Signed-off-by: Victor Kaplansky <victork@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8d211f622b11ac2877c344f29de284d5a842d9d7 Author: Bandan Das <bsd@xxxxxxxxxx> Date: Fri Nov 13 01:55:48 2015 -0500 i440fx: print an error message if user tries to enable iommu There's no indication of any sort that i440fx doesn't support "iommu=on" Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Bandan Das <bsd@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Bandan Das <bsd@xxxxxxxxxx> commit 1f8431f42d833e8914f2d16ce4a49b7b72b90db0 Author: Bandan Das <bsd@xxxxxxxxxx> Date: Fri Nov 13 01:55:47 2015 -0500 q35: Check propery to determine if iommu is set The helper function machine_iommu() isn't necesary. We can directly check for the property. Signed-off-by: Bandan Das <bsd@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Bandan Das <bsd@xxxxxxxxxx> commit c27e9014d56fa4880e7d741275d887c3a5949997 Merge: 9be060f 382e173 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 17 12:34:07 2015 +0000 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-20151116-1' into staging vnc: buffer code improvements, bugfixes. # gpg: Signature made Mon 16 Nov 2015 17:20:02 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vnc-20151116-1: vnc: fix mismerge buffer: allow a buffer to shrink gracefully buffer: factor out buffer_adj_size buffer: factor out buffer_req_size vnc: recycle empty vs->output buffer vnc: fix local state init vnc: only alloc server surface with clients connected vnc: use vnc_{width,height} in vnc_set_area_dirty vnc: factor out vnc_update_server_surface vnc: add vnc_width+vnc_height helpers vnc: zap dead code vnc-jobs: move buffer reset, use new buffer move vnc: kill jobs queue buffer vnc: attach names to buffers buffer: add tracing buffer: add buffer_shrink buffer: add buffer_move buffer: add buffer_move_empty buffer: add buffer_init buffer: make the Buffer capacity increase in powers of two Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9be060f5278dc0d732ebfcf2bf0a293f88b833eb Merge: 361cb26 10f5a72 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 17 11:33:38 2015 +0000 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Tue 17 Nov 2015 11:13:05 GMT using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: virtio-blk: Fix double completion for werror=stop block: make 'stats-interval' an array of ints instead of a string aio-epoll: Fix use-after-free of node disas/arm: avoid clang shifting negative signed warning tpm: avoid clang shifting negative signed warning tests: Ignore recent test binaries docs: update bitmaps.md Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 10f5a72f70862d299ddbdf226d6dc71fa4ae34dd Author: Fam Zheng <famz@xxxxxxxxxx> Date: Tue Nov 17 18:20:11 2015 +0800 virtio-blk: Fix double completion for werror=stop When a request R is absorbed by request M, it is appended to the "mr_next" queue led by M, and is completed together with the completion of M, in virtio_blk_rw_complete. During DMA restart in virtio_blk_dma_restart_bh, requests in s->rq are parsed and submitted again, possibly with a stale req->mr_next. It could be a problem if the request merging in virtio_blk_handle_request hasn't refreshed every mr_next pointer, in which case, virtio_blk_rw_complete could walk through unexpected requests following the stale pointers. Fix this by unsetting the pointer in virtio_blk_rw_complete. It is safe because this req is either completed and freed right away, or it will be restarted and parsed from scratch out of the vq later. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 40119effc5c36dbd0ca19ca85a5897d5b3d37d6d Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Nov 16 11:28:38 2015 +0200 block: make 'stats-interval' an array of ints instead of a string This is the natural JSON representation and prevents us from having to decode the list manually. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 0e3da8fa206f4ab534ae3ce6086e75fe84f1557e.1447665472.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 0ed39f3df2d3cf7f0fc3468b057f952a3b251ad9 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 16 14:32:14 2015 +0800 aio-epoll: Fix use-after-free of node aio_epoll_update needs the fields in node, so delay the free. Reported-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1447655534-13974-1-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 02460c3b4287776062715b95c59cd8829015615d Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Nov 10 15:57:35 2015 +0000 disas/arm: avoid clang shifting negative signed warning clang 3.7.0 on x86_64 warns about the following: disas/arm.c:1782:17: warning: shifting a negative signed value is undefined [-Wshift-negative-value] imm |= (-1 << 7); ~~ ^ Note that this patch preserves the tab indent in this source file because the surrounding code still uses tabs. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 886ce6f8b6ede74eb04314ef62d15bcdf5df7ef1 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Nov 10 15:57:34 2015 +0000 tpm: avoid clang shifting negative signed warning clang 3.7.0 on x86_64 warns about the following: hw/tpm/tpm_tis.c:1000:36: warning: shifting a negative signed value is undefined [-Wshift-negative-value] tis->loc[c].iface_id = TPM_TIS_IFACE_ID_SUPPORTED_FLAGS1_3; ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ hw/tpm/tpm_tis.c:144:10: note: expanded from macro 'TPM_TIS_IFACE_ID_SUPPORTED_FLAGS1_3' (~0 << 4)/* all of it is don't care */) ~~ ^ Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a12e52a151ab48fbfe462110a36d2399713271e6 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 12 20:47:03 2015 -0700 tests: Ignore recent test binaries Commits 6c6f312d and bd797fc1 added new tests (test-blockjob-txn and test-timed-average, respectively), but did not mark them for exclusion in .gitignore. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1447386423-13160-1-git-send-email-eblake@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c4c2daa1ae9ed03c6dd78477a9b132edbce9e08c Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Nov 10 18:00:17 2015 -0500 docs: update bitmaps.md Include new error handling scenarios for 2.5. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1447196417-26081-1-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 361cb26827ffd5f24af05b0e473ecd82d6a33bde Merge: c257779 513e7cd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 17 10:20:25 2015 +0000 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-11-17' into staging QAPI patches # gpg: Signature made Tue 17 Nov 2015 08:28:24 GMT using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-11-17: input: Document why x-input-send-event is still experimental qapi: Document introspection stability considerations Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 513e7cdbaeec56c77e4cf26f151d7ee79f3a6be9 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 12 11:50:43 2015 -0700 input: Document why x-input-send-event is still experimental The x-input-send-event command was introduced in 2.2 with mention that it is experimental, but now that several releases have elapsed without any changes, it would be nice to document why that was done and should still remain experimental in 2.5. Meanwhile, our documentation states that we prefer 'lower-case', rather than 'CamelCase', for qapi enum values. The InputButton and InputAxis enums violate this convention. However, because they are currently used primarily for generating code that is used internally; and their only exposure through QMP is via the experimental 'x-input-send-event' command, we are free to change their spelling. Of course, it would be nicer to delay such a change until the same time we promote the command to non-experimental. Adding documentation will help us remember to do that rename. We have plans to tighten the qapi generator to flag instances of inconsistent use of naming conventions; if that lands first, it will just need to whitelist these exceptions until the time we settle on the final interface. Fix a typo in the docs for InputAxis while at it. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1447354243-31825-1-git-send-email-eblake@xxxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 39a65e2c243978a480e03cab865462d98873fc3c Author: Eric Blake <eblake@xxxxxxxxxx> Date: Wed Nov 11 10:50:02 2015 -0700 qapi: Document introspection stability considerations We are not ready (and might never be ready) to declare introspection stable between releases. Clients written to control multiple versions of qemu, and desiring to know whether a particular member is supported for a given command, must be prepared to locate that member in spite of qapi changes that may affect the member's location or type within the overall object, even though such changes did not break QMP wire back-compatibility. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1447264202-19554-1-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit dc3db6adde329548771ab2addc2ef8376b2b8b32 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Nov 16 18:40:18 2015 +0200 vhost-user: start/stop all rings We are currently only sending VRING_ENABLE message for the first ring, that's wrong: we must start/stop them all. Reported-by: Victor Kaplansky <victork@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 5421f318ecc82294ad089fd54924df787b67c971 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Nov 16 13:55:53 2015 +0200 vhost-user: print original request on error When we get an unexpected response, print out the original request. Helps debug protocol errors tremendously. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 87656d50181e1be475303c1b88be6df0963c5bfd Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Nov 16 13:33:36 2015 +0200 vhost-user-test: support VHOST_USER_SET_VRING_ENABLE vhost-user-test is broken now: it assumes QEMU sends RESET_OWNER, and we stopped doing that. Wait for ENABLE_RING with 0 instead. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c257779e2a586043a1480bb7e96fb6bcd0129634 Merge: bc7c6c1 ba060c5 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Nov 16 12:09:47 2015 +0000 Merge remote-tracking branch 'remotes/otubo/tags/pull-seccomp-20151116' into staging seccomp branch queue # gpg: Signature made Mon 16 Nov 2015 08:50:28 GMT using RSA key ID 12F8BD2F # gpg: Good signature from "Eduardo Otubo (Software Engineer @ ProfitBricks) <eduardo.otubo@xxxxxxxxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 1C96 46B6 E1D1 C38A F2EC 3FDE FD0C FF5B 12F8 BD2F * remotes/otubo/tags/pull-seccomp-20151116: seccomp: loosen library version dependency configure: arm/aarch64: allow enable-seccomp seccomp: add cacheflush to whitelist Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a586e65bbd017ab55fe4149dd1bcba5c3a72bcd1 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Sun Nov 15 21:25:11 2015 +0200 vhost-user: update spec description Clarify logging setup to make sure all clients comply in a way that is future-proof. Document how rings are started/stopped. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Victor Kaplansky <victork@xxxxxxxxxx> commit bc7c6c1fec2e9aa1ff6f2e018ed641db1429315c Merge: 8337c6c 917158d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Nov 16 10:14:33 2015 +0000 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Fri 13 Nov 2015 20:16:21 GMT using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" * remotes/jnsnow/tags/ide-pull-request: qtest/ahci: use raw format when qemu-img is absent libqos: add qemu-img presence check qtest/ahci: always specify image format ahci/qtest: don't use tcp sockets for migration tests atapi: Prioritize unknown cmd error over BCL error atapi: add byte_count_limit helper Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 12b8cbac3c8243b3dd485aaebb82547aefa06adb Author: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Date: Fri Nov 13 15:24:10 2015 +0800 vhost: don't send RESET_OWNER at stop First of all, RESET_OWNER message is sent incorrectly, as it's sent before GET_VRING_BASE. And the reset message would let the later call get nothing correct. And, sending SET_VRING_ENABLE at stop, which has already been done, makes more sense than RESET_OWNER. Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 923e2d98ede7404882656aeb4364c3964a95db3d Author: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Date: Fri Nov 13 15:24:09 2015 +0800 vhost: let SET_VRING_ENABLE message depends on protocol feature But not depend on PROTOCOL_F_MQ feature bit. So that we could use SET_VRING_ENABLE to sign the backend on stop, even if MQ is disabled. That's reasonable, since we will have one queue pair at least. Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ba060c53d585d186ff0ac6b181f4b2a867acc210 Author: dann frazier <dann.frazier@xxxxxxxxxxxxx> Date: Fri Oct 23 15:34:22 2015 -0600 seccomp: loosen library version dependency Drop the libseccomp required version back to 2.1.0, restoring the ability to build w/ --enable-seccomp on Ubuntu 14.04. Commit 4cc47f8b3cc4f32586ba2f7fce1dc267da774a69 tightened the dependency on libseccomp from version 2.1.0 to 2.1.1. This broke building on Ubuntu 14.04, the current Ubuntu LTS release. The commit message didn't mention any specific functional need for 2.1.1, just that it was the most recent stable version at the time. I reviewed the changes between 2.1.0 and 2.1.1, but it looks like that update just contained minor fixes and cleanups - no obvious (to me) new interfaces or critical bug fixes. Signed-off-by: dann frazier <dann.frazier@xxxxxxxxxxxxx> Acked-by: Eduardo Otubo <eduardo.otubo@xxxxxxxxxxxxxxxx> commit 693e59105d2ce4d6f4c96a2373fec06a24d0e6be Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Wed Sep 30 11:59:18 2015 -0400 configure: arm/aarch64: allow enable-seccomp This is a revert of ae6e8ef11e6cb, but with a bit of refactoring, and also specifically adding arm/aarch64, rather than all architectures. Currently, libseccomp code appears to also support mips, ppc, and s390. We could therefore allow qemu to enable seccomp for those platforms as well, with additional configure patches, given they're tested and proven to work. Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> Acked-by: Eduardo Otubo <eduardo.otubo@xxxxxxxxxxxxxxxx> commit 47d2067af3424c1a9b1b215dfc6b0c55ac4b3ee7 Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Mon Nov 2 23:53:26 2015 +0100 seccomp: add cacheflush to whitelist cacheflush is an arm-specific syscall that qemu built for arm uses. Add it to the whitelist, but only if we're linking with a recent enough libseccomp. Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> commit 917158dc3b22924922dc1f3b9d4049a4fc83d926 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Nov 13 14:31:43 2015 -0500 qtest/ahci: use raw format when qemu-img is absent If we don't have the qemu-img tool, use the raw format for tests and skip the high-sector LBA48 tests. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1447439479-16775-4-git-send-email-jsnow@xxxxxxxxxx commit cb11e7b2f3878575f23d49454c02d8dce35c8d35 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Nov 13 14:31:42 2015 -0500 libqos: add qemu-img presence check To allow tests to optionally exercise additional tests that require the qemu-img tool that may not be present in all builds. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1447439479-16775-3-git-send-email-jsnow@xxxxxxxxxx commit b236b61056ff0a6b69aa2a92cf5bb10a81450753 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Nov 13 14:31:42 2015 -0500 qtest/ahci: always specify image format Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1447439479-16775-2-git-send-email-jsnow@xxxxxxxxxx commit 6d9e7295c5ff6fdd2d7989639b836c6fdc01ac61 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Nov 13 14:31:42 2015 -0500 ahci/qtest: don't use tcp sockets for migration tests Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1447108074-20609-1-git-send-email-jsnow@xxxxxxxxxx commit f36aa12d2f2d5b5a877e38641183259e119e1568 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Nov 13 14:31:42 2015 -0500 atapi: Prioritize unknown cmd error over BCL error If we don't know about the command at all, we need to prioritize that failure above the zero byte-count-limit failure. This fixes a failure in the sparc64 NetBSD 7.0 installer bootup. Reported-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Tested-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Message-id: 1447095959-10046-3-git-send-email-jsnow@xxxxxxxxxx commit af0e00db0e389dfa33d597f917a21454643bd314 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Nov 13 14:31:42 2015 -0500 atapi: add byte_count_limit helper Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Tested-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Message-id: 1447095959-10046-2-git-send-email-jsnow@xxxxxxxxxx commit cdadde39a80779b52f72aedf80839cabac975e57 Author: Roger Pau Monne <roger.pau@xxxxxxxxxx> Date: Fri Nov 13 17:38:06 2015 +0000 xen: fix usage of xc_domain_create in domain builder Due to the addition of HVMlite and the requirement to always provide a valid xc_domain_configuration_t, xc_domain_create now always takes an arch domain config, which can be NULL in order to mimic previous behaviour. Add a small stub called xen_domain_create that encapsulates the correct call to xc_domain_create depending on the libxc version detected. Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 8337c6cbc37c6b2184f41bab3eaff47d5e68012a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Nov 13 17:10:36 2015 +0000 Update version for v2.5.0-rc0 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 74fcbd22d20a2fbc1a47a7b00cce5bf98fd7be5f Author: Guenter Roeck <linux@xxxxxxxxxxxx> Date: Thu Nov 12 09:54:55 2015 -0800 hw/misc: Add support for ADC controller in Xilinx Zynq 7000 Add support for the Xilinx XADC core used in Zynq 7000. References: - Zynq-7000 All Programmable SoC Technical Reference Manual - 7 Series FPGAs and Zynq-7000 All Programmable SoC XADC Dual 12-Bit 1 MSPS Analog-to-Digital Converter Tested with Linux using QEMU machine xilinx-zynq-a9 with devicetree files zynq-zc702.dtb and zynq-zc706.dtb, and kernel configuration multi_v7_defconfig. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Guenter Roeck <linux@xxxxxxxxxxxx> [ PC changes: * Changed macro names to match TRM where possible * Made programmers model macro scheme consistent * Dropped XADC_ZYNQ_ prefix on local macros * Fix ALM field width * Update threshold-comparison interrupts in _update_ints() * factored out DFIFO pushes into helper. Renamed to "push/pop" * Changed xadc_reg to 10 bits and added OOB check. * Reduced scope of MCTL reset to just stop channel coms. * Added dummy read data to write commands * Changed _ to - seperators in string names and filenames * Dropped ------------ in header comment * Catchall'ed _update_ints() in _write handler. * Minor whitespace changes. * Use ZYNQ_XADC_FIFO_DEPTH instead of ARRAY_SIZE() ] Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Tested-by: Guenter Roeck <linux@xxxxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f3bcfc5663646f74e62fe9d3d8774b8f0adda7bf Merge: b2df6a7 389775d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 12 18:08:19 2015 +0000 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20151112' into staging migration/next for 20151112 # gpg: Signature made Thu 12 Nov 2015 16:56:44 GMT using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20151112: migration_init: Fix lock initialisation/make it explicit migrate-start-postcopy: Improve text Postcopy: Fix TP!=HP zero case Finish non-postcopiable iterative devices before package migration: Make 32bit linux compile with RDMA migration: print ram_addr_t as RAM_ADDR_FMT not %zx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b2df6a79df6343d0ed4ea05d83b3ff1d849e8d25 Merge: cfcc7c1 aece5ed Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 12 17:22:06 2015 +0000 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches (rebased Stefan's pull request) # gpg: Signature made Thu 12 Nov 2015 15:34:16 GMT using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: (43 commits) block: Update copyright of the accounting code scsi-disk: Account for failed operations macio: Account for failed operations ide: Account for failed and invalid operations atapi: Account for failed and invalid operations xen_disk: Account for failed and invalid operations virtio-blk: Account for failed and invalid operations nvme: Account for failed and invalid operations iotests: Add test for the block device statistics block: Use QEMU_CLOCK_VIRTUAL for the accounting code in qtest mode qemu-io: Account for failed, invalid and flush operations block: New option to define the intervals for collecting I/O statistics block: Add average I/O queue depth to BlockDeviceTimedStats block: Compute minimum, maximum and average I/O latencies block: Allow configuring whether to account failed and invalid ops block: Add statistics for failed and invalid I/O operations block: Add idle_time_ns to BlockDeviceStats util: Infrastructure for computing recent averages block: define 'clock_type' for the accounting code ide: Account for write operations correctly ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 389775d1f67b2c8f44f9473b1e5363735972e389 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 12 15:38:27 2015 +0000 migration_init: Fix lock initialisation/make it explicit Peter reported a lock error on MacOS after my a82d593b patch. migrate_get_current does one-time initialisation of a bunch of variables. migrate_init does reinitialisation even on a 2nd migrate after a cancel. The problem here was that I'd initialised the mutex in migrate_get_current, and the memset in migrate_init corrupted it. Remove the memset and replace it by explicit initialisation of fields that need initialising; this also turns out to be simpler than the old code that had to preserve some fields. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Fixes: a82d593b Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a54d340b9d0902fa73ff9e5541974b9b51fb1d45 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 12 11:34:44 2015 +0000 migrate-start-postcopy: Improve text Improve the text in both the qapi-schema and hmp help to point out you need to set the postcopy-ram capability prior to issuing migrate-start-postcopy. Also fix the text of the migrate_start_postcopy error that deals with capabilities. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Acked-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit cfcc7c144879ebe61ac2472216314fc1331b4450 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 12 11:29:49 2015 -0500 configure: check for $cxx before use I broke this when adding checks for clang++. Reported-by: Laurent Vivier <lvivier@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1447345789-840-1-git-send-email-jsnow@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a3b6ff6d0a7a964c5c7cd5f9a0d5e42752b6347a Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Nov 11 14:02:28 2015 +0000 Postcopy: Fix TP!=HP zero case Where the target page size is different from the host page we special case it, but I messed up on the zero case check. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 1c0d249ddf3c75c3992847d0af67f79a1cfd23d2 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Nov 11 14:02:27 2015 +0000 Finish non-postcopiable iterative devices before package Where we have iterable, but non-postcopiable devices (e.g. htab or block migration), complete them before forming the 'package' but with the CPUs stopped. This stops them filling up the package. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 80e60c6e1c417aa50a4fed1cb1a2f73885be3bef Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Tue Nov 10 17:43:04 2015 +0100 migration: Make 32bit linux compile with RDMA Rest of the file already use that trick. 64bit offsets make no sense in 32bit archs, but that is ram_addr_t for you. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit 9458ad6b445ff1e886f74ed75cf5050721f93b3e Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Tue Nov 10 17:42:05 2015 +0100 migration: print ram_addr_t as RAM_ADDR_FMT not %zx Not all the wold is 64bits (yet). Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit ed6c64489ef11d9ac5fb4b4c89d455a4f1ae8083 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Thu Nov 12 15:10:43 2015 +0000 target-arm: Update PC before calling gen_helper_check_breakpoints() PC should be updated in the CPU state before calling check_breakpoints() helper. Otherwise, the helper would not see the correct PC in the CPU state if it is not at the start of a TB. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1447176222-16401-1-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8f0da01d189077647adf79618acc3832f77b7918 Merge: 17e50a7 4652f16 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 12 15:15:30 2015 +0000 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio, vhost: fixes for 2.5 This fixes a performance regression with virtio 1, and makes device stop/start more robust for vhost-user. virtio devices on pcie bus now have pcie and pm capability, as required by the PCI Express spec. migration now works better with virtio 9p. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu 12 Nov 2015 14:40:42 GMT using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: virtio-9p: add savem handlers hw/virtio: Add PCIe capability to virtio devices vhost: send SET_VRING_ENABLE at start/stop vhost: rename RESET_DEVICE backto RESET_OWNER vhost-user: modify SET_LOG_BASE to pass mmap size and offset virtio-pci: unbreak queue_enable read virtio-pci: introduce pio notification capability for modern device virtio-pci: use zero length mmio eventfd for 1.0 notification cap when possible KVM: add support for any length io eventfd memory: don't try to adjust endianness for zero length eventfd virtio-pci: fix 1.0 virtqueue migration Conflicts: include/hw/compat.h [Fixed a trivial merge conflict in compat.h] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit aece5edc96f211eec6febdafc9bbbb99315a2efd Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:18 2015 +0200 block: Update copyright of the accounting code Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 80a2278e3ec2dafd5daab20a7cb2d6a9b83371e4.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d7628080f3bd074f80666561beadfdd5e2f5b0df Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:17 2015 +0200 scsi-disk: Account for failed operations Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 0ead7b0e59c22926e033ca12725e3a31985ec46b.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b88b3c8b836ca55d8a4f738deed3b63c0ca84060 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:16 2015 +0200 macio: Account for failed operations Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: ee6f4fde6a7c1071ca96d4ddd53e4934ff812fcd.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ecca3b397d06a957b18913ff9afc63860001cfdf Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:15 2015 +0200 ide: Account for failed and invalid operations Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: bf4d6c9c563877e699b0bf42e7eaf8b096c4a35e.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ece2d05ed4adb9a9aa3ca9da0496be769dfb3a25 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:14 2015 +0200 atapi: Account for failed and invalid operations Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 59dee4e2921b0c79d41c49b67dfb93d32db9f7f9.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 57ee366ce9cf8d9f7a52b7b654b9db78fe887349 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:13 2015 +0200 xen_disk: Account for failed and invalid operations Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: e0cbb96cb0e1f86c37c7ce332efdf02b57b9d365.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 01762e03222154fef6d98087ce391aed8a157be5 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:12 2015 +0200 virtio-blk: Account for failed and invalid operations Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 4f623ce52c9d673d35a043fc2959526b41b685c6.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 1753f3dc177a82f8b3c5ea8d2a32737db9411dd4 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:11 2015 +0200 nvme: Account for failed and invalid operations Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 678dc67da229759d404b44f7cc2bf5ed8bf8ad14.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4214face09bed08279c68a67fa1a4b01be887346 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:10 2015 +0200 iotests: Add test for the block device statistics Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 0fb8501bbf3666b3d5d3f67fa899729c88f21baf.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 918a17a464bac332b14a19d87106acc81e476f05 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:09 2015 +0200 block: Use QEMU_CLOCK_VIRTUAL for the accounting code in qtest mode This patch switches to QEMU_CLOCK_VIRTUAL for the accounting code in qtest mode, and makes the latency of the operation constant. This way we can perform tests on the accounting code with reproducible results. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 35ed0501450fa572684e9b5e92c361ab6cce565b.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 556c2b60714e7dae3ed0eb3488910435263dc09f Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:08 2015 +0200 qemu-io: Account for failed, invalid and flush operations Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 78a7662a8636e55991737ece50003a2dc5a5f3e0.1446044838.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 2be5506fc85d5fef1abdb2128d446cb0b14b12bc Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:07 2015 +0200 block: New option to define the intervals for collecting I/O statistics The BlockAcctStats structure contains a list of BlockAcctTimedStats. Each one of these collects statistics about the minimum, maximum and average latencies of all I/O operations in a certain interval of time. This patch adds a new "stats-intervals" option that allows defining these intervals. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 41cbcd334a61c6157f0f495cdfd21eff6c156f2a.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 96e4dedaff9922f87e4ec351d51d3f093198382a Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:06 2015 +0200 block: Add average I/O queue depth to BlockDeviceTimedStats This patch adds two new fields to BlockDeviceTimedStats that track the average number of pending read and write requests for a block device. The values are calculated for the period of time defined for that interval. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: fd31fef53e2714f2f30d59ed58ca2f67ec9ab926.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 979e9b03fc8c85d3b78a14410c64cbb16d348095 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:05 2015 +0200 block: Compute minimum, maximum and average I/O latencies This patch keeps track of the minimum, maximum and average latencies of I/O operations during a certain interval of time. The values are exposed in the BlockDeviceTimedStats structure. An option to define the intervals to collect these statistics will be added in a separate patch. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: c7382dc89622c64f918d09f32815827772628f8e.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 362e9299b34b3101aaa20f20363441c9f055fa5e Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:04 2015 +0200 block: Allow configuring whether to account failed and invalid ops This patch adds two options, "stats-account-invalid" and "stats-account-failed", that can be used to decide whether invalid and failed I/O operations must be used when collecting statistics for latency and last access time. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: ebc7e5966511a342cad428a392c5f5ad56b15213.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7ee12dafe96a86dfa96af38cea1289305e429a55 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:03 2015 +0200 block: Add statistics for failed and invalid I/O operations This patch adds the block_acct_failed() and block_acct_invalid() functions to allow keeping track of failed and invalid I/O operations. The number of failed and invalid operations is exposed in BlockDeviceStats. We don't keep track of the time spent on invalid operations because they are cancelled immediately when they are started. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: a7256ccb883a86356b1c6c46b5a29ed5448546a5.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit cb38fffbc968e797ae32039b1e2c47b940b30cb4 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:02 2015 +0200 block: Add idle_time_ns to BlockDeviceStats This patch adds the new field 'idle_time_ns' to the BlockDeviceStats structure, indicating the time that has passed since the previous I/O operation. It also adds the block_acct_idle_time_ns() call, to ensure that all references to the clock type used for accounting are in the same place. This will later allow us to use a different clock for iotests. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 7d8cfcf931453e1a2443e6626e8c1edc347c7c8a.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit bd797fc15b4290e02c219b7cd6289a33cd6cd18b Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:01 2015 +0200 util: Infrastructure for computing recent averages This module computes the average of a set of values within a time window, keeping also track of the minimum and maximum values. In order to produce more accurate results it works internally by creating two time windows of the same period, offsetted by half of that period. Values are accounted on both windows and the data is always returned from the oldest one. [Add missing util/replay.o to test-timed-average dependencies to fix the build. --Stefan] Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 201b09c21bbc9c329779d2b2365ee2b9c80dceeb.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5519593c07c71c55b196546a00c08106bd9a100b Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:33:00 2015 +0200 block: define 'clock_type' for the accounting code Its value is still QEMU_CLOCK_REALTIME, but having it in a variable will allow us to change its value easily in the future when running in qtest mode. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 547485eb841cf9e3b2770c96539ae9ae5996e214.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit c618f331d314c34ff2390d2dbd3f926e513c7059 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:32:59 2015 +0200 ide: Account for write operations correctly Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 2e71323c0875c2b66a8ae22229545e0c013af8d4.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 693044ebd20ce8730aae679ff58d52aa8ec60b0a Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 17:32:58 2015 +0200 xen_disk: Account for flush operations Currently both BLKIF_OP_WRITE and BLKIF_OP_FLUSH_DISKCACHE are being accounted as write operations. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 7a2a14e3ac62027aa6267a6c02abc70717be9c0a.1446044837.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 6c6f312dd752c74c124ecfc4c34e8aaf7254c3b8 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Nov 5 18:13:20 2015 -0500 tests: add BlockJobTxn unit test The BlockJobTxn unit test verifies that both single jobs and pairs of jobs behave as a transaction group. Either all jobs complete successfully or the group is cancelled. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-15-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit fc6c796ff2b049303473702d1ade9196d1843f5d Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:13:19 2015 -0500 iotests: 124 - transactional failure test Use a transaction to request an incremental backup across two drives. Coerce one of the jobs to fail, and then re-run the transaction. Verify that no bitmap data was lost due to the partial transaction failure. To support the 'err-cancel' QMP argument name it's necessary for transaction_action() to convert underscores in Python argument names to hyphens for QMP argument names. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1446765200-3054-14-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 94d16a640a1058653327392e08c6d39eeba1e499 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:13:18 2015 -0500 block: add transactional properties Add both transactional properties to the QMP transactional interface, and add the BlockJobTxn that we create as a result of the err-cancel property to the BlkActionState structure. [split up from a patch originally by Stefan and Fam. --js] Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-13-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 78f51fde88d1925b5ae51ba789339baa9ff72ad1 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:13:17 2015 -0500 block: Add BlockJobTxn support to backup_run Allow a BlockJobTxn to be passed into backup_run, which will allow the job to join a transactional group if present. Propagate this new parameter outward into new QMP helper functions in blockdev.c to allow transaction commands to pass forward their BlockJobTxn object in a forthcoming patch. [split up from a patch originally by Stefan and Fam. --js] Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-12-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit c347b2c62a53b73cf6cc31225feb125d2f20f186 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:13:16 2015 -0500 block/backup: Rely on commit/abort for cleanup Switch over to the new .commit/.abort handlers for cleaning up incremental bitmaps. [split up from a patch originally by Stefan and Fam. --js] Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-11-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit c55a832fdddec2c350b585ade0476501f616608d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Nov 5 18:13:15 2015 -0500 block: Add block job transactions Sometimes block jobs must execute as a transaction group. Finishing jobs wait until all other jobs are ready to complete successfully. Failure or cancellation of one job cancels the other jobs in the group. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-10-git-send-email-jsnow@xxxxxxxxxx [Rewrite the implementation which is now contained in block_job_completed. --Fam] Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 94db6d2d30962cc0422a69c88c3b3e9981b33e50 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Nov 5 18:13:14 2015 -0500 blockjob: Simplify block_job_finish_sync With job->completed and job->ret to replace BlockFinishData. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-9-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a689dbf2df74a55d43e3fc4d6aec30ed67ca998f Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Nov 5 18:13:13 2015 -0500 blockjob: Add "completed" and "ret" in BlockJob They are set when block_job_completed is called. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-8-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 57901ecb8e02f03464d5f37bb6edf82e5076812d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Nov 5 18:13:12 2015 -0500 blockjob: Add .commit and .abort block job actions Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-7-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 18930ba3d17866fff6df52ae6d2e54ce5c5ca04b Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Nov 5 18:13:11 2015 -0500 blockjob: Introduce reference count and fix reference to job->bs Add reference count to block job, meanwhile move the ownership of the reference to job->bs from the caller (which is released in two completion callbacks) to the block job itself. It is necessary for block_job_complete_sync to work, because block job shouldn't live longer than its bs, as asserted in bdrv_delete. Now block_job_complete_sync can be simplified. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-6-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b976ea3cf591ac994cc17dcf0fc550c9aa9c0f5d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Nov 5 18:13:10 2015 -0500 backup: Extract dirty bitmap handling as a separate function This will be reused by the coming new transactional completion code. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-5-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 50f43f0ff9a640b901b2657492d642e14a57bd4d Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:13:09 2015 -0500 block: rename BlkTransactionState and BdrvActionOps These structures are misnomers, somewhat. (1) BlockTransactionState is not state for a transaction, but is rather state for a single transaction action. Rename it "BlkActionState" to be more accurate. (2) The BdrvActionOps describes operations for the BlkActionState, above. This name might imply a 'BdrvAction' or a 'BdrvActionState', which there isn't. Rename this to 'BlkActionOps' to match 'BlkActionState'. Lastly, update the surrounding in-line documentation and comments to reflect the current nature of how Transactions operate. This patch changes only comments and names, and should not affect behavior in any way. Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1446765200-3054-4-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 749ad5e887e85fd51d83bf4d08ed72858f937fd9 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:13:08 2015 -0500 iotests: add transactional incremental backup test Test simple usage cases for using transactions to create and synchronize incremental backups. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1446765200-3054-3-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit df9a681dc9ad41c9cdeb9ecc5d060ba9abd27e01 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:54 2015 +0800 qed: Implement .bdrv_drain The "need_check_timer" is used to clear the "NEED_CHECK" flag in the image header after a grace period once metadata update has finished. In compliance to the bdrv_drain semantics we should make sure it remains deleted once .bdrv_drain is called. We cannot reuse qed_need_check_timer_cb because here it doesn't satisfy the assertion. Do the "plug" and "flush" calls manually. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1447064214-29930-10-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 67da1dc5ce696c7b309b1db100da7d94292847b7 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:53 2015 +0800 block: Introduce BlockDriver.bdrv_drain callback Drivers can have internal request sources that generate IO, like the need_check_timer in QED. Since we want quiesced periods that contain nested event loops in block layer, we need to have a way to disable such event sources. Block drivers must implement the "bdrv_drain" callback if it has any internal sources that can generate I/O activity, like a timer or a worker thread (even in a library) that can schedule QEMUBH in an asynchronous callback. Update the comments of bdrv_drain and bdrv_drained_begin accordingly. Like bdrv_requests_pending(), we should consider all the children of bs. Before, the while loop just works, as bdrv_requests_pending() already tracks its children; now we mustn't miss the callback, so recurse down explicitly. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1447064214-29930-9-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 83c98d7b924eab36a0a2c7813731dbef439a91d3 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:52 2015 +0800 block: Drop BlockDriver.bdrv_ioctl Now the callback is not used any more, drop the field along with all implementations in block drivers, which are iscsi and raw. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1447064214-29930-8-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5c5ae76acb024f05b8f021e9f1e10a0299328bdd Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:51 2015 +0800 block: Emulate bdrv_ioctl with bdrv_aio_ioctl and track both Currently all drivers that support .bdrv_aio_ioctl also implement .bdrv_ioctl redundantly. To track ioctl requests in block layer it is easier if we unify the two paths, because we'll need to run it in a coroutine, as required by tracked_request_begin. While we're at it, use .bdrv_aio_ioctl plus aio_poll() to emulate bdrv_ioctl(). Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1447064214-29930-7-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8b45f6878d291646cadc4786ae807e6a42c188b4 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:50 2015 +0800 block: Add ioctl parameter fields to BlockRequest The two fields that will be used by ioctl handling code later are added as union, because it's used exclusively by ioctl code which dosn't need the four fields in the other struct of the union. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1447064214-29930-6-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4bb17ab51a78c6daaaa9d6c86d1c890d24c091c4 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:49 2015 +0800 iscsi: Emulate commands in iscsi_aio_ioctl as iscsi_ioctl iscsi_ioctl emulates SG_GET_VERSION_NUM and SG_GET_SCSI_ID. Now that bdrv_ioctl() will be emulated with .bdrv_aio_ioctl, replicate the logic into iscsi_aio_ioctl to make them consistent. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1447064214-29930-5-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b1066c875597649be1d1d6db4712bc504b4c4c81 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:48 2015 +0800 block: Track discard requests Both bdrv_discard and bdrv_aio_discard will call into bdrv_co_discard, so add tracked_request_begin/end calls around the loop. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1447064214-29930-4-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit cdb5e3155eb323380c59f19fe88e28fedd85d3d8 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:47 2015 +0800 block: Track flush requests Both bdrv_flush and bdrv_aio_flush eventually call bdrv_co_flush, add tracked_request_begin and tracked_request_end pair in that function so that all flush requests are now tracked. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1447064214-29930-3-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ebde595ce63369921dbbe1bd16fec0b230050d67 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Nov 9 18:16:46 2015 +0800 block: Add more types for tracked request We'll track more request types besides read and write, change the boolean field to an enum. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1447064214-29930-2-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4652f1640e029e1f2433fa77ba6af285c7cd923a Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Thu Oct 22 19:38:42 2015 +0200 virtio-9p: add savem handlers We don't support migration of mounted 9p shares. This is handled by a migration blocker. One would expect, however, to be able to migrate if the share is unmounted. Unfortunately virtio-9p-device does not register savevm handlers at all ! Migration succeeds and leaves the guest with a dangling device... This patch simply registers migration handlers for virtio-9p-device. Whether migration is possible or not still depends on the migration blocker. Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1811e64c35fe1d9bce77952937a16c001dc08465 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Nov 10 13:41:29 2015 +0200 hw/virtio: Add PCIe capability to virtio devices The virtio devices are converted to PCI-Express if they are plugged into a PCI-Express bus and the 'modern' protocol is enabled. Devices plugged directly into the Root Complex as Integrated Endpoints remain PCI. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 17e50a72a3aade0eddfebc012a5d7bdd40a03573 Merge: df1ac44 39bec4f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 12 14:15:32 2015 +0000 Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging # gpg: Signature made Thu 12 Nov 2015 08:01:55 GMT using RSA key ID 398D6211 # gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211 * remotes/jasowang/tags/net-pull-request: net: netmap: use error_setg() helpers in place of error_report() net: netmap: Fix compilation issue e1000: Introducing backward compatibility command line parameter e1000: Implementing various counters e1000: Fixing the packet address filtering procedure e1000: Fixing the received/transmitted octets' counters e1000: Fixing the received/transmitted packets' counters e1000: Trivial implementation of various MAC registers e1000: Introduced an array to control the access to the MAC registers e1000: Add support for migrating the entire MAC registers' array e1000: Cosmetic and alignment fixes slirp: Fix type casts and format strings in debug code Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3a12f32229a046f4d4ab0a3a52fb01d2d5a1ab76 Author: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Date: Wed Nov 11 21:24:41 2015 +0800 vhost: send SET_VRING_ENABLE at start/stop Send SET_VRING_ENABLE at start/stop, to give the backend an explicit sign of our state. Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 60915dc4691768c4dc62458bb3e16c843fab091d Author: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Date: Wed Nov 11 21:24:37 2015 +0800 vhost: rename RESET_DEVICE backto RESET_OWNER This patch basically reverts commit d1f8b30e. It turned out that it breaks stuff, so revert it: http://lists.nongnu.org/archive/html/qemu-devel/2015-10/msg00949.html CC: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Reported-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 2b8819c6eee517c1582983773f8555bb3f9ed645 Author: Victor Kaplansky <victork@xxxxxxxxxx> Date: Wed Nov 11 16:26:02 2015 +0200 vhost-user: modify SET_LOG_BASE to pass mmap size and offset Unlike the kernel, vhost-user application accesses log table by mmaping it to its user space. This change adds two new fields to VhostUserMsg payload: mmap_size, and mmap_offset and make QEMU to pass the to vhost-user application in VHOST_USER_SET_LOG_BASE request. Signed-off-by: Victor Kaplansky <victork@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 393f04d3ab40d03aa2fde0017ff7f02fc34cbd4e Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Nov 6 16:02:49 2015 +0800 virtio-pci: unbreak queue_enable read Guest always get zero when reading queue_enable. This violates spec. Fixing this by setting the queue_enable to true during any guest writing and setting it to zero during reset. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 9824d2a39d9893ef9bbe71f94efb57da265b73f6 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Nov 6 16:02:48 2015 +0800 virtio-pci: introduce pio notification capability for modern device We used to use mmio for notification. This could be slow on some arch (e.g on x86 without EPT). So this patch introduces pio bar and a pio notification cap for modern device. This ability is enabled through property "modern-pio-notify" for virtio pci devices and was disabled by default. Management can enable when it thinks it was needed. Benchmarks shows almost no obvious difference compared to legacy device on machines without ept. Thanks Wenli Quan <wquan@xxxxxxxxxx> for the benchmarking. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit bc85ccfdf5cc045588f665c84b5707d7364c8a6c Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Nov 6 16:02:47 2015 +0800 virtio-pci: use zero length mmio eventfd for 1.0 notification cap when possible We use data match eventfd for 1.0 notification currently. This could be slow since software decoding is needed for mmio exit. To speed this up, we can switch to use zero length mmio eventfd for 1.0 notification since we can examine the queue index directly from the writing address. KVM kernel module can utilize this by registering it to fast mmio bus which could be as fast as pio on ept capable machine when fast mmio is supported by host kernel. Lots of improvements were seen on a ept capable machine: Guest RX:(TCP) size/session/+throughput%/+cpu%/-+per cpu%/ 64/1/+1.6807%/[-16.2421%]/[+21.3984%]/ 64/2/+0.6091%/[-11.0187%]/[+13.0678%]/ 64/4/+0.0553%/[-5.9768%]/[+6.4155%]/ 64/8/+0.1206%/[-4.0057%]/[+4.2984%]/ 256/1/-0.0031%/[-10.1166%]/[+11.2517%]/ 256/2/-0.5058%/[-6.1656%]/+6.0317%]/ ... Guest TX:(TCP) size/session/+throughput%/+cpu%/-+per cpu%/ 64/1/[+18.9183%]/-0.2823%/[+19.2550%]/ 64/2/[+13.5714%]/[+2.2675%]/[+11.0533%]/ 64/4/[+13.1070%]/[+2.1817%]/[+10.6920%]/ 64/8/[+13.0426%]/[+2.0887%]/[+10.7299%]/ 256/1/[+36.2761%]/+6.3434%/[+28.1471%]/ ... 1024/1/[+44.8873%]/+2.0811%/[+41.9335%]/ ... 1024/4/+0.0228%/[-2.2044%]/[+2.2774%]/ ... 16384/2/+0.0127%/[-5.0346%]/[+5.3148%]/ ... 65535/1/[+0.0062%]/[-4.1183%]/[+4.3017%]/ 65535/2/+0.0004%/[-4.2311%]/[+4.4185%]/ 65535/4/+0.0107%/[-4.6106%]/[+4.8446%]/ 65535/8/-0.0090%/[-5.5178%]/[+5.8306%]/ Latency:(TCP_RR) size/session/+transaction rate%/+cpu%/-+per cpu%/ 64/1/[+6.5248%]/[-9.2882%]/[+17.4322%]/ 64/25/[+11.0854%]/[+0.8000%]/[+10.2038%]/ 64/50/[+12.1076%]/[+2.4627%]/[+9.4131%]/ 256/1/[+5.3677%]/[+10.5669%]/-4.7024%/ 256/25/[+5.6402%]/-0.8962%/[+6.5955%]/ 256/50/[+5.9685%]/[+1.7766%]/[+4.1188%]/ 4096/1/+0.2508%/[-10.4941%]/[+12.0047%]/ 4096/25/[+1.8533%]/-0.0273%/+1.8812%/ 4096/50/[+1.2156%]/-1.4134%/+2.6667%/ Notes: data with '[]' is the one whose significance is greater than 95%. Thanks Wenli Quan <wquan@xxxxxxxxxx> for the benchmarking. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 351082238d5d45d6836ec94eabe3fe7d72b36f46 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Nov 6 16:02:46 2015 +0800 KVM: add support for any length io eventfd Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b8aecea23aaccf39da54c77ef248f5fa50dcfbc1 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Nov 6 16:02:45 2015 +0800 memory: don't try to adjust endianness for zero length eventfd There's no need to adjust endianness for zero length eventfd since the data wrote was actually ignored by kernel. So skip the adjust in this case to fix a possible crash when trying to use wildcard mmio eventfd in ppc. Cc: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit a6df8adf3edbb3062f087e425564df35077e8410 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Nov 6 16:02:44 2015 +0800 virtio-pci: fix 1.0 virtqueue migration We don't migrate the followings fields for virtio-pci: uint32_t dfselect; uint32_t gfselect; uint32_t guest_features[2]; struct { uint16_t num; bool enabled; uint32_t desc[2]; uint32_t avail[2]; uint32_t used[2]; } vqs[VIRTIO_QUEUE_MAX]; This will confuse driver if migrating during initialization. Solves this issue by: - introduce transport specific callbacks to load and store extra virtqueue states. - add a new subsection for virtio to migrate transport specific modern device state. - implement pci specific callbacks. - add a new property for virtio-pci for whether or not to migrate extra state. - compat the migration for 2.4 and elder machine types Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit df1ac44e9f0c1b1d775c65b6e86fbcac0be77930 Merge: fd717e7 0a9516c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 12 13:41:44 2015 +0000 Merge remote-tracking branch 'remotes/dgibson/tags/ppc-next-20151112' into staging ppc patch queue -2015-11-12 Highlights: - A number of fixes for MacOS 9 compatibility based on the old MOL (Mac-On-Linux) code and a GSoC project. - Cleaner and more general way of handling register access from the monitor # gpg: Signature made Thu 12 Nov 2015 04:33:26 GMT using RSA key ID 20D9B392 # gpg: Good signature from "David Gibson <david@xxxxxxxxxxxxxxxxxxxxx>" # gpg: aka "David Gibson (Red Hat) <dgibson@xxxxxxxxxx>" # gpg: aka "David Gibson (ozlabs.org) <dgibson@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392 * remotes/dgibson/tags/ppc-next-20151112: monitor/target-ppc: Define target_get_monitor_def cuda.c: add delay to setting of SR_INT bit cuda.c: fix T2 timer and enable its interrupt cuda.c: rename get_counter() state variable from s to ti for consistency cuda.c: refactor get_tb() so that the time can be passed in cuda.c: add defines for CUDA registers cuda.c: fix CUDA SR interrupt clearing cuda.c: implement dummy IIC access commands cuda.c: implement simple CUDA_GET_6805_ADDR command cuda.c: fix CUDA_PACKET response packet format cuda.c: fix CUDA ADB error packet format PPC: mac99: Always add USB controller PPC: Fix lswx bounds checks PPC: Allow Rc bit to be set on mtspr Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit fd717e789010012c5f0537269df19ef19d469baf Merge: 2048a2a 52074d0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 12 13:11:06 2015 +0000 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-11-11-tag' into staging qemu-ga patch queue * fix for unintended overwriting of data on w32 using guest-file-open with append mode # gpg: Signature made Wed 11 Nov 2015 22:14:52 GMT using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" * remotes/mdroth/tags/qga-pull-2015-11-11-tag: qga: fix append file open modes for win32 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2048a2a49188af7a9df065f7553021f89d8e9ec5 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Nov 12 12:10:18 2015 +0100 tests: classify some ivshmem tests as slow Some tests may take long to run, move them under g_test_slow() condition. The 5s timeout for the "server" test will have to be adjusted to the worst known time (for the records, it takes ~0.2s on my host). The "pair" test takes ~1.7, a quickest version could be implemented. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Message-id: 1447326618-11686-1-git-send-email-marcandre.lureau@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c459343b8552e65398a05581f7ff31a068b5b551 Merge: 7497b8d 455b0fd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 12 10:09:14 2015 +0000 Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2015-11-11' into staging error: More error_setg() usage # gpg: Signature made Wed 11 Nov 2015 17:57:15 GMT using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-error-2015-11-11: error: More error_setg() usage Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 39bec4f38b028a2cff8c38f3455aef44d7b3b6c4 Author: Vincenzo Maffione <v.maffione@xxxxxxxxx> Date: Tue Nov 10 10:47:22 2015 +0100 net: netmap: use error_setg() helpers in place of error_report() This update was required to align error reporting of netmap backend initialization to the modifications introduced by commit a30ecde. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Vincenzo Maffione <v.maffione@xxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 54c59b4de584b3467166febb4ff84627a2f29a0e Author: Vincenzo Maffione <v.maffione@xxxxxxxxx> Date: Tue Nov 10 10:47:21 2015 +0100 net: netmap: Fix compilation issue Reorganization of struct NetClientOptions (commit e4ba22b) caused a compilation failure of the netmap backend. This patch fixes the issue by properly accessing the union field. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Vincenzo Maffione <v.maffione@xxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit ba63ec8594a5dd412182aced07b4bf042403766a Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:47 2015 +0200 e1000: Introducing backward compatibility command line parameter This follows the previous patches, where support for migrating the entire MAC registers' array, and some new MAC registers were introduced. This patch introduces the e1000-specific boolean parameter "extra_mac_registers", which is on by default. Setting it to off will enable migration to older versions of QEMU, but will disable the read and write access to the new registers, that were introduced since adding the ability to migrate the entire MAC array. Example for usage to enable backward compatibility and to disable the new MAC registers: qemu-system-x86_64 -device e1000,extra_mac_registers=off,... ... As mentioned above, the default value is "on". Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 3b27430177498a1728b6765c70b455900f93d73a Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:46 2015 +0200 e1000: Implementing various counters This implements the following Statistic registers (various counters) according to Intel's specs: TSCTC GOTCL GOTCH GORCL GORCH MPRC BPRC RUC ROC BPTC MPTC PTC... PRC... PLEASE NOTE: these registers will not be active, nor will migrate, until a compatibility flag will be set (in the next patch in this series). Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 4aeea330f022f45d0dabff6090ecbb98755c2116 Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:45 2015 +0200 e1000: Fixing the packet address filtering procedure Previously, if promiscuous unicast was enabled, a packet was received straight away, even if it was a multicast or a broadcast packet. This patch fixes that behavior, while making the filtering procedure a bit more human-readable. Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 45e93764711484440e56f580f233009bb3da18bc Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:44 2015 +0200 e1000: Fixing the received/transmitted octets' counters Previously, these 64-bit registers did not stick at their maximal values when (and if) they reached them, as they should do, according to the specs. This patch introduces a function that takes care of such registers, avoiding code duplication, making the relevant parts more compatible with the QEMU coding style, while ensuring that in the unlikely case of reaching the maximal value, the counter will stick there, as it supposed to. Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 1f67f92c4fdf59a98c2fdf67d3e78deba489a370 Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:43 2015 +0200 e1000: Fixing the received/transmitted packets' counters According to Intel's specs, these counters (as the other Statistic registers) stick at 0xffffffff when this maximal value is reached. Previously, they would reset after the max. value. Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 72ea771c9711cba63686d5d3284bc6645d13f7d2 Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:42 2015 +0200 e1000: Trivial implementation of various MAC registers These registers appear in Intel's specs, but were not implemented. These registers are now implemented trivially, i.e. they are initiated with zero values, and if they are RW, they can be written or read by the driver, or read only if they are R (essentially retaining their zero values). For these registers no other procedures are performed. For the trivially implemented Diagnostic registers, a debug warning is produced on read/write attempts. PLEASE NOTE: these registers will not be active, nor will migrate, until a compatibility flag will be set (in a later patch in this series). The registers implemented here are: Transmit: RW: AIT Management: RW: WUC WUS IPAV IP6AT* IP4AT* FFLT* WUPM* FFMT* FFVT* Diagnostic: RW: RDFH RDFT RDFHS RDFTS RDFPC PBM* TDFH TDFT TDFHS TDFTS TDFPC Statistic: RW: FCRUC R: RNBC TSCTFC MGTPRC MGTPDC MGTPTC RFC RJC SCC ECOL LATECOL MCC COLC DC TNCRS SEC CEXTERR RLEC XONRXC XONTXC XOFFRXC XOFFTXC Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit bc0f0674f037a01f2ce0870ad6270a356a7a8347 Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:41 2015 +0200 e1000: Introduced an array to control the access to the MAC registers The array of uint8_t's which is introduced here, contains access metadata about the MAC registers: if a register is accessible, but partly implemented, or if a register requires a certain compatibility flag in order to be accessed. Currently, 6 hypothetical flags are supported (3 exist for e1000 so far) but in the future, if more than 6 flags will be needed, the datatype of this array can simply be swapped for a larger one. This patch is intended to solve the following current problems: 1) In a scenario of migration between different versions of QEMU, which differ by the MAC registers implemented in them, some registers need not to be active if a compatibility flag is set, in order to preserve the machine's state perfectly for the older version. Checking this for each register individually, would create a lot of clutter in the code. 2) Some registers are (or may be) only partly implemented (e.g. placeholders that allow reading and writing, but lack other functions). In such cases it is better to print a debug warning on read/write attempts. As above, dealing with this functionality on a per-register level, would require longer and more messy code. Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 9e11773417d98fd2ec961568ec2875063b95569b Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:40 2015 +0200 e1000: Add support for migrating the entire MAC registers' array This patch makes the migration of the entire array of MAC registers possible during live migration. The entire array is just 128 KB long, so practically no penalty should be felt when transmitting it, additionally to the previously transmitted individual registers. The advantage here is eliminating the need to introduce new vmstate subsections in the future, when additional MAC registers will be implemented. Backward compatibility is preserved by introducing a e1000-specific boolean parameter (in a later patch), which will be on by default. Setting it to off would enable migration to older versions of QEMU. Additionally, this parameter will be used to control the access to the extra MAC registers in the future. Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 20f3e86362758b5085aa17baa7bc109c858acf67 Author: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 11 15:52:39 2015 +0200 e1000: Cosmetic and alignment fixes This fixes some alignment and cosmetic issues. The changes are made in order that the following patches in this series will look like integral parts of the code surrounding them, while conforming to the coding style. Although some changes in unrelated areas are also made. Signed-off-by: Leonid Bloch <leonid.bloch@xxxxxxxxxxxxxxxxxx> Signed-off-by: Dmitry Fleytman <dmitry.fleytman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit ecc804cac31cec6cb90feaa459503afda8b38d09 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Sat Aug 29 09:12:35 2015 +0200 slirp: Fix type casts and format strings in debug code Casting pointers to long won't work on 64 bit Windows. It is not needed with the right format strings. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 0a9516c2d6711cb6760a726952bdbbe931fd045c Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu Nov 12 14:44:23 2015 +1100 monitor/target-ppc: Define target_get_monitor_def At the moment get_monitor_def() returns only registers from statically defined monitor_defs array. However there is a lot of BOOK3S SPRs which are not in the list and cannot be printed from the monitor. This adds a new target platform hook - target_get_monitor_def(). The hook is called if a register was not found in the static array returned by the target_monitor_defs() hook. The hook is only defined for POWERPC, it returns registered SPRs and fails on unregistered ones providing the user with information on what is actually supported on the running CPU. The register value is saved as uint64_t as it is the biggest supported register size; target_ulong cannot be used because of the stub - it is in a "common" code and cannot include "cpu.h", etc; this is also why the hook prototype is redefined in the stub instead of being included from some header. This replaces static descriptors for GPRs, FPRs, SRs with a helper which looks for a value in a corresponding array in the CPUPPCState. The immediate effect is that all 32 SRs can be printed now (instead of 16); later this can be reused for VSX or TM registers. This replaces callbacks for MSR and XER with static descriptors in monitor_defs as they are stored in CPUPPCState. While we are here, this adds "cr" as a synonym of "ccr". Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit cffc331a3156870d54883bc79e4278472ffd8f1d Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:51 2015 +0000 cuda.c: add delay to setting of SR_INT bit MacOS 9 is racy when it comes to accessing the shift register. Fix this by introducing a small delay between data accesses and raising the SR_INT interrupt bit. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit a53cfdcca2834ec7e61fd955c4f24ac233c4ec16 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:50 2015 +0000 cuda.c: fix T2 timer and enable its interrupt Fix the counter loading logic and enable the T2 interrupt when the timer expires. Otherwise MacOS 9 hangs on boot. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 0174adb611a22bcfeeb123851cf4874e6d922d06 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:49 2015 +0000 cuda.c: rename get_counter() state variable from s to ti for consistency Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit eda14abbb804f8ed2cb903c99ad1852848fa2e42 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:48 2015 +0000 cuda.c: refactor get_tb() so that the time can be passed in This is in preparation for sharing the code between timers. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit b5ac04103bc3b24042418df1a561096187165fd7 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:47 2015 +0000 cuda.c: add defines for CUDA registers Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit d271ae36dc1e292ae140f5bbf23e0fc1392dd325 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:46 2015 +0000 cuda.c: fix CUDA SR interrupt clearing Make sure that we also clear the data and clock interrupts at the same time. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit ce8d3b647b5acc2bec19602d9fac87d3da11ae77 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:45 2015 +0000 cuda.c: implement dummy IIC access commands These are used by MacOS 9 on boot. Here we return an error except for 4-byte commands which write to the IIC bus in a similar manner to MOL. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit f1f46f74a9de7298977a3ed668e71843fa904c38 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:44 2015 +0000 cuda.c: implement simple CUDA_GET_6805_ADDR command This simply returns an empty response with no error status as implemented by MOL to allow MacOS 9 boot to proceed further. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 4202e63c0432c72ba518dd882e99a794620d1665 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:43 2015 +0000 cuda.c: fix CUDA_PACKET response packet format According to comments in MOL, the response to a CUDA_PACKET should be one of the following: Reply: (CUDA_PACKET, status, cmd) Error: (ERROR_PACKET, status, CUDA_PACKET, cmd) Update cuda_receive_packet() accordingly to reflect this in order to make MacOS 9 happy. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 6729aa40135bc96d69b5bf5e65a7d463ef7793e7 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Nov 11 22:49:42 2015 +0000 cuda.c: fix CUDA ADB error packet format According to MOL, ADB error packets should be of the form (type, status, cmd) rather than just (type, status). This fixes ADB device detection under MacOS 9. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 72f1f97d4927f798167855fda7881b0e22756b20 Author: Alexander Graf <agraf@xxxxxxx> Date: Wed Nov 11 22:49:41 2015 +0000 PPC: mac99: Always add USB controller The mac99 machines always have a USB controller. Usually not having one around doesn't hurt quite as much, but Mac OS 9 really really wants one or it crashes on bootup. So always add OHCI to make it happy. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 488661ee9dd300110a6612d52fe68e2bb3539a5f Author: Alexander Graf <agraf@xxxxxxx> Date: Wed Nov 11 22:49:40 2015 +0000 PPC: Fix lswx bounds checks The lswx instruction checks whether the desired string actually fits into all defined registers. Unfortunately it does the calculation wrong, resulting in illegal instruction traps for loads that really should fit. Fix it up, making Mac OS happier. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 4248b336d3c1b74e343842c5b478b165d75f5ce8 Author: Alexander Graf <agraf@xxxxxxx> Date: Wed Nov 11 22:49:39 2015 +0000 PPC: Allow Rc bit to be set on mtspr According to the ISA setting the Rc bit on mtspr is undefined behavior. Real 750 hardware simply ignores the bit and doesn't touch cr0 though. Unfortunately, Mac OS 9 relies on this fact and executes a few mtspr instructions (to set XER for example) with Rc set. So let's handle the bit the same way hardware does and ignore it. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 7497b8dddcaee5b5f1851434607d0de044012ebe Merge: 31e49ac c833d1e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 11 23:20:07 2015 +0000 Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging # gpg: Signature made Wed 11 Nov 2015 17:59:33 GMT using RSA key ID C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@xxxxxxxxxx>" # gpg: aka "Jeffrey Cody <jeff@xxxxxxxxxxxxx>" # gpg: aka "Jeffrey Cody <codyprime@xxxxxxxxx>" * remotes/cody/tags/block-pull-request: gluster: allocate GlusterAIOCBs on the stack Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 31e49ac192f782d594bbd04070fe79e800b7813f Merge: 2869653 3c4c694 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 11 18:23:08 2015 +0000 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20151111' into staging Hopefully last big batch of s390x patches, including: - bugfixes for LE host and for pci translation - MAINTAINERS update - hugetlbfs enablement (kernel patches pending) - boot from El Torito iso images on virtio-blk (boot from scsi pending) - cleanup in the ipl device code There's also a helper function for resetting busless devices in the qdev core in there. # gpg: Signature made Wed 11 Nov 2015 17:49:58 GMT using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20151111: s390: deprecate the non-ccw machine in 2.5 s390x/ipl: switch error reporting to error_setg s390x/ipl: clean up qom definitions and turn into TYPE_DEVICE qdev: provide qdev_reset_all_fn() pc-bios/s390-ccw: rebuild image pc-bios/s390-ccw: El Torito 16-bit boot image size field workaround pc-bios/s390-ccw: El Torito s390x boot entry check pc-bios/s390-ccw: ISO-9660 El Torito boot implementation pc-bios/s390-ccw: Always adjust virtio sector count s390x/kvm: don't enable CMMA when hugetlbfs will be used s390x: switch to memory_region_allocate_system_memory MAINTAINERS: update virtio-ccw/s390 git tree MAINTAINERS: update s390 file patterns s390x/pci : fix up s390 pci iommu translation function s390x/css: sense data endianness Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 455b0fde8c38a0794743e2e7c1a40018b7bee9f6 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Nov 10 23:51:20 2015 -0700 error: More error_setg() usage A few uses of error_set(ERROR_CLASS_GENERIC_ERROR) were missed in c6bd8c706, or have snuck in since. Nuke them. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1447224690-9743-19-git-send-email-eblake@xxxxxxxxxx> Acked-by: Andreas Färber <afaerber@xxxxxxx> [Indentation tidied up, commit message tweaked] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 2869653f23c63c400d3791513b507e9feddbc751 Merge: 3c07587 4d07c72 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 11 16:43:19 2015 +0000 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches # gpg: Signature made Wed 11 Nov 2015 16:03:19 GMT using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: (41 commits) iotests: Check for quorum support in test 139 qcow2: Fix qcow2_get_cluster_offset() for zero clusters iotests: Add tests for the x-blockdev-del command block: Add 'x-blockdev-del' QMP command block: Add blk_get_refcnt() mirror: block all operations on the target image during the job qemu-iotests: fix -valgrind option for check qemu-iotests: fix cleanup of background processes qemu-io: Correct error messages qemu-io: Check for trailing chars qemu-io: fix cvtnum lval types block: test 'blockdev-snapshot' using a file BDS as the overlay block: Remove inner quotation marks in iotest 085 block: Disallow snapshots if the overlay doesn't support backing files throttle: Use bs->throttle_state instead of bs->io_limits_enabled throttle: Check for pending requests in throttle_group_unregister_bs() qemu-img: add check for zero-length job len qcow2: avoid misaligned 64bit bswap qemu-iotests: Test the reopening of overlay_bs in 'block-commit' commit: reopen overlay_bs before base ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3c4c694c7ce2d21c0cf17a27cc60c91b6725ce48 Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Fri Nov 6 13:07:25 2015 +0100 s390: deprecate the non-ccw machine in 2.5 The non-ccw machine for s390 (s390-virtio) is not very well maintained and caused several issues in the past: - aliases like virtio-blk did not work for s390 - virtio refactoring failed due to long standing bugs (e.g.see commit cb927b8a "s390-virtio: Accommodate guests using virtqueues too early") - some features like memory hotplug will cause trouble due to virtio storage being above guest memory - the boot loader bios no longer seems to work. the source code of that loader is also no longer maintained 2.4 changed the default to the ccw machine, let's deprecate the old machine for 2.5. Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Acked-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Message-Id: <1446811645-25565-1-git-send-email-borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 8f04e88e2cd792e348eb54983ce1a485d5db4f27 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Thu Oct 8 12:33:28 2015 +0200 s390x/ipl: switch error reporting to error_setg Now that we can report errors in the realize function, let's replace the fprintf's and hw_error's with error_setg. Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 04fccf106e22c4b861398cf2146f5a5b5f18d01e Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Thu Oct 8 12:32:13 2015 +0200 s390x/ipl: clean up qom definitions and turn into TYPE_DEVICE Let's move the qom definitions of the ipl device into ipl.h, replace "s390-ipl" by a proper type define, turn it into a TYPE_DEVICE and remove the unneeded class definition. Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit ff8de0757fc13407c81f002e936031ddc13057e4 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 21 08:32:07 2015 +0200 qdev: provide qdev_reset_all_fn() For TYPE_DEVICE, the dc->reset() function is not called on system resets yet. Until that is changed, we have to manually register a reset handler. Let's provide qdev_reset_all_fn(), that can directly be used - just like the reset handler that is already available for qbus. Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 81a93ee64d78a1933998ff1b95f06b6d67db46fd Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Nov 5 13:47:38 2015 +0100 pc-bios/s390-ccw: rebuild image Contains: pc-bios/s390-ccw: Always adjust virtio sector count pc-bios/s390-ccw: ISO-9660 El Torito boot implementation pc-bios/s390-ccw: El Torito s390x boot entry check pc-bios/s390-ccw: El Torito 16-bit boot image size field workaround Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 869648e87eeb998cc0ede230f3b7aabfdf0eb2dd Author: Maxim Samoylov <max7255@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 12 17:50:20 2015 +0200 pc-bios/s390-ccw: El Torito 16-bit boot image size field workaround Because of El Torito spec flaw boot image size needs to be verified. Boot catalog entry size field has 16-bit width, and specifies size in 512-byte units. Thus, boot image size cannot exceed 32M. We actually search for the file to get the file size. This is done by scanning the ISO directory tree for the ISO block number and reading the file size from the directory entry. Signed-off-by: Maxim Samoylov <max7255@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit ba21f0cca8165c5b284274edd12dc955cf4fb248 Author: Maxim Samoylov <max7255@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 12 17:50:20 2015 +0200 pc-bios/s390-ccw: El Torito s390x boot entry check Boot entry is considered compatible if boot image is Linux kernel with matching S390 Linux magic string. Empty boot images with sector_count == 0 are considered broken. Signed-off-by: Maxim Samoylov <max7255@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 866cac91e06219f473a2900eefef0d1cf242b136 Author: Maxim Samoylov <max7255@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 12 17:50:20 2015 +0200 pc-bios/s390-ccw: ISO-9660 El Torito boot implementation This patch enables boot from media formatted according to ISO-9660 and El Torito bootable CD specification. We try to boot from device as ISO-9660 media when SCSI IPL failed. The first boot catalog entry with bootable flag is used. ISO-9660 media with default 2048-bytes sector size only is supported. Signed-off-by: Maxim Samoylov <max7255@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 38150be860434de9d9c76cef71ff5c6b6112ee8f Author: Maxim Samoylov <max7255@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 12 17:50:20 2015 +0200 pc-bios/s390-ccw: Always adjust virtio sector count Let's always adjust the sector number to be read using the current virtio block size value. This prepares for the implementation of IPL from ISO-9660 media. Signed-off-by: Maxim Samoylov <max7255@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 4c292a009700755a1e6b234063ef3f2db235aaae Author: Dominik Dingel <dingel@xxxxxxxxxxxxxxxxxx> Date: Tue Aug 11 11:12:12 2015 +0200 s390x/kvm: don't enable CMMA when hugetlbfs will be used On hugetlbfs CMMA will not be useful as every ESSA instruction will trap. So don't offer CMMA to guests with a hugepages backing. Signed-off-by: Dominik Dingel <dingel@xxxxxxxxxxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit ae23a33591056d6349753766047ebc511158da9c Author: Dominik Dingel <dingel@xxxxxxxxxxxxxxxxxx> Date: Tue May 12 13:21:30 2015 +0200 s390x: switch to memory_region_allocate_system_memory By replacing memory_region_init_ram with memory_region_allocate_system_memory we gain goodies like mem-path backends. This will allow us to use hugetlbfs once the kernel supports it. Signed-off-by: Dominik Dingel <dingel@xxxxxxxxxxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 3e9ed24b84c4acdd077904a74eaec6d95cfef928 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Wed Nov 4 16:08:20 2015 +0100 MAINTAINERS: update virtio-ccw/s390 git tree Let's reference the git branch I actually use, and add Christian's git tree. Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit c5bfb202bb3bcdc1a368e85fef336e89d6254f8c Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Wed Nov 4 15:59:55 2015 +0100 MAINTAINERS: update s390 file patterns We were missing some files, and some files should get an additional entry to add the people actually looking after the code. Reported-by: Thomas Huth <thuth@xxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit dce1b089249f52c053cf74dc3da98aea16656961 Author: Yi Min Zhao <zyimin@xxxxxxxxxxxxxxxxxx> Date: Wed Oct 28 11:30:23 2015 +0800 s390x/pci : fix up s390 pci iommu translation function On s390x, each pci device has its own iommu, which is only properly setup in qemu once the mpcifc instruction used to register the translation table has been intercepted. Therefore, for a pci device that is not configured or has not been initialized, proper translation is neither required nor possible. Moreover, we may not have a host bridge device ready yet. This was exposed by a recent vfio change that triggers iommu translation during the initialization of the vfio pci device. Let's do an early exit in that case. Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Yi Min Zhao <zyimin@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit b498484ed49ab9d1fcada3468f95dda1a5f59366 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Wed Nov 4 18:40:54 2015 +0100 s390x/css: sense data endianness We keep the device's sense data in a byte array (following the architecture), but the ecws are an array of 32 bit values. If we just blindly copy the values, the sense data will change from de-facto BE data to de-facto cpu-endian data, which means we end up doing an incorrect conversion on LE hosts. Let's just explicitly convert to cpu-endianness while assembling the irb. Reported-by: Andy Lutomirski <luto@xxxxxxxxxx> Tested-by: Andy Lutomirski <luto@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 52074d0f662fc51293d4cde8077631f754784405 Author: Kirk Allan <kallan@xxxxxxxx> Date: Tue Nov 10 16:19:11 2015 -0700 qga: fix append file open modes for win32 For append file open modes, use FILE_APPEND_DATA for the desired access for writing at the end of the file. Version 2: For "a+", "ab+", and "a+b" modes use FILE_APPEND_DATA|GENERIC_READ. ORing in GENERIC_READ starts a read at the begining of the file. All writes will append to the end fo the file. Added white space to maintain the alignment of the guest_file_open_modes[]. Signed-off-by: Kirk Allan <kallan@xxxxxxxx> Cc: qemu-stable@xxxxxxxxxx * use FILE_GENERIC_APPEND macro, which provides same semantics as FILE_APPEND_DATA, but retains other flags from GENERIC_WRITE Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 4d07c720f44beafd10907cecfd5b8a57622243c1 Merge: a9ecfa0 92e6898 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Nov 11 17:02:02 2015 +0100 Merge remote-tracking branch 'mreitz/tags/pull-block-for-kevin-2015-11-11' into queue-block Block patches from 2015-10-26 until 2015-11-11. # gpg: Signature made Wed Nov 11 17:00:50 2015 CET using RSA key ID E838ACAD # gpg: Good signature from "Max Reitz <mreitz@xxxxxxxxxx>" * mreitz/tags/pull-block-for-kevin-2015-11-11: iotests: Check for quorum support in test 139 qcow2: Fix qcow2_get_cluster_offset() for zero clusters iotests: Add tests for the x-blockdev-del command block: Add 'x-blockdev-del' QMP command block: Add blk_get_refcnt() mirror: block all operations on the target image during the job qemu-iotests: fix -valgrind option for check qemu-iotests: fix cleanup of background processes Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 92e68987745b0f89f04d29fe1d0c821010d58ea6 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Nov 10 18:28:11 2015 +0200 iotests: Check for quorum support in test 139 The quorum driver is always built in, but it is disabled during run-time if there's no SHA256 support available (see commit e94867e). This patch skips the quorum test in iotest 139 in that case. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1447172891-20410-1-git-send-email-berto@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit a99dfb45f26bface6830ee5465e57bcdbc53c6c8 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Nov 4 18:16:24 2015 +0100 qcow2: Fix qcow2_get_cluster_offset() for zero clusters When searching for contiguous zero clusters, we only need to check the cluster type. Before this patch, an increasing offset (L2E_OFFSET_MASK) was expected, so that the function never returned more than a single zero cluster in practice. This patch fixes it to actually return as many contiguous zero clusters as it can. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1446657384-5907-1-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 342075fd0ec9dce87139d71a81e1dbbe5ab5d021 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Nov 2 16:51:56 2015 +0200 iotests: Add tests for the x-blockdev-del command Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 57c3b0d4d0c73ddadd19e5bded9492c359cc4568.1446475331.git.berto@xxxxxxxxxx Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 81b936ae70e635557af9ca80922ee69146cb5f4c Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Nov 2 16:51:55 2015 +0200 block: Add 'x-blockdev-del' QMP command This command is still experimental, hence the name. This is the companion to 'blockdev-add'. It allows deleting a BlockBackend with its associated BlockDriverState tree, or a BlockDriverState that is not attached to any backend. In either case, the command fails if the reference count is greater than 1 or the BlockDriverState has any parents. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: 6cfc148c77aca1da942b094d811bfa3fcf7ac7bb.1446475331.git.berto@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit f636ae85f3db8ffb987c79715869dba1b8217e8a Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Nov 2 16:51:54 2015 +0200 block: Add blk_get_refcnt() This function returns the reference count of a given BlockBackend. For convenience, it returns 0 if the BlockBackend pointer is NULL. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: dfdd8a17dbe3288842840636d2cfe5bb895abcb0.1446475331.git.berto@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 10f3cd15dd9913f8d959fbd061e6e00c45432093 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Nov 2 16:51:53 2015 +0200 mirror: block all operations on the target image during the job There's nothing preventing the target image from being used by other operations during the 'drive-mirror' job, so we should block them all until the job is done. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: 82b88fd04cde918a08a6f9a4ab85626d7fd7b502.1446475331.git.berto@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit e6c17669eb0868013d9a17050d8eb2d598f06067 Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Fri Oct 30 15:25:18 2015 -0400 qemu-iotests: fix -valgrind option for check Commit 934659c switched the iotests to run qemu-io from a bash subshell, in order to catch segfaults. This method is incompatible with the current valgrind_qemu_io() bash function. Move the valgrind usage into the exec subshell in _qemu_io_wrapper(), while making sure the original return value is passed back to the caller. Update test output for tests 039, 061, and 137 as it looks for the specific subshell command when the process is terminated. Reported-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> Message-id: 0066fd85d26ca641a1c25135ff2479b7985701cf.1446232490.git.jcody@xxxxxxxxxx Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit f6c8c2e055f88e8ed74ac0c185fc9fbca1e1b775 Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Fri Oct 30 15:25:17 2015 -0400 qemu-iotests: fix cleanup of background processes Commit 934659c switched the iotests to run qemu and qemu-nbd from a bash subshell, in order to catch segfaults. Unfortunately, this means the process PID cannot be captured via '$!'. We stopped killing qemu and qemu-nbd processes, leaving a lot of orphaned, running qemu processes after executing iotests. Since the process is using exec in the subshell, the PID is the same as the subshell PID. Track these PIDs for cleanup using pidfiles in the $TEST_DIR. Only track the qemu PID, however, if requested - not all usage requires killing the process. Reported-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> Message-id: 9e4f958b3895b7259b98d845bb46f000ba362869.1446232490.git.jcody@xxxxxxxxxx [mreitz@xxxxxxxxxx: Replaced '! -z "..."' by '-n "..."'] Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit c833d1e8f5e95762336a823a35ade65a2d0fe587 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Oct 1 13:04:38 2015 +0200 gluster: allocate GlusterAIOCBs on the stack This is simpler now that the driver has been converted to coroutines. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a9ecfa004f2dd83df612daac4a87dfc3a0feba28 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:53:04 2015 -0500 qemu-io: Correct error messages Reported-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ef5a788527b2038d742b057a415ab4d0e735e98f Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:53:03 2015 -0500 qemu-io: Check for trailing chars Make sure there's not trailing garbage, e.g. "64k-whatever-i-want-here" Reported-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9b0beaf3de1396a23d5c287283e6f36c4b5d4385 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Nov 5 18:53:02 2015 -0500 qemu-io: fix cvtnum lval types cvtnum() returns int64_t: we should not be storing this result inside of an int. In a few cases, we need an extra sprinkling of error handling where we expect to pass this number on towards a function that expects something smaller than int64_t. Reported-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 3fa123d05964b07f9d4d972f131cce847091926d Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Nov 3 12:32:37 2015 +0200 block: test 'blockdev-snapshot' using a file BDS as the overlay This test checks that it is not possible to create a snapshot if the requested overlay node is a BDS which does not support backing images. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit f2d7f16f948b2ecfbb039c6bd62d6c7e2d61fac4 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Nov 3 12:32:36 2015 +0200 block: Remove inner quotation marks in iotest 085 This patch removes the inner quotation marks in all cases like this: cmd=" ... "${variable}" ... " Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 08b24cfe3765f4b739700778814048e7d9a045fe Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Nov 3 12:32:35 2015 +0200 block: Disallow snapshots if the overlay doesn't support backing files This addresses scenarios like this one: { 'execute': 'blockdev-add', 'arguments': { 'options': { 'driver': 'qcow2', 'node-name': 'new0', 'file': { 'driver': 'file', 'filename': 'new.qcow2', 'node-name': 'file0' } } } } { 'execute': 'blockdev-snapshot', 'arguments': { 'node': 'virtio0', 'overlay': 'file0' } } Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a0d64a61db602696f4f1895a890c65eda5b3b618 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Nov 4 15:15:36 2015 +0200 throttle: Use bs->throttle_state instead of bs->io_limits_enabled There are two ways to check for I/O limits in a BlockDriverState: - bs->throttle_state: if this pointer is not NULL, it means that this BDS is member of a throttling group, its ThrottleTimers structure has been initialized and its I/O limits are ready to be applied. - bs->io_limits_enabled: if true it means that the throttle_state pointer is valid _and_ the limits are currently enabled. The latter is used in several places to check whether a BDS has I/O limits configured, but what it really checks is whether requests are being throttled or not. For example, io_limits_enabled can be temporarily set to false in cases like bdrv_read_unthrottled() without otherwise touching the throtting configuration of that BDS. This patch replaces bs->io_limits_enabled with bs->throttle_state in all cases where what we really want to check is the existence of I/O limits, not whether they are currently enabled or not. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5ac724184c286b367525035eabf4b8bb4a386c54 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Nov 4 15:15:35 2015 +0200 throttle: Check for pending requests in throttle_group_unregister_bs() throttle_group_unregister_bs() removes a BlockDriverState from its throttling group and destroys the timers. This means that there must be no pending throttled requests at that point (because it would be impossible to complete them), so the caller has to drain them first. At the moment throttle_group_unregister_bs() is only called from bdrv_io_limits_disable(), which already takes care of draining the requests, so there's nothing to worry about, but this patch makes this invariant explicit in the documentation and adds the relevant assertions. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 62547b8a1c04daf30f50e3db362ade53e22bf222 Author: John Snow <jsnow@xxxxxxxxxx> Date: Mon Nov 2 18:28:20 2015 -0500 qemu-img: add check for zero-length job len The mirror job doesn't update its total length until it has already started running, so we should translate a zero-length job-len as meaning 0%. Otherwise, we may get divide-by-zero faults. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 95334230637cef9fbd199bb79a56271ec73d4732 Author: John Snow <jsnow@xxxxxxxxxx> Date: Mon Nov 2 18:32:06 2015 -0500 qcow2: avoid misaligned 64bit bswap If we create a buffer directly on the stack by using 12 bytes, there's no guarantee the 64bit value we want to swap will be aligned, which could cause errors with undefined behavior. Spotted with clang -fsanitize=undefined and observed in iotests 15, 26, 44, 115 and 121. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit bcdce5a73cb28f32b3ca3a51e8fa89879685e015 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 15:43:50 2015 +0200 qemu-iotests: Test the reopening of overlay_bs in 'block-commit' The 'block-commit' command needs the overlay image of 'top' to be opened in read-write mode in order to update the backing file string. If 'top' is not the active layer or its backing file then its overlay needs to be reopened during the block job. This is a test case for that scenario. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 3db2bd5508c86a1605258bc77c9672d93b5c350e Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 28 15:43:49 2015 +0200 commit: reopen overlay_bs before base 'block-commit' needs write access to two different nodes of the chain: - 'base', because that's where the data is written to. - the overlay of 'top', because it needs to update the backing file string to point to 'base' after the operation. Both images have to be opened in read-write mode, and commit_start() takes care of reopening them if necessary. With the current implementation, however, when overlay_bs is reopened in read-write mode it has the side effect of making 'base' read-only again, eventually making 'block-commit' fail. This needs to be fixed in bdrv_reopen(), but until we get to that it can be worked around simply by swapping the order of base and overlay_bs in the reopen queue. In order to reproduce this bug, overlay_bs needs to be initially in read-only mode. That is: the 'top' parameter of 'block-commit' cannot be the active layer nor its immediate backing chain. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 89e3a2d86d31212d09ca688193ccecb92c0c77b5 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Oct 26 14:27:17 2015 +0200 block: add tests for the 'blockdev-snapshot' command Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 43de7e2de07093e47c7f25386aff280875dc3c62 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Oct 26 14:27:16 2015 +0200 block: add a 'blockdev-snapshot' QMP command One of the limitations of the 'blockdev-snapshot-sync' command is that it does not allow passing BlockdevOptions to the newly created snapshots, so they are always opened using the default values. Extending the command to allow passing options is not a practical solution because there is overlap between those options and some of the existing parameters of the command. This patch introduces a new 'blockdev-snapshot' command with a simpler interface: it just takes two references to existing block devices that will be used as the source and target for the snapshot. Since the main difference between the two commands is that one of them creates and opens the target image, while the other uses an already opened one, the bulk of the implementation is shared. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 3e8c2e57056614933fc5eb022e1d6d0f28071b44 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Oct 26 14:27:15 2015 +0200 block: support passing 'backing': '' to 'blockdev-add' Passing an empty string allows opening an image but not its backing file. This was already described in the API documentation, only the implementation was missing. This is useful for creating snapshots using images opened with blockdev-add, since they are not supposed to have a backing image before the operation. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a911e6ae7ce47d51b519d462c1d99d53b37b0f8c Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Oct 26 14:27:14 2015 +0200 block: rename BlockdevSnapshot to BlockdevSnapshotSync We will introduce the 'blockdev-snapshot' command that will require its own struct for the parameters, so we need to rename this one in order to avoid name clashes. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a39a24fbb05055d00026eb569ff3f7b868ca8785 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Oct 26 14:27:13 2015 +0200 block: check for existing device IDs in external_snapshot_prepare() The 'snapshot-node-name' parameter of blockdev-snapshot-sync allows setting the node name of the image that is going to be created. Before creating the image, external_snapshot_prepare() checks that the name is not already being used. The check is however incomplete since it only considers existing node names, but node names must not clash with device IDs either because they share the same namespace. If the user attempts to create a snapshot using the name of an existing device for the 'snapshot-node-name' parameter the operation will eventually fail, but only after the new image has been created. This patch replaces bdrv_find_node() with bdrv_lookup_bs() to extend the check to existing device IDs, and thus detect possible name clashes before the new image is created. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit adfe20303f2a897ce64b77fe579a0c7dc1e81771 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:19 2015 +0100 iotests: Add test for change-related QMP commands Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit baead0abefa8e95b18e53281ac182c96b24ba0cb Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:18 2015 +0100 hmp: Add read-only-mode option to change command Expose the new read-only-mode option of 'blockdev-change-medium' for the 'change' HMP command. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 39ff43d9e1f42b1d829a955e546cddab87ac0626 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Nov 11 04:49:44 2015 +0100 blockdev: read-only-mode for blockdev-change-medium Add an option to qmp_blockdev_change_medium() which allows changing the read-only status of the block device whose medium is changed. Some drives do not have a inherently fixed read-only status; for instance, floppy disks can be set read-only or writable independently of the drive. Some users may find it useful to be able to therefore change the read-only status of a block device when changing the medium. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 1068674927a08cb9f535946abe2f91529b13160c Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:16 2015 +0100 hmp: Use blockdev-change-medium for change command Use separate code paths for the two overloaded functions of the 'change' HMP command, and invoke the 'blockdev-change-medium' QMP command if used on a block device (by calling qmp_blockdev_change_medium()). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 24fb4133001e1f54a526f0927837f30c1507169a Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Fri Nov 6 16:27:06 2015 +0100 qmp: Introduce blockdev-change-medium Introduce a new QMP command 'blockdev-change-medium' which is intended to replace the 'change' command for block devices. The existing function qmp_change_blockdev() is accordingly renamed to qmp_blockdev_change_medium(). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit f1f57066573e832438cd87600310589fa9cee202 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:14 2015 +0100 block: Inquire tray state before tray-moved events blk_dev_change_media_cb() is called for all potential tray movements; however, it is possible to request closing the tray but nothing actually happening (on a floppy disk drive without a medium). Thus, the actual tray status should be inquired before sending a tray-moved event (and an event should be sent whenever the status changed). Checking @load is now superfluous; it was necessary because it was possible to change a medium without having explicitly opened the tray and closed it again (or it might have been possible, at least). This is no longer possible, though. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit de2c6c0536c5c5ebb6e0ce7dcfd8fa9476edab52 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:13 2015 +0100 blockdev: Implement change with basic operations Implement 'change' on block devices by calling blockdev-open-tray, blockdev-remove-medium, blockdev-insert-medium (a variation of that which does not need a node-name) and blockdev-close-tray. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 38f54bd1ee0ed0f13b7326eb79403e320c3a28d3 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:12 2015 +0100 blockdev: Implement eject with basic operations Implement 'eject' by calling blockdev-open-tray and blockdev-remove-medium. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d129988289a885e57aa8790097e2d814764571bd Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:11 2015 +0100 blockdev: Add blockdev-insert-medium And a helper function for that, which directly takes a pointer to the BDS to be inserted instead of its node-name (which will be used for implementing 'change' using blockdev-insert-medium). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 2814f67271bce537f29c6a7832f89fd4f1cdaa1a Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:10 2015 +0100 blockdev: Add blockdev-remove-medium Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit abaaf59d245b6984644497b6745f88912c715c39 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:09 2015 +0100 blockdev: Add blockdev-close-tray Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7d8a9f71b9ec9fa295265392218efaf0771d96e0 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:08 2015 +0100 blockdev: Add blockdev-open-tray Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 38cb18f5b71428fb8a3e3759ac8fa21ac70cb1b5 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:07 2015 +0100 block: Add functions for inheriting a BBRS In order to open a BDS which inherits a BB's root state, blk_get_open_flags_from_root_state() is used to inquire the flags to be passed to bdrv_open(), and blk_apply_root_state() is used to apply the remaining state after the BDS has been opened. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit c69a4dd89989b483b06d765b13e41594c78d32b9 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:06 2015 +0100 block: Make bdrv_states public When inserting a BDS tree into a BB, we will need to add the root BDS to this list. Since we will want to do that in the blockdev-insert-medium implementation in blockdev.c, we will need access to it there. This patch is not exactly elegant, but bdrv_states will be removed in the future anyway because we no longer need it since we have BBs. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 1c95f7e1aff8417ff6e6cc23bc2d04fbcf79d37e Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 26 21:39:05 2015 +0100 block: Add blk_remove_bs() This function removes the BlockDriverState associated with the given BlockBackend from that BB and sets the BDS pointer in the BB to NULL. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9f4ed6fbd264a7c097590d830dcfd93996a80acb Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Oct 26 16:46:49 2015 +0200 block: Don't call blk_bs() twice in bdrv_lookup_bs() Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 3c07587d49458341510360557c849e93e9afaf59 Merge: d93ae5b b41d320 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 11 09:34:18 2015 +0000 Merge remote-tracking branch 'remotes/dgibson/tags/ppc-next-20151111' into staging ppc patch queue - 2015-11-11 Highlights: - Updated SLOF version for "pseries machine - Bugfix / cleanup for KVM hash page table allocation # gpg: Signature made Wed 11 Nov 2015 02:30:51 GMT using RSA key ID 20D9B392 # gpg: Good signature from "David Gibson <david@xxxxxxxxxxxxxxxxxxxxx>" # gpg: aka "David Gibson (Red Hat) <dgibson@xxxxxxxxxx>" # gpg: aka "David Gibson (ozlabs.org) <dgibson@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392 * remotes/dgibson/tags/ppc-next-20151111: spapr: Handle failure of KVM_PPC_ALLOCATE_HTAB ioctl ppc: Let kvmppc_reset_htab() return 0 for !CONFIG_KVM pseries: Update SLOF firmware image to qemu-slof-20151103 ppc: Add/Re-introduce MMU model definitions needed by PR KVM Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b41d320fef705289d2b73f4949731eb2e189161d Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Tue Nov 10 10:54:54 2015 +0530 spapr: Handle failure of KVM_PPC_ALLOCATE_HTAB ioctl KVM_PPC_ALLOCATE_HTAB ioctl can return -ENOMEM for KVM guests and QEMU never handled this correctly. But this didn't cause any problems till now as KVM_PPC_ALLOCATE_HTAB ioctl returned with smaller than requested HTAB when enough contiguous memory wasn't available in the host. After the proposed kernel change: https://patchwork.ozlabs.org/patch/530501/, KVM_PPC_ALLOCATE_HTAB ioctl will not fallback to lower sized HTAB allocation and will fail if requested HTAB size can't be met. Check for such failures in QEMU and abort appropriately. This will prevent guest kernel from hanging/freezing during early boot by doing graceful exit when host is unable to allocate requested HTAB. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit a3166f8f6e9d3928d0b863c7f0dac1cf24b6c004 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Tue Nov 10 10:54:53 2015 +0530 ppc: Let kvmppc_reset_htab() return 0 for !CONFIG_KVM The !CONFIG_KVM implementation of kvmppc_reset_htab() returns -1 by default. Change this to return 0 so that we fall back to user space HTAB allocation for emulated guests. This fixes the make check failures for ppc64 emulated target. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 121048195860f0320a7e1cd5a4b86356082eb9c7 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Tue Nov 3 13:20:34 2015 +1100 pseries: Update SLOF firmware image to qemu-slof-20151103 The changes are: 1. supports recent binutils; 2. 64bit BARs behind PCI bridges supported; 3. Many fixes for USB keyboard support - keys, XHCI; 4. virtio-vga support. This image was built with: gcc version 4.8.3 20140911 (Red Hat 4.8.3-7) (GCC) GNU ld version 2.23.2 The full changelog is: > version: update to 20151103 > documentation: Add a clause about signing off > qemu/js2x/client: Support binutils >= 2.25.1 > Fix special keys on USB > Fix function keys on USB > pci-scan: program 64-bit mem bar range in pci-bridge bar > Allow to build SLOF on Little Endian host > usb-xhci: add keyboard support > usb-xhci: ready the link trb early > usb-xhci: scan usb high speed ports > usb-xhci: bulk improve event handling loop > usb-xhci: return on allocation failure > usb-xhci: add delay in shutdown path > usb-xhci: event trbs does not need link trb > usb-hid: refactor usb key reading > takeover: Fix header includes > board-js2x: Add missing file dma-function.fs > vga: Add support for virtio-vga > qemu-vga: Use MMIO BAR instead of legacy IO ports > slof: Change call_c() function to a proper assembler function Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit ba3ecda05e933acf6fff618716b6f6d2ed6a5a07 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Fri Nov 6 13:12:59 2015 +0530 ppc: Add/Re-introduce MMU model definitions needed by PR KVM Commit aa4bb5875231 (ppc: Add mmu_model defines for arch 2.03 and 2.07) removed the mmu_model definition POWERPC_MMU_2_06a which is needed by PR KVM. Reintroduce it and also add POWERPC_MMU_2_07a. This fixes QEMU crash (qemu: fatal: Unknown MMU model) during booting of PR KVM guest. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Cc: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit d93ae5b69621b7ec6ecfa405ec656d5b5f5e4770 Merge: a77067f bdd81ad Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 10 22:21:42 2015 +0000 Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20151110.0' into staging VFIO updates 2015-11-10 - Make Windows happy with vfio-pci devices exposed on conventional PCI buses on q35 by hiding PCIe capability (Alex Williamson) - Convert to g_new() where appropriate (Markus Armbruster) # gpg: Signature made Tue 10 Nov 2015 19:46:41 GMT using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex@xxxxxxxxxxx>" # gpg: aka "Alex Williamson <alwillia@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex.l.williamson@xxxxxxxxx>" * remotes/awilliam/tags/vfio-update-20151110.0: vfio: Use g_new() & friends where that makes obvious sense vfio/pci: Hide device PCIe capability on non-express buses for PCIe VMs Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bdd81addf4033ce26e6cd180b060f63095f3ded9 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Nov 10 12:11:08 2015 -0700 vfio: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 0282abf078c3353a178ab77a115828ce333181dd Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Tue Nov 10 12:11:08 2015 -0700 vfio/pci: Hide device PCIe capability on non-express buses for PCIe VMs When we have a PCIe VM, such as Q35, guests start to care more about valid configurations of devices relative to the VM view of the PCI topology. Windows will error with a Code 10 for an assigned device if a PCIe capability is found for a device on a conventional bus. We also have the possibility of IOMMUs, like VT-d, where the where the guest may be acutely aware of valid express capabilities on physical hardware. Some devices, like tg3 are adversely affected by this due to driver dependencies on the PCIe capability. The only solution for such devices is to attach them to an express capable bus in the VM. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit a77067f6ac9b17beefea506ce5f514072fe3fcf4 Merge: a1a8858 15b3b8e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 10 17:49:39 2015 +0000 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20151110' into staging migration/next for 20151110 # gpg: Signature made Tue 10 Nov 2015 14:23:26 GMT using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20151110: (57 commits) migration: qemu_savevm_state_cleanup becomes mandatory operation Inhibit ballooning during postcopy Disable mlock around incoming postcopy End of migration for postcopy Postcopy: Mark nohugepage before discard postcopy: Wire up loadvm_postcopy_handle_ commands Start up a postcopy/listener thread ready for incoming page data Postcopy; Handle userfault requests Round up RAMBlock sizes to host page sizes Host page!=target page: Cleanup bitmaps Don't iterate on precopy-only devices during postcopy Don't sync dirty bitmaps in postcopy postcopy: Check order of received target pages Postcopy: Use helpers to map pages during migration postcopy_ram.c: place_page and helpers Page request: Consume pages off the post-copy queue Page request: Process incoming page request Page request: Add MIG_RP_MSG_REQ_PAGES reverse command Postcopy: End of iteration Postcopy: Postcopy startup in migration thread ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 15b3b8eaae8dbcc903bb164311ea0066c77536a7 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Mon Nov 9 10:24:04 2015 +0300 migration: qemu_savevm_state_cleanup becomes mandatory operation since commit commit 94f5a43704129ca4995aa3385303c5ae225bde42 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Nov 2 15:37:00 2015 +0800 migration: defer migration_end & blk_mig_cleanup when actual .cleanup callbacks calling was removed from complete operations. The patch fixes regression introduced by the commit above results in 100% reliable assert for virtio-scsi VM with iothreads enabled during 'virsh create-snapshot' operation: assert(i != mr->ioeventfd_nb); memory_region_del_eventfd virtio_pci_set_host_notifier_internal virtio_pci_set_host_notifier virtio_scsi_dataplane_start virtio_scsi_handle_cmd virtio_queue_notify_vq virtio_queue_host_notifier_read aio_dispatch Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Liang Li <liang.z.li@xxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Juan Quintela <quintela@xxxxxxxxxx> CC: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 371ff5a3f04cd7d05bab49ac6e80da319026d95b Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:23 2015 +0000 Inhibit ballooning during postcopy Postcopy detects accesses to pages that haven't been transferred yet using userfaultfd, and it causes exceptions on pages that are 'not present'. Ballooning also causes pages to be marked as 'not present' when the guest inflates the balloon. Potentially a balloon could be inflated to discard pages that are currently inflight during postcopy and that may be arriving at about the same time. To avoid this confusion, disable ballooning during postcopy. When disabled we drop balloon requests from the guest. Since ballooning is generally initiated by the host, the management system should avoid initiating any balloon instructions to the guest during migration, although it's not possible to know how long it would take a guest to process a request made prior to the start of migration. Guest initiated ballooning will not know if it's really freed a page of host memory or not. Queueing the requests until after migration would be nice, but is non-trivial, since the set of inflate/deflate requests have to be compared with the state of the page to know what the final outcome is allowed to be. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 58b7c17e226aa4d3b943ea22c1d1309126de146b Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:22 2015 +0000 Disable mlock around incoming postcopy Userfault doesn't work with mlock; mlock is designed to nail down pages so they don't move, userfault is designed to tell you when they're not there. munlock the pages we userfault protect before postcopy. mlock everything again at the end if mlock is enabled. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit e9bef235d91bff87517770c93d74eb98e5a33278 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:21 2015 +0000 End of migration for postcopy Tweak the end of migration cleanup; we don't want to close stuff down at the end of the main stream, since the postcopy is still sending pages on the other thread. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit f9527107570853b6a4a0903e4b0733747d02e74a Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:20 2015 +0000 Postcopy: Mark nohugepage before discard Prior to servicing userfault requests we must ensure we've not got huge pages in the area that might include non-transferred memory, since a hugepage could incorrectly mark the whole huge page as present. We mark the area as non-huge page (nhp) just before we perform discards; the discard code now tells us to discard any areas that haven't been sent (as well as any that are redirtied); any already formed transparent-huge-pages get fragmented by this discard process if they cotnain any discards. Transparent huge pages that have been entirely transferred and don't contain any discards are not broken by this mechanism; they stay as huge pages. By starting postcopy after a full precopy pass, many of the pages then stay as huge pages; this is important for maintaining performance after the end of the migration. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 27c6825bd3749758fb9fcad44f3759f593be8506 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:19 2015 +0000 postcopy: Wire up loadvm_postcopy_handle_ commands Wire up more of the handlers for the commands on the destination side, in particular loadvm_postcopy_handle_run now has enough to start the guest running. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit c76201ab52b1dd53823cd81449d17b72224f1623 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:18 2015 +0000 Start up a postcopy/listener thread ready for incoming page data The loading of a device state (during postcopy) may access guest memory that's still on the source machine and thus might need a page fill; split off a separate thread that handles the incoming page data so that the original incoming migration code can finish off the device data. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit c4faeed2313e2bf9aa3694544bd211c15e28c164 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:17 2015 +0000 Postcopy; Handle userfault requests userfaultfd is a Linux syscall that gives an fd that receives a stream of notifications of accesses to pages registered with it and allows the program to acknowledge those stalls and tell the accessing thread to carry on. We convert the requests from the kernel into messages back to the source asking for the pages. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 4ed023ce2a39ab5812d33cf4d819def168965a7f Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:16 2015 +0000 Round up RAMBlock sizes to host page sizes RAMBlocks that are not a multiple of host pages in length cause problems for postcopy (I've seen an ACPI table on aarch64 be 5k in length - i.e. 5x target-page), so round RAMBlock sizes up to a host-page. This potentially breaks migration compatibility due to changes in RAMBlock sizes; however: 1) x86 and s390 I think always have host=target page size 2) When I've tried on Power the block sizes already seem aligned. 3) I don't think there's anything else that maintains per-version machine-types for compatibility. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 99e314ebca8c7b3450e4beaa95117c63d8f2f393 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:15 2015 +0000 Host page!=target page: Cleanup bitmaps Prior to the start of postcopy, ensure that everything that will be transferred later is a whole host-page in size. This is accomplished by discarding partially transferred host pages and marking any that are partially dirty as fully dirty. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 35ecd943e7ea8a29b6cc6872ad8ba620e91b4407 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:14 2015 +0000 Don't iterate on precopy-only devices during postcopy During the postcopy phase we must not call the iterate method on precopy-only devices, since they may have done some cleanup during the _complete call at the end of the precopy phase. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 663e6c1df8721960c0a3bb6cd5dd047b610c3bad Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:13 2015 +0000 Don't sync dirty bitmaps in postcopy Once we're in postcopy the source processors are stopped and memory shouldn't change any more, so there's no need to look at the dirty map. There are two notes to this: 1) If we do resync and a page had changed then the page would get sent again, which the destination wouldn't allow (since it might have also modified the page) 2) Before disabling this I'd seen very rare cases where a page had been marked dirtied although the memory contents are apparently identical Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit c53b7ddc61198c4af8290d6310592e48e3507c47 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:12 2015 +0000 postcopy: Check order of received target pages Ensure that target pages received within a host page are in order. This shouldn't trigger, but in the cases where the sender goes wrong and sends stuff out of order it produces a corruption that's really nasty to debug. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a71808772acbea54df8ebf3680f01884f7383198 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:11 2015 +0000 Postcopy: Use helpers to map pages during migration In postcopy, the destination guest is running at the same time as it's receiving pages; as we receive new pages we must put them into the guests address space atomically to avoid a running CPU accessing a partially written page. Use the helpers in postcopy-ram.c to map these pages. qemu_get_buffer_in_place is used to avoid a copy out of qemu_file in the case that postcopy is going to do a copy anyway. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 696ed9a9b3fee2d033d7b049ba2e6568860a25d1 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:10 2015 +0000 postcopy_ram.c: place_page and helpers postcopy_place_page (etc) provide a way for postcopy to place a page into guests memory atomically (using the copy ioctl on the ufd). Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a82d593b61054b3dea431ef829977000d772a252 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:09 2015 +0000 Page request: Consume pages off the post-copy queue When transmitting RAM pages, consume pages that have been queued by MIG_RPCOMM_REQPAGE commands and send them ahead of normal page scanning. Note: a) After a queued page the linear walk carries on from after the unqueued page; there is a reasonable chance that the destination was about to ask for other closeby pages anyway. b) We have to be careful of any assumptions that the page walking code makes, in particular it does some short cuts on its first linear walk that break as soon as we do a queued page. c) We have to be careful to not break up host-page size chunks, since this makes it harder to place the pages on the destination. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 6c595cdee116dc46b0d4d7d632a426681ae66ad9 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:08 2015 +0000 Page request: Process incoming page request On receiving MIG_RPCOMM_REQ_PAGES look up the address and queue the page. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 1e2d90ebc54531c416a6765849308c8476d98f2d Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:07 2015 +0000 Page request: Add MIG_RP_MSG_REQ_PAGES reverse command Add MIG_RP_MSG_REQ_PAGES command on Return path for the postcopy destination to request a page from the source. Two versions exist: MIG_RP_MSG_REQ_PAGES_ID that includes a RAMBlock name and start/len MIG_RP_MSG_REQ_PAGES that just has start/len for use with the same RAMBlock as a previous MIG_RP_MSG_REQ_PAGES_ID Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit b10ac0c42cef8829cd1461ce20f1869231b5f41f Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:06 2015 +0000 Postcopy: End of iteration The end of migration in postcopy is a bit different since some of the things normally done at the end of migration have already been done on the transition to postcopy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 1d34e4bf6a34f12b9ca387301b863b59f14d38ed Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:05 2015 +0000 Postcopy: Postcopy startup in migration thread Rework the migration thread to setup and start postcopy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit f0a227ade4b0331c9e12fc01f8b74e2531fd496d Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:04 2015 +0000 postcopy: ram_enable_notify to switch on userfault Mark the area of RAM as 'userfault' Start up a fault-thread to handle any userfaults we might receive from it (to be filled in later) Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 1caddf8a819d83027d897997c0af10c426f88633 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:03 2015 +0000 postcopy: Incoming initialisation Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit e0b266f01dd21748c12f35e18e6f300035f2f336 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:02 2015 +0000 migration_completion: Take current state Soon we'll be in either ACTIVE or POSTCOPY_ACTIVE when we complete migration, and we need to know which we expect to be in to change state safely. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit f3f491fcd6dd594ba695b7da5ecbdacb4e84b364 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:01 2015 +0000 Postcopy: Maintain unsentmap Maintain an 'unsentmap' of pages that have yet to be sent. This is used in the following patches to discard some set of the pages already sent as we enter postcopy mode. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 763c906b0ee964e4b5c529a4ee171723339644cc Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:11:00 2015 +0000 Add qemu_savevm_state_complete_postcopy Add qemu_savevm_state_complete_postcopy to complement qemu_savevm_state_complete_precopy together with a new save_live_complete_postcopy method on devices. The save_live_complete_precopy method is called on all devices during a precopy migration, and all non-postcopy devices during a postcopy migration at the transition. The save_live_complete_postcopy method is called at the end of postcopy for all postcopiable devices. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 8421b205ddb70314c0de2aa3222aed755f310f87 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:59 2015 +0000 Avoid sending vmdescription during postcopy VMDescription is normally sent at the end, after all of the devices; however that's not the end for postcopy, so just don't send it when in postcopy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 9ec055ae29df5132f61757519ab57b6b4209baa4 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:58 2015 +0000 MIGRATION_STATUS_POSTCOPY_ACTIVE: Add new migration state 'MIGRATION_STATUS_POSTCOPY_ACTIVE' is entered after migrate_start_postcopy 'migration_in_postcopy' is provided for other sections to know if they're in postcopy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 36f48567b82e3160bc0df87b8b4f239d55ca73e9 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:57 2015 +0000 migration_completion: Take current state Soon we'll be in either ACTIVE or POSTCOPY_ACTIVE when we complete migration, and we need to know which we expect to be in to change state safely. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 4886a1bcb7d7a88da02eefb0f33327c613ac52a3 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:56 2015 +0000 migrate_start_postcopy: Command to trigger transition to postcopy Once postcopy is enabled (with migrate_set_capability), the migration will still start on precopy mode. To cause a transition into postcopy the: migrate_start_postcopy command must be issued. Postcopy will start sometime after this (when it's next checked in the migration loop). Issuing the command before migration has started will error, and issuing after it has finished is ignored. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit eb59db53a4f23420f127ec7aad2a672f787df697 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:55 2015 +0000 postcopy: OS support test Provide a check to see if the OS we're running on has all the bits needed for postcopy. Creates postcopy-ram.c which will get most of the other helpers we need. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit c31b098f64c5bbbc26350b9b5cf98ae2d2888de7 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:54 2015 +0000 Modify save_live_pending for postcopy Modify save_live_pending to return separate postcopiable and non-postcopiable counts. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 11cf1d984b86b294972cd25df6286e5b2e98735d Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:53 2015 +0000 MIG_CMD_PACKAGED: Send a packaged chunk of migration stream MIG_CMD_PACKAGED is a migration command that wraps a chunk of migration stream inside a package whose length can be determined purely by reading its header. The destination guarantees that the whole MIG_CMD_PACKAGED is read off the stream prior to parsing the contents. This is used by postcopy to load device state (from the package) while leaving the main stream free to receive memory pages. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 093e3c429693f87fb917424c637ad8f599bd9e67 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:52 2015 +0000 Add wrappers and handlers for sending/receiving the postcopy-ram migration messages. The state of the postcopy process is managed via a series of messages; * Add wrappers and handlers for sending/receiving these messages * Add state variable that track the current state of postcopy Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 53dd370ced9b61a8113fc1c19ac8d61ca572a29c Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:51 2015 +0000 Add migration-capability boolean for postcopy-ram. The 'postcopy ram' capability allows postcopy migration of RAM; note that the migration starts off in precopy mode until postcopy mode is triggered (see the migrate_start_postcopy patch later in the series). Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 7b89bf279f16c093ed46845b8e6e0fb61b7ef639 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:50 2015 +0000 Rework loadvm path for subloops Postcopy needs to have two migration streams loading concurrently; one from memory (with the device state) and the other from the fd with the memory transactions. Split the core of qemu_loadvm_state out so we can use it for both. Allow the inner loadvm loop to quit and cause the parent loops to exit as well. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 70b2047774231ba2cb672eb936e12f603fa644aa Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:49 2015 +0000 Return path: Source handling of return path Open a return path, and handle messages that are received upon it. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit f6844b99ce08e836d509ec4be2fbfc5ab13ac18f Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:48 2015 +0000 migration_is_setup_or_active Add 'migration_is_setup_or_active' utility function to check state. (It gets postcopy added to it's list later on in the series) Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 6decec931149ae50d84e2b264bf93f3676d5b3f9 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:47 2015 +0000 Return path: Send responses from destination to source Add migrate_send_rp_message to send a message from destination to source along the return path. (It uses a mutex to let it be called from multiple threads) Add migrate_send_rp_shut to send a 'shut' message to indicate the destination is finished with the RP. Add migrate_send_rp_ack to send a 'PONG' message in response to a PING Use it in the MSG_RP_PING handler Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 2e37701efdba7bb89f7159eff055bb71dbb9f02f Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:46 2015 +0000 Return path: Control commands Add two src->dest commands: * OPEN_RETURN_PATH - To request that the destination open the return path * PING - Request an acknowledge from the destination Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit c76ca1888f49b4155a9de5a915dc9f814800c817 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:45 2015 +0000 Migration commands Create QEMU_VM_COMMAND section type for sending commands from source to destination. These commands are not intended to convey guest state but to control the migration process. For use in postcopy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 3e4097b564386b1fd1b62f2cd20e056d4b3403da Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:44 2015 +0000 Return path: socket_writev_buffer: Block even on non-blocking fd's The destination sets the fd to non-blocking on incoming migrations; this also affects the return path from the destination, and thus we need to make sure we can safely write to the return path. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a1a88589dc982f9f8b6c717c2ac98dd71dd4353d Merge: a8b4f95 577bf80 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 10 13:55:07 2015 +0000 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151110' into staging target-arm queue: * fix bugs in gdb singlestep handling and breakpoints * minor code cleanup in arm_gic * clean up error messages in hw/arm/virt * fix highbank kernel booting by adding a board-setup blob # gpg: Signature made Tue 10 Nov 2015 13:43:52 GMT using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20151110: target-arm: Clean up DISAS_UPDATE usage in AArch32 translation code hw/arm/virt: error_report cleanups arm: highbank: Implement PSCI and dummy monitor arm: highbank: Defeature CPU override arm: boot: Add secure_board_setup flag hw/intc/arm_gic: Remove the definition of NUM_CPU target-arm: Fix gdb singlestep handling in arm_debug_excp_handler() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit adc468e9b9ad866cd95b1e567291f9dcc1f49f1c Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:43 2015 +0000 Return path: Open a return path on QEMUFile for sockets Postcopy needs a method to send messages from the destination back to the source, this is the 'return path'. Wire it up for 'socket' QEMUFile's. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit c1fcf220c95b17f1a05adb799824d2c352ff9281 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:42 2015 +0000 Add Linux userfaultfd.h header Postcopy uses the userfaultfd.h feature in the Linux kernel; include the header. (In early versions of the patch series we had this, and then we dropped this by only including it if the kernel headers defined the syscall number; however 1842bdfd added the syscall definition to our headers, which means we can't tell if the kernel has it or not) Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a3e06c3d13b77a2534894dcebbc6ac08568dbe73 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:41 2015 +0000 Rename save_live_complete to save_live_complete_precopy In postcopy we're going to need to perform the complete phase for postcopiable devices at a different point, start out by renaming all of the 'complete's to make the difference obvious. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit aefeb18bde45fa629e3055a7bb6637a7dcad8c36 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:40 2015 +0000 migrate_init: Call from savevm Suspend to file is very much like a migrate, and it makes life easier if we have the Migration state available, so initialise it in the savevm.c code for suspending. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewd-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a776aa15a7e3e08964c6c537314b9590dde27b4d Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:39 2015 +0000 ram_load: Factor out host_from_stream_offset call and check The main RAM load loop has a call to host_from_stream_offset for each page type that actually loads data with the same test; factor it out before the switch. The host = NULL is to silence a bogus gcc warning of an unitialised in the RAM_SAVE_COMPRESS_PAGE case, it doesn't seem to realise that host is always initialised by the if at the top in the cases the switch takes. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 4f2e425267327719ee71ba6f191f7d66507a6c02 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:38 2015 +0000 ram_debug_dump_bitmap: Dump a migration bitmap as text Useful for debugging the migration bitmap and other bitmaps of the same format (including the sentmap in postcopy). The bitmap is printed to stderr. Lines that are all the expected value are excluded so the output can be quite compact for many bitmaps. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit ebf811500bc8dffa906ebd4c52b96f7620d7bf8e Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:37 2015 +0000 Add QEMU_MADV_NOHUGEPAGE Add QEMU_MADV_NOHUGEPAGE as an OS-independent version of MADV_NOHUGEPAGE. We include sys/mman.h before making the test to ensure that we pick up the system defines. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a800cd5c38ba4ac20fe9ca68a6dee408f2d5b11f Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:36 2015 +0000 Add wrapper for setting blocking status on a QEMUFile Add a wrapper to change the blocking status on a QEMUFile rather than having to use qemu_set_block(qemu_get_fd(f)); it seems best to avoid exposing the fd since not all QEMUFile's really have one. With this wrapper we could move the implementation down to be different on different transports. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 9504fb510c87c3dd6fe2e9a25e84c1426672f226 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:35 2015 +0000 Add qemu_get_buffer_in_place to avoid copies some of the time qemu_get_buffer always copies the data it reads to a users buffer, however in many cases the file buffer inside qemu_file could be given back to the caller, avoiding the copy. This isn't always possible depending on the size and alignment of the data. Thus 'qemu_get_buffer_in_place' either copies the data to a supplied buffer or updates a pointer to the internal buffer if convenient. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 42e2aa56372291d35345fcec85d5da2004c8b57c Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:34 2015 +0000 Rename mis->file to from_src_file 'file' becomes confusing when you have flows in each direction; rename to make it clear. This leaves just the main forward direction ms->file, which is used in a lot of places and is probably not worth renaming given the churn. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit e3dd74934f2d2c8c67083995928ff68e8c1d0030 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:33 2015 +0000 qemu_ram_block_by_name Add a function to find a RAMBlock by name; use it in two of the places that already open code that loop; we've got another use later in postcopy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 422148d3e56c3c9a07c0cf36c1e0a0b76f09c357 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:32 2015 +0000 qemu_ram_block_from_host Postcopy sends RAMBlock names and offsets over the wire (since it can't rely on the order of ramaddr being the same), and it starts out with HVA fault addresses from the kernel. qemu_ram_block_from_host translates a HVA into a RAMBlock, an offset in the RAMBlock and the global ram_addr_t value. Rewrite qemu_ram_addr_from_host to use qemu_ram_block_from_host. Provide qemu_ram_get_idstr since its the actual name text sent on the wire. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 87f50caa30ae7449c5875ff3171cff4d8648569a Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:31 2015 +0000 Move page_size_init earlier The HOST_PAGE_ALIGN macros don't work until the page size variables have been set up; later in postcopy I use those macros in the RAM code, and it can be triggered using -object. Fix this by initialising page_size_init() earlier - it's currently initialised inside the accelerators, move it up into vl.c. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 172dfd4faf2b64720db8a2dad7048056f2b81d75 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:30 2015 +0000 Move configuration section writing The vmstate_configuration is currently written in 'qemu_savevm_state_begin', move it to 'qemu_savevm_state_header' since it's got a hard requirement that it must be the 1st thing after the header. (In postcopy some 'command' sections get sent early before the saving of the main sections and hence before qemu_savevm_state_begin). Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 038629a699240326928665ea97e6e11059bbc007 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:29 2015 +0000 Provide runtime Target page information The migration code generally is built target-independent, however there are a few places where knowing the target page size would avoid artificially moving stuff into migration/ram.c. Provide 'qemu_target_page_bits()' that returns TARGET_PAGE_BITS to other bits of code so that they can stay target-independent. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 2bfdd1c8a6ac22ee1f9209c247509ff0cadd2a52 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Nov 5 18:10:28 2015 +0000 Add postcopy documentation Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 577bf808958d06497928c639efaa473bf8c5e099 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Tue Nov 10 13:37:33 2015 +0000 target-arm: Clean up DISAS_UPDATE usage in AArch32 translation code AArch32 translation code does not distinguish between DISAS_UPDATE and DISAS_JUMP. Thus, we cannot use any of them without first updating PC in CPU state. Furthermore, it is too complicated to update PC in CPU state before PC gets updated in disas context. So it is hardly possible to correctly end TB early if is is not likely to be executed before calling disas_*_insn(), e.g. just after calling breakpoint check helper. Modify DISAS_UPDATE and DISAS_JUMP usage in AArch32 translation and apply to them the same semantic as AArch64 translation does: - DISAS_UPDATE: update PC in CPU state when finishing translation - DISAS_JUMP: preserve current PC value in CPU state when finishing translation This patch fixes a bug in AArch32 breakpoint handling: when check_breakpoints helper does not generate an exception, ending the TB early with DISAS_UPDATE couldn't update PC in CPU state and execution hangs. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1447097859-586-1-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit faa811f6de44d58180f5d235787678dcdd4b2e9d Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Tue Nov 10 13:37:33 2015 +0000 hw/arm/virt: error_report cleanups Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-id: 1446909925-12201-1-git-send-email-drjones@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 40340e5f221935723bffbca305f3090e8866c818 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Nov 10 13:37:33 2015 +0000 arm: highbank: Implement PSCI and dummy monitor Firstly, enable monitor mode and PSCI, both of which are features of this board. In addition to PSCI, this board also uses SMC for cache maintenance ops. This means we need a secure monitor to catch these and nop them. Use the ARM boot board-setup feature to implement this. The SMC trap implements the needed nop while all other traps will pen the CPU. As a KVM CPU cannot run in secure mode, do not do the board-setup if not running TCG. Report a warning explaining the limitation in this case. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 0fd0d12f0fa666c86616c89447861a70dbe27312.1447007690.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dca6eeed8c2a1c131d161139428dd18a35e58b03 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Nov 10 13:37:33 2015 +0000 arm: highbank: Defeature CPU override This board should not support CPU model override. This allows for easier patching of the board with being able to rely on the CPU type being correct. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 471a61e049c7ca6e82f5ef6668889a1d518c7e00.1447007690.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit baf6b6815ba9ae8255eefd1ddf15216d53da34b5 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Nov 10 13:37:33 2015 +0000 arm: boot: Add secure_board_setup flag Add a flag that when set, will cause the primary CPU to start in secure mode, even if the overall boot is non-secure. This is useful for when there is a board-setup blob that needs to run from secure mode, but device and secondary CPU init should still be done as-normal for a non- secure boot. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: d1170774d5446d715fced7739edfc61a5be931f9.1447007690.git.crosthwaite.peter@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b95690c9beaffd95edf91eb67829dc1e0a81e666 Author: Wei Huang <wei@xxxxxxxxxx> Date: Tue Nov 10 13:37:33 2015 +0000 hw/intc/arm_gic: Remove the definition of NUM_CPU arm_gic.c retrieves CPU number using either NUM_CPU(s) or s->num_cpu. Such mixed-uses make source code inconsistent. This patch removes NUM_CPU(s), which was defined for MPCore tweak long ago, and instead favors s->num_cpu. The source is more consistent after this small tweak. Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Wei Huang <wei@xxxxxxxxxx> Reviewed-by: Michael Tokarev <mjt@xxxxxxxxxx> Message-id: 1446744293-32365-1-git-send-email-wei@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5c629f4ff4dc9ae79cc732f59a8df15ede796ff7 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Tue Nov 10 13:37:32 2015 +0000 target-arm: Fix gdb singlestep handling in arm_debug_excp_handler() Do not raise a CPU exception if no CPU breakpoint has fired, since singlestep is also done by generating a debug internal exception. This fixes a bug with singlestepping in gdbstub. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1446726361-18328-1-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a8b4f9585a0bf5186fca793ce2c5d754cd8ec49a Merge: ce27861 f545504 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 10 09:39:24 2015 +0000 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-11-10' into staging QAPI patches # gpg: Signature made Tue 10 Nov 2015 07:12:25 GMT using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-11-10: qapi-introspect: Document lack of sorting qapi: Provide nicer array names in introspection qapi: More tests of input arrays qapi: Test failure in middle of array parse qapi: More tests of alternate output qapi: Simplify error cleanup in test-qmp-* qapi: Simplify non-error testing in test-qmp-* qapi: Plug leaks in test-qmp-* qapi: Share test_init code in test-qmp-input* qobject: Protect against use-after-free in qobject_decref() qapi: Strengthen test of TestStructList qapi: Use generated TestStruct machinery in tests Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f5455044201747fd72531f5e8c1b1e9c56573d9c Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:36 2015 -0700 qapi-introspect: Document lack of sorting qapi-code-gen.txt already claims that types, commands, and events share a common namespace; set this in stone by further documenting that our introspection output will never have collisions with the same name tied to more than one meta-type. Our largest QMP enum currently has 125 values, our largest object type has 27 members, and the mean for each is less than 10. These sizes are small enough that the per-element overhead of O(log n) binary searching probably outweighs the speed possible with direct O(n) linear searching (a better algorithm with more overhead will only beat a leaner naive algorithm only as you scale to larger input sizes). Arguably, the overall SchemaInfo array could be sorted by name; there, we currently have 531 entities, large enough for a binary search to be faster than linear. However, remember that we have mutually-recursive types, which means there is no topological ordering that will allow clients to learn all information about that type in a single linear pass; thus clients will want to do random access over the data, and they will probably read the introspection output into a hashtable for O(1) lookup rather than O(log n) binary searching, at which point, pre-sorting our introspection output doesn't help the client. It doesn't help that sorting can be subjective if you introduce locales into the mix (I'm not experienced enough with Python to know for sure, but at least it looks like it defaults to sorting in the C locale even when run under a different locale). And while our current introspection output is deterministic (because we visit entities in a sorted order), we may want to change that order in the future (such as using OrderedDict to stick to .json declaration order). For these reasons, we simply document that clients should not rely on any particular order of items in introspection output. And since it is now a documented part of the contract, we have the freedom to later rearrange output if needed, without worrying about breaking well-written clients. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-13-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ce5fcb472d512455a8d13fae4c04ecf8eb00573b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:35 2015 -0700 qapi: Provide nicer array names in introspection For the sake of humans reading introspection output, it is nice to have the name of implicit array types be recognizable as arrays of the underlying type. However, while this patch allows humans to skip from a command with return type "[123]" straight to the definition of type "123" without having to first inspect type "[123]", document that this shortcut should not be taken by client apps. This makes the resulting introspection string slightly larger by default (just over 200 bytes), but it's in the noise (less than 0.3% of the overall 70k size of 'query-qmp-capabilities'). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-12-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 2533377c7b0c686d1510ed6499cedf938607e805 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:34 2015 -0700 qapi: More tests of input arrays Our testsuite had no coverage of empty arrays, nor of what happens when the input does not match the expected type. Useful to have, especially if we start changing the visitor contracts. I did not think it worth duplicating these additions to test-qmp-input-strict; since all strict mode does is add the ability to reject JSON input that has more keys than what the visitor expects, yet the additions in this patch error out earlier than that point regardless of whether strict mode was requested. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-11-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit dd5ee2c2d3e3a17647ddd9bfa97935b8cb5dfa40 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:33 2015 -0700 qapi: Test failure in middle of array parse Our generated list visitors have the same problem as has been mentioned elsewhere (see commit 2f52e20): they allocate data even on failure. An upcoming patch will correct things to provide saner guarantees, but first we need to expose the behavior in the testsuite to ensure we aren't introducing any memory usage bugs. There are more test cases throughout the test-qmp-input-* tests that already deal with partial allocation; a later commit will clean up all visit_type_FOO(), without marking all of the tests with FIXME at this time. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-10-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 12fafd7cedad51854c468ea0496a6542b3222b29 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:32 2015 -0700 qapi: More tests of alternate output The testsuite was only covering that we could output the 'int' branch of an alternate (no additional allocation/cleanup required). Add a test of the 'str' branch, to make sure that things still work even when a branch involves allocation. Update to modern style of g_new0() over g_malloc0() while touching it. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-9-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit a12a5a1a0132527afe87c079e4aae4aad372bd94 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:31 2015 -0700 qapi: Simplify error cleanup in test-qmp-* We have several tests that perform multiple sub-actions that are expected to fail. Asserting that an error occurred, then clearing it up to prepare for the next action, turned into enough boilerplate that it was sometimes forgotten (for example, a number of tests added to test-qmp-input-visitor.c in d88f5fd leaked err). Worse, if an error is not reset to NULL, we risk invalidating later use of that error (passing a non-NULL err into a function is generally a bad idea). Encapsulate the boilerplate into a single helper function error_free_or_abort(), and consistently use it. The new function is added into error.c for use everywhere, although it is anticipated that testsuites will be the main client. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ce278618b088afd10b91a05311eaeb6401bb5004 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Nov 9 15:14:09 2015 +0000 configure: Don't disable optimization for non-fortify builds Commit b553a0428014636bc inadvertently disabled optimization for all non-fortify builds. Fix this bug so we only do an unoptimized build if we want debug. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1447082049-25099-1-git-send-email-peter.maydell@xxxxxxxxxx commit d17008bc2914d62fd0af6a8f313604ae9f9a102c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Nov 9 14:56:31 2015 +0000 hw/timer/hpet.c: Avoid signed integer overflow which results in bugs on OSX Signed integer overflow in C is undefined behaviour, and the compiler is at liberty to assume it can never happen and optimize accordingly. In particular, the subtractions in hpet_time_after() and hpet_time_after64() were causing OSX clang to optimize the code such that it was prone to hangs and complaints about the main loop stalling (presumably because we were spending all our time trying to service very high frequency HPET timer callbacks). The clang sanitizer confirms the UB: hw/timer/hpet.c:119:26: runtime error: signed integer overflow: -2146967296 - 2147003978 cannot be represented in type 'int' Fix this by doing the subtraction as an unsigned operation and then converting to signed for the comparison. Reported-by: Aaron Elkins <threcius@xxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1447080991-24995-1-git-send-email-peter.maydell@xxxxxxxxxx commit 3f66f764ee25f10d3e1144ebc057a949421b7728 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:30 2015 -0700 qapi: Simplify non-error testing in test-qmp-* By using &error_abort, we can avoid a local err variable in situations where we expect success. It also has the nice effect that if the test breaks, the error message from error_abort tends to be nicer than that of g_assert(). This patch has an additional bonus of fixing several call sites that were passing &err to two different functions without checking it in between. In general that is unsafe practice; because if the first function sets an error, the second function could abort() if it tries to set a different error. We got away with it because we were asserting that err was NULL through the entire chain, but switching to &error_abort avoids the questionable practice up front. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-7-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit b18f1141d0afa00de11a8e079f4f5305c9e36893 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:29 2015 -0700 qapi: Plug leaks in test-qmp-* Make valgrind happy with the current state of the tests, so that it is easier to see if future patches introduce new memory problems without being drowned in noise. Many of the leaks were due to calling a second init without tearing down the data from an earlier visit. But since teardown is already idempotent, and we already register teardown as part of input_visitor_test_add(), it is nicer to just make init() safe to call multiple times than it is to have to make all tests call teardown. Another common leak was forgetting to clean up an error object, after testing that an error was raised. Another leak was in test_visitor_in_struct_nested(), failing to clean the base member of UserDefTwo. Cleaning that up left check_and_free_str() as dead code (since using the qapi_free_* takes care of recursion, and we don't want double frees). A final leak was in test_visitor_out_any(), which was reassigning the qobj local variable to a subset of the overall structure needing freeing; it did not result in a use-after-free, but was not cleaning up all the qdict. test-qmp-event and test-qmp-commands were already clean. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-6-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 0920a17199d23b3def3a60fa1fbbdeadcdda452d Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:28 2015 -0700 qapi: Share test_init code in test-qmp-input* Rather than duplicate the body of two functions just to decide between qobject_from_jsonv() and qobject_from_json(), exploit the fact that qobject_from_jsonv() intentionally takes 'va_list *' instead of the more common 'va_list', and that qobject_from_json() just calls qobject_from_jsonv(,NULL). For each file, our two existing init functions then become thin wrappers around a new internal function, and future updates to initialization don't have to be duplicated. Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-5-git-send-email-eblake@xxxxxxxxxx> [Two old comment typos fixed] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit cc9f60d4a2a4bf2578a9309a18f1c4602c9f5ce7 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:27 2015 -0700 qobject: Protect against use-after-free in qobject_decref() Adding an assertion to qobject_decref() will ensure that a programming error causing use-after-free will result in immediate failure (provided no other thread has started using the memory) instead of silently attempting to wrap refcnt around and leaving the problem to potentially bite later at a harder point to diagnose. Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-4-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit bd20588d19e9ff0e94b2d4ca3b5d6b3b3d6a1274 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:26 2015 -0700 qapi: Strengthen test of TestStructList Make each list element different, to ensure that order is preserved, and use the generated free function instead of hand-rolling our own to ensure (under valgrind) that the list is properly cleaned. Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-3-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 748053c97b11039f657525fd7d57a39806d8083e Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Nov 5 23:35:25 2015 -0700 qapi: Use generated TestStruct machinery in tests Commit d88f5fd and friends first introduced the various test-qmp-* tests in 2011, with duplicated hand-rolled TestStruct machinery, to make sure the qapi visitor interface was tested. Later, commit 4f193e3 in 2013 added a .json file for further testing use by the files, but without consolidating any of the existing hand-rolled visitors. And with four copies, subtle differences have crept in, between the tests themselves (mainly whitespace differences, but also a question of whether to use NULL or "TestStruct" when calling visit_start_struct()) and from what the generator produces (the hand-rolled versions did not cater to partially-allocated objects, because they did not have a deallocation usage). Of course, just because the visitor interface is tested does not mean it is a sane interface; and future patches will be changing some of the visitor contracts. Rather than having to duplicate the cleanup work in each copy of the TestStruct visitor, and keep each hand-rolled copy in sync with what the generator supplies, we might as well just test what the generator should give us in the first place. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1446791754-23823-2-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 9d5c1dc117d1ad881bbc76f6990ee1f9e9f8ef7f Merge: b3a9e57 84aa014 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Nov 9 11:20:51 2015 +0000 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Mon 09 Nov 2015 10:08:17 GMT using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: blockdev: acquire AioContext in hmp_commit() monitor: add missed aio_context_acquire into vm_completion call aio: Introduce aio-epoll.c aio: Introduce aio_context_setup aio: Introduce aio_external_disabled dataplane: support non-contigious s/g dataplane: simplify indirect descriptor read Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 84aa0140dd4f04f5d993f0db14c40da8d3de2706 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Nov 4 20:27:23 2015 +0300 blockdev: acquire AioContext in hmp_commit() This one slipped through. Although we acquire AioContext when committing all devices we don't for just a single device. AioContext must be acquired before calling bdrv_*() functions to synchronize access with other threads that may be using the AioContext. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6bf1faa84877514971a20bb180b0ae5270bee571 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Wed Nov 4 20:19:42 2015 +0300 monitor: add missed aio_context_acquire into vm_completion call Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Luiz Capitulino <lcapitulino@xxxxxxxxxx> CC: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit fbe3fc5cb3cd9f9064e98c549684e821c353fe41 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 30 12:06:29 2015 +0800 aio: Introduce aio-epoll.c To minimize code duplication, epoll is hooked into aio-posix's aio_poll() instead of rolling its own. This approach also has both compile-time and run-time switchability. 1) When QEMU starts with a small number of fds in the event loop, ppoll is used. 2) When QEMU starts with a big number of fds, or when more devices are hot plugged, epoll kicks in when the number of fds hits the threshold. 3) Some fds may not support epoll, such as tty based stdio. In this case, it falls back to ppoll. A rough benchmark with scsi-disk on virtio-scsi dataplane (epoll gets enabled from 64 onward). Numbers are in MB/s. =============================================== | master | epoll | | scsi disks # | read randrw | read randrw -------------|----------------|---------------- 1 | 86 36 | 92 45 8 | 87 43 | 86 41 64 | 71 32 | 70 38 128 | 48 24 | 58 31 256 | 37 19 | 57 28 =============================================== To comply with aio_{disable,enable}_external, we always use ppoll when aio_external_disabled() is true. [Removed #ifdef CONFIG_EPOLL around AioContext epollfd field declaration since the field is also referenced outside CONFIG_EPOLL code. --Stefan] Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1446177989-6702-4-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 37fcee5d1154b7a03c13582e128bcc31ad43e954 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 30 12:06:28 2015 +0800 aio: Introduce aio_context_setup This is the place to initialize platform specific bits of AioContext. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1446177989-6702-3-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5ceb9e39284b69d2e1b01da3cb1894ad4b2b4606 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 30 12:06:27 2015 +0800 aio: Introduce aio_external_disabled This allows AioContext users to check the enable/disable state of external clients. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1446177989-6702-2-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 8347c53243b58ad5e4d623d2403853404e9043a1 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Oct 28 17:48:04 2015 +0200 dataplane: support non-contigious s/g bring_map currently fails if one of the entries it's mapping is contigious in GPA but not HVA address space. Introduce a mapped_len parameter so it can handle this, returning the actual mapped length. This will still fail if there's no space left in the sg, but luckily max queue size in use is currently 256, while max sg size is 1024, so we should be OK even is all entries happen to cross a single DIMM boundary. Won't work well with very small DIMM sizes, unfortunately: e.g. this will fail with 4K DIMMs where a single request might span a large number of DIMMs. Let's hope these are uncommon - at least we are not breaking things. Reported-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reported-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Igor Mammedov <imammedo@xxxxxxxxxx> Message-id: 1446047243-3221-2-git-send-email-mst@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 572ec519ed6fe68f10ec65963527536c2322eab0 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Oct 28 17:48:02 2015 +0200 dataplane: simplify indirect descriptor read Use address_space_read to make sure we handle the case of an indirect descriptor crossing DIMM boundary correctly. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Tested-by: Igor Mammedov <imammedo@xxxxxxxxxx> Message-id: 1446047243-3221-1-git-send-email-mst@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b3a9e57d92dff7dd5822f322e4eb49af9e1b70b8 Merge: c4a7bf5 0c47242 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sat Nov 7 21:41:33 2015 +0000 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging target-i386: tcg: Handle clflushopt/clwb/pcommit instructions A small update to TCG code so it can handle the new clflushopt/clwb/pcommit instructions. # gpg: Signature made Sat 07 Nov 2015 14:50:54 GMT using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" * remotes/ehabkost/tags/x86-pull-request: target-i386: Add clflushopt/clwb/pcommit to TCG_7_0_EBX_FEATURES target-i386: tcg: Check right CPUID bits for clflushopt/pcommit target-i386: tcg: Accept clwb instruction Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c4a7bf54e588ff2de9fba0898b686156251b2063 Merge: 4b59f39 dca6257 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sat Nov 7 19:55:15 2015 +0000 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Fri 06 Nov 2015 20:01:44 GMT using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" * remotes/jnsnow/tags/ide-pull-request: arm: allwinner-a10: Add SATA ahci: Add allwinner AHCI ahci: split realize and init ahci: Add some MMIO debug printfs ide: remove hardcoded 2GiB transactional limit Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dca625768a7da9377cd5886cc03854229c1e18a1 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Fri Nov 6 14:09:01 2015 -0500 arm: allwinner-a10: Add SATA Add the Allwinner A10 AHCI controller module to the SoC. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 69d6962f2d14a218bd07e9ac4ccd1947737cc30f.1445917756.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 377e2145392e5787d35e58d643bd3de4838006b4 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Fri Nov 6 14:09:01 2015 -0500 ahci: Add allwinner AHCI Add a Sysbus AHCI subclass for the Allwinner AHCI. It has a few extra vendor specific registers which are used for phy and power init. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 833b5b05ed5ade38bf69656679b0a7575e79492b.1445917756.git.crosthwaite.peter@xxxxxxxxx [resolved patch context on pull --js] Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 0487eea48ecc6e525d6e626d94da54e203089a95 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Fri Nov 6 14:09:00 2015 -0500 ahci: split realize and init Do the init level tasks asap and the realize later (mainly when num_ports is available). This allows sub-class realize routines to work with the device post-init. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1a7c7b2b32e5ccf49373a5065da5ece89730d3ac.1445917756.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 802742670df73773c0dbaa251c63e4561cc794a1 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Fri Nov 6 14:09:00 2015 -0500 ahci: Add some MMIO debug printfs These are useful for bringup of AHCI. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 517ba413dce7deb4ab17c0cc1e8bbdaaace2a0db.1445917756.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 9fbf0fa81fca8f527669dd4fa72662d66e7d6329 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Nov 6 14:09:00 2015 -0500 ide: remove hardcoded 2GiB transactional limit Not that you can request a >2GiB transaction, but that's why checking for it makes no sense anymore. With the newer 'limit' parameter to prepare_buf, we no longer need a static limit. The maximum limit is still 2GiB, but the limit parameter is set to the current transaction size, which cannot surpass 32MiB (512 * 65536). If the PRDT surpasses the transactional size, then, we'll just carry out the normative underflow handling pathways instead of needing an extra, strange pathway that worries about hitting some logistical cap for the largest sglist we can support -- we'll never even attempt to build one that big anymore. Reported-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Acked-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1445902682-20051-1-git-send-email-jsnow@xxxxxxxxxx commit 0c47242b519a224279f13c685aa6e79347f97b85 Author: Xiao Guangrong <guangrong.xiao@xxxxxxxxxxxxxxx> Date: Thu Oct 29 15:31:39 2015 +0800 target-i386: Add clflushopt/clwb/pcommit to TCG_7_0_EBX_FEATURES Now these instructions are handled by TCG and can be added to the TCG_7_0_EBX_FEATURES macro. Signed-off-by: Xiao Guangrong <guangrong.xiao@xxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 891bc821a3ee462b09b1ec436f2891f00ab1f85b Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Nov 4 19:24:46 2015 -0200 target-i386: tcg: Check right CPUID bits for clflushopt/pcommit Detect the clflushopt and pcommit instructions and check their corresponding feature flags, instead of checking CPUID_SSE and CPUID_CLFLUSH. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 5e1fac2dba7780e0cb2c022d4b39586af70bea0d Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Nov 4 19:24:45 2015 -0200 target-i386: tcg: Accept clwb instruction Accept the clwb instruction (66 0F AE /6) if its corresponding feature flag is enabled on CPUID[7]. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 4b59f39bc9a03afcc74b2fa28da7c3189fca507c Merge: 9319738 bd54a9f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Nov 6 12:50:24 2015 +0000 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-11-06' into staging trivial patches for 2015-11-06 # gpg: Signature made Fri 06 Nov 2015 12:42:43 GMT using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-11-06: (24 commits) tap-bsd: use user-specified tap device if it already exists qemu-sockets: do not test path with access() before unlinking taget-ppc: Fix read access to IBAT registers higher than IBAT3 exec: avoid unnecessary cacheline bounce on ram_list.mru_block target-alpha: fix uninitialized variable ivshmem-server: fix possible OVERRUN pci-assign: do not test path with access() before opening qom/object: fix 2 comment typos configure: remove help string for 'vnc-tls' option usb: Use g_new() & friends where that makes obvious sense qxl: Use g_new() & friends where that makes obvious sense ui: Use g_new() & friends where that makes obvious sense bt: fix use of uninitialized variable seqlen hw/dma/pxa2xx: Remove superfluous memset linux-user/syscall: Replace g_malloc0 + memcpy with g_memdup tests/i44fx-test: No need for zeroing memory before memset hw/input/tsc210x: Remove superfluous memset xen: fix invalid assertion tests: ignore test-qga fix bad indentation in pcie_cap_slot_write_config() ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bd54a9f9435c85de190a82019faef16c5ecf8e46 Author: Ed Maste <emaste@xxxxxxxxxxx> Date: Fri Oct 23 11:53:55 2015 -0400 tap-bsd: use user-specified tap device if it already exists Acked-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> Signed-off-by: Ed Maste <emaste@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a2f31f180499593b5edb8ac5ab8ac1b92f0abcd4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Nov 4 14:48:47 2015 +0100 qemu-sockets: do not test path with access() before unlinking Using access() is a time-of-check/time-of-use race condition. It is okay to use them to provide better error messages, but that is pretty much it. This is not one such case; on the other hand, access() *will* skip unlink() for a non-existent path, so ignore ENOENT return values from the unlink() system call. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 3ede8f699645f4ca7cdbc40d8139e5a0275b4805 Author: Julio Guerra <julio@xxxxxxxxxx> Date: Wed Oct 14 19:43:19 2015 +0200 taget-ppc: Fix read access to IBAT registers higher than IBAT3 Fix the index used to read the IBAT's vector which results in IBAT0..3 instead of IBAT4..N. The bug appeared by saving/restoring contexts including IBATs values. Signed-off-by: Julio Guerra <julio@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 68851b98e5bf6d397498b74f1776801274ab8d48 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Oct 22 13:51:30 2015 +0200 exec: avoid unnecessary cacheline bounce on ram_list.mru_block Whenever the MRU cache hits for the list of RAM blocks, qemu_get_ram_block does an unnecessary write that causes a processor cache line to bounce from one core to another. This causes a performance hit. Reported-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 74de807f794ac5201b2b3c38ddadeef84a676a97 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 19 16:08:38 2015 +0200 target-alpha: fix uninitialized variable I am not sure why the compiler does not catch it. There is no semantic change since gen_excp returns EXIT_NORETURN, but the old code is wrong. Reported by Coverity. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 258133bda9a6f22ba436ef9b63b7c086cc80190b Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Mon Nov 2 09:13:48 2015 +0800 ivshmem-server: fix possible OVERRUN >>> CID 1337991: Memory - illegal accesses (OVERRUN) >>> Decrementing "i". The value of "i" is now 65534. 218 while (i--) { 219 event_notifier_cleanup(&peer->vectors[i]); 220 } Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 6268520d7df9b3f183bb4397218c9287441bc04f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Nov 2 15:17:37 2015 +0100 pci-assign: do not test path with access() before opening Using access() is a time-of-check/time-of-use race condition. It is okay to use them to provide better error messages, but that is pretty much it. In this case we can get the same error from fopen(), so just use strerror and errno there---which actually improves the error message most of the time. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b30d80546421c6ea919096b596887f496c80af0a Author: Cao jin <caoj.fnst@xxxxxxxxxxxxxx> Date: Tue Nov 3 10:36:42 2015 +0800 qom/object: fix 2 comment typos Also change the misleading definition of macro OBJECT_CLASS_CHECK Signed-off-by: Cao jin <caoj.fnst@xxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 9f503153c78a23bcd44409cea64442c4ecd82ea5 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Nov 3 11:34:31 2015 +0000 configure: remove help string for 'vnc-tls' option The '--enable-vnc-tls' option to configure was removed in commit 3e305e4a4752f70c0b5c3cf5b43ec957881714f7 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Thu Aug 6 14:39:32 2015 +0100 ui: convert VNC server to use QCryptoTLSSession This removes the corresponding help string. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 98f343395e937fa1db3a28dfb4f303f97cfddd6c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 29 16:55:22 2015 +0100 usb: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 9de68637dff05a18d0eafcff2737e551b70bc490 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 29 16:55:21 2015 +0100 qxl: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit fedf0d35aafc4f1f1e5f6dbc80cb23ae1ae49f0b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Nov 3 17:12:03 2015 +0100 ui: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 374ec0669a1aa3affac7850a16c6cad18221c439 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 19 16:08:40 2015 +0200 bt: fix use of uninitialized variable seqlen sdp_svc_match, sdp_attr_match and sdp_svc_attr_match read the last argument. The only sensible way to change the code is to make that last argument "len" instead of "seqlen" which is the length of a subsequence in the previous "if" branch. To make the structure of the code clearer, use "else" instead of "else if". Reported by Coverity. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 1a13b27273cdc4f6fd18bc1e83950d47c6b5928b Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Fri Oct 9 17:56:35 2015 +0200 hw/dma/pxa2xx: Remove superfluous memset g_malloc0 already clears the memory, so no need for the additional memset here. And while we're at it, also convert the g_malloc0 to the preferred g_new0. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit e9d49d518d5d2b0411ee2625e46662a6065a909c Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Fri Oct 9 17:56:38 2015 +0200 linux-user/syscall: Replace g_malloc0 + memcpy with g_memdup No need to use g_malloc0 to zero the memory if we memcpy to the whole buffer afterwards anyway. Actually, there is even a function which combines both steps, g_memdup, so let's use this function here instead. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 112317867d573bb053d431f098060cf996d9b2e8 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Fri Oct 9 17:56:37 2015 +0200 tests/i44fx-test: No need for zeroing memory before memset Change a g_malloc0 into g_malloc since the following memset fills the whole buffer anyway. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a6c6d827605e416f0e127a325ee1efc9cf16afa5 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Fri Oct 9 17:56:36 2015 +0200 hw/input/tsc210x: Remove superfluous memset g_malloc0 already clears the memory, so no need for additional memsets here. And while we're at it, let's also remove the superfluous typecasts for the return values of g_malloc0 and use the type-safe g_new0 instead. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 2c21ec3d1818cb0395b5a9b73128e6920d44def7 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 19 16:08:39 2015 +0200 xen: fix invalid assertion Asserting "true" is not that useful. Reported by Coverity. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 3cd01b6ed8a1ae472f09cbcc47b7cba4d732f94c Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Oct 20 13:41:33 2015 -0600 tests: ignore test-qga Commit 62c39b30 added a new test, but did not mark it for exclusion in .gitignore. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 6ba9fe86957c3c8febf74c2495d901ac4061a673 Author: Cao jin <caoj.fnst@xxxxxxxxxxxxxx> Date: Sun Oct 25 16:23:28 2015 +0800 fix bad indentation in pcie_cap_slot_write_config() bad indentation conflicts with CODING_STYLE doc Signed-off-by: Cao jin <caoj.fnst@xxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 53d47be25a0c8bde5aa5b53625bc810f91c6271f Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 14:27:31 2015 -0600 maint: Ignore ivshmem binaries Commit a75eb03b added ivshmem-client and ivshmem-server binaries, but did not mark them for exclusion in .gitignore. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b21de19992cefdfef68217e50a8365ee5e535e10 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu Oct 15 10:54:15 2015 +0200 hw/display/tcx: Remove superfluous OBJECT() typecasts The tcx_initfn() function is already supplied with an Object *obj pointer, so there is no need to cast the state pointer back to an Object pointer all over the place. And while we're at it, also remove the superfluous "return;" statement in this function. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Acked-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 5accecb3a6b49d8ca79684179610583e9c7c1bf5 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Oct 13 09:38:50 2015 +0200 gdbstub: Fix buffer overflows in gdb_handle_packet() Some places in gdb_handle_packet() can get an arbitrary length (most times directly from the client) and either didn't check it at all or checked against the wrong value, potentially causing buffer overflows. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 3c15d3a45045de82c744c49ff471d4c7ba405187 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Mon Oct 12 12:54:57 2015 +0200 hw/acpi/aml-build: remove useless glib version check 2.22 is the minimum version required Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 9319738080faeb09876ce2017fcaea4937c475ee Merge: 3aa88b3 ee31299 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Nov 6 11:31:40 2015 +0000 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream-replay' into staging So here it is, let's see what happens. # gpg: Signature made Fri 06 Nov 2015 09:30:34 GMT using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" * remotes/bonzini/tags/for-upstream-replay: replay: recording of the user input replay: command line options replay: replay blockers for devices replay: initialization and deinitialization replay: ptimer bottom halves: introduce bh call function replay: checkpoints icount: improve counting for record/replay replay: shutdown event replay: recording and replaying clock ticks replay: asynchronous events infrastructure replay: interrupts and exceptions cpu: replay instructions sequence cpu-exec: allow temporary disabling icount replay: introduce icount event replay: introduce mutex to protect the replay log replay: internal functions for replay log replay: global variables and function stubs Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3aa88b31290c7cbbbae344efdece659194b95c70 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Nov 2 14:06:23 2015 +0000 configure: add missing --disable-modules option According to ./configure all options should have both --enable-foo and --disable-foo: # Always add --enable-foo and --disable-foo command line args. # Distributions want to ensure that several features are compiled in, and it # is impossible without a --enable-foo that exits if a feature is not found. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1446473183-24250-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 574418132355bae50e829eb7890c8ea5dcb53fd8 Merge: 496c1b1 f7fda28 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Nov 6 10:10:15 2015 +0000 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 queue, 2015-11-05 # gpg: Signature made Thu 05 Nov 2015 19:35:31 GMT using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" * remotes/ehabkost/tags/x86-pull-request: target-i386: Enable clflushopt/clwb/pcommit instructions target-i386: Remove POPCNT from qemu64 and qemu32 CPU models target-i386: Remove ABM from qemu64 CPU model target-i386: Remove SSE4a from qemu64 CPU model target-i386: Set "check=off" by default on pc-*-2.4 and older Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ee312992a323530ea2cda8680f3a34746c72db8f Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:25:24 2015 +0300 replay: recording of the user input This records user input (keyboard and mouse events) in record mode and replays these input events in replay mode. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162524.8676.11696.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit 4c27b859722089e0270fd4f41b4b3c63b6647439 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:25:18 2015 +0300 replay: command line options This patch introduces command line options for enabling recording or replaying virtual machine behavior. These options are added to icount command line parameter. They include 'rr' which switches between record and replay and 'rrfile' for specifying the filename for replay log. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162518.8676.70792.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit 0194749ac4131e1bed8e166c5d5cf541678ef204 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:25:13 2015 +0300 replay: replay blockers for devices Some devices are not supported by record/replay subsystem. This patch introduces replay blocker which denies starting record/replay if such devices are included into the configuration. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162512.8676.11367.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit 7615936ebf4e60c4565268a30df2356c841526f8 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:25:07 2015 +0300 replay: initialization and deinitialization This patch introduces the functions for enabling the record/replay and for freeing the resources when simulator closes. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162507.8676.90232.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit 8a354bd935a800dd2d98ac8f30707e2912c80ae6 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:56 2015 +0300 replay: ptimer This patch adds deterministic replay for hardware periodic countdown timers. ptimer uses bottom halves layer to execute such an asynchronous callback. We put this callback into the replay queue instead of bottom halves one. When checkpoint is met by main loop thread, the replay queue is processed and callback is executed. Binding callback moment to one of the checkpoints makes it deterministic. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162456.8676.83366.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit df281b80b9ecba65d85795aa738c29e5b94d5ef1 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:50 2015 +0300 bottom halves: introduce bh call function This patch introduces aio_bh_call function. It is used to execute bottom halves as callbacks without adding them to the queue. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162450.8676.56980.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit 8bd7f71d794b93ce027b856f5b79a98f4f82e44c Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:44 2015 +0300 replay: checkpoints This patch introduces checkpoints that synchronize cpu thread and iothread. When checkpoint is met in the code all asynchronous events from the queue are executed. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162444.8676.52916.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit efab87cf79077a9624f675fc5fc8f034eaedfe4d Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:39 2015 +0300 icount: improve counting for record/replay icount_warp_rt function is called by qemu_clock_warp and as callback of icount_warp timer. This patch adds call to qemu_clock_warp into main_loop_wait function, because icount warp may be missed in record/replay mode, when CPU is sleeping. This patch also disables of calling this function by timer, because it is not needed after making modifications of main_loop_wait. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162439.8676.38290.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit b60c48a7019614902f2debe4d4181ec8cfa60e0d Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:33 2015 +0300 replay: shutdown event This patch records and replays simulator shutdown event. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162433.8676.32262.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit 8eda206e09089914006bfbdd71467d5246c06e4a Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:28 2015 +0300 replay: recording and replaying clock ticks Clock ticks are considered as the sources of non-deterministic data for virtual machine. This patch implements saving the clock values when they are acquired (virtual, host clock). When replaying the execution corresponding values are read from log and transfered to the module, which wants to read the values. Such a design required the clock polling to be synchronized. Sometimes it is not true - e.g. when timeouts for timer lists are checked. In this case we use a cached value of the clock, passing it to the client code. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162427.8676.36558.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit c0c071d05279ec1429352200affc5c70bb4e5980 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:22 2015 +0300 replay: asynchronous events infrastructure This patch adds module for saving and replaying asynchronous events. These events include network packets, keyboard and mouse input, USB packets, thread pool and bottom halves callbacks. All events are stored in the queue to be processed at synchronization points such as beginning of TB execution, or checkpoint in the iothread. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162422.8676.88696.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> commit 6f0609697f3670bf755a91477487507a8ffee471 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:16 2015 +0300 replay: interrupts and exceptions This patch includes modifications of common cpu files. All interrupts and exceptions occured during recording are written into the replay log. These events allow correct replaying the execution by kicking cpu thread when one of these events is found in the log. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162416.8676.57647.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f7fda280948a5e74aeb076ef346b991ecb173c56 Author: Xiao Guangrong <guangrong.xiao@xxxxxxxxxxxxxxx> Date: Thu Oct 29 15:31:39 2015 +0800 target-i386: Enable clflushopt/clwb/pcommit instructions These instructions are used by NVDIMM drivers and the specification is located at: https://software.intel.com/sites/default/files/managed/0d/53/319433-022.pdf There instructions are available on Skylake Server. Signed-off-by: Xiao Guangrong <guangrong.xiao@xxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 6aa91e4a0237ddcebb85e3a95e166f3b3cfa42ae Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Tue Nov 3 17:24:18 2015 -0200 target-i386: Remove POPCNT from qemu64 and qemu32 CPU models POPCNT is not available on Penryn and older and on Opteron_G2 and older, and we want to make the default CPU runnable in most hosts, so it won't be enabled by default in KVM mode. We should eventually have all features supported by TCG enabled by default in TCG mode, but as we don't have a good mechanism today to ensure we have different defaults in KVM and TCG mode, disable POPCNT in the qemu64 and qemu32 CPU models entirely. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 711956722c6764336f8b78a2106e57c55f02f36d Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Tue Nov 3 17:24:18 2015 -0200 target-i386: Remove ABM from qemu64 CPU model ABM is not available on Sandy Bridge and older, and we want to make the default CPU runnable in most hosts, so it won't be enabled by default in KVM mode. We should eventually have all features supported by TCG enabled by default in TCG mode, but as we don't have a good mechanism today to ensure we have different defaults in KVM and TCG mode, disable ABM in the qemu64 CPU model entirely. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 0909ad24b2769368716c85f79fbb995dbb7041a9 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Tue Nov 3 17:17:33 2015 -0200 target-i386: Remove SSE4a from qemu64 CPU model SSE4a is not available in any Intel CPU, and we want to make the default CPU runnable in most hosts, so it doesn't make sense to enable it by default in KVM mode. We should eventually have all features supported by TCG enabled by default in TCG mode, but as we don't have a good mechanism today to ensure we have different defaults in KVM and TCG mode, disable SSE4a in the qemu64 CPU model entirely. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 3e68482224129c3ddc061af7c9d438b882ecfdd1 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Tue Nov 3 17:18:50 2015 -0200 target-i386: Set "check=off" by default on pc-*-2.4 and older The default CPU model (qemu64) have some issues today: it enables some features (ABM and SSE4a) that are not present in many host CPUs. That means many hosts (but not all of them) had those features silently disabled in the default configuration in QEMU 2.4 and older. With the new "check=on" default, this causes warnings to be printed in the default configuration, because of the lack of SSE4A on all Intel hosts, and the lack of ABM on Sandy Bridge and older hosts: $ qemu-system-x86_64 -machine pc,accel=kvm warning: host doesn't support requested feature: CPUID.80000001H:ECX.abm [bit 5] warning: host doesn't support requested feature: CPUID.80000001H:ECX.sse4a [bit 6] Those issues will be fixed in pc-*-2.5 and newer. But as we can't change the guest ABI in pc-*-2.4, disable "check" mode by default in pc-*-2.4 and older so we don't print spurious warnings. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 382e1737d3467b76e8ade34b96afaae91509002e Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Nov 5 10:12:18 2015 +0100 vnc: fix mismerge Commit "4d77b1f vnc: fix bug: vnc server can't start when 'to' is specified" was rebased incorrectly, fix it. Reported-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Yang Hongyang <hongyang.yang@xxxxxxxxxxxx> Message-id: 1446714738-22400-1-git-send-email-kraxel@xxxxxxxxxx commit 496c1b19facc7b850fa0c09899fcc07a0702fbfd Merge: 8835b9d e01dd3d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 5 14:31:24 2015 +0000 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * Guest ABI fixes for PC machines (hw_version) * Fixes for recent Perl * John Snow's configure fixes * file-backed RAM improvements (Igor, Pavel) * -Werror=clobbered fixes (Stefan) * Kill -d ioport * Fix qemu-system-s390x * Performance improvement for kvmclock migration # gpg: Signature made Thu 05 Nov 2015 13:42:27 GMT using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" * remotes/bonzini/tags/for-upstream: iscsi: Translate scsi sense into error code Revert "Introduce cpu_clean_all_dirty" kvmclock: add a new function to update env->tsc. configure: disable FORTIFY_SOURCE under clang backends/hostmem-file: Allow to specify full pathname for backing file configure: disallow ccache during compile tests cpu-exec: Fix compiler warning (-Werror=clobbered) memory: call begin, log_start and commit when registering a new listener megasas: Use qemu_hw_version() instead of QEMU_VERSION osdep: Rename qemu_{get, set}_version() to qemu_{, set_}hw_version() pc: Set hw_version on all machine classes qemu-log: remove -d ioport ioport: do not use CPU_LOG_IOPORT target-i386: fix pcmpxstrx equal-ordered (strstr) mode scripts/text2pod.pl: Escape left brace file_ram_alloc: propagate error to caller instead of terminating QEMU Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e01dd3da5cf9aa90ae844d3b86c2c2762066edac Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Nov 5 13:00:09 2015 +0800 iscsi: Translate scsi sense into error code Previously we return -EIO blindly when anything goes wrong. Add a helper function to parse sense fields and try to make the return code more meaningful. This also fixes the default werror configuration (enospc) when we're using qcow2 on an iscsi lun. The old -EIO not being treated as out of space error failed to trigger vm stop. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1446699609-11376-1-git-send-email-famz@xxxxxxxxxx> [libiscsi 1.9 compatibility - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8b42704441865611a5ee241ac9fc5cabc47a079b Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:05 2015 +0300 cpu: replay instructions sequence This patch adds calls to replay functions into the icount setup block. In record mode number of executed instructions is written to the log. In replay mode number of istructions to execute is taken from the replay log. When replayed instructions counter is expired qemu_notify_event() function is called to wake up the iothread. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162405.8676.31890.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 56c0269a9ec105d3848d9f900b5e38e6b35e2478 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:23:59 2015 +0300 cpu-exec: allow temporary disabling icount This patch is required for deterministic replay to generate an exception by trying executing an instruction without changing icount. It adds new flag to TB for disabling icount while translating it. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162359.8676.77011.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 26bc60ac82f88d14e65be5387eb4a136edf94f1b Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:23:54 2015 +0300 replay: introduce icount event This patch adds icount event to the replay subsystem. This event corresponds to execution of several instructions and used to synchronize input events in the replay phase. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162354.8676.31351.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c16861ef1b7b27803b4c068ef778ba0f80fba1c2 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:23:48 2015 +0300 replay: introduce mutex to protect the replay log This mutex will protect read/write operations for replay log. Using mutex is necessary because most of the events consist of several fields stored in the log. The mutex will help to avoid races. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162348.8676.8628.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c92079f45fec0bc6a2757aa3783dd9b0604089ba Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:23:43 2015 +0300 replay: internal functions for replay log This patch adds functions to perform read and write operations with replay log. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162342.8676.29445.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d73abd6dcc105fb5cacc34716046fca63132a264 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:23:37 2015 +0300 replay: global variables and function stubs This patch adds global variables, defines, function declarations, and function stubs for deterministic VM replay used by external modules. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162337.8676.41538.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8835b9df3bddf332c883c861d6a1defc12c4ebe9 Merge: 6c5f30c fb68777 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 5 10:52:35 2015 +0000 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-11-04-tag' into staging qemu-ga patch queue * fix file handle cleanup on w32 * use non-blocking mode for file handles on w32 to avoid hangs on guest-file-read/guest-file-write to pipes # gpg: Signature made Wed 04 Nov 2015 19:36:16 GMT using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" * remotes/mdroth/tags/qga-pull-2015-11-04-tag: qga: set file descriptor in qmp_guest_file_open non-blocking on Win32 qga: fixed CloseHandle in qmp_guest_file_open qga: drop hand-made guest_file_toggle_flags helper Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6388acc853b7862761d3c2864be99033e8b62dcc Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Thu Nov 5 11:51:04 2015 +0800 Revert "Introduce cpu_clean_all_dirty" This reverts commit de9d61e83d43be9069e6646fa9d57a3f47779d28. Now 'cpu_clean_all_dirty' is useless, we can revert the related code. Conflicts: include/sysemu/kvm.h Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Message-Id: <1446695464-27116-3-git-send-email-liang.z.li@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0fd7e098db30e302d27920487f0afec33be8982a Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Thu Nov 5 11:51:03 2015 +0800 kvmclock: add a new function to update env->tsc. The commit 317b0a6d8 fixed an issue which caused by the outdated env->tsc value, but the fix lead to 'cpu_synchronize_all_states()' called twice during live migration. The 'cpu_synchronize_all_states()' takes about 130us for a VM which has 4 vcpus, it's a bit expensive. Synchronize the whole CPU context just for updating env->tsc is too wasting, this patch use a new function to update the env->tsc. Comparing to 'cpu_synchronize_all_states()', it only takes about 20us. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Message-Id: <1446695464-27116-2-git-send-email-liang.z.li@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b553a0428014636bce4951098e97c60dc18a83ed Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Nov 3 15:43:42 2015 -0500 configure: disable FORTIFY_SOURCE under clang Some versions of clang may have difficulty compiling glibc headers when -D_FORTIFY_SOURCE is used. For example, Clang++ 3.5.0-9.fc22 cannot compile glibc's stdio headers when -D_FORTIFY_SOURCE=2 is used. This manifests currently as build failures with clang and any arm target. According to LLVM dev Richard Smith, clang does not target or support FORTIFY_SOURCE + glibc, and it should not be relied on. "It's still an unsupported combination, and while it might compile, some of the checks are unlikely to work because they require a frontend inliner to be useful" See: http://lists.llvm.org/pipermail/cfe-dev/2015-November/045846.html Conclusion: disable fortify-source if we appear to be using clang instead of testing for compile success or failure, which may be incidental or not indicative of proper support of the feature. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-Id: <1446583422-10153-1-git-send-email-jsnow@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6c5f30cad290c745f910481d0e890b3f4fad1f00 Merge: 2b5a79f 96e5c9b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Nov 5 10:10:57 2015 +0000 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20151104' into staging migration/next for 20151104 # gpg: Signature made Wed 04 Nov 2015 12:45:19 GMT using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20151104: migration: fix analyze-migration.py script migration: code clean up migration: rename cancel to cleanup in SaveVMHandles migration: rename qemu_savevm_state_cancel migration: defer migration_end & blk_mig_cleanup Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f14c3d85b003d8614144ae67a26157667c1e1245 Author: Peter Lieven <pl@xxxxxxx> Date: Fri Oct 30 12:10:14 2015 +0100 buffer: allow a buffer to shrink gracefully the idea behind this patch is to allow the buffer to shrink, but make this a seldom operation. The buffers average size is measured exponentionally smoothed with am alpha of 1/128. Signed-off-by: Peter Lieven <pl@xxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-20-git-send-email-kraxel@xxxxxxxxxx commit 4ec5ba151ff3f2ac8dc44dabd058eca5846654a6 Author: Peter Lieven <pl@xxxxxxx> Date: Fri Oct 30 12:10:13 2015 +0100 buffer: factor out buffer_adj_size Signed-off-by: Peter Lieven <pl@xxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-19-git-send-email-kraxel@xxxxxxxxxx commit fd95243372f7657c2d24aed269e3be01bed1b87c Author: Peter Lieven <pl@xxxxxxx> Date: Fri Oct 30 12:10:12 2015 +0100 buffer: factor out buffer_req_size Signed-off-by: Peter Lieven <pl@xxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-18-git-send-email-kraxel@xxxxxxxxxx commit c3d6899c5e67dfd7ff195eccc10541f3b7e141a7 Author: Peter Lieven <pl@xxxxxxx> Date: Fri Oct 30 12:10:11 2015 +0100 vnc: recycle empty vs->output buffer If the vs->output buffer is empty it will be dropped by the next qio_buffer_move_empty in vnc_jobs_consume_buffer anyway. So reuse the allocated buffer from this buffer in the worker thread where we otherwise would start with an empty (unallocated buffer). Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-17-git-send-email-kraxel@xxxxxxxxxx [ added a comment describing the non-obvious optimization ] Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2e0c90af0a33451498d333d72c06e5429c7cd168 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:10 2015 +0100 vnc: fix local state init Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-16-git-send-email-kraxel@xxxxxxxxxx commit c7628bff4138ce906a3620d12e0820c1cf6c140d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:09 2015 +0100 vnc: only alloc server surface with clients connected Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-15-git-send-email-kraxel@xxxxxxxxxx commit f7b3d68c95bc4f8915a3d084360aa07c7f4e4717 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:08 2015 +0100 vnc: use vnc_{width,height} in vnc_set_area_dirty Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-14-git-send-email-kraxel@xxxxxxxxxx commit 453f842bc4cab49f10c267cff9ad3cf657265d49 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:07 2015 +0100 vnc: factor out vnc_update_server_surface Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-13-git-send-email-kraxel@xxxxxxxxxx commit d05959c2e111858bb83c40ae5d8b8c10964b7bb0 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:06 2015 +0100 vnc: add vnc_width+vnc_height helpers Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-12-git-send-email-kraxel@xxxxxxxxxx commit e081aae5ae01f5ff695ba9fee4e622053d8e4bfe Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:05 2015 +0100 vnc: zap dead code Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-11-git-send-email-kraxel@xxxxxxxxxx commit d90340115a3569caa72063775ff927f4dc353551 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:04 2015 +0100 vnc-jobs: move buffer reset, use new buffer move Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-10-git-send-email-kraxel@xxxxxxxxxx commit 8305f917c1bc86b1ead0fa9197b5443a4bd611f3 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:03 2015 +0100 vnc: kill jobs queue buffer Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-9-git-send-email-kraxel@xxxxxxxxxx commit 543b95801f98ab2cb7413c39779fd5b7f363ce3d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:02 2015 +0100 vnc: attach names to buffers Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-8-git-send-email-kraxel@xxxxxxxxxx commit d2b90718d25ed6dc8a2bb7f06504e6500dcc7bae Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:01 2015 +0100 buffer: add tracing Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-7-git-send-email-kraxel@xxxxxxxxxx commit 1ff36b5d4d00a4e3633eb960bf2be562f5e47dbf Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:10:00 2015 +0100 buffer: add buffer_shrink Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-6-git-send-email-kraxel@xxxxxxxxxx commit 830a9583206a051c240b74c3f688a015dc5d2967 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:09:59 2015 +0100 buffer: add buffer_move Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-5-git-send-email-kraxel@xxxxxxxxxx commit 4d1eb5fdb141c9100eb82e1dc7d4547fb1decd8b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:09:58 2015 +0100 buffer: add buffer_move_empty Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-4-git-send-email-kraxel@xxxxxxxxxx commit 810082d15c244b8b29470d3bb1c6b11fc9a40c25 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 30 12:09:57 2015 +0100 buffer: add buffer_init Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1446203414-4013-3-git-send-email-kraxel@xxxxxxxxxx commit 5c10dbb7b577370e86ff459973b06d530c3777cf Author: Peter Lieven <pl@xxxxxxx> Date: Fri Oct 30 12:09:56 2015 +0100 buffer: make the Buffer capacity increase in powers of two This makes sure the number of reallocs is in O(log N). Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Message-id: 1446203414-4013-2-git-send-email-kraxel@xxxxxxxxxx [ rebased to util/buffer.c ] Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2b5a79f1d961f07332cf77f38cdf9dc2fc7e2b64 Merge: 79cf9fa 5dfdae8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Nov 4 18:20:31 2015 +0000 Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2015-11-03' into staging vl.c: Error message rework # gpg: Signature made Tue 03 Nov 2015 08:40:50 GMT using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-error-2015-11-03: vl.c: Use "%s support is disabled" error messages consistently vl.c: Improve warnings on use of deprecated options vl.c: Touch up error messages vl.c: Remove unnecessary uppercase in error messages vl.c: Use "warning:" prefix consistently on warnings vl.c: Remove periods and exclamation points from error messages vl.c: Replace fprintf(stderr) with error_report() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8d31d6b65a7448582c7bd320fd1b8cfc6cca2720 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Wed Oct 28 12:54:07 2015 +0300 backends/hostmem-file: Allow to specify full pathname for backing file This allows to explicitly specify file name to use with the backend. This is important when using it together with ivshmem in order to make it backed by hugetlbfs. By default filename is autogenerated using mkstemp(), and the file is unlink()ed after creation, effectively making it anonymous. This is not very useful with ivshmem because it ends up in a memory which cannot be accessed by something else. Distinction between directory and file name is done by stat() check. If an existing directory is given, the code keeps old behavior. Otherwise it creates or opens a file with the given pathname. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Tested-by: Igor Skalkin <i.skalkin@xxxxxxxxxxx> Message-Id: <004301d11166$9672fe30$c358fa90$@samsung.com> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5e4dfd3d4e87e0464d599ecef06aa8fe78420a9b Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Oct 28 13:56:40 2015 -0400 configure: disallow ccache during compile tests If the user is using ccache during the configuration step, it may interfere with some of the configuration tests, particularly the "Is ccache interfering with macro analysis" step, which is a bit of a poetic problem. 1) Disallow ccache from reading from the cache during configure, but don't disable it entirely to allow us to see if it causes other problems. 2) Force off CCACHE_CPP2 during the ccache test to get a deterministic answer over whether or not we need to enable that feature later. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-Id: <1446055000-29150-1-git-send-email-jsnow@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0448f5f8b816923b198ab6c32286fd1f3b2f3e45 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Sat Sep 26 13:23:26 2015 +0200 cpu-exec: Fix compiler warning (-Werror=clobbered) Reloading of local variables after sigsetjmp is only needed for some buggy compilers. The code which should reload these variables causes compiler warnings with gcc 4.7 when compiler optimizations are enabled: cpu-exec.c:204:15: error: variable â??cpuâ?? might be clobbered by â??longjmpâ?? or â??vforkâ?? [-Werror=clobbered] cpu-exec.c:207:15: error: variable â??ccâ?? might be clobbered by â??longjmpâ?? or â??vforkâ?? [-Werror=clobbered] cpu-exec.c:202:28: error: argument â??envâ?? might be clobbered by â??longjmpâ?? or â??vforkâ?? [-Werror=clobbered] Now this code is only used for compilers which need it (and gcc 4.5.x, x > 0 which does not need it but won't give warnings). There were bug reports for clang and gcc 4.5.0, while gcc 4.5.1 was reported to work fine without the reload code. For clang it is not clear which versions are affected, so simply keep the status quo for all clang compilations. This can be improved later. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Message-Id: <1443266606-21400-1-git-send-email-sw@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 680a4783dc13f1059c03d11da58193d76c19ead6 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Nov 2 09:23:52 2015 +0100 memory: call begin, log_start and commit when registering a new listener This ensures that cpu_reload_memory_map() is called as soon as tcg_cpu_address_space_init() is called, and before cpu->memory_dispatch is used. qemu-system-s390x never changes the address spaces after tcg_cpu_address_space_init() is called, and thus tcg_commit() is never called. This causes a SIGSEGV. Because memory_map_init() will now call mem_commit(), we have to initialize io_mem_* before address_space_memory and friends. Reported-by: Philipp Kern <pkern@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Fixes: 0a1c71cec63e95f9b8d0dc96d049d2daa00c5210 Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 69fbd0ea25d1f45ab2c8b0d3f431e83063f977f2 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 17:36:09 2015 -0200 megasas: Use qemu_hw_version() instead of QEMU_VERSION Guest visible data shouldn't change with a simple QEMU upgrade, so use qemu_hw_version() to ensure it won't change (as long as the machine class being used has hw_version set). Cc: Hannes Reinecke <hare@xxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: qemu-block@xxxxxxxxxx Reviewed-by: Hannes Reinecke <hare@xxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446233769-7892-4-git-send-email-ehabkost@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 35c2c8dc8c0899882a8e0d349d93bd657772f1e7 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 17:36:08 2015 -0200 osdep: Rename qemu_{get, set}_version() to qemu_{, set_}hw_version() This makes the purpose of the function clearer: it is not about the version of QEMU that's running, but the version string exposed in the emulated hardware. Cc: Andrzej Zaborowski <balrogg@xxxxxxxxx> Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446233769-7892-3-git-send-email-ehabkost@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit de796d93f59d363409dfd9e186ccd64a21f92204 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 17:36:07 2015 -0200 pc: Set hw_version on all machine classes In 2012, QEMU had a bug where it exposed QEMU version information to the guest, meaning a QEMU upgrade would expose different hardware to the guest OS even if the same machine-type is being used. The bug was fixed by commit 93bfef4c6e4b23caea9d51e1099d06433d8835a4, on all machines up to pc-1.0. But we kept introducing the same bug on all newer machines since then. That means we are breaking guest ABI every time QEMU was upgraded. Fix this by setting the hw_version on all PC machines, making sure the hardware won't change when upgrading QEMU. Note that QEMU_VERSION was "1.0" in QEMU 1.0, but starting on QEMU 1.1.0, it started following the "x.y.0" pattern. We have to follow it, to make sure we use the right QEMU_VERSION string from each QEMU release. The 2.5 machine classes could have hw_version unset, because the default value for qemu_get_version() is QEMU_VERSION. But I decided to set it explicitly to QEMU_VERSION so we don't forget to update it to "2.5.0" after we release 2.5.0 and create a 2.6 machine class. Reported-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446233769-7892-2-git-send-email-ehabkost@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ddcc8e9d51c415a7b7b2983c3552408d9a50be6e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Oct 16 15:09:01 2015 +0200 qemu-log: remove -d ioport It was disabled at compile-time, and is now replaced by tracepoints. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6f94b7d97f7e0e486a70fb06b703442e2c04a29a Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Oct 16 15:08:34 2015 +0200 ioport: do not use CPU_LOG_IOPORT These messages are disabled by default; a perfect usecase for tracepoints, which in fact already exist. Add the missing information to them and stop using qemu_log_mask. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 54c54f8b56047d3c2420e1ae06a6a8890c220ac4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 11:50:27 2015 +0200 target-i386: fix pcmpxstrx equal-ordered (strstr) mode In this mode, referring an invalid element of the source forces the result to false (table 4-7, last column) but referring an invalid element of the destination forces the result to true, so the outer loop should still be run even if some elements of the destination will be invalid. They will be avoided in the inner loop, which correctly bounds "i" to validd, but they will still contribute to a positive outcome of the search. This fixes tst_strstr in glibc 2.17. Reported-by: Florian Weimer <fweimer@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fb68777312887000cd0367d72621fdd67cc4a0a0 Author: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Date: Wed Oct 28 18:13:57 2015 +0300 qga: set file descriptor in qmp_guest_file_open non-blocking on Win32 Set fd non-blocking to avoid common use cases (like reading from a named pipe) from hanging the agent. This was missed in the original code. The patch introduces qemu_set_handle_nonoblocking, the local analog of qemu_set_nonblock for HANDLES. The usage of handles in qemu_set_non/block is impossible, because for win32 there is a difference between file discriptors and file handles, and all file ops are made via Win32 api. Signed-off-by: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> CC: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit c87d0964ef7534d50a4c729a6ae20045b3a0cd34 Author: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Date: Wed Oct 28 18:13:56 2015 +0300 qga: fixed CloseHandle in qmp_guest_file_open CloseHandle use HANDLE as an argument, but not *HANDLE Signed-off-by: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Weil <sw@xxxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 125053965b05b31427ff5c75dc3b87acaa8d0505 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Wed Oct 28 18:13:55 2015 +0300 qga: drop hand-made guest_file_toggle_flags helper We'd better use generic qemu_set_nonblock directly. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 96e5c9bc77acef8b7b56cbe23a8a2611feff9e34 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Sat Sep 5 20:51:48 2015 +0100 migration: fix analyze-migration.py script Commit 61964 "Add configuration section" broke the analyze-migration.py script which terminates due to the unrecognised section. Fix the script by parsing the contents of the configuration section directly into a new ConfigurationSection object (although nothing is done with it yet). Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx>al3 Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx>al3 commit 6ad2a215e7170350430adfda02eb8ef47c1acd8e Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Nov 2 15:37:03 2015 +0800 migration: code clean up Just clean up code, no behavior change. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx>al3 Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx>al3 Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx>al3 commit d1a8548c10bf6d24160ec2aafa4881a3f50a8373 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Nov 2 15:37:02 2015 +0800 migration: rename cancel to cleanup in SaveVMHandles 'cleanup' seems more appropriate than 'cancel'. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx>al3 Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx>al3 Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx>al3 commit ea7415fac677c5c1599214ee226ab4a3a438fdd6 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Nov 2 15:37:01 2015 +0800 migration: rename qemu_savevm_state_cancel The function qemu_savevm_state_cancel is called after the migration in migration_thread, it seems strange to 'cancel' it after completion, rename it to qemu_savevm_state_cleanup looks better. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx>al3 Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx>al3 Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx>al3 commit 94f5a43704129ca4995aa3385303c5ae225bde42 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Nov 2 15:37:00 2015 +0800 migration: defer migration_end & blk_mig_cleanup Because of the patch 3ea3b7fa9af067982f34b of kvm, which introduces a lazy collapsing of small sptes into large sptes mechanism, now migration_end() is a time consuming operation because it calls memroy_global_dirty_log_stop(), which will trigger the dropping of small sptes operation and takes about dozens of milliseconds, so call migration_end() before all the vmsate data has already been transferred to the destination will prolong VM downtime. This operation should be deferred after all the data has been transferred to the destination. blk_mig_cleanup() can be deferred too. For a VM with 8G RAM, this patch can reduce the VM downtime about 30 ms. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx>al3 Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx>al3 Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx>al3 commit 79cf9fad341e6e7bd6b55395b71d5c5727d7f5b0 Merge: 19bb546 5d9c175 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 3 14:54:40 2015 +0000 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151103' into staging target-arm queue: * code cleanup to use symbolic constants for register bank numbers * fix direct booting of modern Linux kernels on xilinx_zynq by setting SCLR values to what the kernel expects firmware to have done * implement SYSRESETREQ for ARMv7M CPU (stellaris boards) * update MAINTAINERS to mention new qemu-arm mailing list * clean up display of PSTATE in AArch64 debug logs * report Secure/Nonsecure status in CPU debug logs * fix a missing _CCA attribute in ACPI tables * add support for GICv3 to ACPI tables # gpg: Signature made Tue 03 Nov 2015 13:58:46 GMT using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20151103: ARM: ACPI: Fix MPIDR value in ACPI table hw/arm/virt-acpi-build: Add GICC ACPI subtable for GICv3 hw/arm/virt-acpi-build: _CCA attribute is compulsory target-arm: Report S/NS status in the CPU debug logs target-arm: Bring AArch64 debug CPU display of PSTATE into line with AArch32 MAINTAINERS: Add new qemu-arm mailing list to ARM related entries arm: stellaris: exit on external reset request armv7-m: Implement SYSRESETREQ armv7-m: Return DeviceState* from armv7m_init() arm: xilinx_zynq: Add linux pre-boot arm: boot: Add board specific setup code API arm: boot: Adjust indentation of FIXUP comments target-arm: Add and use symbolic names for register banks Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 19bb5467135df4b234af2c93bf6c50284158d6ca Merge: 130d0bc a9be4e7 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 3 14:09:59 2015 +0000 Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20151103-1' into staging usb: two bugfixes for ehci & usb-host. # gpg: Signature made Tue 03 Nov 2015 10:57:28 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-usb-20151103-1: usb-host: fix usb3ep0quirk test ehci: clear suspend bit on detach Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5d9c1756140d680e66e5b45005a1fb7078b74ee1 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue Nov 3 13:49:42 2015 +0000 ARM: ACPI: Fix MPIDR value in ACPI table Use mp_affinity of ARMCPU as the CPU MPIDR instead of the CPU index. Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Message-id: 1446285001-7316-1-git-send-email-zhaoshenglong@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f2fbfacec024d1e78c10fc8498f3126557c21ed8 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue Nov 3 13:49:42 2015 +0000 hw/arm/virt-acpi-build: Add GICC ACPI subtable for GICv3 When booting VM with GICv3, the kernel needs GICC ACPI subtable to initialize the CPUs, e.g. MPIDR information. This adds GICC ACPI subtable for GICv3, but set GICC base address only when gic_version == 2 since it donesn't need GICC base address for GICv3. Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Message-id: 1446131773-5018-1-git-send-email-shannon.zhao@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bc64b96c984abfe84f43562ca7480bb4f2af0613 Author: Graeme Gregory <graeme.gregory@xxxxxxxxxx> Date: Tue Nov 3 13:49:42 2015 +0000 hw/arm/virt-acpi-build: _CCA attribute is compulsory According to ACPI specification 6.2.17 _CCA (Cache Coherency Attribute) this attribute is compulsory on ARM systems. Add this attribute to the PCI host bridges as required. Without this the kernel will produce the error [Firmware Bug]: PCI device 0000:00:00.0 fail to setup DMA. Signed-off-by: Graeme Gregory <graeme.gregory@xxxxxxxxxx> Message-id: 1446460786-13663-1-git-send-email-graeme.gregory@xxxxxxxxxx Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 06e5cf7acd1f94ab7c1cd6945974a1f039672940 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 3 13:49:42 2015 +0000 target-arm: Report S/NS status in the CPU debug logs If this CPU supports EL3, enhance the printing of the current CPU mode in debug logging to distinguish S from NS modes as appropriate. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1445883178-576-3-git-send-email-peter.maydell@xxxxxxxxxx commit 08b8e0f527930208a548b424d2ab3103bf3c8c02 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 3 13:49:42 2015 +0000 target-arm: Bring AArch64 debug CPU display of PSTATE into line with AArch32 The AArch64 debug CPU display of PSTATE as "PSTATE=200003c5 (flags --C-)" on the end of the same line as the last of the general purpose registers is unnecessarily different from the AArch32 display of PSR as "PSR=200001d3 --C- A svc32" on its own line. Update the AArch64 code to put PSTATE in its own line and in the same format, including printing the exception level (mode). Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1445883178-576-2-git-send-email-peter.maydell@xxxxxxxxxx commit b4f2bd1ce89f3a324fd047c65573897b39d5aaf8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 3 13:49:42 2015 +0000 MAINTAINERS: Add new qemu-arm mailing list to ARM related entries We now have a qemu-arm mailing list for ARM patches and discussion, so add an L: entry for it to the various ARM related entries in MAINTAINERS. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 1446129661-5239-1-git-send-email-peter.maydell@xxxxxxxxxx commit d69ffb5b48701d8f33cdfa2570a4ea1d5eb9de4d Author: Michael Davidsaver <mdavidsaver@xxxxxxxxx> Date: Tue Nov 3 13:49:41 2015 +0000 arm: stellaris: exit on external reset request Add GPIO in for the stellaris board which calls qemu_system_reset_request() on reset request. Signed-off-by: Michael Davidsaver <mdavidsaver@xxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e192becdc7b05276a41ebef9fe11e6c30ddb91e3 Author: Michael Davidsaver <mdavidsaver@xxxxxxxxx> Date: Tue Nov 3 13:49:41 2015 +0000 armv7-m: Implement SYSRESETREQ Implement the SYSRESETREQ bit of the AIRCR register for armv7-m (ie. cortex-m3) to trigger a GPIO out. Signed-off-by: Michael Davidsaver <mdavidsaver@xxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 20c59c38927902a8e2c67da7d9a24b5222a31cb7 Author: Michael Davidsaver <mdavidsaver@xxxxxxxxx> Date: Tue Nov 3 13:49:41 2015 +0000 armv7-m: Return DeviceState* from armv7m_init() Change armv7m_init to return the DeviceState* for the NVIC. This allows access to all GPIO blocks, not just the IRQ inputs. Move qdev_get_gpio_in() calls out of armv7m_init() into board code for stellaris and stm32f205 boards. Signed-off-by: Michael Davidsaver <mdavidsaver@xxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c3a9a689c6ff07ba2e00bafc68626fad84587794 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Nov 3 13:49:41 2015 +0000 arm: xilinx_zynq: Add linux pre-boot Add a Linux-specific pre-boot routine that matches the device- specific bootloaders behaviour. This is needed for modern Linux that expects the ARM PLL in SLCR to be a more even value (not 26). Cc: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 9a9025ea65572586b50dca4e5819032e3c436d64.1446182614.git.crosthwaite.peter@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 10b8ec73e610e017ac2fbaf486fce21eec7061b2 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Nov 3 13:49:41 2015 +0000 arm: boot: Add board specific setup code API Add an API for boards to inject their own preboot software (or firmware) sequence. The software then returns to the bootloader via the link register. This allows boards to do their own little bits of firmware setup without needed to replace the bootloader completely (which is the requirement for existing firmware support). The blob is loaded by a callback if and only if doing a linux boot (similar to the existing write_secondary support). Rewrite the comment for the primary boot blob. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 070295644c6ac84696d743913296e8cfefb48c15.1446182614.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 84e59397797ff2040439058b689adbfef608b879 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Nov 3 13:49:41 2015 +0000 arm: boot: Adjust indentation of FIXUP comments These comments start immediately after the current longest name in the list. Tab them out to the next tab stop to give a little breathing room and prepare for FIXUP_BOARD_SETUP which will require more indent. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: b9b9bb8f1c307c1ef8a3f26ff1f34fabb34b332e.1446182614.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 99a99c1fc8e9bfec1656ac5916c53977a93d3581 Author: Soren Brinkmann <soren.brinkmann@xxxxxxxxxx> Date: Tue Nov 3 13:49:41 2015 +0000 target-arm: Add and use symbolic names for register banks Add BANK_<cpumode> #defines to index banked registers. Suggested-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Soren Brinkmann <soren.brinkmann@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a9be4e7c48c4892c836bda1be4d550bb1a6732bd Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 23 14:27:10 2015 +0200 usb-host: fix usb3ep0quirk test usb->speed is the usb speed the device is actually running on in the qemu emulation (i.e. from the guests point of view). So when plugging usb3 devices into ehci hostadapter this is HIGH not SUPER. To figure whenever the host talks to the device with superspeed we have to check speedmask instead and see whenever the superspeed bit is set there. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Message-id: 1445603230-11840-1-git-send-email-kraxel@xxxxxxxxxx commit cbf82fa01e6fd4ecb234b235b10ffce548154a95 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Oct 21 09:44:22 2015 +0200 ehci: clear suspend bit on detach When a device is detached, clear the suspend bit (PORTSC_SUSPEND) in the port status register. The specs are not *that* clear what is supposed to happen in case a suspended device is unplugged. But the enable bit (PORTSC_PED) is cleared, and the specs mention setting suspend with enable being unset is undefined behavior. So clearing them both looks reasonable, and it actually fixes the reported bug. https://bugzilla.redhat.com/show_bug.cgi?id=1268879 Cc: Hans de Goede <hdegoede@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Hans de Goede <hdegoede@xxxxxxxxxx> Message-id: 1445413462-18004-1-git-send-email-kraxel@xxxxxxxxxx commit 130d0bc6594d0cc6591d00312841891b3c187b07 Merge: 3d861a0 4d77b1f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Nov 3 10:20:04 2015 +0000 Merge remote-tracking branch 'remotes/kraxel/tags/pull-ui-20151103-1' into staging ui: fixes for vnc, opengl and curses. # gpg: Signature made Tue 03 Nov 2015 09:53:24 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-ui-20151103-1: vnc: fix bug: vnc server can't start when 'to' is specified vnc: allow fall back to RAW encoding ui/opengl: Reduce build required libraries for opengl ui/curses: Fix pageup/pagedown on -curses ui/curses: Support line graphics chars on -curses mode ui/curses: Fix monitor color with -curses when 256 colors Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4d77b1f23877b579b94421d0cab2bebc79f4e171 Author: Yang Hongyang <hongyang.yang@xxxxxxxxxxxx> Date: Tue Oct 27 14:10:52 2015 +0800 vnc: fix bug: vnc server can't start when 'to' is specified commit e0d03b8ceb52 converted VNC startup to use SocketAddress, the interface socket_listen don't have a port_offset param, so we need to add the port offset (5900) to both 'port' and 'to' opts. currently only 'port' is added by offset. This patch add the port offset to 'to' opts. Signed-off-by: Yang Hongyang <hongyang.yang@xxxxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1445926252-14830-1-git-send-email-hongyang.yang@xxxxxxxxxxxx Cc: Daniel P. Berrange <berrange@xxxxxxxxxx> Cc: Eric Blake <eblake@xxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit de3f7de7f4e257ce44cdabb90f5f17ee99624557 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Aug 27 14:46:25 2015 +0200 vnc: allow fall back to RAW encoding I have observed that depending on the contents and the encoding it happens that sending data as RAW sometimes would take less space than the encoded data. This is especially the case for small updates or areas with high color images. If sending RAW encoded data is beneficial allow a fall back to RAW encoding for the framebuffer update. Signed-off-by: Peter Lieven <pl@xxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit fb719563676f8958141a5c984e876a9a1b18f48b Author: OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx> Date: Tue Oct 27 02:45:48 2015 +0900 ui/opengl: Reduce build required libraries for opengl We now use epoxy to load opengl libraries. This means we don't need to link opengl libraries directly if interfaces handled by epoxy. With this, we just need epoxy headers and epoxy's *.so to build. Tested with epoxy-1.3.1. - sdl2/gtk/console egl stuff doesn't require other than epoxy - milkymist-tmu2 glx stuff doesn't require other than epoxy (lm32 test is limited, because can't find mmone-bios.bin, so just test to load libGL with "./lm32-softmmu/qemu-system-lm32 -M milkymist,accel=qtest") Signed-off-by: OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx> [ lm32 tested by kraxel ] Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e72df72a558cc189bb8681df8059b3a8cff281fc Author: OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 19 21:24:07 2015 +0900 ui/curses: Fix pageup/pagedown on -curses Current KEY_NPAGE/KEY_PPAGE handling is broken on -curses. Those uses "GREY", but "KEY_MASK" masked out "GREY". To fix, we have to use correct mask value - SCANCODE_KEYMASK. Then, this adds support of "shift + pageup/pagedown". With this, -curses mode can use scroll-up/down as usual like other display modes. Signed-off-by: OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e2368dc9684ae5cec2f0558be4803901a0b58b7b Author: OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 19 21:23:46 2015 +0900 ui/curses: Support line graphics chars on -curses mode This converts vga code to curses code in console_write_bh(). With this changes, we can see line graphics (for example, dialog uses) correctly. Signed-off-by: OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 615220ddaf23db4c5686053257c568b46967e4b5 Author: OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 19 21:23:10 2015 +0900 ui/curses: Fix monitor color with -curses when 256 colors If TERM=xterm-256color, COLOR_PAIRS==256 and monitor passes chtype like 0x74xx. Then, the code uses uninitialized color pair. As result, monitor uses black for both of fg and bg color, i.e. terminal is filled by black. To fix, this initialize above than 64 with default color (fg=white,bg=black). FIXME: on 256 color, curses may be possible better vga color emulation. Signed-off-by: OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 5dfdae814307f7580d56ab4505288224751e0801 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 13:08:02 2015 -0200 vl.c: Use "%s support is disabled" error messages consistently Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446217682-24421-12-git-send-email-ehabkost@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 515cb8ef27874822c64bc81ccde9bd7227383137 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 13:08:00 2015 -0200 vl.c: Improve warnings on use of deprecated options Simplify warnings about deprecated options by rewriting them as "warning: ignoring deprecated option". Reword -no-kvm-pit-reinjection deprecation warning. Suggested-by: Andrew Jones <drjones@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446217682-24421-10-git-send-email-ehabkost@xxxxxxxxxx> [Squashed in Message-Id: <1446217682-24421-11-git-send-email-ehabkost@xxxxxxxxxx> and updated commit message] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 4cd70f34afa817cfc891f6c64fd7e277ba561784 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 13:07:56 2015 -0200 vl.c: Touch up error messages Several small improvements: * Use "cannot" instead of "can not" * Use 'quotes' instead of `quotes' * Change "fail to parse" error message to "failed to parse" Suggested-by: Eric Blake <eblake@xxxxxxxxxx> Suggested-by: Andrew Jones <drjones@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446217682-24421-6-git-send-email-ehabkost@xxxxxxxxxx> [Squashed in Message-Id: <1446217682-24421-7-git-send-email-ehabkost@xxxxxxxxxx> Message-Id: <1446217682-24421-9-git-send-email-ehabkost@xxxxxxxxxx> and updated commit message] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 3e5153732e96d870b3272e662234d664c15e3815 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 13:07:58 2015 -0200 vl.c: Remove unnecessary uppercase in error messages Suggested-by: Andrew Jones <drjones@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446217682-24421-8-git-send-email-ehabkost@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit eb177ec1843476f278a63d936b0f73f456a86024 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 13:07:55 2015 -0200 vl.c: Use "warning:" prefix consistently on warnings Suggested-by: Andrew Jones <drjones@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446217682-24421-5-git-send-email-ehabkost@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 8afb900030b93122a40ef4a636d02ba888bdce12 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 13:07:54 2015 -0200 vl.c: Remove periods and exclamation points from error messages Except for removing periods and exclamation points, no other changes were made to the error messages (yet). Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446217682-24421-4-git-send-email-ehabkost@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit f61eddcb2bb5cbbdd1d911b7e937db9affc29028 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Oct 30 13:07:52 2015 -0200 vl.c: Replace fprintf(stderr) with error_report() Straightforward replacement, except for qemu_kill_report(), which printed a common part of its error message first, then the applicable special part. Print each complete message with a single error_report() instead. Multi-line messages were replaced by error_report() followed by error_printf(). The following changes were made to the error messages: * The "invalid date format" message was reworded to better fit the new error_report()+error_printf() pattern. * On the remaining messages, only the trailing newlines, "qemu:" and "error:" message prefixes were removed. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1446217682-24421-2-git-send-email-ehabkost@xxxxxxxxxx> [Squashed in Message-Id: <1446217682-24421-3-git-send-email-ehabkost@xxxxxxxxxx> and updated commit message] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit aa5ccadcca3e6018ebd9d2e8b0a0604f7cb0cd59 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Tue Oct 20 15:38:46 2015 +0800 scripts/text2pod.pl: Escape left brace Latest perl now deprecates "{" literal in regex and print warnings like "unescaped left brace in regex is deprecated". Add escapes to keep it happy. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1445326726-16031-1-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit cc57501dee37376d0a2fbc5921e0f3a9ed4b117d Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Mon Oct 19 19:11:11 2015 +0200 file_ram_alloc: propagate error to caller instead of terminating QEMU QEMU shouldn't exits from file_ram_alloc() if -mem-prealloc option is specified and "object_add memory-backend-file,..." fails allocation during memory hotplug. Propagate error to a caller and let it decide what to do with allocation failure. That leaves QEMU alive if it can't create backend during hotplug time and kills QEMU at startup time if backends or initial memory were misconfigured/ too large. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Message-Id: <1445274671-17704-1-git-send-email-imammedo@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3d861a01093f8eedfac9889746ccafcfd32039b7 Merge: 24f4a0f 32bc687 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Nov 2 11:11:39 2015 +0000 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-11-02' into staging QAPI patches # gpg: Signature made Mon 02 Nov 2015 09:07:23 GMT using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-11-02: (25 commits) qapi: Simplify gen_struct_field() qapi: Reserve 'u' member name qapi: Finish converting to new qapi union layout tpm: Convert to new qapi union layout memory: Convert to new qapi union layout input: Convert to new qapi union layout char: Convert to new qapi union layout net: Convert to new qapi union layout sockets: Convert to new qapi union layout block: Convert to new qapi union layout tests: Convert to new qapi union layout qapi-visit: Convert to new qapi union layout qapi: Start converting to new qapi union layout qapi-visit: Remove redundant functions for flat union base qapi: Unbox base members qapi: Prefer typesafe upcasts to qapi base classes qapi-types: Refactor base fields output qapi-visit: Split off visit_type_FOO_fields forward decl vnc: Hoist allocation of VncBasicInfo to callers qapi: Reserve 'q_*' and 'has_*' member names ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 32bc6879beea0b0cac6196cb15a71d206401e96d Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:35:03 2015 -0600 qapi: Simplify gen_struct_field() Rather than having all callers pass a name, type, and optional flag, have them instead pass a QAPISchemaObjectTypeMember which already has all that information. No change to generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-25-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 5e59baf90a72cd25d38a3134edc029f4f022da74 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:35:02 2015 -0600 qapi: Reserve 'u' member name Now that we have separated union tag values from colliding with non-variant C names, by naming the union 'u', we should reserve this name for our use. Note that we want to forbid 'u' even in a struct with no variants, because it is possible for a future qemu release to extend QMP in a backwards-compatible manner while converting from a struct to a flat union. Fortunately, no existing clients were using this member name. If we ever find the need for QMP to have a member 'u', we could at that time relax things, perhaps by having c_name() munge the QMP member to 'q_u'. Note that we cannot forbid 'u' everywhere (by adding the rejection code to check_name()), because the existing QKeyCode enum already uses it; therefore we only reserve it as a struct type member name. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-24-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit e4ba22b31943ab02373359555bd7bcd66442632f Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:35:01 2015 -0600 qapi: Finish converting to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. This patch is the back end for a series that converts to a saner qapi union layout. Now that all clients have been converted to use 'type' and 'obj->u.value', we can drop the temporary parallel support for 'kind' and 'obj->value'. Given a simple union qapi type: { 'union':'Foo', 'data': { 'a':'int', 'b':'bool' } } this is the overall effect, when compared to the state before this series of patches: | struct Foo { |- FooKind kind; |- union { /* union tag is @kind */ |+ FooKind type; |+ union { /* union tag is @type */ | void *data; | int64_t a; | bool b; |- }; |+ } u; | }; The testsuite still contains some examples of artificial restrictions (see flat-union-clash-type.json, for example) that are no longer technically necessary, now that there is no longer a collision between enum tag values and non-variant member names; but fixing this will be done in later patches, in part because some further changes are required to keep QAPISchema*.check() from asserting. Also, a later patch will add a reservation for the member name 'u' to avoid a collision between a user's non-variant names and our internal choice of C union name. Note, however, that we do not rename the generated enum, which is still 'FooKind'. A further patch could generate implicit enums as 'FooType', but while the generator already reserved the '*Kind' namespace (commit 4dc2e69), there are already QMP constructs with '*Type' naming, which means changing our reservation namespace would have lots of churn to C code to deal with a forced name change. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-23-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ce21131a0b9e556bb73bf65eacdc07ccb21f78a9 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:35:00 2015 -0600 tpm: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for TPM-related code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-22-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 1fd5d4fea4ba686705fd377c7cffc0f0c9f83f93 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:59 2015 -0600 memory: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for memory-related code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-21-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 568c73a4783cd981e9aa6de4f15dcda7829643ad Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:58 2015 -0600 input: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for input-related code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-20-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 130257dc443574a9da91dc293665be2cfc40245a Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:57 2015 -0600 char: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for character-related code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-19-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 8d0bcba8370a4e8606dee602393a14d0c48e8bfc Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:56 2015 -0600 net: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for net-related code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-18-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 2d32addae70987521578d8bb27c6b3f52cdcbdcb Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:55 2015 -0600 sockets: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for socket-related code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-17-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 6a8f9661dc3c088ed0d2f5b41d940190407cbdc5 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:54 2015 -0600 block: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for block-related code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-16-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit c363acef772647f66becdbf46dd54e70e67f3cc9 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:53 2015 -0600 tests: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for testsuite code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-15-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 150d0564a4c626642897c748f7906260a13c14e1 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:52 2015 -0600 qapi-visit: Convert to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for qapi-visit.py. Generated code changes look like: |@@ -4912,16 +4912,16 @@ void visit_type_MemoryDeviceInfo(Visitor | if (!*obj) { | goto out_obj; | } |- visit_type_MemoryDeviceInfoKind(v, &(*obj)->kind, "type", &err); |+ visit_type_MemoryDeviceInfoKind(v, &(*obj)->type, "type", &err); | if (err) { | goto out_obj; | } |- if (!visit_start_union(v, !!(*obj)->data, &err) || err) { |+ if (!visit_start_union(v, !!(*obj)->u.data, &err) || err) { | goto out_obj; | } |- switch ((*obj)->kind) { |+ switch ((*obj)->type) { | case MEMORY_DEVICE_INFO_KIND_DIMM: |- visit_type_PCDIMMDeviceInfo(v, &(*obj)->dimm, "data", &err); |+ visit_type_PCDIMMDeviceInfo(v, &(*obj)->u.dimm, "data", &err); | break; | default: | abort(); |@@ -4930,7 +4930,7 @@ out_obj: | error_propagate(errp, err); | err = NULL; | if (*obj) { |- visit_end_union(v, !!(*obj)->data, &err); |+ visit_end_union(v, !!(*obj)->u.data, &err); | } | error_propagate(errp, err); | err = NULL; Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-14-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit f51d8fab44b231aa299d8de24cfdf9ba41ef4a21 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:51 2015 -0600 qapi: Start converting to new qapi union layout We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. This patch is the front end for a series that converts to a saner qapi union layout. By the end of the series, we will no longer have the type/kind mismatch, and all tag values will be under a named union, which requires clients to access 'obj->u.value' instead of 'obj->value'. But since the conversion touches a number of files, it is easiest if we temporarily support BOTH layouts simultaneously. Given a simple union qapi type: { 'union':'Foo', 'data': { 'a':'int', 'b':'bool' } } make the following changes in generated qapi-types.h: | struct Foo { |- FooKind kind; |- union { /* union tag is @kind */ |+ union { |+ FooKind kind; |+ FooKind type; |+ }; |+ union { /* union tag is @type */ | void *data; | int64_t a; | bool b; |+ union { /* union tag is @type */ |+ void *data; |+ int64_t a; |+ bool b; |+ } u; | }; | }; Flat unions do not need the anonymous union for the tag member, as we already fixed that to use the member name instead of 'kind' back in commit 0f61af3e. One additional change is needed in qapi.py: check_union() now needs to check for collisions with 'type' in addition to those with 'kind'. Later, when the conversions are complete, we will remove the duplication hacks, and also drop the check_union() restrictions. Note, however, that we do not rename the generated enum, which is still 'FooKind'. A further patch could generate implicit enums as 'FooType', but while the generator already reserved the '*Kind' namespace (commit 4dc2e69), there are already QMP constructs with '*Type' naming, which means changing our reservation namespace would have lots of churn to C code to deal with a forced name change. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-13-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 5c5e51a05b567fd48fb155d94ca6f7679dd0d478 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:50 2015 -0600 qapi-visit: Remove redundant functions for flat union base The code for visiting the base class of a child struct created visit_type_Base_fields() which covers all fields of Base; while the code for visiting the base class of a flat union created visit_type_Union_fields() covering all fields of the base except the discriminator. But since the base class includes the discriminator of a flat union, we can just visit the entire base, without needing a separate visit of the discriminator. Not only is consistently visiting all fields easier to understand, it lets us share code. The generated code in qapi-visit.c loses several now-unused visit_type_UNION_fields(), along with changes like: |@@ -1654,11 +1557,7 @@ void visit_type_BlockdevOptions(Visitor | if (!*obj) { | goto out_obj; | } |- visit_type_BlockdevOptions_fields(v, obj, &err); |- if (err) { |- goto out_obj; |- } |- visit_type_BlockdevDriver(v, &(*obj)->driver, "driver", &err); |+ visit_type_BlockdevOptionsBase_fields(v, (BlockdevOptionsBase **)obj, &err); | if (err) { | goto out_obj; | } and forward declarations where needed. Note that the cast of obj to BASE ** is necessary to call visit_type_BASE_fields() (and we can't use our upcast wrappers, because those work on pointers while we have a pointer-to-pointer). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-12-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ddf21908961073199f3d186204da4810f2ea150b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:49 2015 -0600 qapi: Unbox base members Rather than storing a base class as a pointer to a box, just store the fields of that base class in the same order, so that a child struct can be directly cast to its parent. This gives less malloc overhead, less pointer dereferencing, and even less generated code. Compare to the earlier commit 1e6c1616a "qapi: Generate a nicer struct for flat unions" (although that patch had fewer places to change, as less of qemu was directly using qapi structs for flat unions). It also allows us to turn on automatic type-safe wrappers for upcasting to the base class of a struct. Changes to the generated code look like this in qapi-types.h: | struct SpiceChannel { |- SpiceBasicInfo *base; |+ /* Members inherited from SpiceBasicInfo: */ |+ char *host; |+ char *port; |+ NetworkAddressFamily family; |+ /* Own members: */ | int64_t connection_id; as well as additional upcast functions like qapi_SpiceChannel_base(). Meanwhile, changes to qapi-visit.c look like: | static void visit_type_SpiceChannel_fields(Visitor *v, SpiceChannel **obj, Error **errp) | { | Error *err = NULL; | |- visit_type_implicit_SpiceBasicInfo(v, &(*obj)->base, &err); |+ visit_type_SpiceBasicInfo_fields(v, (SpiceBasicInfo **)obj, &err); | if (err) { (the cast is necessary, since our upcast wrappers only deal with a single pointer, not pointer-to-pointer); plus the wholesale elimination of some now-unused visit_type_implicit_FOO() functions. Without boxing, the corner case of one empty struct having another empty struct as its base type now requires inserting a dummy member (previously, the 'Base *base' member sufficed). And now that we no longer consume a 'base' member in the generated C struct, we can delete the former negative struct-base-clash-base test. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-11-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 30594fe1cd4355626e73b80645428105d0df3cf6 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:48 2015 -0600 qapi: Prefer typesafe upcasts to qapi base classes A previous patch (commit 1e6c1616) made it possible to directly cast from a qapi flat union type to its base type. However, it requires the use of a C cast, which turns off compiler type-safety checks. Fortunately, no such casts exist, just yet. Regardless, add inline type-safe wrappers named qapi_FOO_base() for any union type FOO that has a base, which can be used for a safer upcast, and enhance the testsuite to cover the new functionality. A future patch will extend the upcast support to structs, where such conversions do exist already. Note that C makes const-correct upcasts annoying because it lacks overloads; these functions cast away const so that they can accept user pointers whether const or not, and the result in turn can be assigned to normal or const pointers. Alternatively, this could have been done with macros, but type-safe macros are hairy, and not worthwhile here. This patch just adds upcasts. None of our code needed to downcast from a base qapi class to a child. Also, in the case of grandchildren (such as BlockdevOptionsQcow2), the caller will need to call two functions to get to the inner base (although it wouldn't be too hard to generate a qapi_FOO_base_base() if desired). If a user changes qapi to alter the base class hierarchy, such as going from 'A -> C' to 'A -> B -> C', it will change the type of 'qapi_C_base()', and the compiler will point out the places that are affected by the new base. One alternative was proposed, but was deemed too ugly to use in practice: the generators could output redundant information using anonymous types: | struct Child { | union { | struct { | Type1 parent_member1; | Type2 parent_member2; | }; | Parent base; | }; | }; With that ugly proposal, for a given qapi type, obj->member and obj->base.member would refer to the same storage; allowing convenience in working with members without needing 'base.' allowing typesafe upcast without needing a C cast by accessing '&obj->base', and allowing downcasts from the parent back to the child possible through container_of(obj, Child, base). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-10-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit f87ab7f9bd956250c48b5c6e9b607b537fd21543 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:47 2015 -0600 qapi-types: Refactor base fields output Move code from gen_union() into gen_struct_fields() in order for a later patch to share code when enumerating inherited fields for struct types. No change to generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-9-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit d02cf37766ba3cf918d7085aa7848c9dc05fd11a Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:46 2015 -0600 qapi-visit: Split off visit_type_FOO_fields forward decl We generate a static visit_type_FOO_fields() for every type FOO. However, sometimes we need a forward declaration. Split the code to generate the forward declaration out of gen_visit_implicit_struct() into a new gen_visit_fields_decl(), and also prepare for a forward declaration to be emitted during gen_visit_struct(), so that a future patch can switch from using visit_type_FOO_implicit() to the simpler visit_type_FOO_fields() as part of unboxing the base class of a struct. No change to generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-8-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 98481bfcd661daa3c160cc87a297b0e60a307788 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:45 2015 -0600 vnc: Hoist allocation of VncBasicInfo to callers A future qapi patch will rework generated structs with a base class to be unboxed. In preparation for that, change the code that allocates then populates an info struct to instead merely populate the fields of an info field passed in as a parameter (renaming vnc_basic_info_get* to vnc_init_basic_info*). Add rudimentary Error handling at the lowest levels for cases where the old code returned NULL; but rather than plumb Error all the way through the stack, the callers drop the error and return NULL as before. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-7-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 9fb081e0b98409556d023c7193eeb68947cd1211 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:44 2015 -0600 qapi: Reserve 'q_*' and 'has_*' member names c_name() produces names starting with 'q_' when protecting a dictionary member name that would fail to directly compile, but in doing so can cause clashes with any member name already beginning with 'q-' or 'q_'. Likewise, we create a C name 'has_' for any optional member that can clash with any member name beginning with 'has-' or 'has_'. Technically, rather than blindly reserving the namespace, we could try to complain about user names only when an actual collision occurs, or even teach c_name() how to munge names to avoid collisions. But it is not trivial, especially when collisions can occur across multiple types (such as via inheritance or flat unions). Besides, no existing .json files are trying to use these names. So it's easier to just outright forbid the potential for collision. We can always relax things in the future if a real need arises for QMP to express member names that have been forbidden here. 'has_' only has to be reserved for struct/union member names, while 'q_' is reserved everywhere (matching the fact that only members can be optional, while we use c_name() for munging both members and entities). Note that we could relax 'q_' restrictions on entities independently from member names; for example, c_name('qmp_' + 'unix') would result in a different function name than our current 'qmp_' + c_name('unix'). Update and add tests to cover the new error messages. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-6-git-send-email-eblake@xxxxxxxxxx> [Consistently pass protect=False to c_name(); commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 255960dd374d4497d6ea537305f1b0d8a3433789 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:43 2015 -0600 qapi: Reserve '*List' type names for list types Type names ending in 'List' can clash with qapi list types in generated C. We don't currently use such names. It is easier to outlaw them now than to worry about how to resolve such a clash in the future. For precedence, see commit 4dc2e69, which did the same for names ending in 'Kind' versus implicit enum types for qapi unions. Update the testsuite to match. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-5-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit f9e6102b48f21e464a847a858a456c521e7a83e5 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:42 2015 -0600 qapi: More robust conditions for when labels are needed We were using regular expressions to see if ret included any earlier text that emitted a 'goto out;' line, to decide whether we needed to output an 'out:' label. But this is fragile, if the ret text can possibly combine more than one generated function body, where the first function used a goto but the second does not. Change the code to just check for the known conditions which cause an error check to be needed. Besides, it's slightly more efficient to use plain checks than regular expression searching. No change to generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-4-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 8712fa5333ad348da20034b717dd814219d1ec11 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:41 2015 -0600 qapi: More idiomatic string operations Rather than slicing the end of a string, we can use python's endswith(). And rather than creating a set of characters, we can search for a character within a string. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-3-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 1976708321f21ed51d0a374db6b28a6cd1bd5d66 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 26 16:34:40 2015 -0600 tests/qapi-schema: Test for reserved names, empty struct Add some testsuite coverage to ensure future patches are on the right track: Our current C representation of qapi arrays is done by appending 'List' to the element name; but we are not preventing the creation of an object type with the same name. Add reserved-type-list.json to test this. Then rename enum-union-clash.json to reserved-type-kind.json to cover the reservation that we DO detect, and shorten it to match the fact that the name is reserved even if there is no clash. We are failing to detect a collision between a dictionary member and the implicit 'has_*' flag for another optional member. The easiest fix would be for a future patch to reserve the entire "has[-_]" namespace for member names (the collision is also possible for branch names within flat unions, but only as long as branch names can collide with (non-variant) members; however, since future patches are about to remove that, it is not worth testing here). Add reserved-member-has.json to test this. A similar collision exists between a dictionary member where c_name() munges what might otherwise be a reserved name to start with 'q_', and another member explicitly starts with "q[-_]". Again, the easiest solution for a future patch will be reserving the entire namespace, but here for commands as well as members. Add reserved-member-q.json and reserved-command-q.json to test this; separate tests since arguably our munging of command 'unix' to 'qmp_q_unix()' could be done without a q_, which is different than the munging of a member 'unix' to 'foo.q_unix'. Finally, our testsuite does not have any compilation coverage of struct inheritance with empty qapi structs. Update qapi-schema-test.json to test this. Note that there is currently no technical reason to forbid type name patterns from member names, or member name patterns from types, since the two are not in the same namespace in C and won't collide; but it's not worth adding positive tests of these corner cases at this time, especially while there is other churn pending in patches that rearrange which collisions actually happen. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1445898903-12082-2-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 2ea1793bd90f04c34fbb75a1b84d71cb5b1f9c08 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Thu Oct 22 11:25:43 2015 +0100 qapi-schema: mark InetSocketAddress as mandatory again Revert the qapi-schema.json change done in: commit 0983f5e6af76d5df8c6346cbdfff9d8305fb6da0 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Sep 1 14:46:50 2015 +0100 sockets: allow port to be NULL when listening on IP address Switching "port" from mandatory to optional causes the QAPI code generator to add a 'has_port' field to the InetSocketAddress struct. No code that created InetSocketAddress objects was updated to set 'has_port = true', which caused the non-NULL port strings to be silently dropped when copying InetSocketAddress objects. Reported-by: Knut Omang <knuto@xxxxxxxxxx> Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1445509543-30679-1-git-send-email-berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 24f4a0f5c969e9077e341402881c1d929d37150b Merge: 3a958f5 2a080ce Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 30 21:59:48 2015 +0000 Merge remote-tracking branch 'remotes/rth/tags/pull-tile-20151030' into staging Prefetch in y2 pipe # gpg: Signature made Fri 30 Oct 2015 20:40:02 GMT using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tile-20151030: target-tilegx: Implement prefetch instructions in pipe y2 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3a958f559ecd0511583d27b10011fa7f3cf79b63 Merge: e79ea9e 37a639a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 30 19:47:47 2015 +0000 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Thu 29 Oct 2015 18:09:16 GMT using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: block: Consider all child nodes in bdrv_requests_pending() target-arm: xlnx-zynqmp: Add sdhci support. sdhci: Split sdhci.h for public and internal device usage sd.h: Move sd.h to include/hw/sd/ virtio: sync the dataplane vring state to the virtqueue before virtio_save gdb command: qemu handlers virtio-blk: switch off scsi-passthrough by default ppc/spapr: add 2.4 compat props s390x: include HW_COMPAT_* props qemu-gdb: add $qemu_coroutine_sp and $qemu_coroutine_pc qemu-gdb: extract parts of "qemu coroutine" implementation qemu-gdb: allow using glibc_pointer_guard() on core dumps Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e79ea9e4240971b43494184d68a7f5a67d07e74b Merge: fdf9276 60270f8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 30 16:30:25 2015 +0000 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20151030' into staging MIPS patches 2015-10-30 Changes: * R6 CPU can be woken up by non-enabled interrupts * PC fix in KVM * Coprocessor 0 XContext calculation fix * various MIPS R6 updates # gpg: Signature made Fri 30 Oct 2015 14:51:56 GMT using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" * remotes/lalrae/tags/mips-20151030: target-mips: fix updating XContext on mmu exception target-mips: add SIGRIE instruction target-mips: Set Config5.XNP for R6 cores target-mips: add PC, XNP reg numbers to RDHWR hw/mips_malta: Fix KVM PC initialisation target-mips: Add enum for BREAK32 target-mips: update writing to CP0.Status.KX/SX/UX in MIPS Release R6 target-mips: implement the CPU wake-up on non-enabled interrupts in R6 target-mips: move the test for enabled interrupts to a separate function Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 60270f85cc93d2d34e45b7679c374b1d771f0eeb Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Oct 29 17:17:52 2015 +0000 target-mips: fix updating XContext on mmu exception Correct updating XContext.Region field on mmu exceptions. If Config3.CTXTC = 0 then the R field of XContext has to be updated with the value of bits 63..62 of the virtual address upon a TLB exception. Also fixed the below line which overs 80 characters. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: James Hogan <james.hogan@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit bb238210bb096534b68dab15a87c6ff0bef43672 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Oct 29 15:18:38 2015 +0000 target-mips: add SIGRIE instruction Add SIGRIE (Signal Reserved Instruction Exception) for both MIPS and microMIPS. The instruction allows to use the 16-bit code field for software use. This instruction is introduced by and required as of Release 6. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 35ac9e342e008e3d47ef18d33a6977fdb99de9cd Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Mon Oct 5 14:45:45 2015 +0100 target-mips: Set Config5.XNP for R6 cores Set Config5.XNP for R6 cores to indicate the extended LL/SC family of instructions NOT present. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit b00c72180c36510bf9b124e190bd520e3b7e1358 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Oct 29 15:18:39 2015 +0000 target-mips: add PC, XNP reg numbers to RDHWR Add Performance Counter (4) and XNP (5) register numbers to RDHWR. Add check_hwrena() to simplify access control checkings. Add RDHWR support to microMIPS R6. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit ca2f6bbbce32b7e1ba4fdaf54165ab0dee47a3a5 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Mon Oct 12 17:54:39 2015 +0100 hw/mips_malta: Fix KVM PC initialisation Commit 71c199c81d29 ("mips_malta: provide ememsize env variable to kernels") changed the meaning of loaderparams.ram_size to be the whole of RAM rather than just the low part below where the boot code is placed for KVM, but it didn't update the PC initialisation for KVM to use ram_low_size. Fix that now. Fixes: 71c199c81d29 ("mips_malta: provide ememsize env variable to kernels") Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Cc: Paul Burton <paul.burton@xxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit fdf927621a99711bf1a81712bce054794f2d44c3 Merge: 7bc8e0c 7f1e7b2 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 30 09:41:14 2015 +0000 Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-10-30' into staging QMP and QObject patches # gpg: Signature made Fri 30 Oct 2015 08:06:26 GMT using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-monitor-2015-10-30: docs: Document QMP event rate limiting monitor: Throttle event VSERPORT_CHANGE separately by "id" monitor: Turn monitor_qapi_event_state[] into a hash table glib: add compatibility interface for g_hash_table_add() monitor: Split MonitorQAPIEventConf off MonitorQAPIEventState monitor: Switch from timer_new() to timer_new_ns() monitor: Simplify event throttling monitor: Reduce casting of QAPI event QDict qstring: Make conversion from QObject * accept null qlist: Make conversion from QObject * accept null qfloat qint: Make conversion from QObject * accept null qdict: Make conversion from QObject * accept null qbool: Make conversion from QObject * accept null qobject: Drop QObject_HEAD Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7f1e7b23d57408c86d350b3544673fdcd6be55c0 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 17:08:36 2015 +0200 docs: Document QMP event rate limiting Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444921716-9511-8-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 7de0be6573afc9dcfb6aa0ded167ad6a8730f727 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 17:08:35 2015 +0200 monitor: Throttle event VSERPORT_CHANGE separately by "id" VSERPORT_CHANGE is emitted when the guest opens or closes a virtio-serial port. The event's member "id" identifies the port. When several events arrive quickly, throttling drops all but the last of them. Because of that, a QMP client must assume that *any* port may have changed state when it receives a VSERPORT_CHANGE event and throttling may have happened. Make the event more useful by throttling it for each port separately. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444921716-9511-7-git-send-email-armbru@xxxxxxxxxx> commit a24712af54259dd744a49447658521325f10a721 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 17:08:34 2015 +0200 monitor: Turn monitor_qapi_event_state[] into a hash table In preparation of finer grained throttling. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444921716-9511-6-git-send-email-armbru@xxxxxxxxxx> commit 8681dffa91a0d5767b7c1eb3d5c2acbf7f7dd7ba Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Oct 27 15:44:00 2015 +0100 glib: add compatibility interface for g_hash_table_add() The next commit will use it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 37a639a7fbc5c6b065c80e7e2de78d22af735496 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Oct 28 11:46:51 2015 +0100 block: Consider all child nodes in bdrv_requests_pending() The function manually recursed into bs->file and bs->backing to check whether there were any requests pending, but it ignored other children. There's no need to special case file and backing here, so just replace these two explicit recursions by a loop recursing for all child nodes. Reported-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Message-id: 1446029211-27148-1-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 33108e9f3388b07b7daa4e46d476ff89ce7dbec5 Author: Sai Pavan Boddu <sai.pavan.boddu@xxxxxxxxxx> Date: Thu Oct 8 18:51:03 2015 +0530 target-arm: xlnx-zynqmp: Add sdhci support. Add two SYSBUS_SDHCI devices for xlnx-zynqmp Signed-off-by: Sai Pavan Boddu <saipava@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 637d23beb607765033067c5cb08e0d66afaf8f4c Author: Sai Pavan Boddu <sai.pavan.boddu@xxxxxxxxxx> Date: Thu Oct 8 18:51:02 2015 +0530 sdhci: Split sdhci.h for public and internal device usage Split sdhci.h into pubilc version (i.e include/hw/sd/sdhci.h) and internal version (i.e hw/sd/sdhci-interna.h) based on register declarations and object declaration. Signed-off-by: Sai Pavan Boddu <saipava@xxxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e3382ef0ea2724f5f09271a608e8f68ede5d844d Author: Sai Pavan Boddu <sai.pavan.boddu@xxxxxxxxxx> Date: Thu Oct 8 18:51:01 2015 +0530 sd.h: Move sd.h to include/hw/sd/ Create a sd directory under include/hw/ and move sd.h to include/hw/sd/ Signed-off-by: Sai Pavan Boddu <saipava@xxxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 10a06fd65f667a972848ebbbcac11bdba931b544 Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Mon Oct 26 14:42:57 2015 +0300 virtio: sync the dataplane vring state to the virtqueue before virtio_save When creating snapshot with the dataplane enabled, the snapshot file gets not the actual state of virtqueue, because the current state is stored in VirtIOBlockDataPlane. Therefore, before saving snapshot need to sync the dataplane vring state to the virtqueue. The dataplane will resume its work at the next notify virtqueue. When snapshot loads with loadvm we get a message: VQ 0 size 0x80 Guest index 0x15f5 inconsistent with Host index 0x0: delta 0x15f5 error while loading state for instance 0x0 of device '0000:00:08.0/virtio-blk' Error -1 while loading VM state to reproduce the error I used the following hmp commands: savevm snap1 loadvm snap1 qemu parameters: --enable-kvm -smp 4 -m 1024 -drive file=/var/lib/libvirt/images/centos6.4.qcow2,if=none,id=drive-virtio-disk0,format=qcow2,cache=none,aio=native -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x8,drive=drive-virtio-disk0,id=virtio-disk0 -set device.virtio-disk0.x-data-plane=on Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Message-id: 1445859777-2982-1-git-send-email-den@xxxxxxxxxx CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> CC: "Michael S. Tsirkin" <mst@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c900ef86c5e30e1adec0f79350edc3f30ebee285 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Tue Oct 27 13:09:45 2015 +0000 gdb command: qemu handlers A new gdb commands are added: qemu handlers That dumps an AioContext list (by default qemu_aio_context) possibly including a backtrace for cases it knows about (with the verbose option). Intended to help find why something is hanging waiting for IO. Use 'qemu handlers --verbose iohandler_ctx' to find out why your incoming migration is stuck. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-id: 1445951385-11924-1-git-send-email-dgilbert@xxxxxxxxxx V2: Merge into one command with optional handlers arg, and only do backtrace in verbose mode (gdb) qemu handlers ---- {pfd = {fd = 6, events = 25, revents = 0}, io_read = 0x55869656ffd0 <event_notifier_dummy_cb>, io_write = 0x0, deleted = 0, opaque = 0x558698c4ce08, node = {le_next = 0x0, le_prev = 0x558698c4cdc0}} (gdb) qemu handlers iohandler_ctx ---- {pfd = {fd = 9, events = 25, revents = 0}, io_read = 0x558696581380 <fd_coroutine_enter>, io_write = 0x0, deleted = 0, opaque = 0x558698dc99d0, node = {le_next = 0x558698c4cca0, le_prev = 0x558698c4c1d0}} ---- {pfd = {fd = 4, events = 25, revents = 0}, io_read = 0x55869657b330 <sigfd_handler>, io_write = 0x0, deleted = 0, opaque = 0x4, node = {le_next = 0x558698c4c260, le_prev = 0x558699f72508}} ---- {pfd = {fd = 5, events = 25, revents = 0}, io_read = 0x55869656ffd0 <event_notifier_dummy_cb>, io_write = 0x0, deleted = 0, opaque = 0x558698c4c218, node = {le_next = 0x0, le_prev = 0x558698c4ccc8}} ---- (gdb) qemu handlers --verbose iohandler_ctx ---- {pfd = {fd = 9, events = 25, revents = 0}, io_read = 0x558696581380 <fd_coroutine_enter>, io_write = 0x0, deleted = 0, opaque = 0x558698dc99d0, node = {le_next = 0x558698c4cca0, le_prev = 0x558698c4c1d0}} #0 0x0000558696581820 in qemu_coroutine_switch (from_=from_@entry=0x558698cb3cf0, to_=to_@entry=0x7f421c37eac8, action=action@entry=COROUTINE_YIELD) at /home/dgilbert/git/qemu/coroutine-ucontext.c:177 #1 0x0000558696580c00 in qemu_coroutine_yield () at /home/dgilbert/git/qemu/qemu-coroutine.c:145 #2 0x00005586965814f5 in yield_until_fd_readable (fd=9) at /home/dgilbert/git/qemu/qemu-coroutine-io.c:90 #3 0x0000558696523937 in socket_get_buffer (opaque=0x55869a3dc620, buf=0x558698c505a0 "", pos=<optimized out>, size=32768) at /home/dgilbert/git/qemu/migration/qemu-file-unix.c:101 #4 0x0000558696521fac in qemu_fill_buffer (f=0x558698c50570) at /home/dgilbert/git/qemu/migration/qemu-file.c:227 #5 0x0000558696522989 in qemu_peek_byte (f=0x558698c50570, offset=0) at /home/dgilbert/git/qemu/migration/qemu-file.c:507 #6 0x0000558696522bf4 in qemu_get_be32 (f=0x558698c50570) at /home/dgilbert/git/qemu/migration/qemu-file.c:520 #7 0x0000558696522bf4 in qemu_get_be32 (f=f@entry=0x558698c50570) at /home/dgilbert/git/qemu/migration/qemu-file.c:604 #8 0x0000558696347e5c in qemu_loadvm_state (f=f@entry=0x558698c50570) at /home/dgilbert/git/qemu/migration/savevm.c:1821 #9 0x000055869651de8c in process_incoming_migration_co (opaque=0x558698c50570) at /home/dgilbert/git/qemu/migration/migration.c:336 #10 0x000055869658188a in coroutine_trampoline (i0=<optimized out>, i1=<optimized out>) at /home/dgilbert/git/qemu/coroutine-ucontext.c:80 #11 0x00007f420f05df10 in __start_context () at /lib64/libc.so.6 #12 0x00007ffc40815f50 in () #13 0x0000000000000000 in () ---- Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit ed65fd1a2750d24290354cc7ea49caec7c13e30b Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Oct 16 12:25:54 2015 +0200 virtio-blk: switch off scsi-passthrough by default Devices that are compliant with virtio-1 do not support scsi passthrough any more (and it has not been a recommended setup anyway for quite some time). To avoid having to switch it off explicitly in newer qemus that turn on virtio-1 by default, let's switch the default to scsi=false for 2.5. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Message-id: 1444991154-79217-4-git-send-email-cornelia.huck@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 80fd50f96b8dc46e185f61d9b6438a6414507076 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Oct 16 12:25:53 2015 +0200 ppc/spapr: add 2.4 compat props HW_COMPAT_2_4 will become non-empty: prepare for it. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Message-id: 1444991154-79217-3-git-send-email-cornelia.huck@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 54d8ec84fa444ed7c05e03f96895ba69a2b2e5bc Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Oct 16 12:25:52 2015 +0200 s390x: include HW_COMPAT_* props We want to inherit generic hw compat as well. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Message-id: 1444991154-79217-2-git-send-email-cornelia.huck@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a201b0ff28d9fa0f965450c1ba7191eca69f9fd5 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 10:02:54 2015 +0200 qemu-gdb: add $qemu_coroutine_sp and $qemu_coroutine_pc These can be useful to manually get a stack trace of a coroutine inside a core dump. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1444636974-19950-4-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 80ab31b257ba3aaa98ce6f1e36592aa20c5366c1 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 10:02:53 2015 +0200 qemu-gdb: extract parts of "qemu coroutine" implementation Provide useful Python functions to reach and decipher a jmpbuf. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1444636974-19950-3-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1138f24645e9e1e2d55d280caab4e2539dfcdb49 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 10:02:52 2015 +0200 qemu-gdb: allow using glibc_pointer_guard() on core dumps get_fs_base() cannot be run on a core dump, because it uses the arch_prctl system call. The fs base is the value that is returned by pthread_self(), and it would be nice to just glean it from the "info threads" output: * 1 Thread 0x7f16a3fff700 (LWP 33642) pthread_cond_wait@@GLIBC_2.3.2 () ^^^^^^^^^^^^^^ but unfortunately the gdb API does not provide that. Instead, we can look for the "arg" argument of the start_thread function if glibc debug information are available. If not, fall back to the old mechanism. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1444636974-19950-2-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit dbd8af9824d0ddc4400f859c2af77543461cba0d Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Fri Oct 2 17:50:50 2015 +0100 target-mips: Add enum for BREAK32 Add enum for BREAK32 Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 2dcf7908d9e0274c08911400beb7ed14276bb170 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Mon Sep 14 13:51:31 2015 +0100 target-mips: update writing to CP0.Status.KX/SX/UX in MIPS Release R6 Implement the relationship between CP0.Status.KX, SX and UX. It should not be possible to set UX bit if SX is 0, the same applies for setting SX if KX is 0. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 7540a43a1d9de71fa7a53ccd2bb24a04e2aace41 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Mon Sep 14 13:58:24 2015 +0100 target-mips: implement the CPU wake-up on non-enabled interrupts in R6 In Release 6, the behaviour of WAIT has been modified to make it a requirement that a processor that has disabled operation as a result of executing a WAIT will resume operation on arrival of an interrupt even if interrupts are not enabled. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 71ca034a0dee69f77c8ac6ea7d21e5b6a0b0d836 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Mon Sep 14 13:58:23 2015 +0100 target-mips: move the test for enabled interrupts to a separate function Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit b9b03ab0d47e8cfc0015255c531db41d0b1a1f91 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 17:08:33 2015 +0200 monitor: Split MonitorQAPIEventConf off MonitorQAPIEventState In preparation of turning monitor_qapi_event_state[] into a hash table for finer grained throttling. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444921716-9511-5-git-send-email-armbru@xxxxxxxxxx> commit 1824c41a62c1bbb79d32f97037ca579212b8c134 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 17:08:32 2015 +0200 monitor: Switch from timer_new() to timer_new_ns() We don't actually care for the scale, so we can just as well use the simpler interface. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444921716-9511-4-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 93f8f982fedfc9ee9cf5fc8983c3b25efe828967 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 17:08:31 2015 +0200 monitor: Simplify event throttling The event throttling state machine is hard to understand. I'm not sure it's entirely correct. Rewrite it in a more straightforward manner: State 1: No event sent recently (less than evconf->rate ns ago) Invariant: evstate->timer is not pending, evstate->qdict is null On event: send event, arm timer, goto state 2 State 2: Event sent recently, no additional event being delayed Invariant: evstate->timer is pending, evstate->qdict is null On event: store it in evstate->qdict, goto state 3 On timer: goto state 1 State 3: Event sent recently, additional event being delayed Invariant: evstate->timer is pending, evstate->qdict is non-null On event: store it in evstate->qdict, goto state 3 On timer: send evstate->qdict, clear evstate->qdict, arm timer, goto state 2 Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444921716-9511-3-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 688b4b7de755f4dd01ec516975ae01590cf9f438 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 17:08:30 2015 +0200 monitor: Reduce casting of QAPI event QDict Make the variables holding the event QDict instead of QObject. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444921716-9511-2-git-send-email-armbru@xxxxxxxxxx> commit 7f0278435df1fa845b3bd9556942f89296d4246b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 16:15:37 2015 +0200 qstring: Make conversion from QObject * accept null qobject_to_qstring() crashes on null, which is a trap for the unwary. Return null instead, and simplify a few callers. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444918537-18107-7-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 2d6421a90047a83f6722832405fe09571040ea5b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 16:15:36 2015 +0200 qlist: Make conversion from QObject * accept null qobject_to_qlist() crashes on null, which is a trap for the unwary. Return null instead. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444918537-18107-6-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit fcf73f66a67f5e58c18216f8c8651e38cf4d90af Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 16:15:35 2015 +0200 qfloat qint: Make conversion from QObject * accept null qobject_to_qfloat() and qobject_to_qint() crash on null, which is a trap for the unwary. Return null instead, and simplify a few callers. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444918537-18107-5-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 89cad9f3ec6b30d7550fb5704475fc9c3393a066 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 16:15:34 2015 +0200 qdict: Make conversion from QObject * accept null qobject_to_qdict() crashes on null, which is a trap for the unwary. Return null instead, and simplify a few callers. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444918537-18107-4-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 14b6160099f0caf5dc9d62e637b007bc5d719a96 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 16:15:33 2015 +0200 qbool: Make conversion from QObject * accept null qobject_to_qbool() crashes on null, which is a trap for the unwary. Return null instead, and simplify a few callers. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444918537-18107-3-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit c7c462123cfc3b62d325fd75be9c595b055797db Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 15 16:15:32 2015 +0200 qobject: Drop QObject_HEAD QObject_HEAD is a macro expanding into the common part of structs that are sub-types of QObject. It's always been just QObject base, and unlikely to change. Drop the macro, because the code is clearer with out it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444918537-18107-2-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 7bc8e0c967a4ef77657174d28af775691e18b4ce Merge: 331c5e2 3f1e147 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 29 09:49:52 2015 +0000 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio, pc, memory: fixes+features for 2.5 New features: This enables hotplug for multifunction devices. Patches are very small, so I think it's OK to merge at this stage. There's also some new infrastructure for vhost-user testing not enabled yet so it's harmless to merge. I've reverted the "gap between DIMMs" workaround, as it seems too risky, and applied my own patch in virtio, but not in dataplane code. This means that dataplane is broken for some complex DIMM configurations for now. Waiting for Stefan to review the dataplane fix. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu 29 Oct 2015 09:36:16 GMT using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: enable multi-function hot-add remove function during multi-function hot-add tests/vhost-user-bridge: add vhost-user bridge application Revert "memhp: extend address auto assignment to support gaps" Revert "pc: memhp: force gaps between DIMM's GPA" virtio: drop virtqueue_map_sg virtio-scsi: convert to virtqueue_map virtio-serial: convert to virtio_map virtio-blk: convert to virtqueue_map virtio: switch to virtio_map virtio: introduce virtio_map mmap-alloc: fix error handling pc: memhp: do not emit inserting event for coldplugged DIMMs vhost-user-test: fix up rhel6 build vhost-user: cleanup msg size math vhost-user: cleanup struct size math Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3f1e1478db2d67098d98f2c3acf5a4946b7fb643 Author: Cao jin <caoj.fnst@xxxxxxxxxxxxxx> Date: Wed Oct 28 14:20:31 2015 +0800 enable multi-function hot-add Enable PCIe device multi-function hot-add, just ensure function 0 is added last, then driver will get the notification to scan the slot. Signed-off-by: Cao jin <caoj.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 0d1c7d88ad909c5b2bd86211a9fe8abf5c74993b Author: Cao jin <caoj.fnst@xxxxxxxxxxxxxx> Date: Wed Oct 28 14:20:30 2015 +0800 remove function during multi-function hot-add In case user want to cancel the hot-add operation, should roll back, device_del the added function that still don`t work. Signed-off-by: Cao jin <caoj.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 3595e2eb0a233a881789fcc71f5b1072e5aaf669 Author: Victor Kaplansky <victork@xxxxxxxxxx> Date: Wed Oct 28 14:53:07 2015 +0200 tests/vhost-user-bridge: add vhost-user bridge application The test existing in QEMU for vhost-user feature is good for testing the management protocol, but does not allow actual traffic. This patch proposes Vhost-User Bridge application, which can serve the QEMU community as a comprehensive test by running real internet traffic by means of vhost-user interface. Essentially the Vhost-User Bridge is a very basic vhost-user backend for QEMU. It runs as a standalone user-level process. For packet processing Vhost-User Bridge uses an additional QEMU instance with a backend configured by "-net socket" as a shared VLAN. This way another QEMU virtual machine can effectively serve as a shared bus by means of UDP communication. For a more simple setup, the another QEMU instance running the SLiRP backend can be the same QEMU instance running vhost-user client. This Vhost-User Bridge implementation is very preliminary. It is missing many features. I has been studying vhost-user protocol internals, so I've written vhost-user-bridge bit by bit as I progressed through the protocol. Most probably its internal architecture will change significantly. To run Vhost-User Bridge application: 1. Build vhost-user-bridge with a regular procedure. This will create a vhost-user-bridge executable under tests directory: $ configure; make tests/vhost-user-bridge 2. Ensure the machine has hugepages enabled in kernel with command line like: default_hugepagesz=2M hugepagesz=2M hugepages=2048 3. Run Vhost-User Bridge with: $ tests/vhost-user-bridge The above will run vhost-user server listening for connections on UNIX domain socket /tmp/vubr.sock, and will try to connect by UDP to VLAN bridge to localhost:5555, while listening on localhost:4444 Run qemu with a virtio-net backed by vhost-user: $ qemu \ -enable-kvm -m 512 -smp 2 \ -object memory-backend-file,id=mem,size=512M,mem-path=/dev/hugepages,share=on \ -numa node,memdev=mem -mem-prealloc \ -chardev socket,id=char0,path=/tmp/vubr.sock \ -netdev type=vhost-user,id=mynet1,chardev=char0,vhostforce \ -device virtio-net-pci,netdev=mynet1 \ -net none \ -net socket,vlan=0,udp=localhost:4444,localaddr=localhost:5555 \ -net user,vlan=0 \ disk.img vhost-user-bridge was tested very lightly: it's able to bringup a linux on client VM with the virtio-net driver, and execute transmits and receives to the internet. I tested with "wget redhat.com", "dig redhat.com". PS. I've consulted DPDK's code for vhost-user during Vhost-User Bridge implementation. Signed-off-by: Victor Kaplansky <victork@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d6a9b0b89d27e0a688f37c1732d4dec40613669e Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Oct 28 18:55:06 2015 +0200 Revert "memhp: extend address auto assignment to support gaps" This reverts commit df0acded19ec4b826aa095cfc19d341bd66fafd3. There's no point to it now that the only user has been reverted. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 340065e5a11a515382c8b1112424c97e86ad2a3f Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Oct 28 18:54:05 2015 +0200 Revert "pc: memhp: force gaps between DIMM's GPA" This reverts commit aa8580cddf011e8cedcf87f7a0fdea7549fc4704. As described in http://article.gmane.org/gmane.comp.emulators.qemu/371432 that commit causes linux guests to crash on memory hot-unplug. The original problem it's trying to solve has now been addressed within virtio. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 3945ecf1ec4f6e6aa28d0c396a7f5d983c6810d8 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Oct 27 10:22:59 2015 +0200 virtio: drop virtqueue_map_sg Deprecated in favor of virtqueue_map. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit 4ada5331895551570846e12e7eb00e06616f9152 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Oct 27 10:22:13 2015 +0200 virtio-scsi: convert to virtqueue_map Note: virtqueue_map already validates input so virtio-scsi does not have to. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit bff712dc223f685c684f9caf960e6460e84a96f0 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Oct 27 10:19:43 2015 +0200 virtio-serial: convert to virtio_map This also fixes a minor bug: - virtqueue_map_sg(port->elem.out_sg, port->elem.out_addr, - port->elem.out_num, 1); is wrong: out_sg is not written so should not be marked dirty. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit 3d8db153b4b4e12b6d11590ccd318fff0eafd688 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Oct 27 10:18:24 2015 +0200 virtio-blk: convert to virtqueue_map Drop deprecated use of virtqueue_map_sg. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit 13972ac5e263a7319609253edac5754129489132 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Oct 27 10:09:16 2015 +0200 virtio: switch to virtio_map Drop use of the deprecated virtio_map_sg in virtio core. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit 8059feee004111534c4c0652e2f0715e9b4e0754 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Oct 27 10:01:44 2015 +0200 virtio: introduce virtio_map virtio_map_sg currently fails if one of the entries it's mapping is contigious in GPA but not HVA address space. Introduce virtio_map which handles this by splitting sg entries. This new API generally turns out to be a good idea since it's harder to misuse: at least in one case the existing one was used incorrectly. This will still fail if there's no space left in the sg, but luckily max queue size in use is currently 256, while max sg size is 1024, so we should be OK even is all entries happen to cross a single DIMM boundary. Won't work well with very small DIMM sizes, unfortunately: e.g. this will fail with 4K DIMMs where a single request might span a large number of DIMMs. Let's hope these are uncommon - at least we are not breaking things. Note: virtio-scsi calls virtio_map_sg on data loaded from network, and validates input, asserting on failure. Copy the validating code here - it will be dropped from virtio-scsi in a follow-up patch. Reported-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit 9d4ec9370a36f8a564e1ba05519328c0bd60da13 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Sun Oct 25 17:07:45 2015 +0200 mmap-alloc: fix error handling Existing callers are checking for MAP_FAILED, so we should return that on error. Reported-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4828b10bda6a74a22a7695303e0648157d0e3ea4 Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Fri Oct 23 14:55:26 2015 +0200 pc: memhp: do not emit inserting event for coldplugged DIMMs currently acpi_memory_plug_cb() sets is_inserting for cold- and hot-plugged DIMMs as result ASL MHPD.MSCN() method issues device check even for every coldplugged DIMM. There isn't much harm in it but if we try to unplug such DIMM, OSPM will issue device check intstead of device eject event. So OSPM won't eject memory module as expected and it will try to eject it only when another memory device is hot-(un)plugged. As a fix do not set 'is_inserting' event and do not issue SCI for cold-plugged DIMMs as they are enumerated and activated by OSPM during guest's boot. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 12ebf6908333a86775ef18f12ea283601fd1d2df Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Oct 22 22:28:37 2015 +0300 vhost-user-test: fix up rhel6 build Build on RHEL6 fails: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=42875 Apparently unnamed unions couldn't use C99 named field initializers. Let's just name the payload union field. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 7fc0246c0792767b732c0989e8eba24bea185feb Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Oct 22 22:33:39 2015 +0300 vhost-user: cleanup msg size math We are sending msg fields, use sizeof on these and not on local variables which happen to have a matching type. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 86abad0fedc44554adde5e189cf7edfa5b1c948e Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Oct 22 22:31:28 2015 +0300 vhost-user: cleanup struct size math We are using local msg structures everywhere, use them for sizeof as well. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 331c5e2091009f170554fed4ef884aeea871e4bb Merge: 496fedd 522a0d4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Oct 28 20:10:22 2015 +0000 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20151028' into staging Breakpoint fixes # gpg: Signature made Wed 28 Oct 2015 17:58:52 GMT using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20151028: target-*: Advance pc after recognizing a breakpoint Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 522a0d4e3c0d397ffb45ec400d8cbd426dad9d17 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Oct 13 22:07:49 2015 +0000 target-*: Advance pc after recognizing a breakpoint Some targets already had this within their logic, but make sure it's present for all targets. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 496fedddce9a575111df4f912fb9e361037531ed Merge: 739680d 15e4134 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Oct 28 15:08:36 2015 +0000 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging target-i386: finally enable "check" mode by default # gpg: Signature made Wed 28 Oct 2015 14:13:10 GMT using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" * remotes/ehabkost/tags/x86-pull-request: target-i386: Enable "check" mode by default target-i386: Don't left shift negative constant Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 739680da59de8531a280e9360aae756b6134a3ec Merge: c012e1b 637016c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Oct 28 14:02:27 2015 +0000 Merge remote-tracking branch 'remotes/mcayland/tags/qemu-openbios-signed' into staging Update OpenBIOS images # gpg: Signature made Wed 28 Oct 2015 00:02:46 GMT using RSA key ID AE0F321F # gpg: Good signature from "Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx>" * remotes/mcayland/tags/qemu-openbios-signed: Update OpenBIOS images Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 637016c2603d15d01957eb57f64387262e3ba830 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Oct 28 00:01:28 2015 +0000 Update OpenBIOS images Update OpenBIOS images to SVN r1353 built from submodule. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> commit 15e41345906d29a319cc9cdf566347bf79134d24 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Aug 26 13:25:44 2015 -0300 target-i386: Enable "check" mode by default Current default behavior of QEMU is to silently disable features that are not supported by the host when a CPU model is requested in the command-line. This means that in addition to risking breaking guest ABI by default, we are silent about it. I would like to enable "enforce" by default, but this can easily break existing production systems because of the way libvirt makes assumptions about CPU models today (this will change in the future, once QEMU provide a proper interface for checking if a CPU model is runnable). But there's no reason we should be silent about it. So, change target-i386 to enable "check" mode by default so at least we have some warning printed to stderr (and hopefully logged somewhere) when QEMU disables a feature that is not supported by the host system. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 712b4243c761cb6ab6a4367a160fd2a42e2d4b76 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Tue Sep 29 17:34:23 2015 -0300 target-i386: Don't left shift negative constant Left shift of negative values is undefined behavior. Detected by clang: qemu/target-i386/translate.c:2423:26: runtime error: left shift of negative value -8 This changes the code to reverse the sign after the left shift. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit c012e1b7ad066f462ba1c3322fcb43cd8295eaff Merge: 7e038b9 9b53926 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 27 16:17:55 2015 +0000 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151027-1' into staging target-arm queue: * more EL2 preparation: handling for stage 2 translations * standardize debug macros in i.MX devices * improve error message in a corner case for virt board * disable live migration of KVM GIC if the kernel can't handle it * add SPSR_(ABT|UND|IRQ|FIQ) registers * handle non-executable page-straddling Thumb instructions * fix a "no 64-bit EL2" assumption in arm_excp_unmasked() # gpg: Signature made Tue 27 Oct 2015 16:03:31 GMT using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20151027-1: (27 commits) target-arm: Add support for S1 + S2 MMU translations target-arm: Route S2 MMU faults to EL2 target-arm: Add S2 translation to 32bit S1 PTWs target-arm: Add S2 translation to 64bit S1 PTWs target-arm: Add ARMMMUFaultInfo target-arm: Avoid inline for get_phys_addr target-arm: Add support for S2 page-table protection bits target-arm: Add computation of starting level for S2 PTW target-arm: lpae: Rename granule_sz to stride target-arm: lpae: Replace tsz with computed inputsize target-arm: Add support for AArch32 S2 negative t0sz target-arm: lpae: Move declaration of t0sz and t1sz target-arm: lpae: Make t0sz and t1sz signed integers target-arm: Add HPFAR_EL2 i.MX: Standardize i.MX GPT debug i.MX: Standardize i.MX EPIT debug i.MX: Standardize i.MX FEC debug i.MX: Standardize i.MX CCM debug i.MX: Standardize i.MX AVIC debug i.MX: Standardize i.MX I2C debug ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9b539263faa5c1b7fce2551092b5c7b6eea92081 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:02:07 2015 +0100 target-arm: Add support for S1 + S2 MMU translations Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-15-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d759a457a144844bff259aafda093b24e92c116d Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:02:06 2015 +0100 target-arm: Route S2 MMU faults to EL2 Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-14-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a614e69854a2e601716ee44dfe15c09b8b88f620 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:02:05 2015 +0100 target-arm: Add S2 translation to 32bit S1 PTWs Add support for applying S2 translation to 32bit S1 page-table walks. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-13-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 37785977627295162bff58b1f8777d94e20f4c5b Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:02:04 2015 +0100 target-arm: Add S2 translation to 64bit S1 PTWs Add support for applying S2 translation to 64bit S1 page-table walks. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-12-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e14b5a23d8c83304559f31397f95d22ada60a19a Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:02:03 2015 +0100 target-arm: Add ARMMMUFaultInfo Introduce ARMMMUFaultInfo to propagate MMU Fault information across the MMU translation code path. This is in preparation for adding Stage-2 translation. No functional changes. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-11-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit af51f566ec7106d5e834476e78681a7b354f3c7c Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:02:02 2015 +0100 target-arm: Avoid inline for get_phys_addr Avoid inline for get_phys_addr() to prepare for future recursive use. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-10-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6ab1a5ee1c9d328cacf78805439ed4d3d132decd Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:02:01 2015 +0100 target-arm: Add support for S2 page-table protection bits Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-9-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1853d5a9dcac910322c6cc5b2fddec45fd052d25 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:02:00 2015 +0100 target-arm: Add computation of starting level for S2 PTW The starting level for S2 pagetable walks is computed differently from the S1 starting level. Implement the S2 variant. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-8-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 973a5434825c076995218868b5b3047e5de400c6 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:01:59 2015 +0100 target-arm: lpae: Rename granule_sz to stride Rename granule_sz to stride to better match the reference manuals. No functional change. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-7-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4ca6a051758edf625a17dfc4ce4ab72edabac170 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:01:58 2015 +0100 target-arm: lpae: Replace tsz with computed inputsize Remove the tsz variable and introduce inputsize. This simplifies the code a little and makes it easier to compare with the reference manuals. No functional change. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-6-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4ee38098010240e0b390061fdd0151ff62d80279 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:01:57 2015 +0100 target-arm: Add support for AArch32 S2 negative t0sz Add support for AArch32 S2 negative t0sz. In preparation for using 40bit IPAs on AArch32. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-5-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1f4c8c18a5b6f4fad13e13b7e3828124c6c8f34d Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:01:56 2015 +0100 target-arm: lpae: Move declaration of t0sz and t1sz Move declaration of t0sz and t1sz to the top of the function avoiding a mix of code and variable declarations. No functional change. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-4-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5c31a10d16c595d6a59e3e7fc1808c3b1d03e02f Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:01:55 2015 +0100 target-arm: lpae: Make t0sz and t1sz signed integers Make t0sz and t1sz signed integers to match tsz and to make it easier to implement support for AArch32 negative t0sz. t1sz is changed for consistensy. No functional change. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-3-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 59e055307392fdf99b86c8cbcd33a7e261dcbdb1 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Oct 26 14:01:54 2015 +0100 target-arm: Add HPFAR_EL2 Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1445864527-14520-2-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 054535262fce994b942039b0a7c4c484c8026c5e Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Sun Oct 25 15:16:26 2015 +0100 i.MX: Standardize i.MX GPT debug The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Message-id: b7ce7e98a051479453744aded122789531d80a44.1445781957.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4929f6563c704dbd057524b38ee519b3a7c8dfe1 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Sun Oct 25 15:16:24 2015 +0100 i.MX: Standardize i.MX EPIT debug The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Message-id: 5bbad71517ca728d8865f7b9f998baa0df022794.1445781957.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b72d8d257c187532194f2fca504afb568cd2a3bf Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Sun Oct 25 15:16:21 2015 +0100 i.MX: Standardize i.MX FEC debug The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Message-id: 57e565982db94fb433c32dfa17608888464d21de.1445781957.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4a6aa0af8593ee135ef37867ae00109650b95638 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Sun Oct 25 15:16:19 2015 +0100 i.MX: Standardize i.MX CCM debug The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message The qemu_log_mask() output is following the same format as the above debug. Adding some missing qemu_log_mask call for bad registers. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Message-id: 293e08f31cbb4df84d58f693243e61e770c73b3a.1445781957.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f50ed7853ad658407382dfe1da29f3c88d604592 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Sun Oct 25 15:16:17 2015 +0100 i.MX: Standardize i.MX AVIC debug The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Message-id: 29885ffea2577eaf2288c1d17fd87ee951748b49.1445781957.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3afcbb01bc1227bc3a3bade1804c449daf74b262 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Sun Oct 25 15:16:14 2015 +0100 i.MX: Standardize i.MX I2C debug The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Message-id: 328acfe6fc09a5afdbfbfd5220e0869fd5082660.1445781957.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 564111257468bb772ad0b374dbbb0c969a554cfd Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Sun Oct 25 15:16:11 2015 +0100 i.MX: Standardize i.MX GPIO debug The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message The qemu_log_mask() outputis following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Message-id: 4f2007adcf0f579864bb4dd8a825824e0e9098b8.1445781957.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8ccce77c04a23a1451b6e149930e66b6eef75926 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Sun Oct 25 15:16:06 2015 +0100 i.MX: Standardize i.MX serial debug. The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Message-id: 47b8759b251d356c633faf7ea34f897f340aea4e.1445781957.git.jcd@xxxxxxxxxxxxxxx [PMM: Drop attempt to print the ram_addr of a memory region in one DPRINTF, which (a) was using the wrong format string so didn't build on 32-bit and (b) was incorrectly looking at a private field of a MemoryRegion struct] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4b280b726a329a97db03323d8d03ed554f7872b8 Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Tue Oct 27 12:00:50 2015 +0000 hw/arm/virt: don't use a15memmap directly We should always go through VirtBoardInfo when we need the memmap. To avoid using a15memmap directly, in this case, we need to defer the max-cpus check from class init time to instance init time. In class init we now use MAX_CPUMASK_BITS for max_cpus initialization, which is the maximum QEMU supports, and also, incidentally, the maximum KVM/gicv3 currently supports. Also, a nice side-effect of delaying the max-cpus check is that we now get more appropriate error messages for gicv2 machines that try to configure more than 123 cpus. Before this patch it would complain that the requested number of cpus was greater than 123, but for gicv2 configs, it should complain that the number is greater than 8. Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> Message-id: 1445189728-860-3-git-send-email-drjones@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 24182fbc19cbc7c387bb350a72e6b55f63ea1747 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Tue Oct 27 12:00:50 2015 +0000 arm_gic_kvm: Disable live migration if not supported Currently, if the kernel does not have live migration API, the migration will still be attempted, but vGIC save/restore functions will just not do anything. This will result in a broken machine state. This patch fixes the problem by adding migration blocker if kernel API is not supported. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b876452507d0b719cff0b478efafb34ac41db683 Author: Soren Brinkmann <soren.brinkmann@xxxxxxxxxx> Date: Tue Oct 27 12:00:50 2015 +0000 target-arm: Add support for SPSR_(ABT|UND|IRQ|FIQ) Signed-off-by: Soren Brinkmann <soren.brinkmann@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 541ebcd401ee47f3c1a3ce503ef5466b75e9d20a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 27 12:00:50 2015 +0000 target-arm/translate.c: Handle non-executable page-straddling Thumb insns When the memory we're trying to translate code from is not executable we have to turn this into a guest fault. In order to report the correct PC for this fault, and to make sure it is not reported until after any other possible faults for instructions earlier in execution, we must terminate TBs at the end of a page, in case the next instruction is in a non-executable page. This is simple for T16, A32 and A64 instructions, which are always aligned to their size. However T32 instructions may be 32-bits but only 16-aligned, so they can straddle a page boundary. Correct the condition that checks whether the next instruction will touch the following page, to ensure that if we're 2 bytes before the boundary and this insn is T32 then we end the TB. Reported-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Reviewed-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7cd6de3bb1ca55dfa8f53fb9894803eb33f497b3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 27 12:00:50 2015 +0000 target-arm: Fix "no 64-bit EL2" assumption in arm_excp_unmasked() The code in arm_excp_unmasked() suppresses the ability of PSTATE.AIF to mask exceptions from a lower EL targeting EL2 or EL3 if the CPU is 64-bit. This is correct for a target of EL3, but not correct for targeting EL2. Further, we go to some effort to calculate scr and hcr values which are not used at all for the 64-bit CPU case. Rearrange the code to correctly implement the 64-bit CPU logic and keep the hcr/scr calculations in the 32-bit CPU codepath. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1444327729-4120-1-git-send-email-peter.maydell@xxxxxxxxxx Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 7e038b94e74e1c2d1b3598e2e4b0b5c8b79a7278 Merge: 9666248 a3e8a3f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 27 10:10:46 2015 +0000 Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging # gpg: Signature made Tue 27 Oct 2015 05:47:28 GMT using RSA key ID 398D6211 # gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211 * remotes/jasowang/tags/net-pull-request: net: free the string returned by object_get_canonical_path_component net: make iov_to_buf take right size argument in nc_sendv_compat() net: Remove duplicate data from query-rx-filter on multiqueue net devices vmxnet3: Do not fill stats if device is inactive options: Add documentation for filter-dump net/dump: Provide the dumping facility as a net-filter net/dump: Separate the NetClientState from the DumpState net/dump: Rework net-dump init functions net/dump: Add support for receive_iov function net: cadence_gem: Set initial MAC address Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a3e8a3f382363d5fd452cfc15f90a688d70023d9 Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Tue Oct 20 09:51:26 2015 +0800 net: free the string returned by object_get_canonical_path_component The value returned from object_get_canonical_path_component must be freed. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Cc: Jason Wang <jasowang@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit edc981443d5bd23e01639c2fbba4fbc2dc30204f Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Tue Oct 20 09:51:25 2015 +0800 net: make iov_to_buf take right size argument in nc_sendv_compat() We want "buf, sizeof(buf)" here. sizeof(buffer) is the size of a pointer, which is wrong. Thanks to Paolo for pointing it out. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Cc: Jason Wang <jasowang@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 5320c2caf43cc76748a1ffa0fdcaa9eb501d3fcd Author: Vladislav Yasevich <vyasevic@xxxxxxxxxx> Date: Mon Oct 19 09:04:38 2015 -0400 net: Remove duplicate data from query-rx-filter on multiqueue net devices When responding to a query-rx-filter command on a multiqueue netdev, qemu reports the data for each queue. The data, however, is not per-queue, but per device and the same data is reported multiple times. This causes confusion and may also cause extra unnecessary processing when looking at the data. Commit 638fb14169 (net: Make qmp_query_rx_filter() with name argument more obvious) partially addresses this issue, by limiting the output when the name is specified. However, when the name is not specified, the issue still persists. Signed-off-by: Vladislav Yasevich <vyasevic@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit eedeeeffd419ab149e0b0ad5fc4b7cf5e1db6274 Author: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Date: Thu Oct 15 13:54:30 2015 +0300 vmxnet3: Do not fill stats if device is inactive Guest OS may issue VMXNET3_CMD_GET_STATS even before device was activated (for example in linux, after insmod but prior net-dev open). Accessing shared descriptors prior device activation is illegal as the VMXNET3State structures have not been fully initialized. As a result, guest memory gets corrupted and may lead to guest OS crashes. Fix, by not filling the stats descriptors if device is inactive. Reported-by: Leonid Shatz <leonid.shatz@xxxxxxxxxxxxxxxxxx> Acked-by: Dmitry Fleytman <dmitry@xxxxxxxxxx> Signed-off-by: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> Signed-off-by: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit d3e0c032f52f4fb855f9bd2892ebd175a9d975a1 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Tue Oct 13 12:40:02 2015 +0200 options: Add documentation for filter-dump Add a short description for the filter-dump command line options. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 9d3e12e881bc97bc32ac75d146b5347136f29ca1 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Tue Oct 13 12:40:01 2015 +0200 net/dump: Provide the dumping facility as a net-filter Use the net-filter infrastructure to provide the dumping functions for netdev devices, too. Reviewed-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 75310e3486ab205d870560b75bbcaba72acb26d7 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Tue Oct 13 12:40:00 2015 +0200 net/dump: Separate the NetClientState from the DumpState With the upcoming dumping-via-netfilter patch, the DumpState should not be related to NetClientState anymore, so move the related information to a new struct called DumpNetClient. Reviewed-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 7bc3074c27bb1eae7c8ccacd920ba55454381786 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Tue Oct 13 12:39:59 2015 +0200 net/dump: Rework net-dump init functions Move the creation of the dump client from net_dump_init() into net_init_dump(), so we can later use the former function for dump via netfilter, too. Also rename net_dump_init() to net_dump_state_init() to make it easier distinguishable from net_init_dump(). Reviewed-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 43192fcc1ac0a61cf9e20a9034eae8d1e91f35c8 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Tue Oct 13 12:39:58 2015 +0200 net/dump: Add support for receive_iov function Adding a proper receive_iov function to the net dump module. This will make it easier to support the dump filter feature for the -netdev option in later patches. Reviewed-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit afb4c51fad8cf86104803fc17457b96e86172b98 Author: Sebastian Huber <sebastian.huber@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 12 10:25:01 2015 +0200 net: cadence_gem: Set initial MAC address Set initial MAC address to the one specified by the command line. Signed-off-by: Sebastian Huber <sebastian.huber@xxxxxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 9666248a85fd889bfb6118f769e9c73039b998ed Merge: 251d7e6 b1ecd51 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Oct 26 13:13:38 2015 +0000 Merge remote-tracking branch 'remotes/sstabellini/tags/xen-2015-10-26' into staging Xen 2015-10-26 # gpg: Signature made Mon 26 Oct 2015 11:32:50 GMT using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>" * remotes/sstabellini/tags/xen-2015-10-26: xen-platform: Replace assert() with appropriate error reporting xen_platform: switch to realize Qemu/Xen: Fix early freeing MSIX MMIO memory region Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b1ecd51bdbb0fc0a7026662b03e7e7df9d129ca0 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Oct 21 13:46:50 2015 -0200 xen-platform: Replace assert() with appropriate error reporting Commit dbb7405d8caad0814ceddd568cb49f163a847561 made it possible to trigger an assert using "-device xen-platform". Replace it with appropriate error reporting. Before: $ qemu-system-x86_64 -device xen-platform qemu-system-x86_64: hw/i386/xen/xen_platform.c:391: xen_platform_initfn: Assertion `xen_enabled()' failed. Aborted (core dumped) $ After: $ qemu-system-x86_64 -device xen-platform qemu-system-x86_64: -device xen-platform: xen-platform device requires the Xen accelerator $ Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 4098d49db549e20a2d87ca3cced28ace6e5864bf Author: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Date: Wed Oct 21 13:46:49 2015 -0200 xen_platform: switch to realize Use realize to initialize the xen_platform device Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 251d7e60148599be685c6f9f3921aee38dccef5c Merge: af25e72 7d4f4bd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Oct 26 11:32:20 2015 +0000 Merge remote-tracking branch 'remotes/elmarco/tags/ivshmem-pull-request' into staging ivshmem series # gpg: Signature made Mon 26 Oct 2015 09:27:46 GMT using RSA key ID 75969CE5 # gpg: Good signature from "Marc-André Lureau <marcandre.lureau@xxxxxxxxxx>" # gpg: aka "Marc-André Lureau <marcandre.lureau@xxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 87A9 BD93 3F87 C606 D276 F62D DAE8 E109 7596 9CE5 * remotes/elmarco/tags/ivshmem-pull-request: (51 commits) doc: document ivshmem & hugepages ivshmem: use little-endian int64_t for the protocol ivshmem: use kvm irqfd for msi notifications ivshmem: rename MSI eventfd_table ivshmem: remove EventfdEntry.vector ivshmem: add hostmem backend ivshmem: use qemu_strtosz() ivshmem: do not keep shm_fd open tests: add ivshmem qtest qtest: add qtest_add_abrt_handler() msix: implement pba write (but read-only) contrib: remove unnecessary strdup() ivshmem: add check on protocol version in QEMU docs: update ivshmem device spec ivshmem-server: fix hugetlbfs support ivshmem-server: use a uint16 for client ID ivshmem-client: check the number of vectors contrib: add ivshmem client and server util: const event_notifier_get_fd() argument ivshmem: reset mask on device reset ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4e494de66800747446e73b5ec0189ad7f4690908 Author: Lan Tianyu <tianyu.lan@xxxxxxxxx> Date: Sun Oct 11 23:19:24 2015 +0800 Qemu/Xen: Fix early freeing MSIX MMIO memory region msix->mmio is added to XenPCIPassthroughState's object as property. object_finalize_child_property is called for XenPCIPassthroughState's object, which calls object_property_del_all, which is going to try to delete msix->mmio. object_finalize_child_property() will access msix->mmio's obj. But the whole msix struct has already been freed by xen_pt_msix_delete. This will cause segment fault when msix->mmio has been overwritten. This patch is to fix the issue. Signed-off-by: Lan Tianyu <tianyu.lan@xxxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 7d4f4bdaf785dfe9fc41b06f85cc9aaf1b1474ee Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Wed Oct 7 16:31:47 2015 +0200 doc: document ivshmem & hugepages Document and give some examples of hugepages support with ivshmem device and server. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit f7a199b2b4486242271f769bb4bc2638c0413274 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Sep 24 12:55:01 2015 +0200 ivshmem: use little-endian int64_t for the protocol The current ivshmem protocol uses 'long' for integers. But the sizeof(long) depends on the host and the endianess is not defined, which may cause portability troubles. Instead, switch to using little-endian int64_t. This breaks the protocol, except on x64 little-endian host where this change should be compatible. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 660c97eef6f8f416c5dc24d3798e29f9f9f698fb Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jul 9 15:50:13 2015 +0200 ivshmem: use kvm irqfd for msi notifications Use irqfd for improving context switch when notifying the guest. If the host doesn't support kvm irqfd, regular msi notifications are still supported. Note: the ivshmem implementation doesn't allow switching between MSI and IO interrupts, this patch doesn't either. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0f57350e5c2ee0c6fe979f4d4b6d4e1de0c26e46 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Mon Jul 27 12:59:19 2015 +0200 ivshmem: rename MSI eventfd_table The array is used to have vector specific data, so use a more descriptive name. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit d160f3f7911bb1f99235ae211269c8f4422f2079 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Jul 24 18:52:19 2015 +0200 ivshmem: remove EventfdEntry.vector No need to store an extra int for the vector number when it can be computed easily by looking at the position in the array. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit d9453c93fea0c9c67f9c63bfa79a87631317d746 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 30 00:10:16 2015 +0200 ivshmem: add hostmem backend Instead of handling allocation, teach ivshmem to use a memory backend. This allows to use hugetlbfs backed memory now. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 2c04752cc8e37b15be4643570b49abb3128a8a46 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 30 00:06:03 2015 +0200 ivshmem: use qemu_strtosz() Use the common qemu utility function to parse the memory size. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit f689d2811a36894618087e1e2cc3ade78e758e94 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 30 00:04:19 2015 +0200 ivshmem: do not keep shm_fd open Remove shm_fd from device state, closing it as early as possible to avoid leaks. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit ddef6a0d68f641ca89466c697d191d07b7e6718c Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Wed Apr 2 16:57:48 2014 +0200 tests: add ivshmem qtest Adds 4 ivshmemtests: - single qemu instance and basic IO - pair of instances, check memory sharing - pair of instances with server, and MSIX - hot plug/unplug A temporary shm is created as well as a directory to place server socket, both should be clear on exit and abort. Cc: Cam Macdonell <cam@xxxxxxxxxxxxxx> Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 063c23d909a8d6c9f251347514e34835e0510294 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Jun 19 18:45:14 2015 +0200 qtest: add qtest_add_abrt_handler() Allow a test to add abort handlers, use GHook for all handlers. There is currently no way to remove a handler, but it could be later added if needed. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 43b11a91dd861a946b231b89b7542856ade23d1b Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Jun 26 14:25:29 2015 +0200 msix: implement pba write (but read-only) qpci_msix_pending() writes on pba region, causing qemu to SEGV: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7ffff7fba8c0 (LWP 25882)] 0x0000000000000000 in ?? () (gdb) bt #0 0x0000000000000000 in () #1 0x00005555556556c5 in memory_region_oldmmio_write_accessor (mr=0x5555579f3f80, addr=0, value=0x7fffffffbf68, size=4, shift=0, mask=4294967295, attrs=...) at /home/elmarco/src/qemu/memory.c:434 #2 0x00005555556558e1 in access_with_adjusted_size (addr=0, value=0x7fffffffbf68, size=4, access_size_min=1, access_size_max=4, access=0x55555565563e <memory_region_oldmmio_write_accessor>, mr=0x5555579f3f80, attrs=...) at /home/elmarco/src/qemu/memory.c:506 #3 0x00005555556581eb in memory_region_dispatch_write (mr=0x5555579f3f80, addr=0, data=0, size=4, attrs=...) at /home/elmarco/src/qemu/memory.c:1176 #4 0x000055555560b6f9 in address_space_rw (as=0x555555eff4e0 <address_space_memory>, addr=3759147008, attrs=..., buf=0x7fffffffc1b0 "", len=4, is_write=true) at /home/elmarco/src/qemu/exec.c:2439 #5 0x000055555560baa2 in cpu_physical_memory_rw (addr=3759147008, buf=0x7fffffffc1b0 "", len=4, is_write=1) at /home/elmarco/src/qemu/exec.c:2534 #6 0x000055555564c005 in cpu_physical_memory_write (addr=3759147008, buf=0x7fffffffc1b0, len=4) at /home/elmarco/src/qemu/include/exec/cpu-common.h:80 #7 0x000055555564cd9c in qtest_process_command (chr=0x55555642b890, words=0x5555578de4b0) at /home/elmarco/src/qemu/qtest.c:378 #8 0x000055555564db77 in qtest_process_inbuf (chr=0x55555642b890, inbuf=0x55555641b340) at /home/elmarco/src/qemu/qtest.c:569 #9 0x000055555564dc07 in qtest_read (opaque=0x55555642b890, buf=0x7fffffffc2e0 "writel 0xe0100800 0x0\n", size=22) at /home/elmarco/src/qemu/qtest.c:581 #10 0x000055555574ce3e in qemu_chr_be_write (s=0x55555642b890, buf=0x7fffffffc2e0 "writel 0xe0100800 0x0\n", len=22) at qemu-char.c:306 #11 0x0000555555751263 in tcp_chr_read (chan=0x55555642bcf0, cond=G_IO_IN, opaque=0x55555642b890) at qemu-char.c:2876 #12 0x00007ffff64c9a8a in g_main_context_dispatch (context=0x55555641c400) at gmain.c:3122 (without this patch, this can be reproduced with the ivshmem qtest) Implement an empty mmio write to avoid the crash. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 45b00c44ceffeac8143fb8857a12677234114f2b Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Wed Jun 24 13:33:32 2015 +0200 contrib: remove unnecessary strdup() getopt() optarg points to argv memory, no need to dup those values, fixes small leaks detected by clang-analyzer. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@xxxxxxxxxxxxx> commit 5105b1d8c2d1ad4a25b8806e86c0f012936b2eed Author: David Marchand <david.marchand@xxxxxxxxx> Date: Tue Jun 16 17:43:34 2015 +0200 ivshmem: add check on protocol version in QEMU Send a protocol version as the first message from server, clients must close communication if they don't support this protocol version. Older QEMUs should be fine with this change in the protocol since they overrides their own vm_id on reception of an id associated to no eventfd. Signed-off-by: David Marchand <david.marchand@xxxxxxxxx> Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> [use fifo_update_and_get()] Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 8c4ef202b901d25b88efc55398d4a76dfb2594de Author: David Marchand <david.marchand@xxxxxxxxx> Date: Mon Sep 8 11:17:49 2014 +0200 docs: update ivshmem device spec Add some notes on the parts needed to use ivshmem devices: more specifically, explain the purpose of an ivshmem server and the basic concept to use the ivshmem devices in guests. Move some parts of the documentation and re-organise it. Signed-off-by: David Marchand <david.marchand@xxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 1e21feb6280222a230fda1d87318ab58adde188f Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Mon Jun 29 19:53:15 2015 +0200 ivshmem-server: fix hugetlbfs support As pointed out on the ML by Andrew Jones, glibc no longer permits creating POSIX shm on hugetlbfs directly. When given a hugetlbfs path, create a shareable file there. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@xxxxxxxxxxxxx> commit 022cffe31360750b405d368e343f3ca5febc0d0a Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 17:09:59 2015 +0200 ivshmem-server: use a uint16 for client ID In practice, the number of VM is limited to MAXUINT16 in ivshmem, so use the same limit on the server (removes a theorical infinite loop) Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 95204aa951ceb28eb6d4ce43bce09a58cbad83d8 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 16:41:58 2015 +0200 ivshmem-client: check the number of vectors Check the number of vectors received from the server, to avoid out of bound array access. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit a75eb03b9fca3af291ec2c433ddda06121ae927d Author: David Marchand <david.marchand@xxxxxxxxx> Date: Mon Sep 8 11:17:48 2014 +0200 contrib: add ivshmem client and server When using ivshmem devices, notifications between guests can be sent as interrupts using a ivshmem-server (typical use described in documentation). The client is provided as a debug tool. Signed-off-by: Olivier Matz <olivier.matz@xxxxxxxxx> Signed-off-by: David Marchand <david.marchand@xxxxxxxxx> [fix a valgrind warning, option and server_close() segvs, extra server headers includes, getopt() return type, out-of-tree build, use qemu event_notifier instead of eventfd, fix x86/osx warnings - Marc-André] Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 12f0b68c82356e4dd24f2f0d370b21eb17f1f42e Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Oct 13 12:12:16 2015 +0200 util: const event_notifier_get_fd() argument Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 972ad21553fd46738eea91f0085c7bc32cf68d86 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 14:13:08 2015 +0200 ivshmem: reset mask on device reset The interrupt mask is a state value, it should be reset, like the interrupt status. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 1ee57de444ac7dd0cdb091fec318ba056ed173fd Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 14:07:11 2015 +0200 ivshmem: error on too many eventfd received The number of eventfd that can be handled per peer is limited by the number of vectors. Return an error when receiving too many of them. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit f456179fae249a420dce38a02ad7e2efc6be37cf Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 13:38:46 2015 +0200 ivshmem: replace 'guest' for 'peer' appropriately The terms 'guest' and 'peer' are used sometime interchangeably which may be confusing. Instead, use 'peer' for the remote instances of ivshmem clients, and 'guest' for the local VM. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit f64a078d45a4c1d1da074d1c306a5a4994dcda89 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 12:57:16 2015 +0200 ivshmem: fix pci_ivshmem_exit() Free all objects owned by the device, making sure the device is free, fixing hot-unplug. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit d383537d01c1f23d783955963e234d11fce8ec02 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 13:01:40 2015 +0200 ivshmem: add device description Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 945001a1af36eafd093b6b1582f5282932cd3d87 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 12:55:41 2015 +0200 ivshmem: check shm isn't already initialized The server should not change the shm, and this isn't handled by qemu and we should should verify this in qemu. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 86d471bfa4262fa983c0214ace7336843e2181a2 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 12:53:42 2015 +0200 ivshmem: shmfd can be 0 0 is a valid fd value, so change conditions and set -1 value early Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 1f8552df2c7935a4cf883bda22acbe2adbf7d579 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 14:05:46 2015 +0200 ivshmem: migrate with VMStateDescription load_state_old() is used to keep compatibility with version 0. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit e309366337d636689730f6484e388e46db7b5654 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 16:10:33 2015 +0200 ivshmem: use common is_power_of_2() The common version correctly checks for 0 value case. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 6f8a16d55daac5657ccbcf953140685048e15ace Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Jun 19 12:21:46 2015 +0200 ivshmem: use common return Both if branches return, move this out to common end. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 9a2f0e64aeb4c7891244785e88b2b0cfa1d61742 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Jun 19 12:19:55 2015 +0200 ivshmem: simplify a bit the code Use some more explicit variables to simplify the code. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit ffa99afd6e4d354cdfae44cc43a2ca7ef056eb35 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 13:34:09 2015 +0200 ivshmem: print error on invalid peer id The server shouldn't send invalid peer id, so print an error if it's the case. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 36617792b45b5d46d574af4f6ebb3f35c77d1e69 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 14:39:49 2015 +0200 ivshmem: improve error handling The test whether the chardev is an AF_UNIX socket rejects "-chardev socket,id=chr0,path=/tmp/foo,server,nowait -device ivshmem,chardev=chr0", but fails to explain why. Use an explicit error on why a chardev may be rejected. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit f59bb37898d6ff44cdf68bfbadaf3bd260ae465e Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 15:04:13 2015 +0200 ivshmem: improve debug messages Some misc improvements to ivshmem debug. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 95c8425cc3a316c998a7e306799ec6d29811bc32 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Jun 19 12:17:26 2015 +0200 ivshmem: remove max_peer field max_peer isn't really useful, it tracks the maximum received VM id, but that quickly matches nb_peers, the size of the peers array. Since VM come and go, there might be sparse peers so it doesn't help much in general to have this value around. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 95e7c8a0f690f9a0c8b70fd1a4de60bd944371b8 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 25 13:49:09 2015 +0200 ivshmem: initialize max_peer to -1 There is no peer when device is initialized, do not let doorbell for inexisting peer 0. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit d8a5da075a919f7b42f2182cc55f5d3e7e60b264 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 15:00:52 2015 +0200 ivshmem: remove useless ivshmem_update_irq() val argument val isn't used in ivshmem_update_irq() function. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 81e507f0bc584f417cb671e88da3f049cb4defb1 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Sep 15 17:23:07 2015 +0200 ivshmem: allocate eventfds in resize_peers() It simplifies a bit the code to allocate the array when setting the number of peers instead of lazily when receiving the first vector. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 1300b2733a297f9a59deb4eebbd437a5833f3f41 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Sep 15 17:21:37 2015 +0200 ivshmem: simplify around increase_dynamic_storage() Set the number of peers and array allocation in a single place. Rename to better reflect the function content. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 61ea2d8648d32b8e84da62f142dc08fa9ee5b7b9 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Sep 15 16:55:10 2015 +0200 ivshmem: limit maximum number of peers to G_MAXUINT16 Limit the maximum number of peers to MAXUINT16. This is more realistic and better matches the limit of the doorbell register. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 03977ad552874f6598a8f0ef3089e6846ba01a2b Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Mon Jun 22 12:55:16 2015 +0200 ivshmem: remove last exit(1) Failing to create a chardev shouldn't be fatal. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit d58d7e848ec6d5bcd19634212d58dec5f1efbdb8 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 14:59:28 2015 +0200 ivshmem: more qdev conversion Use the latest qemu device modeling API, in particular, convert to realize to fix the error handling; right now a botched device_add ivhsmem command kills the VM. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 49b2951f8416b356001d7b32625da0c555f0d1ce Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 16:17:48 2015 +0200 ivshmem: remove useless doorbell field Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 9113e3f394e0a8569713b7aa9ece3e37cb9b61e8 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 16:24:33 2015 +0200 ivshmem: remove superflous ivshmem_attr field Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit dee2151e7260a65c27495e9cbfc1931d9c9083d9 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Mon Jun 22 12:38:34 2015 +0200 ivshmem: remove unnecessary dup() qemu_chr_fe_get_msgfd() transfers ownership, there is no need to dup the fd. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 0f14fd71c170278b35b46d8ae214473680905606 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 17:56:37 2015 +0200 ivshmem: factor out the incoming fifo handling Make a new function fifo_update_and_get() that can be reused by other functions (in next commits). Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 951dada665041e8199e8c572d2981773fa2f0d8c Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Tue Jun 23 17:53:46 2015 +0200 ivshmem: fix number of bytes to push to fifo If the fifo has 0 bytes, and the read is of size 1, the call to fifo8_push_all() will copy off boundary data. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit b8ab854b27e9b88d9b85b4c572049b29cb96de43 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Jun 19 13:00:32 2015 +0200 ivhsmem: read do not accept more than sizeof(long) ivshmem_read() only reads sizeof(long) from the input buffer. Accepting more could lead to fifo8 abort() on 32bit systems if fifo is not empty. A following patch will change the protocol to 64-bit little-endian instead. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit c246a62f26e5afa8285b21e641b33456f1e69c99 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Jun 18 14:05:13 2015 +0200 msix: add VMSTATE_MSIX_TEST ivshmem is going to use MSIX state conditionally. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit 1ad78ea51aad7978638299a27004049935c2d913 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Mon Jun 22 18:20:18 2015 +0200 char: add qemu_chr_free() If a chardev is allowed to be created outside of QMP, then it must be also possible to free it. This is useful for ivshmem that creates chardev anonymously and must be able to free them. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> commit bbfc2efefe9779f85dfe2713aec1568b1ba871ad Author: Andreas Färber <afaerber@xxxxxxx> Date: Sun Oct 11 00:18:32 2015 +0200 tests: Add ivshmem qtest Note that it launches two instances, as sharing memory is the purpose of ivshmem. Cc: Cam Macdonell <cam@xxxxxxxxxxxxxx> Cc: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> [ Remove Nahanni codename, add test to pci set - Marc-André ] Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit dd054be35fa355a6ebeab58618d7ff662247a9f6 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Mon Oct 12 15:25:55 2015 +0200 config: enable ivshmem on POSIX ivshmem doesn't actually require kvm, so enable it when POSIX is enabled. (it is required however when ioeventfd is enabled) Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit af25e7277d3e95a3ea31023f31d8097ab5e2ac84 Merge: bc79082 c07bc2c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 23 18:14:42 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches # gpg: Signature made Fri 23 Oct 2015 17:59:56 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: (37 commits) tests: Add test case for aio_disable_external block: Add "drained begin/end" for internal snapshot block: Add "drained begin/end" for transactional blockdev-backup block: Add "drained begin/end" for transactional backup block: Add "drained begin/end" for transactional external snapshot block: Introduce "drained begin/end" API aio: introduce aio_{disable,enable}_external dataplane: Mark host notifiers' client type as "external" nbd: Mark fd handlers client type as "external" aio: Add "is_external" flag for event handlers throttle: Remove throttle_group_lock/unlock() blockdev: Allow more options for BB-less BDS tree blockdev: Pull out blockdev option extraction blockdev: Do not create BDS for empty drive block: Prepare for NULL BDS block: Add blk_insert_bs() block: Prepare remaining BB functions for NULL BDS block: Fail requests to empty BlockBackend block: Make some BB functions fall back to BBRS block: Add BlockBackendRootState ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c07bc2c1658fffeee08eb46402b2f66d55b07586 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:14 2015 +0800 tests: Add test case for aio_disable_external Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 507306cc8ee7981894a96c380f42d80e2674cb04 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:13 2015 +0800 block: Add "drained begin/end" for internal snapshot This ensures the atomicity of the transaction by avoiding processing of external requests such as those from ioeventfd. state->bs is assigned right after bdrv_drained_begin. Because it was used as the flag for deletion or not in abort, now we need a separate flag - InternalSnapshotState.created. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ff52bf36a3a6c63b7528fbe64e9ed9976b221e68 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:12 2015 +0800 block: Add "drained begin/end" for transactional blockdev-backup Similar to the previous patch, make sure that external events are not dispatched during transaction operations. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 1fdd4b7be3655d39c3594bc215eb1df5ce225c7d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:11 2015 +0800 block: Add "drained begin/end" for transactional backup This ensures the atomicity of the transaction by avoiding processing of external requests such as those from ioeventfd. Move the assignment to state->bs up right after bdrv_drained_begin, so that we can use it in the clean callback. The abort callback will still check bs->job and state->job, so it's OK. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit da763e83012c066ebe3effbaa8e7e7c8f78b0fbf Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:10 2015 +0800 block: Add "drained begin/end" for transactional external snapshot This ensures the atomicity of the transaction by avoiding processing of external requests such as those from ioeventfd. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 51288d7917e5c5b088985aaa7ff3592561fbc2ba Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:09 2015 +0800 block: Introduce "drained begin/end" API The semantics is that after bdrv_drained_begin(bs), bs will not get new external requests until the matching bdrv_drained_end(bs). Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit c1e1e5fa8f25f9061b076a05045a6d4950d1a891 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:08 2015 +0800 aio: introduce aio_{disable,enable}_external Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 3a1e8074d74ad2acbcedf28d35aebedc3573f19e Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:07 2015 +0800 dataplane: Mark host notifiers' client type as "external" They will be excluded by type in the nested event loops in block layer, so that unwanted events won't be processed there. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 172cc129a5ae58d36feb51f97fd67e2161ae5cc6 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:06 2015 +0800 nbd: Mark fd handlers client type as "external" So we could distinguish it from internal used fds, thus avoid handling unwanted events in nested aio polls. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit dca21ef23ba48f6f1428c59f295a857e5dc203c8 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 23 11:08:05 2015 +0800 aio: Add "is_external" flag for event handlers All callers pass in false, and the real external ones will switch to true in coming patches. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d87d01e16a0e59a6af9634162cf0ded142b43e0d Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Oct 21 21:36:05 2015 +0300 throttle: Remove throttle_group_lock/unlock() The group throttling code was always meant to handle its locking internally. However, bdrv_swap() was touching the ThrottleGroup structure directly and therefore needed an API for that. Now that bdrv_swap() no longer exists there's no need for the throttle_group_lock() API anymore. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit bd745e238bb9432f40c875b6b4ad96a3d90e16a0 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:32 2015 +0200 blockdev: Allow more options for BB-less BDS tree Most of the options which blockdev_init() parses for both the BlockBackend and the root BDS are valid for just the root BDS as well (e.g. read-only). This patch allows specifying these options even if not creating a BlockBackend. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit fbf8175eac92cca541efb1ac4a202fba941b78df Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:31 2015 +0200 blockdev: Pull out blockdev option extraction Extract some of the blockdev option extraction code from blockdev_init() into its own function. This simplifies blockdev_init() and will allow reusing the code in a different function added in a follow-up patch. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5ec18f8c83583b7e22ed4dd360cd937da801ca40 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:30 2015 +0200 blockdev: Do not create BDS for empty drive Do not use "rudimentary" BDSs for empty drives any longer (for freshly created drives). After a follow-up patch, empty drives will generally use a NULL BDS, not only the freshly created drives. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5433c24f0f9306c82ad9bcc2b2b586e5f0ed8fa5 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:29 2015 +0200 block: Prepare for NULL BDS blk_bs() will not necessarily return a non-NULL value any more (unless blk_is_available() is true or it can be assumed to otherwise, e.g. because it is called immediately after a successful blk_new_with_bs() or blk_new_open()). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 0c3c36d651922ebe9244e68e6d9ed14cdfcac9fd Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:28 2015 +0200 block: Add blk_insert_bs() This function associates the given BlockDriverState with the given BlockBackend. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a46fc9c95012f3d7ed2b29b59f042246d62a08d7 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:27 2015 +0200 block: Prepare remaining BB functions for NULL BDS There are several BlockBackend functions which, in theory, cannot fail. This patch makes them cope with the BlockDriverState pointer being NULL by making them fall back to some default action like ignoring the value in setters and returning the default in getters. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit c09ba36c9ab62e3043041e429205f57ffbe3ba8b Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:26 2015 +0200 block: Fail requests to empty BlockBackend If there is no BlockDriverState in a BlockBackend or if the tray of the guest device is open, fail all requests (where that is possible) with -ENOMEDIUM. The reason the status of the guest device is taken into account is because once the guest device's tray is opened, any request on the same BlockBackend as the guest uses should fail. If the BDS tree is supposed to be usable even after ejecting it from the guest, a different BlockBackend must be used. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 061959e8da5af59343e2c75d55c40f366d0164f9 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:25 2015 +0200 block: Make some BB functions fall back to BBRS If there is no BDS tree attached to a BlockBackend, functions that can do so should fall back to the BlockBackendRootState structure. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 281d22d86ca26bf356284719e44c4bc66b716415 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:24 2015 +0200 block: Add BlockBackendRootState This structure will store some of the state of the root BDS if the BDS tree is removed, so that state can be restored once a new BDS tree is inserted. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 973f2ddf7b48c27aa8642047796cca3bec0b48d8 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:23 2015 +0200 block/throttle-groups: Make incref/decref public Throttle groups are not necessarily referenced by BDSs alone; a later patch will essentially allow BBs to reference them, too. Make the ref/unref functions public so that reference can be properly accounted for. Their interface is slightly adjusted in that they return and take a ThrottleState pointer, respectively, instead of a ThrottleGroup pointer. Functionally, they are equivalent, but since ThrottleGroup is not meant to be used outside of block/throttle-groups.c, ThrottleState is easier to handle. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 373340b26caa1572cf0f155131569dfc527aa133 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:22 2015 +0200 block: Move I/O status and error actions into BB These options are only relevant for the user of a whole BDS tree (like a guest device or a block job) and should thus be moved into the BlockBackend. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7f0e9da6f134c5303be51333696e1ff54697f3e0 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:21 2015 +0200 block: Move BlockAcctStats into BlockBackend As the comment above bdrv_get_stats() says, BlockAcctStats is something which belongs to the device instead of each BlockDriverState. This patch therefore moves it into the BlockBackend. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 53d8f9d8fbf85f04d423958248f8c2fbe1ece192 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:20 2015 +0200 block: Remove wr_highest_sector from BlockAcctStats BlockAcctStats contains statistics about the data transferred from and to the device; wr_highest_sector does not fit in with the rest. Furthermore, those statistics are supposed to be specific for a certain device and not necessarily for a BDS (see the comment above bdrv_get_stats()); on the other hand, wr_highest_sector may be a rather important information to know for each BDS. When BlockAcctStats is finally removed from the BDS, we will want to keep wr_highest_sector in the BDS. Finally, wr_highest_sector is renamed to wr_highest_offset and given the appropriate meaning. Externally, it is represented as an offset so there is no point in doing something different internally. Its definition is changed to match that in qapi/block-core.json which is "the offset after the greatest byte written to". Doing so should not cause any harm since if external programs tried to calculate the volume usage by (wr_highest_offset + 512) / volume_size, after this patch they will just assume the volume to be full slightly earlier than before. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 68e9ec017bb00b96633d48b5bf039a37daa3bc21 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:19 2015 +0200 block: Move guest_block_size into BlockBackend guest_block_size is a guest device property so it should be moved into the interface between block layer and guest devices, which is the BlockBackend. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4981bdec0d9b3ddd3e1474de5aa9918f120b54f7 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:18 2015 +0200 block: Fix BB AIOCB AioContext without BDS Fix the BlockBackend's AIOCB AioContext for aborting AIO in case there is no BDS. If there is no implementation of AIOCBInfo::get_aio_context() the AioContext is derived from the BDS the AIOCB belongs to. If that BDS is NULL (because it has been removed from the BB) this will not work. This patch makes blk_get_aio_context() fall back to the main loop context if the BDS pointer is NULL and implements AIOCBInfo::get_aio_context() (blk_aiocb_get_aio_context()) which invokes blk_get_aio_context(). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7d3467d903c0fa663fbe3f1002e7c624a210b634 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:17 2015 +0200 hw/usb-storage: Check whether BB is inserted Only call bdrv_add_key() on the BlockDriverState if it is not NULL. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 2e1280e8ff95b3145bc6262accc9d447718e5318 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:16 2015 +0200 hw/block/fdc: Implement tray status The tray of an FDD is open iff there is no medium inserted (there are only two states for an FDD: "medium inserted" or "no medium inserted"). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b4d02820d95e025e57d82144f7b2ccd677ac2418 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:15 2015 +0200 block: Invoke change media CB before NULLing drv In order to handle host device passthrough, some guest device models may call blk_is_inserted() to check whether the medium is inserted on the host, when checking the guest tray status. This tray status is inquired by blk_dev_change_media_cb(); because bdrv_is_inserted() (invoked by blk_is_inserted()) always returns false for BDS with drv set to NULL, blk_dev_change_media_cb() should therefore be called before drv is set to NULL. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 1354c473789a91ba603d40bdf2521e3221c0a69f Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:14 2015 +0200 block/raw_bsd: Drop raw_is_inserted() With the new automatically-recursive implementation of bdrv_is_inserted() checking by default whether all the children of a BDS are inserted, we can drop raw's own implementation. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 28d7a78996ae73e681d0e061a4be446ed2240c97 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:13 2015 +0200 block: Make bdrv_is_inserted() recursive If bdrv_is_inserted() is called on the top level BDS, it should make sure all nodes in the BDS tree are actually inserted. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit db0284f86a31ec66d138f0f7794321c306af969e Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:12 2015 +0200 block: Add blk_is_available() blk_is_available() returns true iff the BDS is inserted (which means blk_bs() is not NULL and bdrv_is_inserted() returns true) and if the tray of the guest device is closed. blk_is_inserted() is changed to return true only if blk_bs() is not NULL. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e031f750483377a5e5de4c92af68dfa68e4d0aae Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:11 2015 +0200 block: Make bdrv_is_inserted() return a bool Make bdrv_is_inserted(), blk_is_inserted(), and the callback BlockDriver.bdrv_is_inserted() return a bool. Suggested-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8e9e653038db97bfd343c3fb217b7bf4da765a89 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:10 2015 +0200 iotests: Only create BB if necessary Tests 071 and 081 test giving references in blockdev-add. It is not necessary to create a BlockBackend here, so omit it. While at it, fix up some blockdev-add invocations in the vicinity (s/raw/$IMGFMT/ in 081, drop the format BDS for blkverify's raw child in 071). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit be4b67bc7d99da26b7878f7f45370f50a3bd4af5 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:09 2015 +0200 blockdev: Allow creation of BDS trees without BB If the "id" field is missing from the options given to blockdev-add, just omit the BlockBackend and create the BlockDriverState tree alone. However, if "id" is missing, "node-name" must be specified; otherwise, the BDS tree would no longer be accessible. Many BDS options which are not parsed by bdrv_open() (like caching) cannot be specified for these BB-less BDS trees yet. A future patch will remove this limitation. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d44f928a54497188c25357840a3224925d1b527b Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:08 2015 +0200 block: Set BDRV_O_INCOMING in bdrv_fill_options() This flag should not be set for the root BDS only, but for any BDS that is being created while incoming migration is pending, so setting it is moved from blockdev_init() to bdrv_fill_options(). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit f709623b3d30096c629f6a368670c9cf668da83f Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Oct 19 17:53:07 2015 +0200 block: Remove host floppy support It has been deprecated as of 2.3, so we can now remove it. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit bc79082e4cd12c1241fa03b0abceacf45f537740 Merge: 1e700f4 31bfa2a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 23 16:35:43 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 queue, 2015-10-23 # gpg: Signature made Fri 23 Oct 2015 16:30:58 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" * remotes/ehabkost/tags/x86-pull-request: vl: trivial: minor tweaks to a max-cpu error msg target-i386: Use 1UL for bit shift target-i386: Add DE to TCG_FEATURES target-i386: Ensure always-1 bits on DR6 can't be cleared target-i386: Check CR4[DE] for processing DR4/DR5 target-i386: Handle I/O breakpoints target-i386: Optimize setting dr[0-3] target-i386: Move hw_*breakpoint_* functions target-i386: Ensure bit 10 on DR7 is never cleared target-i386: Re-introduce optimal breakpoint removal target-i386: Introduce cpu_x86_update_dr7 target-i386: Disable cache info passthrough by default target-i386: allow any alignment for SMBASE Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 31bfa2a40004204aee503c6417fbafb5d17e0a51 Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Sun Oct 18 19:35:27 2015 +0200 vl: trivial: minor tweaks to a max-cpu error msg Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> commit 72370dc1149d7c90d2c2218e0d0658bee23a5bf7 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Tue Sep 29 17:34:22 2015 -0300 target-i386: Use 1UL for bit shift Fix undefined behavior detected by clang runtime check: qemu/target-i386/cpu.c:1494:15: runtime error: left shift of 1 by 31 places cannot be represented in type 'int' While doing that, add extra parenthesis for clarity. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit b6c5a6f021f485fc36bca678b2c867e9b6783924 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Oct 7 16:39:43 2015 -0300 target-i386: Add DE to TCG_FEATURES Now DE is supported by TCG so it can be enabled in CPUID bits. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 462f8ed1f1eac189ef50d9586eae8af90dbe426f Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Oct 7 17:19:18 2015 -0300 target-i386: Ensure always-1 bits on DR6 can't be cleared Bits 4-11 and 16-31 on DR6 are documented as always 1, so ensure they can't be cleared by software. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit d0052339236072bbf08c1d600c0906126b1ab258 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 15 11:45:13 2015 -0700 target-i386: Check CR4[DE] for processing DR4/DR5 Introduce helper_get_dr so that we don't have to put CR4[DE] into the scarce HFLAGS resource. At the same time, rename helper_movl_drN_T0 to helper_set_dr and set the helper flags. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 5223a9423c5fb9e32b0c3eaaa2c0bf8c5cfd6866 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Oct 19 15:14:35 2015 -0200 target-i386: Handle I/O breakpoints Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 7525b55051277717329cf64a9e1d5cff840d6f38 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 15 11:45:11 2015 -0700 target-i386: Optimize setting dr[0-3] If the debug register is not enabled, we need do nothing besides update the register. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 696ad9e4b27a49a9706010d00b31b17fe1f0d569 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 15 11:45:10 2015 -0700 target-i386: Move hw_*breakpoint_* functions They're only used from bpt_helper.c now. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 9055330ffbf5ca85f024c29874799d9c8bd17aa9 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Oct 8 17:10:27 2015 -0300 target-i386: Ensure bit 10 on DR7 is never cleared Bit 10 of DR7 is documented as always set to 1, so ensure that's always the case. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 36eb6e096729f9aade3a6af7dbe4d0a990335d7e Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 15 11:45:09 2015 -0700 target-i386: Re-introduce optimal breakpoint removal Before the last patch, we had an efficient loop that disabled local breakpoints on task switch. Re-add that, but in a more general way that handles changes to the global enable bits too. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 93d00d0fbe4711061834730fb70525d167b6f908 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 15 11:45:08 2015 -0700 target-i386: Introduce cpu_x86_update_dr7 This moves the last of the iteration over breakpoints into the bpt_helper.c file. This also allows us to make several breakpoint functions static. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit e265e3e48049fbece9eaf536aa00ca41aa3c54d0 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Sep 2 11:19:11 2015 -0300 target-i386: Disable cache info passthrough by default The host cache information may not make sense for the guest if the VM CPU topology doesn't match the host CPU topology. To make sure we won't expose broken cache information to the guest, disable cache info passthrough by default, and add a new "host-cache-info" property that can be used to enable the old behavior for users that really need it. Cc: Benoît Canet <benoit@xxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit dd75d4fcb4a82c34d4f466e7fc166162b71ff740 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 18:25:40 2015 +0200 target-i386: allow any alignment for SMBASE Processors up to the Pentium (says Bochs---I do not have old enough manuals) require a 32KiB alignment for the SMBASE, but newer processors do not need that, and Tiano Core will use non-aligned SMBASE values. Reported-by: Michael D Kinney <michael.d.kinney@xxxxxxxxx> Cc: Laszlo Ersek <lersek@xxxxxxxxxx> Cc: Jordan Justen <jordan.l.justen@xxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 1e700f4c6cddaf29ce1d205f0f8e8b9255481930 Merge: 147482a b3e9e58 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 23 15:55:50 2015 +0100 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-10-23-tag' into staging qemu-ga patch queue * unbreak qga-test unit test on travis-ci systems by not assuming a disk-based filesystem must be present # gpg: Signature made Fri 23 Oct 2015 15:01:47 BST using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" * remotes/mdroth/tags/qga-pull-2015-10-23-tag: tests: test-qga, loosen assumptions about host filesystems Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b3e9e584fcef49be8ca0c355d11030f0bf6231b0 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Tue Oct 20 11:17:36 2015 -0500 tests: test-qga, loosen assumptions about host filesystems QGA skips pseudo-filesystems when querying filesystems via guest-get-fsinfo. On some hosts, such as travis-ci which uses containers with simfs filesystems, QGA might not report *any* filesystems. Our test case assumes there would be at least one, leading to false error messages in these situations. Instead, sanity-check values iff we get at least one filesystem. Cc: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 147482ae35b896808af68c0051ad86d3aae12979 Merge: 431429a 659f7f6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 23 13:09:09 2015 +0100 Merge remote-tracking branch 'remotes/dgibson/tags/ppc-next-20151023' into staging ppc patch queue - 2015-10-23 sPAPR highlights: * Allow VFIO devices on the spapr-pci-host-bridge * Allow virtio VGA * Safer handling of HTAB allocation * ibm,pa-features device tree property non-sPAPR highlights: * Categorization of many ppc specific devices in help output * Tweaks to MMU type constants # gpg: Signature made Fri 23 Oct 2015 07:27:56 BST using RSA key ID 20D9B392 # gpg: Good signature from "David Gibson <david@xxxxxxxxxxxxxxxxxxxxx>" # gpg: aka "David Gibson (Red Hat) <dgibson@xxxxxxxxxx>" # gpg: aka "David Gibson (ozlabs.org) <dgibson@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392 * remotes/dgibson/tags/ppc-next-20151023: (21 commits) prep: do not use CPU_LOG_IOPORT, convert to tracepoints openpic: add to misc category macio-nvram: add to misc category macio: add to bridge category uninorth: add to bridge category macio-ide: add to storage category cuda: add to bridge category grackle: add to bridge category escc: add to input category cmd646: add to storage category adb: add to input category ppc/spapr: Add "ibm,pa-features" property to the device-tree ppc: Add mmu_model defines for arch 2.03 and 2.07 hw/scsi/spapr_vscsi: Remove superfluous memset spapr_pci: Allow VFIO devices to work on the normal PCI host bridge spapr_iommu: Provide a function to switch a TCE table to allowing VFIO spapr_iommu: Rename vfio_accel parameter spapr_pci: Allow PCI host bridge DMA window to be configured spapr: Add "slb-size" property to CPU device tree nodes spapr: Abort when HTAB of requested size isn't allocated ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 431429a5b802fccf2701c37f580307c6979f4c3e Merge: dfbe064 9024603 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 23 12:09:02 2015 +0100 Merge remote-tracking branch 'remotes/berrange/tags/qcrypto-fixes-pull-20151022-2' into staging Merge qcrypto-fixes 2015/10/22 # gpg: Signature made Thu 22 Oct 2015 19:03:45 BST using RSA key ID 15104FDF # gpg: Good signature from "Daniel P. Berrange <dan@xxxxxxxxxxxx>" # gpg: aka "Daniel P. Berrange <berrange@xxxxxxxxxx>" * remotes/berrange/tags/qcrypto-fixes-pull-20151022-2: configure: avoid polluting global CFLAGS with tasn1 flags crypto: add sanity checking of plaintext/ciphertext length crypto: don't let builtin aes crash if no IV is provided crypto: allow use of nettle/gcrypt to be selected explicitly Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dfbe0642ef8e643e7e41956c8ca97f1acc9464a9 Merge: 6a6739d 7f4a930 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 23 10:24:08 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging vhost: build fix Fix build breakages when using older gcc. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu 22 Oct 2015 20:36:07 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: vhost-user: fix up rhel6 build Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 659f7f65561e78d720986d61f3112c54a97b2b96 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Oct 16 15:16:11 2015 +0200 prep: do not use CPU_LOG_IOPORT, convert to tracepoints These messages are disabled by default; a perfect usecase for tracepoints. Convert them over. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 29f8dd66e89d59f66105af9065c10e21f85cc653 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:12 2015 +0200 openpic: add to misc category openpic is a programmable interrupt controller, so add it to the misc category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 175fe9e7c886263258602262c341c472bc64be42 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:11 2015 +0200 macio-nvram: add to misc category The macio nvram is a non volatile RAM, so add it the misc category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit f9f2a9f26f74b4572c51e74be7fd97fa34c920d3 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:10 2015 +0200 macio: add to bridge category macio is a bridge between the PCI bus and the Mac nvram, IDE controller and PIC, so add it to the bridge category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 1d16f86a433a323691dcfd0f71acdc7592c114fc Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:09 2015 +0200 uninorth: add to bridge category Uninorth is the mac99 PCI host controller, so add it to the bridge category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 3469d9bce86d2e387777addb25ed8b80b7e9d2a1 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:08 2015 +0200 macio-ide: add to storage category macio-ide is an IDE controller, so add it to the storage category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 599d7326c35d323c0a2cf18ebf65c613979e7f65 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:07 2015 +0200 cuda: add to bridge category Cuda is a bridge between PowerMac system bus and the ADB controller, real-time clock, pram and the power management unit. So add it to the bridge category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit e16244355f8d5efc94df965b1f6a5a0b6c50a2f2 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:06 2015 +0200 grackle: add to bridge category Grackle is the PCI host controller of oldworld powermac, so add it to the bridge category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit f8d4c07c7807d0f7be02f42d2ee849d2eea4141e Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:05 2015 +0200 escc: add to input category ESCC is a serial port controller, so add it to the input category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 74623e7369b175fa324421f4c0047d06da3baafc Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:04 2015 +0200 cmd646: add to storage category cmd646 is an IDE controller, so add it to the storage category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 32f3a8992ea28a194678832eec1e1ffc09cbb7b1 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Sat Sep 26 18:22:03 2015 +0200 adb: add to input category The Apple Desktop Bus is used to connect a keyboard and a mouse, so add it to the input category. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 90da0d5a703839c8db9f37355107955df043b654 Author: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Date: Thu Oct 22 18:30:59 2015 +1100 ppc/spapr: Add "ibm,pa-features" property to the device-tree LoPAPR defines a "ibm,pa-features" per-CPU device tree property which describes extended features of the Processor Architecture. This adds the property to the device tree. At the moment this is the copy of what pHyp advertises except "I=1 (cache inhibited) Large Pages" which is enabled for TCG and disabled when running under HV KVM host with 4K system page size. Signed-off-by: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> [aik: rebased, changed commit log, moved ci_large_pages initialization, renamed pa_features arrays] Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit aa4bb58752310e7906683a2ac99566222c1e7228 Author: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Date: Thu Oct 22 18:30:58 2015 +1100 ppc: Add mmu_model defines for arch 2.03 and 2.07 This removes unused POWERPC_MMU_2_06a/POWERPC_MMU_2_06d. This replaces POWERPC_MMU_64B with POWERPC_MMU_2_03 for POWER5+ to be more explicit about the version of the PowerISA supported. This defines POWERPC_MMU_2_07 and uses it for the POWER8 CPU family. This will not have an immediate effect now but it will in the following patch. This should cause no behavioural change. Signed-off-by: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> [aik: rebased, changed commit log] Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit a23dec105c0faed7b9cba5d07d92df63a04dbb2e Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu Oct 8 21:35:13 2015 +0200 hw/scsi/spapr_vscsi: Remove superfluous memset g_malloc0 already clears the memory, so no need for the additional memset here. Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 185181f8835b1b68409ac4381688eafdca0172cc Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Sep 24 10:34:23 2015 +1000 spapr_pci: Allow VFIO devices to work on the normal PCI host bridge The core VFIO infrastructure more or less allows VFIO devices to work on any normal guest PCI host bridge (PHB) without extra logic. However, the "spapr-pci-host-bridge" device (as opposed to the special "spapr-pci-vfio-host-bridge" device) breaks this by using a partially KVM accelerated implementation of the guest kernel IOMMU which won't work with VFIO devices, without additional kernel support. This patch allows VFIO devices to work on the spapr-pci-host-bridge, by having it switch off KVM TCE acceleration when a VFIO device is added to the PHB (either on startup, or by hotplug). Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> commit c10325d6f9af84444120d8a6d1d59f41a282ae1b Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Oct 1 10:46:10 2015 +1000 spapr_iommu: Provide a function to switch a TCE table to allowing VFIO Because of the way non-VFIO guest IOMMU operations are KVM accelerated, not all TCE tables (guest IOMMU contexts) can support VFIO devices. Currently, this is decided at creation time. To support hotplug of VFIO devices, we need to allow a TCE table which previously didn't allow VFIO devices to be switched so that it can. This patch adds an spapr_tce_set_need_vfio() function to do this, by reallocating the table in userspace if necessary. Currently this doesn't allow the KVM acceleration to be re-enabled if all the VFIO devices are removed. That's an optimization for another time. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> commit 6a81dd172cd5d03fce593741629cb4c78fff10cb Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 30 13:42:55 2015 +1000 spapr_iommu: Rename vfio_accel parameter The vfio_accel parameter used when creating a new TCE table (guest IOMMU context) has a confusing name. What it really means is whether we need the TCE table created to be able to support VFIO devices. VFIO is relevant, because when available we use in-kernel acceleration of the TCE table, but that may not work with VFIO devices because updates to the table are handled in kernel, bypass qemu and so don't hit qemu's infrastructure for keeping the VFIO host IOMMU state in sync with the guest IOMMU state. Rename the parameter to "need_vfio" throughout. This is a cosmetic change, with no impact on the logic. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> commit f93caaac36ec3b030184055596cb56f64d0de988 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Sep 24 09:56:44 2015 +1000 spapr_pci: Allow PCI host bridge DMA window to be configured At present the PCI host bridge (PHB) for the pseries machine type has a fixed DMA window from 0..1GB (in PCI address space) which is mapped to real memory via the PAPR paravirtualized IOMMU. For better support of VFIO devices, we're going to want to allow for different configurations of the DMA window. Eventually we'll want to allow the guest itself to reconfigure the window via the PAPR dynamic DMA window interface, but as a preliminary this patch allows the user to reconfigure the window with new properties on the PHB device. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> commit fd5da5c47264a57c7d01507eaf50bf3d288ba8a4 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu Oct 1 15:30:07 2015 +0200 spapr: Add "slb-size" property to CPU device tree nodes According to a commit message in the Linux kernel (see here https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b60c31d85a2a for example), the name of the property that carries the information about the number of SLB entries should be called "slb-size", and not "ibm,slb-size". The Linux kernel can deal with both names, but to be on the safe side we should support the official name, too. [Now that LoPAPR is public, the relevant requirement can be found in section C.6.1.8 --dwg] Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 7735fedaf490cf9213cd8d487272b69a4987c851 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Sep 24 13:52:48 2015 +0530 spapr: Abort when HTAB of requested size isn't allocated Terminate the guest when HTAB of requested size isn't allocated by the host. When memory hotplug is attempted on a guest that has booted with less than requested HTAB size, the guest kernel will not be able to gracefully fail the hotplug request. This patch will ensure that we never end up in a situation where memory hotplug fails due to less than requested HTAB size. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit b817772a2521defba513b64b1d08238f24c50657 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Sep 24 13:52:47 2015 +0530 spapr: Allocate HTAB from machine init Allocate HTAB from ppc_spapr_init() so that we can abort the guest if requested HTAB size is't allocated by the host. However retain the htab reset call in spapr_reset_htab() so that HTAB gets reset (and not allocated) during machine reset. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 7f4a930e64b9e69cd340395a7e4f0494aef4fcdd Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Oct 22 22:28:37 2015 +0300 vhost-user: fix up rhel6 build Build on RHEL6 fails: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=42875 Apparently unnamed unions couldn't use C99 named field initializers. Let's just name the payload union field. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 90246037760a2a1d64da67782200b690de24cc49 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Mon Sep 21 17:25:34 2015 +0100 configure: avoid polluting global CFLAGS with tasn1 flags The previous commit commit 9a2fd4347c40321f5cbb4ab4220e759fcbf87d03 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Mon Apr 13 14:01:39 2015 +0100 crypto: add sanity checking of TLS x509 credentials defined new variables $TEST_LIBS and $TEST_CFLAGS and used them in tests/Makefile to augment $LIBS and $CFLAGS. Unfortunately this overlooks the fact that tests/Makefile is not executed via recursive-make, it is just pulled into the top level Makefile via an include statement. So rather than just augmenting the compiler/linker flags for tests it polluted the global flags. This is thought to be behind a reported failure when building the pixman module as a sub-module, since global $CFLAGS are passed down to configure in pixman. This change removes the $TEST_LIBS and $TEST_CFLAGS replacing them with $TASN1_LIBS and $TASN1_CFLAGS, setting only against specific objects/executables that need them. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 3a661f1eabf7e8db66e28489884d9b54aacb94ea Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Oct 16 16:35:06 2015 +0100 crypto: add sanity checking of plaintext/ciphertext length When encrypting/decrypting data, the plaintext/ciphertext buffers are required to be a multiple of the cipher block size. If this is not done, nettle will abort and gcrypt will report an error. To get consistent behaviour add explicit checks upfront for the buffer sizes. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit eb2a770b178b9040c3fc04ee31dc38d1775db09a Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Oct 16 13:23:13 2015 +0100 crypto: don't let builtin aes crash if no IV is provided If no IV is provided, then use a default IV of all-zeros instead of crashing. This gives parity with gcrypt and nettle backends. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 91bfcdb01d4869aa8f4cb67007827de63b8c2217 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Oct 16 16:36:53 2015 +0100 crypto: allow use of nettle/gcrypt to be selected explicitly Currently the choice of whether to use nettle or gcrypt is made based on what gnutls is linked to. There are times when it is desirable to be able to force build against a specific library. For example, if testing changes to QEMU's crypto code all 3 possible backends need to be checked regardless of what the local gnutls uses. It is also desirable to be able to enable nettle/gcrypt for cipher/hash algorithms, without enabling gnutls for TLS support. This gives two new configure flags, which allow the following possibilities Automatically determine nettle vs gcrypt from what gnutls links to (recommended to minimize number of crypto libraries linked to) ./configure Automatically determine nettle vs gcrypt based on which is installed ./configure --disable-gnutls Force use of nettle ./configure --enable-nettle Force use of gcrypt ./configure --enable-gcrypt Force use of built-in AES & crippled-DES ./configure --disable-nettle --disable-gcrypt Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 2a080ce26682f35517b0e20f4ad10559e9270b5d Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Tue Oct 20 23:19:02 2015 +0800 target-tilegx: Implement prefetch instructions in pipe y2 Originally, tilegx qemu only implement prefetch instructions in pipe x1, did not implement them in pipe y2. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 6a6739de510706e1d337180d12be74ebbd0c7666 Merge: b803894 89a82cd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 22 18:01:53 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20151021' into staging Collected tcg backend patches # gpg: Signature made Wed 21 Oct 2015 22:34:28 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20151021: cpu-exec: Add "nochain" debug flag tcg/mips: Support r6 SEL{NE, EQ}Z instead of MOVN/MOVZ tcg/mips: Support r6 multiply/divide encodings tcg/mips: Support r6 JR encoding tcg/mips: Add use_mips32r6_instructions definition disas/mips: Add R6 jr/jr.hb to disassembler tcg-opc.h: Simplify insn_start def tcg/ppc: Prefer mask over andi. tcg/ppc: Revise goto_tb implementation tcg/ppc: Adjust exit_tb for change in prologue placement Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b803894e2c4d744ccc113ca6cbe6654ec80c1dc6 Merge: ca3e40e 0960be7 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 22 17:33:54 2015 +0100 Merge remote-tracking branch 'remotes/afaerber/tags/qom-cpu-for-peter' into staging QOM CPUState and X86CPU * Adoption of CPUClass::disas_set_info() hook # gpg: Signature made Thu 22 Oct 2015 17:11:24 BST using RSA key ID 3E7E013F # gpg: Good signature from "Andreas Färber <afaerber@xxxxxxx>" # gpg: aka "Andreas Färber <afaerber@xxxxxxxx>" * remotes/afaerber/tags/qom-cpu-for-peter: disas: QOMify alpha specific disas setup disas: QOMify mips specific disas setup disas: QOMify sh4 specific disas setup disas: QOMify lm32 specific disas setup disas: QOMify sparc specific disas setup disas: QOMify m68k specific disas setup disas: QOMify moxie specific disas setup disas: QOMify s390x specific disas setup Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0960be7cffa7b30189f2f0f76b1ac3c8115660f3 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Jul 11 19:00:05 2015 -0700 disas: QOMify alpha specific disas setup Move the target_disas() alpha specifics to the CPUClass::disas_set_info() hook and delete the #ifdef specific code in disas.c. This also makes monitor_disas() consistent with target_disas(), as monitor_disas() was missing a set of the BFD (This was an omission from commit b9bec751c8c8b08d8055da32306eb105db03031b). Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 63a946c7e3b081d56e617bf264fcb2881a982848 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Jul 11 19:00:04 2015 -0700 disas: QOMify mips specific disas setup Move the target_disas() mips specifics to the CPUClass::disas_set_info() hook and delete the #ifdef specific code in disas.c. Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit d49dd523e459a4c001a0c87a438fd2fa1f5b4bae Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Jul 11 19:00:03 2015 -0700 disas: QOMify sh4 specific disas setup Move the target_disas() sh4 specifics to the CPUClass::disas_set_info() hook and delete the #ifdef specific code in disas.c. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 20984673e68ebd069222512c876b846ff2425cc0 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Jul 11 19:00:02 2015 -0700 disas: QOMify lm32 specific disas setup Move the target_disas() lm32 specifics to the CPUClass::disas_set_info() hook and delete the #ifdef specific code in disas.c. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Michael Walle <michael@xxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit df0900eb89a0672a3f924b7e8d20163dee2383db Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Jul 11 19:00:01 2015 -0700 disas: QOMify sparc specific disas setup Move the target_disas() sparc specifics to the QOM disas_set_info hook and delete the #ifdef specific code in disas.c. Cc: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 4f669905d95bbb6296338f9e86ffcdd8eae453d2 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Jul 11 19:00:00 2015 -0700 disas: QOMify m68k specific disas setup Move the target_disas() m68k specifics to the CPUClass::disas_set_info() hook and delete the #ifdef specific code in disas.c. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Greg Ungerer <gerg@xxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 9f87a4cacd397e82e80c9512627ce5e190dfa971 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Jul 11 18:59:59 2015 -0700 disas: QOMify moxie specific disas setup Move the target_disas() moxie specifics to the CPUClass::disas_set_info() hook and delete the #ifdef specific code in disas.c. Cc: Anthony Green <green@xxxxxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit dbad6b74b3de6ce839bd870657b6bcc192e3b74a Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Jul 11 18:59:58 2015 -0700 disas: QOMify s390x specific disas setup Move the target_disas() s390 specifics to the CPUClass::disas_set_info() hook and delete the #ifdef specific code in disas.c. Cc: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit ca3e40e233e87f7b29442311736a82da01c0df7b Merge: c1bd899 3c23402 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 22 12:41:44 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging vhost, pc, virtio features, fixes, cleanups New features: VT-d support for devices behind a bridge vhost-user migration support Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu 22 Oct 2015 12:39:19 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: (37 commits) hw/isa/lpc_ich9: inject the SMI on the VCPU that is writing to APM_CNT i386: keep cpu_model field in MachineState uptodate vhost: set the correct queue index in case of migration with multiqueue piix: fix resource leak reported by Coverity seccomp: add memfd_create to whitelist vhost-user-test: check ownership during migration vhost-user-test: add live-migration test vhost-user-test: learn to tweak various qemu arguments vhost-user-test: wrap server in TestServer struct vhost-user-test: remove useless static check vhost-user-test: move wait_for_fds() out vhost: add migration block if memfd failed vhost-user: use an enum helper for features mask vhost user: add rarp sending after live migration for legacy guest vhost user: add support of live migration net: add trace_vhost_user_event vhost-user: document migration log vhost: use a function for each call vhost-user: add a migration blocker vhost-user: send log shm fd along with log_base ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3c23402d4032f69af44a87fdb8019ad3229a4f31 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Tue Oct 20 20:14:00 2015 +0200 hw/isa/lpc_ich9: inject the SMI on the VCPU that is writing to APM_CNT Commit 4d00636e97b7 ("ich9: Add the lpc chip", Nov 14 2012) added the ich9_apm_ctrl_changed() ioport write callback function such that it would inject the SMI, in response to a write to the APM_CNT register, on the first CPU, invariably. Since this register is used by guest code to trigger an SMI synchronously, the interrupt should be injected on the VCPU that is performing the write. apm_ioport_writeb() is the .write callback of the "apm_ops" MemoryRegionOps [hw/isa/apm.c]; it is parametrized to call ich9_apm_ctrl_changed() by ich9_lpc_init() [hw/isa/lpc_ich9.c], via apm_init(). Therefore this change affects no other board. ich9_generate_smi() is an unrelated function that is called by the TCO watchdog; a watchdog is likely in its right to (asynchronously) inject interrupts on the first CPU only. This patch allows the combined edk2/OVMF SMM driver stack to work with multiple VCPUs on TCG, using both qemu-system-i386 and qemu-system-x86_64. Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Cc: Jordan Justen <jordan.l.justen@xxxxxxxxx> Cc: Michael Kinney <michael.d.kinney@xxxxxxxxx> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 4884b7bfe962e659c0e20c1d0de6f307d58f09be Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Thu Oct 15 11:12:12 2015 +0800 i386: keep cpu_model field in MachineState uptodate Update cpu_model in MachineState for i386, so that the field can be used for cpu hotplug, instead of using a static variable. This patch is rebased on the latest master. Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Acked-by: Andreas Färber <afaerber@xxxxxxx> commit 25a2a920dddcf72896d94b37b6048a8147bc3198 Author: Thibaut Collet <thibaut.collet@xxxxxxxxx> Date: Mon Oct 19 14:59:27 2015 +0200 vhost: set the correct queue index in case of migration with multiqueue When a live migration is started the log address to mark dirty pages is provided to the vhost backend through the vhost_dev_set_log function. This function is called for each queue pairs but the queue index is wrongly set: always set to the first queue pair. Then vhost backend lost descriptor addresses of the queue pairs greater than 1 and behaviour of the vhost backend is unpredictable. The queue index is computed by taking account of the vq_index (to retrieve the queue pair index) and calling the vhost_get_vq_index method of the backend. Signed-off-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit e3fce97cf500c61f23df8e0245e08625fc375295 Author: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Date: Mon Sep 14 18:40:10 2015 +0800 piix: fix resource leak reported by Coverity config_fd should be closed before return, or there will be a resource leak error. Signed-off-by: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit f8d82b8eb81d3ea29325b4046fafa8ed41e32449 Author: Eduardo Otubo <eduardo.otubo@xxxxxxxxxxxxxxxx> Date: Fri Oct 9 17:17:41 2015 +0200 seccomp: add memfd_create to whitelist This is used by memfd code. Signed-off-by: Eduardo Otubo <eduardo.otubo@xxxxxxxxxxxxxxxx> Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 1d9edff78fa0b294d6084df76da89e20ee93fdab Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:40 2015 +0200 vhost-user-test: check ownership during migration Check that backend source and destination do not have simultaneous ownership during migration. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit b181974724e106c62e4d0ecbe085df09b8a482bb Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:39 2015 +0200 vhost-user-test: add live-migration test This test checks that the log fd is given to the migration source, and mark dirty pages during migration. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 704b216887ef4a6c0fe981206bd6d43f3b6863cd Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:38 2015 +0200 vhost-user-test: learn to tweak various qemu arguments Add a new macro to make the qemu command line with other values of memory size, and specific chardev id. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit ae31fb5491493c82fface26f7902da7130b70575 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:37 2015 +0200 vhost-user-test: wrap server in TestServer struct In the coming patches, a test will use several servers simultaneously. Wrap the server in a struct, out of the global scope. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 82755ff202e96ad9bc74c1268481f96e50907ae1 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:36 2015 +0200 vhost-user-test: remove useless static check Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit cf72b57f894dd47c32750cf51de1d195a19c5e48 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:35 2015 +0200 vhost-user-test: move wait_for_fds() out This function is a precondition for most vhost-user tests. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 31190ed781a81d2de65cea405e4cb3441ab929fc Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:34 2015 +0200 vhost: add migration block if memfd failed Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit de1372d466fb4a7bed13f64f50bff14aaa4a5931 Author: Thibaut Collet <thibaut.collet@xxxxxxxxx> Date: Fri Oct 9 17:17:33 2015 +0200 vhost-user: use an enum helper for features mask The VHOST_USER_PROTOCOL_FEATURE_MASK will be automatically updated when adding new features to the enum. Signed-off-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> [Adapted from mailing list discussion - Marc-André] Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 3e866365e1eb6bcfa2d01c21debb05b9e47a47f7 Author: Thibaut Collet <thibaut.collet@xxxxxxxxx> Date: Fri Oct 9 17:17:32 2015 +0200 vhost user: add rarp sending after live migration for legacy guest A new vhost user message is added to allow QEMU to ask to vhost user backend to broadcast a fake RARP after live migration for guest without GUEST_ANNOUNCE capability. This new message is sent only if the backend supports the new VHOST_USER_PROTOCOL_F_RARP protocol feature. The payload of this new message is the MAC address of the guest (not known by the backend). The MAC address is copied in the first 6 bytes of a u64 to avoid to create a new payload message type. This new message has no equivalent ioctl so a new callback is added in the userOps structure to send the request. Upon reception of this new message the vhost user backend must generate and broadcast a fake RARP request to notify the migration is terminated. Signed-off-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> [Rebased and fixed checkpatch errors - Marc-André] Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit f6f56291de879827766d17b172465d4377ad2c11 Author: Thibaut Collet <thibaut.collet@xxxxxxxxx> Date: Fri Oct 9 17:17:31 2015 +0200 vhost user: add support of live migration Some vhost user backends are able to support live migration. To provide this service the following features must be added: 1. Add the VIRTIO_NET_F_GUEST_ANNOUNCE capability to vhost-net when netdev backend is vhost-user. 2. Provide a nop receive callback to vhost-user. This callback is called by: * qemu_announce_self after a migration to send fake RARP to avoid network outage for peers talking to the migrated guest. - For guest with GUEST_ANNOUNCE capabilities, guest already sends GARP when the bit VIRTIO_NET_S_ANNOUNCE is set. => These packets must be discarded. - For guest without GUEST_ANNOUNCE capabilities, migration termination is notified when the guest sends packets. => These packets can be discarded. * virtio_net_tx_bh with a dummy boot to send fake bootp/dhcp request. BIOS guest manages virtio driver to send 4 bootp/dhcp request in case of dummy boot. => These packets must be discarded. Signed-off-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 69b32a6ce4e1a6096a496996fcda833eb54e81b9 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:30 2015 +0200 net: add trace_vhost_user_event Replace error_report() and use tracing instead. It's not an error to get a connection or a disconnection, so silence this and trace it instead. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit c62b91e5804e7d2b1e8e253fc4031b4ea67a11f7 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:29 2015 +0200 vhost-user: document migration log Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 21e704256dea24baf93b169f5d7b0e7fe684bd15 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:28 2015 +0200 vhost: use a function for each call Replace the generic vhost_call() by specific functions for each function call to help with type safety and changing arguments. While doing this, I found that "unsigned long long" and "uint64_t" were used interchangeably and causing compilation warnings, using uint64_t instead, as the vhost & protocol specifies. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> [Fix enum usage and MQ - Thibaut Collet] Signed-off-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit d2fc4402cb152d3e526f736d7d53dbd050ef8794 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:27 2015 +0200 vhost-user: add a migration blocker If VHOST_USER_PROTOCOL_F_LOG_SHMFD is not announced, block vhost-user migration. The blocker is removed in vhost_dev_cleanup(). Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 9a78a5dd272a190d262b5ba5d4721ab93d48c564 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:26 2015 +0200 vhost-user: send log shm fd along with log_base Send the shm for the dirty pages logging if the backend supports VHOST_USER_PROTOCOL_F_LOG_SHMFD. Wait for a reply to make sure the old log is no longer used. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 15324404f68cde561d0eeee3d18a7b203f57f095 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:25 2015 +0200 vhost: alloc shareable log If the backend is requires it, allocate shareable memory. vhost_log_get() now uses 2 globals "vhost_log" and "vhost_log_shm", that way there is a common non-shareable log and a common shareable one. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 1be0ac2109fbaca6e730ac578f0564507d173e2d Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:24 2015 +0200 vhost-user: add vhost_user_requires_shm_log() Check if the backend has VHOST_USER_PROTOCOL_F_LOG_SHMFD feature and require a shared log. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit c2bea314f6a2870b847c79e2e11263c5f9334db7 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:23 2015 +0200 vhost: add vhost_set_log_base op Split VHOST_SET_LOG_BASE call in a seperate function callback, so that type safety works and more arguments can be added in the next patches. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 636f4dddfe48ccabaf5198bba440354d6a268d62 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:22 2015 +0200 vhost: document log resizing Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 35f9b6ef3acc9d0546c395a566b04e63ca84e302 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:21 2015 +0200 util: add fallback for qemu_memfd_alloc() Add an open/unlink/mmap fallback for system that do not support memfd (only available since 3.17, ~1y ago). This patch may require additional SELinux policies to work for enforced systems, but should fail gracefully in this case. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit d3592199ba3db504c6585115b9531b4cf7c50a0d Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:20 2015 +0200 util: add memfd helpers Add qemu_memfd_alloc/free() helpers. The function helps to allocate and seal shared memory. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit f04cf9239addd12d6be9e7ff137262755e3680d3 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:19 2015 +0200 util: add linux-only memfd fallback Implement memfd_create() fallback if not available in system libc. memfd_create() is still not included in glibc today, atlhough it's been available since Linux 3.17 in Oct 2014. memfd has numerous advantages over traditional shm/mmap for ipc memory sharing with fd handler, which we are going to make use of for vhost-user logging memory in following patches. The next patches are going to introduce helpers to use best practices of memfd usage and provide some compatibility fallback. memfd.c is thus temporarily useless and eventually empty if memfd_create() is provided by the system. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit e2792004580e42b86345d141493b1f12ba358fd8 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:18 2015 +0200 build-sys: split util-obj- on multi-lines Make it easier to add new unrelated units with shorter lines. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 1842bdfdbac2ec46f2934d8914c874db83dd1344 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:17 2015 +0200 linux-headers: add unistd.h New syscalls are not yet widely distributed. Add them to qemu linux-headers include directory. Update based on v4.3-rc3 kernel headers. Exclude mips for now, which is more problematic due to extra header inclusion and probably unnecessary here. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 751bcc3981d80594a3943166401af15b76781a5b Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 9 17:17:16 2015 +0200 configure: probe for memfd Check if memfd_create() is part of system libc. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 22de58fe152d68b248bc14efd7affe72286079e5 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Sep 17 18:42:57 2015 +0200 virtio: add some migration doc Try to cover the basics of virtio migration. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> commit aebf81680bf49c5953d7ae9ebb7b98c0f4dad8f3 Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Tue Oct 6 10:37:29 2015 +0200 vhost: fail backend intialization early Don't initialize vhost backend if memslots number exceeds the supported limit. This prevents failures down the road when backend is actually started. [MST: rewrite commit log] Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 3fad87881e55aaff659408dcf25fa204f89a7896 Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Tue Oct 6 10:37:28 2015 +0200 pc-dimm: add vhost slots limit check before commiting to hotplug it allows safely cancel memory hotplug if vhost backend doesn't support necessary amount of memory slots and prevents QEMU crashing in vhost due to hitting vhost limit on amount of supported memory ranges. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 2ce68e4cf5be9b5176a3c3c372948d6340724d2d Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Tue Oct 6 10:37:27 2015 +0200 vhost: add vhost_has_free_slot() interface it will allow for other parts of QEMU check if it's safe to map memory region during hotplug/runtime. That way hotplug path will have a chance to cancel hotplug operation instead of crashing in vhost_commit(). Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c1bd8997438f1b556acfeab1d52245ff7cc680c0 Merge: 8bfaa25 19b7bec Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Oct 21 21:21:29 2015 +0100 Merge remote-tracking branch 'remotes/xtensa/tags/20151021-xtensa' into staging Xtensa updates: - fix register window overflow with l32e/s32e instructions; - make MMU events logging dependent on CPU_LOG_MMU; - attach FLASH to system I/O region on XTFPGA boards; - implement depbits and l32nb instructions. # gpg: Signature made Wed 21 Oct 2015 19:34:02 BST using RSA key ID F83FA044 # gpg: Good signature from "Max Filippov <max.filippov@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Max Filippov <jcmvbkbc@xxxxxxxxx>" * remotes/xtensa/tags/20151021-xtensa: target-xtensa: implement S32NB target-xtensa: implement depbits instruction target-xtensa: xtfpga: attach FLASH to system IO target-xtensa: use CPU_LOG_MMU for MMU event logging target-xtensa: add window overflow check to L32E/S32E Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 19b7bec4a37b081ed326293148fd793f04896b59 Author: Max Filippov <jcmvbkbc@xxxxxxxxx> Date: Sun Jul 19 09:49:00 2015 +0300 target-xtensa: implement S32NB S32NB provides the same functionality as S32I with two exceptions. First, when its operation leaves the processor, the external transaction is marked Non-Bufferable. Second, it may not be used to write to Instruction RAM. In QEMU S32NB is equivalent to S32I. Signed-off-by: Max Filippov <jcmvbkbc@xxxxxxxxx> commit 5eeb40c5b1f00c4ee4fcf2f33087697d7ba6f5f6 Author: Max Filippov <jcmvbkbc@xxxxxxxxx> Date: Sun Jul 12 02:10:17 2015 +0300 target-xtensa: implement depbits instruction This option provides an instruction for depositing a bit field from the least significant position of one register to an arbitrary position in another register. Signed-off-by: Max Filippov <jcmvbkbc@xxxxxxxxx> commit 68931a4082812f56657b39168e815c48f0ab0a8c Author: Max Filippov <jcmvbkbc@xxxxxxxxx> Date: Sun Sep 27 18:21:19 2015 +0300 target-xtensa: xtfpga: attach FLASH to system IO XTFPGA FLASH is tied to XTFPGA system IO block. It's not very important for systems with MMU where system IO block is visible at single location, but it's important for noMMU systems, where system IO block is accessible through two separate physical address ranges. Map XTFPGA FLASH to system IO block and fix offsets used for mapping. Create and initialize FLASH device with series of qdev_prop_set_* as that's the preferred interface now. Keep initialization in a separate function. Signed-off-by: Max Filippov <jcmvbkbc@xxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> commit 5577e57b078a118595071241aba6dac8725a7640 Author: Max Filippov <jcmvbkbc@xxxxxxxxx> Date: Mon Sep 21 20:37:07 2015 +0300 target-xtensa: use CPU_LOG_MMU for MMU event logging Signed-off-by: Max Filippov <jcmvbkbc@xxxxxxxxx> commit f822b7e497fa6a662094b491f86441015f363362 Author: Max Filippov <jcmvbkbc@xxxxxxxxx> Date: Sun Jul 19 10:02:37 2015 +0300 target-xtensa: add window overflow check to L32E/S32E Despite L32E and S32E primary use is for window underflow and overflow exception handlers they are just normal instructions, and thus need to check for window overflow. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Max Filippov <jcmvbkbc@xxxxxxxxx> commit 8bfaa25fce2c22060a17501980943538801056de Merge: 426c0df 1cd4e0f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Oct 21 15:07:42 2015 +0100 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20151021-v2' into staging More s390x patches. The first ones are fixes: A regression, missed compat and a missed part of the SIMD support. The others contain optimizations and cleanup. # gpg: Signature made Wed 21 Oct 2015 11:24:48 BST using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20151021-v2: s390x/cmma: clean up cmma reset s390x: reset crypto only on clear reset and QEMU reset s390x: machine reset function with new ipl cpu handling s390x/ipl: we always have an ipl device s390x: unify device reset during subsystem_reset() s390x: flagify mcic values s390x/kvm: Fix vector validity bit in device machine checks s390x/virtio-ccw: fix 2.4 virtio compat util/qemu-config: fix missing machine command line options Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1cd4e0f6f0a6b1978a5868b41d4faae2071dc4ee Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 21 11:11:11 2015 +0200 s390x/cmma: clean up cmma reset The cmma reset is per VM, so we don't need a cpu object. We can directly make use of kvm_state, as it is already available when the reset is called. By moving the cmma reset in our machine reset function, we can avoid a manual reset handler. Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 4ab729207fe1464b19c6bec609cd545ab717174a Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Wed Sep 30 13:48:45 2015 +0200 s390x: reset crypto only on clear reset and QEMU reset Initializing VM crypto in initial cpu reset has multiple problems 1. We call the exact same function #VCPU times, although one time is enough 2. On SIGP initial cpu reset, we exchange the wrapping key while other VCPUs are running. Bad! 3. It is simply wrong. According to the Pop, a reset happens only during a clear reset. So, we have to reset the keys - on modified clear reset - on load clear (QEMU reset - via machine reset) - on qemu start (via machine reset) Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit db3b2566e0fb45e2901b6f9b842d91db6963915d Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 21 13:47:32 2015 +0200 s390x: machine reset function with new ipl cpu handling Current implementation depends on the order of resets getting triggered. If a cpu reset is triggered after the ipl device reset, the CPU is stopped and the VM will not run. In fact, that hinders us from converting the ipl device into a TYPE_DEVICE. Let's change that by manually configuring the ipl cpu during a system reset, so we have full control and can demangle that code. Also remove the superflous cpu parameter from s390_update_iplstate on the way. Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit feacc6c2c8fff037f67a89402b29923251833425 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Thu Jun 25 09:55:55 2015 +0200 s390x/ipl: we always have an ipl device Both s390 machines unconditionally create an ipl device, so no need to handle the missing case. Now we can also change s390_ipl_update_diag308() to return void. Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 09c7f58ca9613ccfb1ca13031d0ff3b1794bd782 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 21 10:58:38 2015 +0200 s390x: unify device reset during subsystem_reset() We have to manually reset several devices that are not on a bus: Let's collect them in an array. Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 052bd52fa978d3f04bc476137ad6e1b9a697f9bd Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Oct 14 12:11:27 2015 +0300 net: don't set native endianness commit 5be7d9f1b1452613b95c6ba70b8d7ad3d0797991 vhost-net: tell tap backend about the vnet endianness makes vhost net always try to set LE - even if that matches the native endian-ness. This makes it fail on older kernels on x86 without TUNSETVNETLE support. To fix, make qemu_set_vnet_le/qemu_set_vnet_be skip the ioctl if it matches the host endian-ness. Reported-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Cc: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> commit 794e8f301a17953efa78ab7538019ec43c59e82a Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Sep 24 14:41:17 2015 +0300 exec: factor out duplicate mmap code Anonymous and file-backed RAM allocation are now almost exactly the same. Reduce code duplication by moving RAM mmap code out of oslib-posix.c and exec.c. Reported-by: Marc-André Lureau <mlureau@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Tested-by: Thibaut Collet <thibaut.collet@xxxxxxxxx> commit 426c0df9e3e6e64c7ea489092c57088ca4d227d0 Merge: ee9dfed 88c5f20 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 20 16:51:43 2015 +0100 Merge remote-tracking branch 'remotes/berrange/tags/io-channel-3-for-upstream' into staging Merge io-channels-3 partial branch # gpg: Signature made Tue 20 Oct 2015 16:36:10 BST using RSA key ID 15104FDF # gpg: Good signature from "Daniel P. Berrange <dan@xxxxxxxxxxxx>" # gpg: aka "Daniel P. Berrange <berrange@xxxxxxxxxx>" * remotes/berrange/tags/io-channel-3-for-upstream: util: pull Buffer code out of VNC module coroutine: move into libqemuutil.a library osdep: add qemu_fork() wrapper for safely handling signals ui: convert VNC startup code to use SocketAddress sockets: allow port to be NULL when listening on IP address sockets: move qapi_copy_SocketAddress into qemu-sockets.c sockets: add helpers for creating SocketAddress from a socket Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b080364aedfc294c53c4c4af255efcf007b35d9d Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Oct 8 15:05:46 2015 +0200 s390x: flagify mcic values Instead of using magic values when building the machine check interruption code, add some defines as by chapter 11-14 in the PoP. This should make it easier to catch problems like the missing vector register validity bit ("s390x/kvm: Fix vector validity bit in device machine checks"), and less hassle should we want to generate machine checks beyond the channel reports we currently support. Acked-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 2ab75df38e34fe9bc271b5115ab52114e6e63a89 Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Wed Oct 7 10:29:42 2015 +0200 s390x/kvm: Fix vector validity bit in device machine checks Device hotplugs trigger a crw machine check. All machine checks have validity bits for certain register types. With vector support we also have to claim that vector registers are valid. This is a band-aid suitable for stable. Long term we should create the full mcic value dynamically depending on the active features in the kernel interrupt handler. Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 085b0b055b189e8846ca3108e6774e3b9e60c1ce Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Oct 8 15:11:34 2015 +0200 s390x/virtio-ccw: fix 2.4 virtio compat Commit 542571d5 ("virtio-ccw: enable virtio-1") missed some virtio devices for the 2.4 compat handling. Add them. Fixes: 542571d5 ("virtio-ccw: enable virtio-1") Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 5bcfa0c543b42a560673cafd3b5225900ef617e1 Author: Tony Krowiak <akrowiak@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 12 11:36:21 2015 -0400 util/qemu-config: fix missing machine command line options Commit 0a7cf217 ("util/qemu-config: fix regression of qmp_query_command_line_options") aimed to restore parsing of global machine options, but missed two: "aes-key-wrap" and "dea-key-wrap" (which were present in the initial version of that patch). Let's add them to the machine_opts again. Fixes: 0a7cf217 ("util/qemu-config: fix regression of qmp_query_command_line_options") CC: Marcel Apfelbaum <marcel@xxxxxxxxxx> CC: qemu-stable@xxxxxxxxxx Signed-off-by: Tony Krowiak <akrowiak@xxxxxxxxxxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Tested-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Message-Id: <1444664181-28023-1-git-send-email-akrowiak@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 88c5f205fa4c095db4c50eb7ad72816140206819 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Mar 3 17:13:42 2015 +0000 util: pull Buffer code out of VNC module The Buffer code in the VNC server is useful for the IO channel code, so pull it out into a shared module, QIOBuffer. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 10817bf09d5f8cb22711fb0ee8d8da49f6f05f89 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Sep 1 14:48:02 2015 +0100 coroutine: move into libqemuutil.a library The coroutine files are currently referenced by the block-obj-y variable. The coroutine functionality though is already used by more than just the block code. eg migration code uses coroutine yield. In the future the I/O channel code will also use the coroutine yield functionality. Since the coroutine code is nicely self-contained it can be easily built as part of the libqemuutil.a library, making it widely available. The headers are also moved into include/qemu, instead of the include/block directory, since they are now part of the util codebase, and the impl was never in the block/ directory either. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 57cb38b3833c5215131b983f181b26d6ba9b8d35 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Aug 28 14:40:01 2015 +0100 osdep: add qemu_fork() wrapper for safely handling signals When using regular fork() the child process of course inherits all the parents' signal handlers. If the child then proceeds to close() any open file descriptors, it may break some of those registered signal handlers. The child generally does not want to ever run any of the signal handlers that the parent may have installed in the short time before it exec's. The parent may also have blocked various signals which the child process will want enabled. This introduces a wrapper qemu_fork() that takes care to sanitize signal handling across fork. Before forking it blocks all signals in the parent thread. After fork returns, the parent unblocks the signals and carries on as usual. The child, however, resets all the signal handlers back to their defaults before it unblocks signals. The child process can now exec the binary in a "clean" signal environment. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit e0d03b8ceb52e390b8b0a5db1762a8435dd8a44e Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Aug 14 18:56:44 2015 +0100 ui: convert VNC startup code to use SocketAddress The VNC code is currently using QemuOpts to configure the sockets connections / listeners it needs. Convert it to use SocketAddress to bring it in line with modern QAPI based code elsewhere in QEMU. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 0983f5e6af76d5df8c6346cbdfff9d8305fb6da0 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Sep 1 14:46:50 2015 +0100 sockets: allow port to be NULL when listening on IP address If the port in the SocketAddress struct is NULL, it can allow the kernel to automatically select a free port. This is useful in particular in unit tests to avoid a race trying to find a free port to run a test case on. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 2a8e21c7c8dcb7d235cfd256be36b7e8f9f3fcb3 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Aug 14 18:18:41 2015 +0100 sockets: move qapi_copy_SocketAddress into qemu-sockets.c The qapi_copy_SocketAddress method is going to be useful in more places than just qemu-char.c, so move it into the qemu-sockets.c file to allow its reuse. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 17c55decec2a516cf7f290ec8a5f4f207531e8b4 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri May 1 17:36:20 2015 +0100 sockets: add helpers for creating SocketAddress from a socket Add two helper methods that, given a socket file descriptor, can return a populated SocketAddress struct containing either the local or remote address information. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit ee9dfed242610ecb91418270fd46b875ed56e201 Merge: b38c049 d9460a7 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 20 12:56:45 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20151020-1' into staging virtio-input: ignore events until the guest driver is ready # gpg: Signature made Tue 20 Oct 2015 08:10:00 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-input-20151020-1: virtio-input: ignore events until the guest driver is ready Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b38c0494c141e2d7dabb3ecbf380305b74f9e330 Merge: df81978 5829b09 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 20 12:17:53 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20151020-1' into staging vga: enable virtio-vga for pseries, vmsvga cursor checks. # gpg: Signature made Tue 20 Oct 2015 08:27:44 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vga-20151020-1: vmsvga: more cursor checks ppc/spapr: Allow VIRTIO_VGA Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit df8197836844275ef805c9031008eb3b20a89b83 Merge: c14e42d 2cc06a8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 20 11:45:23 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-fw_cfg-20151020-1' into staging fw_cfg: add dma interface, add strings via cmdline. # gpg: Signature made Tue 20 Oct 2015 07:07:34 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-fw_cfg-20151020-1: fw_cfg: Define a static signature to be returned on DMA port reads Enable fw_cfg DMA interface for x86 Enable fw_cfg DMA interface for ARM Implement fw_cfg DMA interface fw_cfg DMA interface documentation fw_cfg: document fw_cfg_modify_iXX() update functions fw_cfg: insert string blobs via qemu cmdline Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c14e42d7a4495ecbad7bf8b3d603272e3a8992a1 Merge: f52dd72 37bc43f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 20 10:52:56 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20151020-1' into staging usb: misc small tweaks. # gpg: Signature made Tue 20 Oct 2015 08:24:09 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-usb-20151020-1: usb-audio: increate default buffer size usb: print device id in "info usb" monitor command usb-host: add wakeup call for iso xfers Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f52dd72dc1a679529e13e51a7b57e787455f92f0 Merge: 26c7be8 e853ea1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 20 09:04:20 2015 +0100 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-10-14-v4-tag' into staging qemu-ga patch queue * add unit tests for qemu-ga * add guest-exec support for posix/w32 guests * added 'qemu-ga' target for w32. this allows us to do full MSI build, without overloading 'qemu-ga.exe' target with uneeded dependencies. * number of s/g_new/g_malloc/ conversions for qga v2: * commit message and qapi documentation spelling fixes * rename 'inp-data' guest-exec param to 'input-data' v3: * fix OSX build errors for test-qga by using PRId64 format in place of glib's, and dropping use of G_SPAWN_DEFAULT macro for glib 2.22 compat * fix win32 build warnings for 32-bit builds by avoid int casts of process HANDLEs v4: * assert connect_qga() doesn't fail * only enable test-qga for linux hosts * allow get-memory-block-info* to fail if memory blocks aren't exposed in sysfs # gpg: Signature made Tue 20 Oct 2015 00:33:43 BST using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" * remotes/mdroth/tags/qga-pull-2015-10-14-v4-tag: qga: fix uninitialized value warning for win32 qga: guest-exec simple stdin/stdout/stderr redirection qga: handle G_IO_STATUS_AGAIN in ga_channel_write_all() qga: handle possible SIGPIPE in guest-file-write qga: guest exec functionality qga: drop guest_file_init helper and replace it with static initializers tests: add a local test for guest agent qga: guest-get-memory-blocks shouldn't fail for unexposed memory blocks glib-compat: add 2.38/2.40/2.46 asserts qtest: add a few fd-level qmp helpers qga: do not override configuration verbosity qga: add QGA_CONF environment variable qga: Use g_new() & friends where that makes obvious sense build: qemu-ga: add 'qemu-ga' build target for w32 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5829b097204189c56dd1fb62c7f827360394bb39 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Sep 29 09:58:05 2015 +0200 vmsvga: more cursor checks Check the cursor size more carefully. Also switch to unsigned while being at it, so they can't be negative. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit b798c1905705e6ab44279d8a9ae41e500756eb1c Author: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Date: Tue Sep 15 15:51:29 2015 +1000 ppc/spapr: Allow VIRTIO_VGA It works fine with the Linux driver out of the box Signed-off-by: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 37bc43f7fbfb38003550b327002e59d21b80a3e4 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Oct 6 15:31:56 2015 +0200 usb-audio: increate default buffer size Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 974826f0ab1efc96cd2f61337ee75bda5cde1c77 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Oct 6 15:31:21 2015 +0200 usb: print device id in "info usb" monitor command Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e206ddfb57e2595cc43ad3667b3becc6bd2ef62d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jul 17 09:12:57 2015 +0200 usb-host: add wakeup call for iso xfers Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit d9460a7557672af9c4d9d4f153200d1075ed5a78 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 16 13:33:07 2015 +0200 virtio-input: ignore events until the guest driver is ready Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e853ea1cc68716c3d9c22d04578020c6dd743306 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Sat Oct 17 10:31:16 2015 -0500 qga: fix uninitialized value warning for win32 Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit a1853dca74362551ec1434b2e15acfcdd53caa99 Author: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Date: Tue Oct 13 18:41:23 2015 +0300 qga: guest-exec simple stdin/stdout/stderr redirection Implemented with base64-encoded strings in qga json protocol. Glib portable GIOChannel is used for data I/O. Optinal stdin parameter of guest-exec command is now used as stdin content for spawned subprocess. If capture-output bool flag is specified, guest-exec redirects out/err file descriptiors internally to pipes and collects subprocess output. Guest-exe-status is modified to return this collected data to requestor in base64 encoding. Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> * switch from 'struct GuestIOExecData' to 'GuestIOExecData' * s/TRUE/true/g, s/FALSE/false/g for gboolean return values * s/inp_data/input_data/ Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit f74df9bfce6d133fc64d6b878327849ed2b89b4b Author: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Date: Tue Oct 13 18:41:22 2015 +0300 qga: handle G_IO_STATUS_AGAIN in ga_channel_write_all() glib may return G_IO_STATUS_AGAIN which is actually not an error. Also fixed a bug when on incomplete write buf pointer was not adjusted. Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 4005b4732e40d3d583510db89ee204b834022d20 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Oct 13 18:41:21 2015 +0300 qga: handle possible SIGPIPE in guest-file-write qemu-ga should not exit on guest-file-write to pipe without read end but proper error code should be returned. The behavior of the spawned process should be default thus SIGPIPE processing should be reset to default after fork() but before exec(). Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit d697e30cfff29a6a72e3197a218294ba52e7f0c6 Author: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Date: Tue Oct 13 18:41:20 2015 +0300 qga: guest exec functionality Guest-exec rewritten in platform-independent style with glib spawn. Child process is spawn asynchronously and exit status can later be picked up by guest-exec-status command. stdin/stdout/stderr of the child now is redirected to /dev/null Later we will add ability to specify stdin in guest-exec command and to get collected stdout/stderr with guest-exec-status. Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> * use g_new0 in place of g_malloc for GuestExec struct * commit msg spelling fixes * s/inp-data/input-data * document capture-input mode as false by default * use GetProcessId() for pids on w32 instead of casting HANDLE Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit b4fe97c8230c34ebd407a9f23894b9c614807540 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Oct 13 18:41:19 2015 +0300 qga: drop guest_file_init helper and replace it with static initializers This just makes code shorter and better. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Yuri Pudgorodskiy <yur@xxxxxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 62c39b307b3a946f9df4f11396bfeced120c040f Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 2 14:58:18 2015 +0200 tests: add a local test for guest agent Add some local guest agent tests, as it is better than nothing, only when CONFIG_POSIX (using unix sockets). With the QGA_TEST_SIDE_EFFECTING environment variable, it will include tests with side effects, such as freezing/thawing the FS or changing the time. (a better test would involve a managed VM (or container), but it might be better to leave that off to autotest/avocado) Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> * use mkdtemp() in placeof g_mkdtemp() for glib 2.22 compat * drop redundant/conflicting compat defines for g_assert_{true,false}, since glib-compat has them now. * build fixes for OSX: use PRId64 instead of glib formats, drop g_spawn_default usage for glib compat * assert connect_qga() doesn't fail * only enable test-qga for linux hosts * allow get-memory-block-info* to fail Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit f693fe6ef402bdcf89b3979bf004c4c5bf646724 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Mon Oct 19 16:38:25 2015 -0500 qga: guest-get-memory-blocks shouldn't fail for unexposed memory blocks Some guests don't expose memory blocks via sysfs at all. This shouldn't be a failure, instead just return an empty list. For other access failures we still report an error. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 8a0b5421a09ab9b9567300c554d3e169f28fc09d Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 2 14:58:17 2015 +0200 glib-compat: add 2.38/2.40/2.46 asserts Those are mostly useful for writing tests. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit dc47995e525c386f893b6e023da6b819f9975ece Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 2 14:58:16 2015 +0200 qtest: add a few fd-level qmp helpers Add a few functions to interact with qmp via a simple fd. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 6eaeae37a5fdd0a1ef88ed9ab4b807669ffc0e2d Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 2 14:58:15 2015 +0200 qga: do not override configuration verbosity Move the default verbosity settings before loading the configuration file, or it will overwrite it. Found thanks to writing qga tests :) Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 8e34bf364ae518503642d28bdd43661090ae21bd Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Oct 2 14:58:14 2015 +0200 qga: add QGA_CONF environment variable Having a environment variable allows to override default configuration path, useful for testing. Note that this can't easily be an argument, since loading config is done before parsing the arguments. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit f3a06403b82c7f036564e4caf18b52ce6885fcfb Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Sep 14 13:50:44 2015 +0200 qga: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit fafcaf1d7434bd3a44a5cd6a98594b3ec12d83de Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Mon Sep 7 18:47:05 2015 -0500 build: qemu-ga: add 'qemu-ga' build target for w32 Currently POSIX builds rely on 'qemu-ga' target to do qga-only distributable build. On w32, as with most standalone binary targets, we rely on 'qemu-ga.exe' target. Unlike with POSIX, qemu-ga for w32 has a number of related targets such as VSS DLL and MSI package. We can do the full distributable qga-only build on w32 with: make qemu-ga.exe or: make msi To make that work, we tie VSS dependencies onto qemu-ga.exe. However, in reality the DLL isn't part of the binary, so we use a filter to pull them out of the LINK recipe, which attempts to link against prereqs for binary targets. Additionally, it could be argued that VSS is a separate distributable, and shouldn't be implied by qemu-ga.exe binary target. To avoid this, we can tie the VSS dependencies only to the 'msi' target, but that would make it impossible to do a qga-only build of the w32 distributable without building the 'msi' package, which was supported in the past. An alternative approach is to add a new target to build the whole distributable. w32 allows us to use the same build target we use on POSIX, 'qemu-ga', since the current binary-only target on w32 is 'qemu-ga.exe'. To further simplify the build, we also make 'qemu-ga' build the MSI package if the appropriate ./configure options are set, making the full qga-only build the same on both POSIX and w32: `make qemu-ga` Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 89a82cd4b6a90fe117fa715e2abe51d5c607560c Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Sep 16 15:33:53 2015 -0700 cpu-exec: Add "nochain" debug flag Respect it to avoid linking TBs together. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 137d63902faf4960081856db9242cbaf234a23af Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Fri Oct 2 13:24:17 2015 +0100 tcg/mips: Support r6 SEL{NE, EQ}Z instead of MOVN/MOVZ Extend MIPS movcond implementation to support the SELNEZ/SELEQZ instructions introduced in MIPS r6 (where MOVN/MOVZ have been removed). Whereas the "MOVN/MOVZ rd, rs, rt" instructions have the following semantics: rd = [!]rt ? rs : rd The "SELNEZ/SELEQZ rd, rs, rt" instructions are slightly different: rd = [!]rt ? rs : 0 First we ensure that if one of the movcond input values is zero that it comes last (we can swap the input arguments if we invert the condition). This is so that it can exactly match one of the SELNEZ/SELEQZ instructions and avoid the need to emit the other one. Otherwise we emit the opposite instruction first into a temporary register, and OR that into the result: SELNEZ/SELEQZ TMP1, v2, c1 SELEQZ/SELNEZ ret, v1, c1 OR ret, ret, TMP1 Which does the following: ret = cond ? v1 : v2 Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-Id: <1443788657-14537-7-git-send-email-james.hogan@xxxxxxxxxx> commit bc6d0c22b09a72897d9db4482076f89e7de97400 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Fri Oct 2 13:24:16 2015 +0100 tcg/mips: Support r6 multiply/divide encodings MIPSr6 adds several new integer multiply, divide, and modulo instructions, and removes several pre-r6 encodings, along with the HI/LO registers which were the implicit operands of some of those instructions. Update TCG to use the new instructions when built for r6. The new instructions actually map much more directly to the TCG ops, as they only provide a single 32-bit half of the result and in a normal general purpose register instead of HI or LO. The mulu2_i32 and muls2_i32 operations are no longer appropriate for r6, so they are removed from the TCG opcode table. This is because they would need to emit two separate host instructions anyway (for the high and low half of the result), which TCG can arrange automatically for us in the absense of mulu2_i32/muls2_i32 by splitting it into mul_i32 and mul*h_i32 TCG ops. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-Id: <1443788657-14537-6-git-send-email-james.hogan@xxxxxxxxxx> commit 6e0d096989be52c2b945fc83a9bd15d887bbdb47 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Fri Oct 2 13:24:15 2015 +0100 tcg/mips: Support r6 JR encoding MIPSr6 encodes JR as JALR with zero as the link register, and the pre-r6 JR encoding is removed. Update TCG to use the new encoding when built for r6. We still use the old encoding for pre-r6, so as not to confuse return prediction stack hardware which may detect only particular encodings of the return instruction. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-Id: <1443788657-14537-5-git-send-email-james.hogan@xxxxxxxxxx> commit ce14bd4d469f3a14f6cbfceb6360aee066a60d72 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Fri Oct 2 13:24:14 2015 +0100 tcg/mips: Add use_mips32r6_instructions definition Add definition use_mips32r6_instructions to the MIPS TCG backend which is constant 1 when built for MIPS release 6. This will be used to decide between pre-R6 and R6 instruction encodings. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-Id: <1443788657-14537-4-git-send-email-james.hogan@xxxxxxxxxx> commit d76f36535099b5d3d880c5e3ac1d411420c8a086 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Fri Oct 2 13:24:13 2015 +0100 disas/mips: Add R6 jr/jr.hb to disassembler MIPS r6 encodes jr as jalr zero, and jr.hb as jalr.hb zero, so add these encodings to the MIPS disassembly table. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-Id: <1443788657-14537-3-git-send-email-james.hogan@xxxxxxxxxx> commit c0e40dbdcc291c85faa289a53be60b7b1b7c7598 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Fri Oct 2 13:24:12 2015 +0100 tcg-opc.h: Simplify insn_start def We already have a TLADDR_ARGS definition, so rearrange the order slightly and use it in the definition of insn_start, instead of having an #ifdef. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-Id: <1443788657-14537-2-git-send-email-james.hogan@xxxxxxxxxx> commit 1e1df962e325e18a5188c4814cd1a10215a48f79 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Oct 2 22:41:01 2015 +0000 tcg/ppc: Prefer mask over andi. Prefer the instruction that isn't required to modify cr0. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 5bfd75a35c11dd3aa61c73d0d2cd88137c31519c Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Oct 2 22:25:28 2015 +0000 tcg/ppc: Revise goto_tb implementation Restrict the size of code_gen_buffer to 2GB on ppc64, which lets us assert that everything is reachable with addis+addi from tb_ret_addr. This lets us use a max of 4 insns for goto_tb instead of 7. Emit the indirect branch portion of goto_tb up front, which means we only have to update two insns to update any link. With a 64-bit store, we can update the link atomically, which may be required in future. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 70f897bdc4ce4101ec008317d43090f532bfb07d Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Oct 2 21:09:54 2015 +0000 tcg/ppc: Adjust exit_tb for change in prologue placement Changing the prologue to the beginning of the code_gen_buffer changes the direction of the "return" branch. Need to change the logic to match. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2cc06a8843ace3d03464032eb3c74bc6e2b07579 Author: Kevin O'Connor <kevin@xxxxxxxxxxxx> Date: Thu Oct 8 17:02:58 2015 +0200 fw_cfg: Define a static signature to be returned on DMA port reads Return a static signature ("QEMU CFG") if the guest does a read to the DMA address io register. Signed-off-by: Kevin O'Connor <kevin@xxxxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit c886fc4c20ff8456b2f788a1404dd321b8b59243 Author: Marc Marà <markmb@xxxxxxxxxx> Date: Thu Oct 8 17:02:57 2015 +0200 Enable fw_cfg DMA interface for x86 Enable the fw_cfg DMA interface for all the x86 platforms. Based on Gerd Hoffman's initial implementation. Signed-off-by: Marc Marà <markmb@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 0b341a85ca873cfc4faddbf9012c4c5da1b675bc Author: Marc Marà <markmb@xxxxxxxxxx> Date: Thu Oct 8 17:02:56 2015 +0200 Enable fw_cfg DMA interface for ARM Enable the fw_cfg DMA interface for the ARM virt machine. Based on Gerd Hoffman's initial implementation. Signed-off-by: Marc Marà <markmb@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit a4c0d1deb785611c96a455f65ec032976b00b36f Author: Marc Marà <markmb@xxxxxxxxxx> Date: Thu Oct 8 17:02:55 2015 +0200 Implement fw_cfg DMA interface Based on the specifications on docs/specs/fw_cfg.txt This interface is an addon. The old interface can still be used as usual. Based on Gerd Hoffman's initial implementation. Signed-off-by: Marc Marà <markmb@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit c9eae1d4b93695d98fa5306a28b7fb7acc34ae67 Author: Marc Marà <markmb@xxxxxxxxxx> Date: Thu Oct 8 17:02:54 2015 +0200 fw_cfg DMA interface documentation Add fw_cfg DMA interface specification in the documentation. Based on Gerd Hoffman's initial implementation. Signed-off-by: Marc Marà <markmb@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 57c3d238a5ff7e7ad7aba098b5d55d8d89c2a6a1 Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Thu Oct 8 17:02:53 2015 +0200 fw_cfg: document fw_cfg_modify_iXX() update functions Document the behavior of fw_cfg_modify_iXX() for leak-less updating of integer-type blobs. Currently only fw_cfg_modify_i16() is coded, but 32- and 64-bit versions may be added later if necessary.. Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 6407d76eb4e5b5dd4af8613cef0162f31ff739ed Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Tue Sep 29 12:29:01 2015 -0400 fw_cfg: insert string blobs via qemu cmdline Allow users to provide custom fw_cfg blobs with ascii string payloads specified directly on the qemu command line. Suggested-by: Jordan Justen <jordan.l.justen@xxxxxxxxx> Suggested-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Message-id: 1443544141-26568-1-git-send-email-somlo@xxxxxxx Reviewd-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 26c7be842637ee65a79cd77f96a99c23ddcd90ad Merge: 526d580 dbb7405 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Oct 19 12:13:27 2015 +0100 Merge remote-tracking branch 'remotes/sstabellini/tags/2015-10-19-tag' into staging Xen 2015-10-19 # gpg: Signature made Mon 19 Oct 2015 11:24:05 BST using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>" * remotes/sstabellini/tags/2015-10-19-tag: xen-platform: Ensure xen is enabled when initializing pc: Require xen when initializing xenfv machine Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dbb7405d8caad0814ceddd568cb49f163a847561 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Sep 28 17:01:24 2015 -0300 xen-platform: Ensure xen is enabled when initializing The xen-platform code crashes on reset if the xen backend is not initialized, because it calls xc_hvm_set_mem_type(). Ensure xen-platform won't be created without initializing the xen backend. The assert can't be triggered by the user because the device is not hotpluggable, and the only code creating it (at pc_xen_hvm_init()) already checks xen_enabled(). Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit a88ae0d44b6b5830b752641b2198735272f13eaf Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Sep 28 17:01:23 2015 -0300 pc: Require xen when initializing xenfv machine Without this check, the xen-platform device will crash on reset if using the accel option with anything other than xen (e.g. "-machine xenfv,accel=kvm"). Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 526d5809a0714edc7f19196f14ec2e607dbd9753 Merge: aedc880 1c4a55d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Oct 19 10:52:39 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * KVM page size fix for PPC * Support for Linux 4.4's new Hyper-V features * Eliminate g_slice from areas I maintain * checkpatch fix * Peter's cpu_reload_memory_map() cleanups * More changes to MAINTAINERS * Require Python 2.6 * chardev creation fixes * PCI requester id for ARM KVM * cleanups and doc fixes * Allow customization of the Hyper-V vendor id # gpg: Signature made Mon 19 Oct 2015 09:13:10 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" * remotes/bonzini/tags/for-upstream: (49 commits) kvm: Allow the Hyper-V vendor ID to be specified kvm: Move x86-specific functions into target-i386/kvm.c kvm: Pass PCI device pointer to MSI routing functions hw/pci: Introduce pci_requester_id() kvm: Make KVM_CAP_SIGNAL_MSI globally available doc/rcu: fix g_free_rcu() usage example qemu-char: cleanup after completed conversion to cd->create qemu-char: convert ringbuf backend to data-driven creation qemu-char: convert vc backend to data-driven creation qemu-char: convert spice backend to data-driven creation qemu-char: convert console backend to data-driven creation qemu-char: convert stdio backend to data-driven creation qemu-char: convert testdev backend to data-driven creation qemu-char: convert braille backend to data-driven creation qemu-char: convert msmouse backend to data-driven creation qemu-char: convert mux backend to data-driven creation qemu-char: convert null backend to data-driven creation qemu-char: convert pty backend to data-driven creation qemu-char: convert UDP backend to data-driven creation qemu-char: convert socket backend to data-driven creation ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit aedc8806172dd1ae904f04169ee3b19fce1d7893 Merge: 40fe17b 8307c29 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Oct 19 10:06:56 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-audio-20151019-1' into staging Remove macros IO_READ_PROTO and IO_WRITE_PROTO # gpg: Signature made Mon 19 Oct 2015 09:19:21 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-audio-20151019-1: Remove macros IO_READ_PROTO and IO_WRITE_PROTO Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1c4a55dbed9a47fde9294f7de6c8bb060d874c88 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Fri Oct 16 09:38:22 2015 -0600 kvm: Allow the Hyper-V vendor ID to be specified According to Microsoft documentation, the signature in the standard hypervisor CPUID leaf at 0x40000000 identifies the Vendor ID and is for reporting and diagnostic purposes only. We can therefore allow the user to change it to whatever they want, within the 12 character limit. Add a new hv-vendor-id option to the -cpu flag to allow for this, ex: -cpu host,hv_time,hv-vendor-id=KeenlyKVM Link: http://msdn.microsoft.com/library/windows/hardware/hh975392 Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> Message-Id: <20151016153356.28104.48612.stgit@xxxxxxxxxx> [Adjust error message to match the property name, use error_report. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 28143b409f698210d85165ca518235ac7e7c5ac5 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu Oct 15 20:30:20 2015 +0200 kvm: Move x86-specific functions into target-i386/kvm.c The functions for checking xcrs, xsave and pit_state2 are only used on x86, so they should reside in target-i386/kvm.c. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Message-Id: <1444933820-6968-1-git-send-email-thuth@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit dc9f06ca81e6e16d062ec382701142a3a2ab3f7d Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Oct 15 16:44:52 2015 +0300 kvm: Pass PCI device pointer to MSI routing functions In-kernel ITS emulation on ARM64 will require to supply requester IDs. These IDs can now be retrieved from the device pointer using new pci_requester_id() function. This patch adds pci_dev pointer to KVM GSI routing functions and makes callers passing it. x86 architecture does not use requester IDs, but hw/i386/kvm/pci-assign.c also made passing PCI device pointer instead of NULL for consistency with the rest of the code. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Message-Id: <ce081423ba2394a4efc30f30708fca07656bc500.1444916432.git.p.fedin@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit a05f686ff39c373384772b01f1b7fc71e7eb2500 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Oct 15 16:44:51 2015 +0300 hw/pci: Introduce pci_requester_id() For GICv3 ITS implementation we are going to use requester IDs in KVM IRQ routing code. This patch introduces reusable convenient way to obtain this ID from the device pointer. The new function is now used in some places, where the same calculation was used. MemTxAttrs.stream_id also renamed to requester_id in order to better reflect semantics of the field. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-Id: <5814bcb03a297f198e796b13ed9c35059c52f89b.1444916432.git.p.fedin@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 50bf31b9379cf88c4fe92ec477fdc56f89d1af94 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Oct 15 16:44:50 2015 +0300 kvm: Make KVM_CAP_SIGNAL_MSI globally available This capability is useful to determine whether we can use KVM ITS emulation on ARM Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Message-Id: <ff4ccb09b837d37defd639b885526949a25276de.1444916432.git.p.fedin@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9bda456e419273199221625894003bf9307d8451 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Wed Oct 14 18:46:44 2015 +0300 doc/rcu: fix g_free_rcu() usage example The first argument of g_free_rcu() is a pointer to a structure. But foo_reclaim is used as a function name in the previous example along with &foo as a pointer to the structure being reclaimed. Make the example consistent with the previous one. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-Id: <1444837604-13712-1-git-send-email-serge.fdrv@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 1c3af0f4f04bd6e6729783a48bb51ca1eb5c3baf Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 09:51:41 2015 +0200 qemu-char: cleanup after completed conversion to cd->create All backends now return errors through Error*, so the "Failed to create chardev" placeholder error can only be reached if the backend is not available (and only from the chardev-add QMP command; instead, the -chardev command line option fails earlier). Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 479f09a130f774b0275134b5c44081ea71fe00b3 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:51:14 2015 +0200 qemu-char: convert ringbuf backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fa19d02539a56ac20d03b2eef775be7ffcdd695a Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:49:06 2015 +0200 qemu-char: convert vc backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 68145e178ac200a27b5f0ab342da80cf60ddd576 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:45:47 2015 +0200 qemu-char: convert spice backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 122e5ed4412cadce2d44a5f636e4d1bfc67c534b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:42:04 2015 +0200 qemu-char: convert console backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8c84b25d975870bbed2e089fe61e037c58a69854 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:40:28 2015 +0200 qemu-char: convert stdio backend to data-driven creation The backend now always returns errors via the Error* argument. This avoids a double error message. Before: qemu-system-x86_64: -chardev stdio,id=base: cannot use stdio with -daemonize qemu-system-x86_64: -chardev stdio,id=base: Failed to create chardev After: qemu-system-x86_64: -chardev stdio,id=base: cannot use stdio with -daemonize Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0498790173e462ac3a7e4e0f3608704b8382dd10 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:33:42 2015 +0200 qemu-char: convert testdev backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e47666b8d1f0a7043d53671587058b3ce539b09d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:31:26 2015 +0200 qemu-char: convert braille backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 96d885b93b47243d2fc6ee826abaa8c0017282c9 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:29:15 2015 +0200 qemu-char: convert msmouse backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3c0e5a4a845c9e2823c9060631eeefebabc2f093 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:27:24 2015 +0200 qemu-char: convert mux backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0d64992b5dfe099b170a0b19922833cc82745620 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:24:29 2015 +0200 qemu-char: convert null backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c2e75a432b907562cf93772b7d058d1ec8a8f8f1 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:23:42 2015 +0200 qemu-char: convert pty backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e79b80daa252ffb4bc5c84c836714eb45ab3bb68 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:17:20 2015 +0200 qemu-char: convert UDP backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit dbba8d1be3db5a52cfe200f219fbf8840d75cb14 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:15:53 2015 +0200 qemu-char: convert socket backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 20cbe7a27980ef7e2ecd307cd210fc23b3f0762e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:14:07 2015 +0200 qemu-char: convert pipe backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 38bfb1a63d05d000f128ea740442955070d9ff57 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 09:49:28 2015 +0200 qemu-char: convert parallel backend to data-driven creation Conversion to Error * brings better error messages; before: qemu-system-x86_64: -chardev id=serial,backend=parallel,path=vl.c: Failed to create chardev After: qemu-system-x86_64: -chardev id=serial,backend=parallel,path=vl.c: not a parallel port: Inappropriate ioctl for device Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8307c294a355bbf3c5352e00877365b0cda66d52 Author: Nutan Shinde <nutanshinde1992@xxxxxxxxx> Date: Wed Oct 7 22:02:54 2015 +0530 Remove macros IO_READ_PROTO and IO_WRITE_PROTO Signed-off-by: Nutan Shinde <nutanshinde1992@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 40fe17bea478793fc9106a630fa3610dad51f939 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 16 17:19:35 2015 +0100 hw/ide/ahci.c: Fix shift left into sign bit Avoid undefined behaviour from shifting left into the sign bit: hw/ide/ahci.c:551:36: runtime error: left shift of 255 by 24 places cannot be represented in type 'int' (Unfortunately C's promotion rules mean that in the expression "some_uint8_t_variable << 24" the LHS gets promoted to signed int before shifting.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> commit 7df953bd456da45f761064974820ab5c3fd7b2aa Author: Knut Omang <knut.omang@xxxxxxxxxx> Date: Sun Oct 4 15:48:50 2015 +0200 intel_iommu: Add support for translation for devices behind bridges - Use a hash table indexed on bus pointers to store information about buses instead of using the bus numbers. Bus pointers are stored in a new VTDBus struct together with the vector of device address space pointers indexed by devfn. - The bus number is still used for lookup for selective SID based invalidate, in which case the bus number is lazily resolved from the bus hash table and cached in a separate index. Signed-off-by: Knut Omang <knut.omang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c737c7a608f4cd2c06e6600303845c4b469822c5 Merge: 6d57410 6b826af Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sat Oct 17 22:14:52 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches # gpg: Signature made Fri 16 Oct 2015 14:36:50 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: (29 commits) blkdebug: Don't confuse image as backing file qcow2: Remove forward declaration of QCowAIOCB qemu-nbd: always compile in --aio=MODE option blockdev: always compile in -drive aio= parsing raw-posix: warn about BDRV_O_NATIVE_AIO if libaio is unavailable block: auto-generated node-names util - add automated ID generation utility blkverify: Fix BDS leak in .bdrv_open error path block: Allow bdrv_unref_child(bs, NULL) block: Remove bdrv_swap() block: Add and use bdrv_replace_in_backing_chain() blockjob: Store device name at job creation block: Implement bdrv_append() without bdrv_swap() block: Introduce parents list block-backend: Add blk_set_bs() block/io: Make bdrv_requests_pending() public block: Split bdrv_move_feature_fields() block: Manage backing file references in bdrv_set_backing_hd() block: Convert bs->backing_hd to BdrvChild block: Remove bdrv_open_image() ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6d57410a79d51d92673c54f26624b44f27fa6214 Merge: 9c1f5bb 5d98bf8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sat Oct 17 12:31:33 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20151016' into staging target-arm queue: * break TBs after ISB instructions * more support code for future implementation of EL2 and 64-bit EL3 * tell guest if KVM is enabled in SMBIOS version string * implement OSLAR/OSLSR system registers * provide better help text for Sharp PDA machine names * rename imx25_pdk to imx25-pdk (since it has never been released with the underscore-version name) * fix MMIO writes in zynq_slcr * implement MDCR_EL2 * virt: allow the guest to configure PCI BARs with zero PCI addresses * fix breakpoint handling code # gpg: Signature made Fri 16 Oct 2015 14:56:15 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20151016: target-arm: Fix CPU breakpoint handling target-arm: Fix GDB breakpoint handling target-arm: implement arm_debug_target_el() hw/arm/virt: Allow zero address for PCI IO space target-arm: Add MDCR_EL2 misc: zynq_slcr: Fix MMIO writes arm: imx25-pdk: Fix machine name target-arm: Provide model numbers for Sharp PDAs target-arm: Implement AArch64 OSLAR/OSLSR_EL1 sysregs hw/arm/virt: smbios: inform guest of kvm target-arm: Avoid calling arm_el_is_aa64() function for unimplemented EL target-arm: Break the TB after ISB to execute self-modified code correctly target-arm: Add missing 'static' attribute Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9c1f5bbc739f3278353becf94839551afed0fdbd Merge: 61f7901 468a895 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 16 19:11:59 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20151016' into staging cocoa queue: * fixes for compiler warnings * fix mouse cursor flickering # gpg: Signature made Fri 16 Oct 2015 11:09:46 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-cocoa-20151016: ui/cocoa.m: blinky mouse cursor fix ui/cocoa.m: addRemovableDevicesMenuItems() warning fix ui/cocoa.m: eliminate normalWindow warning Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 61f7901bb8a7f2f2503b5b025c4c33dbeac9cf5b Merge: e95bdb4 99df528 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 16 17:13:05 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-10-15' into staging QAPI patches # gpg: Signature made Thu 15 Oct 2015 07:40:46 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-10-15: qapi: Track location that created an implicit type qapi: Create simple union type member earlier qapi: Lazy creation of array types qapi: Don't use info as witness of implicit object type qapi: Drop redundant args-member-array test qapi: Drop redundant flat-union-reverse-define test qapi: Drop redundant returns-int test qapi: Move empty-enum to compile-time test qapi: Drop redundant alternate-good test qapi: Prepare for errors during check() qapi: Use predicate callback to determine visit filtering qapi: Fix regression with '-netdev help' Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e95bdb4341c36ee158ff9dda4ade3f94405c69ce Merge: c49d341 60be634 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 16 15:47:59 2015 +0100 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20151015' into staging migration/next for 20151015 # gpg: Signature made Thu 15 Oct 2015 07:25:27 BST using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20151015: migration: fix deadlock migration: announce VM's new home just before VM is runnable Migration: Generate the completed event only when we complete Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5d98bf8f38c17a348ab6e8af196088cd4953acd0 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Tue Oct 13 12:56:28 2015 +0300 target-arm: Fix CPU breakpoint handling A QEMU breakpoint match is not definitely an architectural breakpoint match. If an exception is generated unconditionally during translation, it is hardly possible to ignore it in the debug exception handler. Generate a call to a helper to check CPU breakpoints and raise an exception only if any breakpoint matches architecturally. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e63a2d4d9ed73e33a0b7483085808048be8bbcb1 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Tue Oct 13 12:56:27 2015 +0300 target-arm: Fix GDB breakpoint handling GDB breakpoints have higher priority so they have to be checked first. Should GDB breakpoint match, just return from the debug exception handler. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6b826af7b010ed1963b1e7bfb5c389dcdbaff222 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Oct 16 18:46:04 2015 +0800 blkdebug: Don't confuse image as backing file The word "backing file" nowadays refers to the backing_hd in the external snapshot sense (i.e. bs->backing_hd), instead of the file sense (bs->file). Correct the comment to use the right term. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e394621fbda0d9f69df2c9eab73ad5a5189805bb Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Fri Jul 10 22:19:23 2015 +0200 qcow2: Remove forward declaration of QCowAIOCB This struct doesn't exist any more since commit 3fc48d09 in August 2011, it's about time to remove its forward declaration. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit bb628e1af8b8b5ecf6420e50123cb696ee18b09f Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Jul 23 13:48:36 2015 +0100 qemu-nbd: always compile in --aio=MODE option The --aio=MODE option enables Linux AIO or Windows overlapped I/O. The #ifdef CONFIG_LINUX_AIO was a layering violation that also prevented Windows overlapped I/O from being used. Now that raw-posix.c prints an error when Linux AIO has not been compiled in, we can unconditionally compile the option into qemu-nbd. After this patch qemu-nbd --aio=native works on Windows. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 04d71322c1cf6f527f15397c76bc088ebda7c18b Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Jul 23 13:48:35 2015 +0100 blockdev: always compile in -drive aio= parsing CONFIG_LINUX_AIO is an implementation detail of raw-posix.c. Don't mention CONFIG_LINUX_AIO in blockdev.c. Let block drivers decide what to do with BDRV_O_NATIVE_AIO. They may print an error if it is unsupported. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 1501ecc1d89231164b4aecddd0219ed4395b693a Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Jul 23 13:48:34 2015 +0100 raw-posix: warn about BDRV_O_NATIVE_AIO if libaio is unavailable raw-posix.c silently ignores BDRV_O_NATIVE_AIO if libaio is unavailable. It is confusing when aio=native performance is identical to aio=threads because the binary was accidentally built without libaio. Print a deprecation warning if -drive aio=native is used with a binary that does not support libaio. There are probably users using aio=native who would be inconvenienced if QEMU suddenly refused to start their guests. In the future this will become an error. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 15489c769b9a4b3bec5b5848af2960689d7b4bd8 Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Mon Oct 12 19:36:50 2015 -0400 block: auto-generated node-names If a node-name is not specified, automatically generate the node-name. Generated node-names will use the "block" sub-system identifier. Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a0f1913637e6cd711aa721233b75eb2ec84d017b Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Mon Oct 12 19:36:49 2015 -0400 util - add automated ID generation utility Multiple sub-systems in QEMU may find it useful to generate IDs for objects that a user may reference via QMP or HMP. This patch presents a standardized way to do it, so that automatic ID generation follows the same rules. This patch enforces the following rules when generating an ID: 1.) Guarantee no collisions with a user-specified ID 2.) Identify the sub-system the ID belongs to 3.) Guarantee of uniqueness 4.) Spoiling predictability, to avoid creating an assumption of object ordering and parsing (i.e., we don't want users to think they can guess the next ID based on prior behavior). The scheme for this is as follows (no spaces): # subsys D RR Reserved char --| | | | Subsystem String ----| | | Unique number (64-bit) --| | Two-digit random number ---| For example, a generated node-name for the block sub-system may look like this: #block076 The caller of id_generate() is responsible for freeing the generated node name string with g_free(). Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7e39d3a2dd34a84900e10b4ea1567f3b352659af Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Oct 13 14:15:53 2015 +0200 blkverify: Fix BDS leak in .bdrv_open error path Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> commit 779020cbdc67011026c10fb620f701bfc6b85547 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Oct 13 14:09:44 2015 +0200 block: Allow bdrv_unref_child(bs, NULL) bdrv_unref() can be called with a NULL argument and doesn't do anything then. Make bdrv_unref_child() consistent with it. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> commit 8e419aefa07ca8e640f8db50b450378e84d60a11 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Sep 16 16:18:38 2015 +0200 block: Remove bdrv_swap() bdrv_swap() is unused now. Remove it and all functions that have no other users than bdrv_swap(). In particular, this removes the .bdrv_rebind callbacks from block drivers. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 3f09bfbc7bee812a44838f4c8b254007a9b86cab Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Sep 15 11:58:23 2015 +0200 block: Add and use bdrv_replace_in_backing_chain() This cleans up the mess we left behind in the mirror code after the previous patch. Instead of using bdrv_swap(), just change pointers. The interface change of the mirror job that callers must consider is that after job completion, their local BDS pointers still point to the same node now. qemu-img must change its code accordingly (which makes it easier to understand); the other callers stays unchanged because after completion they don't do anything with the BDS, but just with the job, and the job is still owned by the source BDS. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 8ccb9569a976056c9594bb720ba33d84827648d9 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Sep 16 13:34:54 2015 +0200 blockjob: Store device name at job creation Some block jobs change the block device graph on completion. This means that the device that owns the job and originally was addressed with its device name may no longer be what the corresponding BlockBackend points to. Previously, the effects of bdrv_swap() ensured that the job was (at least partially) transferred to the target image. Events that contain the device name could still use bdrv_get_device_name(job->bs) and get the same result. After removing bdrv_swap(), this won't work any more. Instead, save the device name at job creation and use that copy for QMP events and anything else identifying the job. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit dd62f1ca433ea60b06590884642ad2c8f8e539f2 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Jun 18 14:09:57 2015 +0200 block: Implement bdrv_append() without bdrv_swap() Remember all parent nodes and just change the pointers there instead of swapping the contents of the BlockDriverState. Handling of snapshot=on must be moved further down in bdrv_open() because *pbs (which is the bs pointer in the BlockBackend) must already be set before bdrv_append() is called. Otherwise bdrv_append() changes the BB's pointer to the temporary snapshot, but bdrv_open() overwrites it with the read-only original image. We also need to be careful to update callers as the interface changes (becomes less insane): Previously, the meaning of the two parameters was inverted when bdrv_append() returns. Now any BDS pointers keep pointing to the same node. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d42a8a935b8b2d567331fffa13a70918352668bb Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Sep 17 13:18:23 2015 +0200 block: Introduce parents list Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a2d6190048d01c7012ab4fd6a2558f435b7b2fe8 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Sep 17 13:01:50 2015 +0200 block-backend: Add blk_set_bs() It allows changing the BlockDriverState that a BlockBackend points to. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 439db28cf9d4c29c9a97040bc8e08f047ba7e0af Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Sep 16 16:08:17 2015 +0200 block/io: Make bdrv_requests_pending() public Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 063dd40e110eba7fffff09850ea9116b8dee2ae6 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Sep 17 12:33:26 2015 +0200 block: Split bdrv_move_feature_fields() After bdrv_swap(), some fields must be moved back to their original BDS to compensate for the effects that a swap of the contents of the objects has while keeping the old addresses. Other fields must be moved back because they should logically be moved and must stay on top When replacing bdrv_swap() with operations changing the pointers in the parents, we only need the latter and must avoid swapping the former. Split the function accordingly. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5db15a57697063b9062a015dbc6d5d38211f2df1 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Sep 14 15:33:33 2015 +0200 block: Manage backing file references in bdrv_set_backing_hd() This simplifies the code somewhat, especially when dropping whole backing file subchains. The exception is the mirroring code that does adventurous things with bdrv_swap() and in order to keep it working, I had to duplicate most of bdrv_set_backing_hd() locally. We'll get rid again of this ugliness shortly. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 760e006384ecd5b8b8b1b91b5c85ff8fdcb3a21f Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Jun 17 14:55:21 2015 +0200 block: Convert bs->backing_hd to BdrvChild This is the final step in converting all of the BlockDriverState pointers that block drivers use to BdrvChild. After this patch, bs->children contains the full list of child nodes that are referenced by a given BDS, and these children are only referenced through BdrvChild, so that updating the pointer in there is enough for changing edges in the graph. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b26e90f56ad3a494ee6337d2075f4dc55b62b3c6 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Jun 16 16:23:54 2015 +0200 block: Remove bdrv_open_image() It is unused now. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 9a4f4c31563b96a075f3deae83e72c726e0c84f8 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Jun 16 14:19:22 2015 +0200 block: Convert bs->file to BdrvChild This patch removes the temporary duplication between bs->file and bs->file_child by converting everything to BdrvChild. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 0bd6e91a7e00129764afb9bed83ae5519e18a111 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Jun 16 11:29:22 2015 +0200 quorum: Convert to BdrvChild Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 3e586be0b2b772394d6ed68c5b5a6da5cbbfe08b Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Jun 16 11:13:47 2015 +0200 blkverify: Convert s->test_file to BdrvChild Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 24bc15d1f6429dac0de47348b4b302855360c492 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Jun 15 13:50:20 2015 +0200 vmdk: Use BdrvChild instead of BDS for references to extents Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1fdd69330872ef91d92482472eef79350d2f379b Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Jun 15 14:11:51 2015 +0200 block: Introduce BDS.file_child Store the BdrvChild for bs->file. At this point, bs->file_child->bs just duplicates the bs->file pointer. Later, it will completely replace it. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 68e517a8d7d89298235913a514af70364e559b78 Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Mon Oct 12 20:18:07 2015 -0400 block: qemu-iotests - fix vmdk test 059.out In commit fe646693acc13ac48b98435d14149ab04dc597bc, the option printout format changed. This updates the VMDK test 059.out to the correct output. Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a910523a244c10d6c458e1415f35a92c3b11387f Author: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Date: Fri Oct 2 14:12:34 2015 +0200 qmp-commands.hx: Update the supported 'transaction' operations Although the canonical source of reference for QMP commands is qapi-schema.json, for consistency's sake, update qmp-commands.hx to state the list of supported transactionable operations, namely: drive-backup blockdev-backup blockdev-snapshot-internal-sync abort block-dirty-bitmap-add block-dirty-bitmap-clear Also update the possible values for the "type" action array. Signed-off-by: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 317438e6dba5d7bb44bd867c10993c54b927992b Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Thu Sep 17 17:33:06 2015 +0300 throttle: test that snapshots move the throttling configuration If a snapshot is performed on a device that has I/O limits they should be moved to the target image (the new active layer). Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit efd0fbbcf5d28b18fc629681e3bc8bee1bfadd9a Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Sep 28 17:23:00 2015 +0300 iotests: disable core dumps in test 061 Commit 934659c460 disabled the supression of segmentation faults in bash tests. The new output of test 061, however, assumes that a core dump will be produced if a program aborts. This is not necessarily the case because core dumps can be disabled using ulimit. Since we cannot guarantee that abort() will produce a core dump, we should use SIGKILL instead (that does not produce any) and update the test output accordingly. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 81669b8b81eb450d7b89ee5fdd57bdb73d87022d Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Mon Sep 14 13:53:48 2015 +0300 target-arm: implement arm_debug_target_el() Implement debug exception routing according to ARM ARM D2.3.1 Pseudocode description of routing debug exceptions. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 74de8c356844080fcabc3a44b08b9d22feda691f Author: Alexander Gordeev <agordeev@xxxxxxxxxx> Date: Fri Oct 16 11:14:54 2015 +0100 hw/arm/virt: Allow zero address for PCI IO space Currently PCI IO address 0 is not allowed even though the IO space starts from 0. This update makes PCI IO address 0 usable. CC: Peter Maydell <peter.maydell@xxxxxxxxxx> CC: Andrew Jones <drjones@xxxxxxxxxx> Signed-off-by: Alexander Gordeev <agordeev@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 14cc7b54372995a6ba72c7719372e4f710fc9b5a Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Fri Oct 16 11:14:54 2015 +0100 target-arm: Add MDCR_EL2 Add the MDCR_EL2 register. We don't implement any of the debug-related traps this register controls yet, so currently it simply reads back as written. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1444383794-16767-1-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> [PMM: tweaked commit message; moved non-dummy definition from debug_cp_reginfo to el2_cp_reginfo.] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c209b0537203c58a051e5d837320335cea23e494 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Fri Oct 16 11:14:53 2015 +0100 misc: zynq_slcr: Fix MMIO writes The /4 for offset calculation in MMIO writes was happening twice giving wrong write offsets. Fix. While touching the code, change the if-else to be a short returning if and convert the debug message to a GUEST_ERROR, which is more accurate for this condition. Cc: qemu-stable@xxxxxxxxxx Cc: Guenter Roeck <linux@xxxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b64d64de1a5b88de88146e3ad36e7b09b97837eb Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Fri Oct 16 11:14:53 2015 +0100 arm: imx25-pdk: Fix machine name ARM uses dashes instead of underscores for machine names. Fix imx25_pdk which has not seen a release yet (so there is no legacy yet). Cc: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 1444445785-3648-1-git-send-email-crosthwaite.peter@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> [PMM: Added change to tests/ds1338-test.c to use new machine name] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ad1e8db894fa055ffa9447a5d86520ef1cbac6e9 Author: Ryo ONODERA <ryo_on@xxxxxxxxxxxx> Date: Fri Oct 16 11:14:53 2015 +0100 target-arm: Provide model numbers for Sharp PDAs * For Collie, Akita, Spitz, Borzoi, Terrier and Tosa PDAs, provide model numbers and manufacturer (Sharp) information. Signed-off-by: Ryo ONODERA <ryo_on@xxxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1424ca8d4320427c3e93722b65e19077969808a2 Author: Davorin Mista <davorin.mista@xxxxxxxxxx> Date: Fri Oct 16 11:14:53 2015 +0100 target-arm: Implement AArch64 OSLAR/OSLSR_EL1 sysregs Added oslar_write function to OSLAR_EL1 sysreg, using a status variable in ARMCPUState.cp15 struct (oslsr_el1). This variable is also linked to the newly added read-only OSLSR_EL1 register. Linux reads from this register during its suspend/resume procedure. Signed-off-by: Davorin Mista <davorin.mista@xxxxxxxxxx> [PMM: folded a long line and tweaked a comment] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bab27ea2e3855b6495a743f19b9d28cb013443ea Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Fri Oct 16 11:14:53 2015 +0100 hw/arm/virt: smbios: inform guest of kvm ARM/AArch64 KVM guests don't have any way to identify themselves as KVM guests (x86 guests use a CPUID leaf). Now, we could discuss all sorts of reasons why guests shouldn't need to know that, but then there's always some case where it'd be nice... Anyway, now that we have SMBIOS tables in ARM guests, it's easy for the guest to know that it's a QEMU instance. This patch takes that one step further, also identifying KVM, when appropriate. Again, we could debate why generally nothing should care whether it's of type QEMU or QEMU/KVM, but again, sometimes it's nice to know... Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> Reviewed-by: Wei Huang <wei@xxxxxxxxxx> Message-id: 1443017892-15567-1-git-send-email-drjones@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2cde031f5a34996bab32571a26b1a6bcf3e5b5d9 Author: Sergey Sorokin <afarallax@xxxxxxxxx> Date: Fri Oct 16 11:14:52 2015 +0100 target-arm: Avoid calling arm_el_is_aa64() function for unimplemented EL It is incorrect to call arm_el_is_aa64() function for unimplemented EL. This patch fixes several attempts to do so. Signed-off-by: Sergey Sorokin <afarallax@xxxxxxxxx> [PMM: Reworked several of the comments to be more verbose.] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6df99dec9e81838423d723996e96236693fa31fe Author: Sergey Sorokin <afarallax@xxxxxxxxx> Date: Fri Oct 16 11:14:52 2015 +0100 target-arm: Break the TB after ISB to execute self-modified code correctly If any store instruction writes the code inside the same TB after this store insn, the execution of the TB must be stopped to execute new code correctly. As described in ARMv8 manual D3.4.6 self-modifying code must do an IC invalidation to be valid, and an ISB after it. So it's enough to end the TB after ISB instruction on the code translation. Also this TB break is necessary to take any pending interrupts immediately after an ISB (as required by ARMv8 ARM D1.14.4). Signed-off-by: Sergey Sorokin <afarallax@xxxxxxxxx> [PMM: tweaked commit message and comments slightly] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 82c39f6a8898b028515eddcdbc4ae50959d0af5d Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Fri Oct 16 11:14:52 2015 +0100 target-arm: Add missing 'static' attribute Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Message-id: 1443213733-9807-1-git-send-email-sw@xxxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 468a895bce1492cf83bb8be0d995ccdfcf4f2785 Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Tue Oct 13 21:51:18 2015 +0100 ui/cocoa.m: blinky mouse cursor fix The mouse cursor can become blinky when being moved a lot. This patch fixes that problem by issuing the redraw sooner. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Message-id: AAA87DD7-EC20-4F4B-B71E-C38461D9FCBA@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a7940ec0af4be5d35f65890fe0c722efc5489298 Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Tue Oct 13 21:51:18 2015 +0100 ui/cocoa.m: addRemovableDevicesMenuItems() warning fix Eliminate this warning associated with the addRemovableDevicesMenuItems() function: ui/cocoa.m:1344:13: warning: function declaration isn't a prototype [-Wstrict-prototypes] static void addRemovableDevicesMenuItems() ^ ui/cocoa.m: In function 'addRemovableDevicesMenuItems': ui/cocoa.m:1344:13: warning: old-style function definition [-Wold-style-definition] Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Message-id: 7B365FC2-072B-4E8D-A1D9-922C2D691A83@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 99df5289d8c7ebf373c3570d8fba3f3a73360281 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:32 2015 -0600 qapi: Track location that created an implicit type A future patch will move some error checking from the parser to the various QAPISchema*.check() methods, which run only after parsing completes. It will thus be possible to create a python instance representing an implicit QAPI type that parses fine but will fail validation during check(). Since all errors have to have an associated 'info' location, we need a location to be associated with those implicit types. The intuitive info to use is the location of the enclosing entity that caused the creation of the implicit type. Note that we do not anticipate builtin types being used in an error message (as they are not part of the user's QAPI input, the user can't cause a semantic error in their behavior), so we exempt those types from requiring info, by setting a flag to track the completion of _def_predefineds(), and tracking that flag in _def_entity(). No change to the generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-13-git-send-email-eblake@xxxxxxxxxx> [Missing QAPISchemaArrayType.is_implicit() supplied] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 46292ba75c515baf733df18644052b2ce9492728 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:29 2015 -0600 qapi: Create simple union type member earlier For simple unions, we were creating the implicit 'type' tag member during the QAPISchemaObjectTypeVariants constructor. This is different from every other implicit QAPISchemaEntity object, which get created by QAPISchema methods. Hoist the creation to the caller (renaming _make_tag_enum() to _make_implicit_tag()), and pass the entity rather than the string name, so that we have the nice property that no entities are created as a side effect within a different entity. A later patch will then have an easier time of associating location info with each entity creation. No change to generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-10-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 9f08c8ec73878122ad4b061ed334f0437afaaa32 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:28 2015 -0600 qapi: Lazy creation of array types Commit ac88219a had several TODO markers about whether we needed to automatically create the corresponding array type alongside any other type. It turns out that most of the time, we don't! There are a few exceptions: 1) We have a few situations where we use an array type in internal code but do not expose that type through QMP; fix it by declaring a dummy type that forces the generator to see that we want to use the array type. 2) The builtin arrays (such as intList for QAPI ['int']) must always be generated, because of the way our QAPI_TYPES_BUILTIN compile guard works: we have situations (at the very least tests/test-qmp-output-visitor.c) that include both top-level "qapi-types.h" (via "error.h") and a secondary "test-qapi-types.h". If we were to only emit the builtin types when used locally, then the first .h file would not include all types, but the second .h does not declare anything at all because the first .h set QAPI_TYPES_BUILTIN, and we would end up with compilation error due to things like unknown type 'int8List'. Actually, we may need to revisit how we do type guards, and change from a single QAPI_TYPES_BUILTIN over to a different usage pattern that does one #ifdef per qapi type - right now, the only types that are declared multiple times between two qapi .json files for inclusion by a single .c file happen to be the builtin arrays. But now that we have QAPI 'include' statements, it is logical to assume that we will soon reach a point where we want to reuse non-builtin types (yes, I'm thinking about what it will take to add introspection to QGA, where we will want to reuse the SchemaInfo type and friends). One #ifdef per type will help ensure that generating the same qapi type into more than one qapi-types.h won't cause collisions when both are included in the same .c file; but we also have to solve how to avoid creating duplicate qapi-types.c entry points. So that is a problem left for another day. Generated code for qapi-types and qapi-visit is drastically reduced; less than a third of the arrays that were blindly created were actually needed (a quick grep shows we dropped from 219 to 69 *List types), and the .o files lost more than 30% of their bulk. [For best results, diff the generated files with 'git diff --patience --no-index pre post'.] Interestingly, the introspection output is unchanged - this is because we already cull all types that are not indirectly reachable from a command or event, so introspection was already using only a subset of array types. The subset of types introspected is now a much larger percentage of the overall set of array types emitted in qapi-types.h (since the larger set shrunk), but still not 100% (evidence that the array types emitted for our new Dummy structs, and the new struct itself, don't affect QMP). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-9-git-send-email-eblake@xxxxxxxxxx> [Moved array info tracking to a later patch] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 49823c4b4304a3e4aa5d67e089946b12d6a52d64 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:27 2015 -0600 qapi: Don't use info as witness of implicit object type A future patch will enable error reporting from the various QAPISchema*.check() methods. But to report an error related to an implicit type, we'll need to associate a location with the type (the same location as the top-level entity that is causing the creation of the implicit type), and once we do that, keying off of whether foo.info exists is no longer a viable way to determine if foo is an implicit type. Instead, add an is_implicit() method to QAPISchemaEntity, and use it. It can be overridden later for ObjectType and EnumType, when implicit instances of those classes gain info. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-8-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 849ab13c1657b51b89693282ddd42ca1f6255354 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Oct 13 12:26:47 2015 -0600 qapi: Drop redundant args-member-array test qapi-schema-test already ensures that we can correctly compile an array of enums (__org.qemu_x-command), an array of builtins (UserDefNativeListUnion), and an array of structs (again __org.qemu_x-command). That means args-member-array is not adding any additional parse-only test coverage, so drop it. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444760807-11307-1-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 70478cef837e86b1cff08073153081ce480e0e6c Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:26 2015 -0600 qapi: Drop redundant flat-union-reverse-define test As of commit 8c3f8e77, we test compilation of forward references for a struct base type (UserDefOne), flat union base type (UserDefUnionBase), and flat union branch type (UserDefFlatUnion2). The only remaining forward reference being tested for parsing in flat-union-reverse-define was a forward enum declaration. Once we make sure that always compiles, the smaller parse-only test is redundant and can be deleted. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-7-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit cae95eae6270c1ea28a9ba8eee75c441b1015f68 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:25 2015 -0600 qapi: Drop redundant returns-int test qapi-schema-test was already testing that we could have a command returning int, but burned a command name in the whitelist. Merge the redundant positive test returns-int, and pick a name that reduces the whitelist size. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-6-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 625b251c69d983959efaeadeee12405b1a66d331 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:24 2015 -0600 qapi: Move empty-enum to compile-time test Rather than just asserting that we can parse an empty enum, let's also make sure we can compile it, by including it in qapi-schema-test. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-5-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit baabb84c5b27115b979d864cb2af4d63b823983f Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:23 2015 -0600 qapi: Drop redundant alternate-good test The alternate-good.json test was already covered by qapi-schema-test.json. As future commits will be tweaking how alternates are laid out, removing the duplicate test now reduces churn. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-4-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 7618b91ff80ec42b84b29be24d8ef53ddb377110 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:22 2015 -0600 qapi: Prepare for errors during check() The next few patches will start migrating error checking from ad hoc parse methods into the QAPISchema*.check() methods. But for an error message to display, we first have to fix the overall 'try' to catch those errors. We also want to enable a few more assertions, such as making sure every attempt to raise a semantic error is passed a valid location info, or that various preconditions hold. The general approach for moving error checking will then be to relax an assertion into an if that raises an exception if the condition does not hold, and removing the counterpart ad hoc check done during the parse phase. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-3-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 25a0d9c977c2f5db914b0a1619759fd77d97b016 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon Oct 12 22:22:21 2015 -0600 qapi: Use predicate callback to determine visit filtering Previously, qapi-types and qapi-visit filtered out implicit objects during visit_object_type() by using 'info' (works since implicit objects do not [yet] have associated info); meanwhile qapi-introspect filtered out all schema types on the first pass by returning a python type from visit_begin(), which was then used at a distance in QAPISchema.visit() to do the filtering. Rather than keeping these ad hoc approaches, add a new visitor callback visit_needed() which returns False to skip a given entity, and which defaults to True unless overridden. Use the new mechanism to simplify all three filtering visitors. No change to the generated code. Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444710158-8723-2-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit d08ac81a459258ce20b3184fa9325c6c1350ac9e Author: Eric Blake <eblake@xxxxxxxxxx> Date: Wed Oct 14 16:30:25 2015 -0600 qapi: Fix regression with '-netdev help' Commit e36c714e causes 'qemu -netdev help' to dump core, because the call to visit_end_union() is no longer conditional on whether *obj was allocated. Reported by Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1444861825-19256-1-git-send-email-eblake@xxxxxxxxxx> [Commit message tweaked to say 'help' instead of '?'] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 60be6340796e66b5ac8aac2d98dde5c79336a89c Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Mon Sep 28 14:41:58 2015 +0300 migration: fix deadlock Release qemu global mutex before call synchronize_rcu(). synchronize_rcu() waiting for all readers to finish their critical sections. There is at least one critical section in which we try to get QGM (critical section is in address_space_rw() and prepare_mmio_access() is trying to aquire QGM). Both functions (migration_end() and migration_bitmap_extend()) are called from main thread which is holding QGM. Thus there is a race condition that ends up with deadlock: main thread working thread Lock QGA | | Call KVM_EXIT_IO handler | | | Open rcu reader's critical section Migration cleanup bh | | | synchronize_rcu() is | waiting for readers | | prepare_mmio_access() is waiting for QGM \ / deadlock The patch changes bitmap freeing from direct g_free after synchronize_rcu to free inside call_rcu. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reported-by: Igor Redko <redkoi@xxxxxxxxxxxxx> Tested-by: Igor Redko <redkoi@xxxxxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> CC: Anna Melekhova <annam@xxxxxxxxxxxxx> CC: Juan Quintela <quintela@xxxxxxxxxx> CC: Amit Shah <amit.shah@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Wen Congyang <wency@xxxxxxxxxxxxxx> commit 92e3762237475407fe03e1ccac6e30612ab96caf Author: Amit Shah <amit.shah@xxxxxxxxxx> Date: Wed Oct 14 17:37:19 2015 +0530 migration: announce VM's new home just before VM is runnable We were announcing the dest host's IP as our new IP a bit too soon -- if there were errors detected after this announcement was done, the migration is failed and the VM could continue running on the src host -- causing problems later. Move around the qemu_announce_self() call so it's done just before the VM is runnable. Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit ed1f3e0090069dcb9458aa9e450df12bf8eba0b0 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Tue Oct 13 12:21:27 2015 +0100 Migration: Generate the completed event only when we complete The current migration-completed event is generated a bit too early, which means that an eager libvirt that's ready to go as soon as it sees the event ends up racing with the actual end of migration. This corresponds to RH bug: https://bugzilla.redhat.com/show_bug.cgi?id=1271145 Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> xSigned-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 6511d39679f296162a90e71685651717a29e78e5 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:08:05 2015 +0200 qemu-char: convert serial backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fd5b036c5c6dc715bd06769a0023c6e1de2dadb4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 15:06:02 2015 +0200 qemu-char: convert file backend to data-driven creation Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 4ca172817a8c6df0145c16d80abdf04d53a56d92 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 14:55:59 2015 +0200 qemu-char: add create to register_char_driver Having creation as a member of the CharDriver struct removes the need to export functions for qemu-char.c's usage. After the conversion, chardev backends implemented outside qemu-char.c will not need a stub creation function anymore. Ultimately all drivers will be converted. For now, support the case where cd->create == NULL. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d809ab9521ace32a806cdf86ee7df40e1bf88443 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 09:46:23 2015 +0200 qemu-char: cleanup HAVE_CHARDEV_* Move the #ifdef up into qmp_chardev_add, and avoid duplicating the code that reports unavailable backends. Split HAVE_CHARDEV_TTY into HAVE_CHARDEV_SERIAL and HAVE_CHARDEV_PTY. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit eaeba65304d9666309f246849adf1eff217b9868 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 14:54:05 2015 +0200 qemu-char: cleanup qmp_chardev_add Use the usual idioms for error propagation. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit a1dbc05a6f73e63ccfdd538c1825d44aa6347d8f Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Tue Oct 13 21:51:18 2015 +0100 ui/cocoa.m: eliminate normalWindow warning Eliminate this warning associated with the setting of the normalWindow's title: ui/cocoa.m: In function '-[QemuCocoaAppController init]': ui/cocoa.m:888:9: warning: format not a string literal and no format arguments [-Wformat-security] [normalWindow setTitle:[NSString stringWithFormat:@"QEMU"]]; Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Message-id: 57057D6E-C108-4AE1-8370-E7E6855B2F2C@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0a3c190098e1cb3daaa946cba6663467d1f4e857 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Mon Oct 12 18:41:19 2015 +0100 README: fill out some useful quickstart information The README file is usually the first thing consulted when a user or developer obtains a copy of the QEMU source. The current QEMU README is lacking immediately useful information and so not very friendly for first time encounters. It either redirects users to qemu-doc.html (which does not exist until they've actually compiled QEMU), or the website (which assumes the user has convenient internet access at time of reading). This fills out the README file as simple quick-start guide on the topics of building source, submitting patches, licensing and how to contact the QEMU community. It does not intend to be comprehensive, instead referring people to an appropriate web page to obtain more detailed information. The intent is to give users quick guidance to get them going in the right direction. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1444671679-17674-1-git-send-email-berrange@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c49d3411faae8ffaab8f7e5db47405a008411c10 Merge: 5451316 18bdbc3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 13 10:42:06 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-10-12' into staging QAPI patches # gpg: Signature made Mon 12 Oct 2015 18:56:35 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-10-12: qapi: Simplify gen_visit_fields() error handling qapi: Share gen_visit_fields() qapi: Share gen_err_check() qapi: Consistent generated code: minimize push_indent() usage qapi: Consistent generated code: prefer common indentation qapi: Consistent generated code: prefer common labels qapi: Consistent generated code: prefer visitor 'v' qapi: Consistent generated code: prefer error 'err' qapi: Reuse code for flat union base validation qapi: Test use of 'number' within alternates qapi: Add tests for empty unions qapi: Avoid assertion failure on union 'type' collision qapi: Test for various name collisions qapi: Clean up qapi.py per pep8 qapi: Invoke exception superclass initializer qapi: Improve 'include' error message qapi: Sort qapi-schema tests MAINTAINERS: Specify QAPI include and test files MAINTAINERS: Specify QObject include and test files docs: Move files from docs/qmp/ to docs/ Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 18bdbc3ac8b477e160d56aa6ecd6942495ce44d0 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:15 2015 -0600 qapi: Simplify gen_visit_fields() error handling Since we have consolidated all generated code to use 'err' as the name of the local variable for error detection, we can simplify the decision on whether to skip error detection (useful for deallocation paths) to be a boolean. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-18-git-send-email-eblake@xxxxxxxxxx> [Change to gen_visit_fields() simplified] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 82ca8e469666b169ccf818a0e36136aee97d7db0 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:14 2015 -0600 qapi: Share gen_visit_fields() Consolidate the code between visit, command marshalling, and event generation that iterates over the members of a struct. It reduces code duplication in the generator, so that a future patch can reduce the size of generated code while touching only one instead of three locations. There are no changes to the generated marshal code. The visitor code becomes slightly more verbose, but remains semantically equivalent, and is actually easier to read as it follows a more common idiom: | visit_optional(v, &(*obj)->has_device, "device", &err); |- if (!err && (*obj)->has_device) { |- visit_type_str(v, &(*obj)->device, "device", &err); |- } | if (err) { | goto out; | } |+ if ((*obj)->has_device) { |+ visit_type_str(v, &(*obj)->device, "device", &err); |+ if (err) { |+ goto out; |+ } |+ } The event code becomes slightly more verbose, but this is arguably a bug fix: although the visitors are not well documented, use of an optional member should not be attempted unless guarded by a prior call to visit_optional(). Works only because the output qmp visitor has a no-op visit_optional(): |+ visit_optional(v, &has_offset, "offset", &err); |+ if (err) { |+ goto out; |+ } | if (has_offset) { | visit_type_int(v, &offset, "offset", &err); Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-17-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 1f35334489a43800df4d20cd91362a87cee39a29 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:13 2015 -0600 qapi: Share gen_err_check() qapi-commands has a nice helper gen_err_check(), but did not use it everywhere. In fact, using it in more places makes it easier to reduce the lines of code used for generating error checks. This in turn will make it easier for later patches to consolidate another common pattern among the generators. The generated code has fewer blank lines in qapi-event.c functions, but has no semantic difference. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-16-git-send-email-eblake@xxxxxxxxxx> [Drop another blank line for symmetry] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 05372f708a8cb3556e4d67458de79417dadf241f Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:12 2015 -0600 qapi: Consistent generated code: minimize push_indent() usage We had some pointless differences in the generated code for visit, command marshalling, and events; unifying them makes it easier for future patches to consolidate to common helper functions. This is one patch of a series to clean up these differences. This patch reduces the number of push_indent()/pop_indent() pairs so that generated code is typically already at its natural output indentation in the python files. It is easier to reason about generated code if the reader does not have to track how much spacing will be inserted alongside the code, and moreso when all of the generators use the same patterns (qapi-type and qapi-event were already using in-place indentation). Arguably, the resulting python may be a bit harder to read with C code at the same indentation as python; on the other hand, not having to think about push_indent() is a win, and most decent editors provide syntax highlighting that makes it easier to visually distinguish python code from string literals that will become C code. There is no change to the generated output. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-15-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit e36c714e6aad7c9266132350833e2f263f6d8874 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:11 2015 -0600 qapi: Consistent generated code: prefer common indentation We had some pointless differences in the generated code for visit, command marshalling, and events; unifying them makes it easier for future patches to consolidate to common helper functions. This is one patch of a series to clean up these differences. This patch adjusts gen_visit_union() to use the same indentation as other functions, namely, by jumping early to the error label if the object was not set rather than placing the rest of the body inside an if for when it is set. No change in semantics to the generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-14-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit f782399cb4fa3fc4182cb046817f65a6db92ab07 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:10 2015 -0600 qapi: Consistent generated code: prefer common labels We had some pointless differences in the generated code for visit, command marshalling, and events; unifying them makes it easier for future patches to consolidate to common helper functions. This is one patch of a series to clean up these differences. This patch names the goto labels 'out' (not 'clean') and 'out_obj' (not 'out_end'). Additionally, the generator was inconsistent on whether labels had a leading space [our HACKING is silent; while emacs 'gnu' style adds the space to avoid littering column 1]. For minimal churn, prefer no leading space; this also matches the style that is more prevalent in current qemu.git. No change in semantics to the generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-13-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit f8b7f1a8eafa9f565ebecfe409e8741d38cd786b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:09 2015 -0600 qapi: Consistent generated code: prefer visitor 'v' We had some pointless differences in the generated code for visit, command marshalling, and events; unifying them makes it easier for future patches to consolidate to common helper functions. This is one patch of a series to clean up these differences. This patch names the local visitor variable 'v' rather than 'm'. Related objects, such as 'QapiDeallocVisitor', are also named by their initials instead of an unrelated leading m. No change in semantics to the generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-12-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 2a0f50e8d973b01eda4c63bac4a5c79ea0f584ef Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:08 2015 -0600 qapi: Consistent generated code: prefer error 'err' We had some pointless differences in the generated code for visit, command marshalling, and events; unifying them makes it easier for future patches to consolidate to common helper functions. This is one patch of a series to clean up these differences. This patch consistently names the local error variable 'err' rather than 'local_err'. No change in semantics to the generated code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-11-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 376863ef4895ae709aadb6f26365a5973310ef09 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:07 2015 -0600 qapi: Reuse code for flat union base validation Rather than open-code the check for a valid base type, we should reuse the common functionality. This allows for consistent error messages, and also makes it easier for a later patch to turn on support for inline anonymous base structures. Test flat-union-inline is updated to test only one feature (anonymous branch dictionaries), which can be implemented independently (test flat-union-bad-base already covers the idea of an anonymous base dictionary). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-10-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 9c51b4412959c5331a8a931d848c4b755b5bb36a Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:06 2015 -0600 qapi: Test use of 'number' within alternates Add some testsuite exposure for use of a 'number' as part of an alternate. The current state of the tree has a few bugs exposed by this: our input parser depends on the ordering of how the qapi schema declared the alternate, and the parser does not accept integers for a 'number' in an alternate even though it does for numbers outside of an alternate. Mixing 'int' and 'number' in the same alternate is unusual, since both are supplied by json-numbers, but there does not seem to be a technical reason to forbid it given that our json lexer distinguishes between json-numbers that can be represented as an int vs. those that cannot. Improve the existing test_visitor_in_alternate() to match the style of the new test_visitor_in_alternate_number(), and to ensure full coverage of all possible qtype parsing. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-9-git-send-email-eblake@xxxxxxxxxx> [Eric's follow-up fixes squashed in] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 8d25dd101f759425456b8005b3180062689d71e7 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:05 2015 -0600 qapi: Add tests for empty unions The documentation claims that alternates are useful for allowing two or more types, although nothing enforces this. Meanwhile, it is silent on whether empty unions are allowed. In practice, the generated code will compile, in part because we have a 'void *data' branch; but attempting to visit such a type will cause an abort(). While there's no technical reason that a degenerate union could not be made to work, it's harder to justify the time spent in chasing known (the current abort() during visit) and unknown corner cases, than it would be to just outlaw them. A future patch will probably take the approach of forbidding them; in the meantime, we can at least add testsuite coverage to make it obvious where things stand. In addition to adding tests to expose the problems, we also need to adjust existing tests that are meant to test something else, but which could fail for the wrong reason if we reject degenerate alternates/unions. Note that empty structs are explicitly supported (for example, right now they are the only way to specify that one branch of a flat union adds no additional members), and empty enums are covered by the testsuite as working (even if they do not seem to have much use). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-8-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 7b2a5c2f9a52c4a08630fa741052f03fe5d3cc8a Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:04 2015 -0600 qapi: Avoid assertion failure on union 'type' collision The previous commit added two tests that triggered an assertion failure. It's fairly straightforward to avoid the failure by just outright forbidding the collision between a union's tag values and its discriminator name (including the implicit name 'kind' supplied for simple unions [*]). Ultimately, we'd like to move the collision detection into QAPISchema*.check(), but for now it is easier just to enhance the existing checks. [*] Of course, down the road, we have plans to rename the simple union tag name to 'type' to match the QMP wire name, but the idea of the collision will still be present even then. Technically, we could avoid the collision by naming the C union members representing each enum value as '_case_value' rather than 'value'; but until we have an actual qapi client (and not just our testsuite) that has a legitimate reason to match a case label to the name of a QMP key and needs the name munging to satisfy the compiler, it's easier to just reject the qapi as invalid. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-7-git-send-email-eblake@xxxxxxxxxx> [Polished a few comments] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit d220fbcd1db2097de5ff3037e85317fcb5433e4e Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:03 2015 -0600 qapi: Test for various name collisions Expose some weaknesses in the generator: we don't always forbid the generation of structs that contain multiple members that map to the same C or QMP name. This has already been marked FIXME in qapi.py in commit d90675f, but having more tests will make sure future patches produce desired behavior; and updating existing patches to better document things doesn't hurt, either. Some of these collisions are already caught in the old-style parser checks, but ultimately we want all collisions to be caught in the new-style QAPISchema*.check() methods. This patch focuses on C struct members, and does not consider collisions between commands and events (affecting C function names), or even collisions between generated C type names with user type names (for things like automatic FOOList struct representing array types or FOOKind for an implicit enum). There are two types of struct collisions we want to catch: 1) Collision between two keys in a JSON object. qapi.py prevents that within a single struct (see test duplicate-key), but it is possible to have collisions between a type's members and its base type's members (existing tests struct-base-clash, struct-base-clash-deep), and its flat union variant members (renamed test flat-union-clash-member). 2) Collision between two members of the C struct that is generated for a given QAPI type: a) Multiple QAPI names map to the same C name (new test args-name-clash) b) A QAPI name maps to a C name that is used for another purpose (new tests flat-union-clash-branch, struct-base-clash-base, union-clash-data). We already fixed some such cases in commit 0f61af3e and 1e6c1616, but more remain. c) Two C names generated for other purposes clash (updated test alternate-clash, new test union-clash-branches, union-clash-type, flat-union-clash-type) Ultimately, if we need to have a flat union where a tag value clashes with a base member name, we could change the generator to name the union (using 'foo.u.value' rather than 'foo.value') or otherwise munge the C name corresponding to tag values. But unless such a need arises, it will probably be easier to just forbid these collisions. Some of these negative tests will be deleted later, and positive tests added to qapi-schema-test.json in their place, when the generator code is reworked to avoid particular code generation collisions in class 2). [Note that viewing this patch with git rename detection enabled may see some confusion due to renaming some tests while adding others, but where the content is similar enough that git picks the wrong pre- and post-patch files to associate] Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-6-git-send-email-eblake@xxxxxxxxxx> [Improve commit message and comments a bit, drop an unrelated test] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 437db2549be383e52acad6cd4bf2862e98fdfc93 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:02 2015 -0600 qapi: Clean up qapi.py per pep8 Silence pep8, and make pylint a bit happier. Just style cleanups, plus killing a useless comment in camel_to_upper(); no semantic changes. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-5-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 59b00542659c8947f9d4e8c28d2d528ab3ab61a5 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:01 2015 -0600 qapi: Invoke exception superclass initializer pylint recommends that every exception class should explicitly invoke the superclass __init__, even though things seem to work fine without it. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-4-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 7408fb67c0f9403f6e40aecf97cf798fc14e2cd8 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:21:00 2015 -0600 qapi: Improve 'include' error message Use of '"...%s" % include' to print non-strings can lead to ugly messages, such as this (if the .json change is applied without the qapi.py change): Expected a file name (string), got: OrderedDict() Better is to just omit the actual non-string value in the message. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-3-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 1ffe818a395cb883746f3baf8d9a0b6988375e8b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 29 16:20:59 2015 -0600 qapi: Sort qapi-schema tests Recent changes to qapi have provided quite a bit of churn in the makefile, because we are inconsistent on what order test names appear in, and on whether to re-wrap the list of tests or just add arbitrary line lengths. Writing the list in a sorted fashion, one test per line, will make future patches easier to see what tests are being added or removed by a patch. Although it is tempting to use $(wildcard qapi-schema/*.json) for a more compact listing, such an approach would risk picking up leftover garbage .json files in the directory; so keeping the list explicit is safer for ensuring reproducible tarballs and test results. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443565276-4535-2-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ac4abb9aeb734f36eb90b149b9eed0cc8fdb2872 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Sep 24 18:11:57 2015 +0200 MAINTAINERS: Specify QAPI include and test files Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1443111117-29831-4-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 7735d2b50477b171446b38efd2d8866d3c966162 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Sep 24 18:11:56 2015 +0200 MAINTAINERS: Specify QObject include and test files Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1443111117-29831-3-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 9b89b6a2872f1473ef82acdcb64c901982e0ef88 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Sep 24 18:11:55 2015 +0200 docs: Move files from docs/qmp/ to docs/ Giving QMP its own subdirectory in docs/ is hardly worthwhile when we have just four files, and one of them isn't even in the subdirectory. Move the files from docs/qmp/ to docs/, renaming docs/qmp/README to docs/qmp-intro. Update MAINTAINERS. The new pattern also captures the fourth file docs/writing-qmp-commands.txt. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1443111117-29831-2-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit b77e7c8e99f9ac726c4eaa2fc3461fd886017dc0 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 12 15:35:16 2015 +0200 qemu-sockets: fix conversion of ipv4/ipv6 JSON to QemuOpts The QemuOpts-based code treats "option not set" and "option set to false" the same way for the ipv4 and ipv6 options, because it is meant to handle only the ",ipv4" and ",ipv6" substrings in hand-crafted option parsers. When converting InetSocketAddress to QemuOpts, however, it is necessary to handle all three cases (not set, set to true, set to false). Currently we are not handling all cases correctly. The rules are: * if none or both options are absent, leave things as is * if the single present option is Y, the other should be N. This can be implemented by leaving things as is, or by setting the other option to N as done in this patch. * if the single present option is N, the other should be Y. This is handled by the "else if" branch of this patch. This ensures that the ipv4 option has an effect on Windows, where creating the socket with PF_UNSPEC makes an ipv6 socket. With this patch, ",ipv4" will result in a PF_INET socket instead. Reported-by: Sair, Umair <Umair_Sair@xxxxxxxxxx> Tested-by: Sair, Umair <Umair_Sair@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5ea530491fe9ac56f75bc1833cc3fd7722b24efd Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:49:41 2015 +0200 MAINTAINERS: Add more devices to realview board Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 062710000dbd9db81277156d9bdebd96b70cd1d2 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:45:00 2015 +0200 MAINTAINERS: Add maintainer for ARM PrimeCell and integrated devices Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9b31bff02153cf86d4413c6289794175662f7c5c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:42:50 2015 +0200 MAINTAINERS: Add more pxa2xx files and boards Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Cc: Andrzej Zaborowski <balrogg@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c92451c2af29784c76527cc5484c33b4ce069d38 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:36:48 2015 +0200 MAINTAINERS: Add more Xen files Cc: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx? Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 566dd236e1e0bfe9d9bce326547f883d677cf30a Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:38:02 2015 +0200 MAINTAINERS: add two devices to the e500 section Cc: Alexander Graf <agraf@xxxxxxx> Cc: Scott Wood <scottwood@xxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3e5385fcf536fc4238eb87de55af8dd99089cad4 Author: Andy Whitcroft <apw@xxxxxxxxxxxxx> Date: Thu Oct 8 10:05:24 2015 +0200 checkpatch: port fix from kernel "## is not a valid modifier" checkpatch currently loops on fpu/softfloat.c Turns out this is fixed in the Linux version of checkpatch. So this is a port of Andy Whitcrofts fix from Linux, Original commit was commit 89a883530fe7 ("checkpatch: ## is not a valid modifier") As suggested by Peter Maydell for the QEMU version we drop the last "|" as there seems to be no need for that. (FWIW, the kernel discusion about that dried out: http://www.spinics.net/lists/kernel/msg1944421.html ) Cc: Andy Whitcroft <apw@xxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Message-Id: <1444291524-66569-1-git-send-email-borntraeger@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b232c7857aa36d144205134c725114541630b1c2 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Tue Oct 6 14:30:57 2015 +1100 kvm-all: Align to qemu_real_host_page_size in kvm_set_phys_mem As the comment in kvm_set_phys_mem() says, KVM works in page size chunks. However it uses hardcoded TARGET_PAGE_SIZE which is 4K on most platforms while actual host may use different page size, for example, PPC64 hosts use 64K system pages. This replaces static TARGET_PAGE_SIZE with run-time calculated qemu_real_host_page_size. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Message-Id: <1444102257-17405-1-git-send-email-aik@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 88401cbc5b5730986fd5040425f5015a9cce9080 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 11 10:52:46 2015 +0200 exec: remove non-TCG stuff from exec-all.h header. The header is included from basically everywhere, thanks to cpu.h. It should be moved to the (TCG only) files that actually need it. As a start, remove non-TCG stuff. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 46eb8f98f2ce402e384d60ddd15020720994c7ca Author: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Date: Wed Sep 16 12:59:44 2015 +0300 target-i386/kvm: Hyper-V HV_X64_MSR_VP_RUNTIME support HV_X64_MSR_VP_RUNTIME msr used by guest to get "the time the virtual processor consumes running guest code, and the time the associated logical processor spends running hypervisor code on behalf of that guest." Calculation of that time is performed by task_cputime_adjusted() for vcpu task by KVM side. Signed-off-by: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Richard Henderson <rth@xxxxxxxxxxx> CC: Eduardo Habkost <ehabkost@xxxxxxxxxx> CC: "Andreas Färber" <afaerber@xxxxxxx> CC: Marcelo Tosatti <mtosatti@xxxxxxxxxx> Message-Id: <1442397584-16698-4-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8c145d7ca9b4267d2ec1eabe801c6b2aee636f1f Author: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Date: Wed Sep 16 12:59:43 2015 +0300 target-i386/kvm: set Hyper-V features cpuid bit HV_X64_MSR_VP_INDEX_AVAILABLE Hyper-V features bit HV_X64_MSR_VP_INDEX_AVAILABLE value is based on cpu option "hv-vpindex" and kernel support of HV_X64_MSR_VP_INDEX. Signed-off-by: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Richard Henderson <rth@xxxxxxxxxxx> CC: Eduardo Habkost <ehabkost@xxxxxxxxxx> CC: "Andreas Färber" <afaerber@xxxxxxx> CC: Marcelo Tosatti <mtosatti@xxxxxxxxxx> Message-Id: <1442397584-16698-3-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 744b8a9440fa2bd78ae64861667337439e25a6dc Author: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Date: Wed Sep 16 12:59:42 2015 +0300 target-i386/kvm: Hyper-V HV_X64_MSR_RESET support HV_X64_MSR_RESET msr is used by Hyper-V based Windows guest to reset guest VM by hypervisor. This msr is stateless so no migration/fetch/update is required. This code checks cpu option "hv-reset" and support by kernel. If both conditions are met appropriate Hyper-V features cpuid bit is set. Signed-off-by: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Richard Henderson <rth@xxxxxxxxxxx> CC: Eduardo Habkost <ehabkost@xxxxxxxxxx> CC: "Andreas Färber" <afaerber@xxxxxxx> CC: Marcelo Tosatti <mtosatti@xxxxxxxxxx> Message-Id: <1442397584-16698-2-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3a824b1552d68b708c161a900e2956a78d4ea466 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Oct 2 18:19:58 2015 +0200 linux-headers: update from kvm/next linux-headers/linux/vhost.h is currently out of sync with Linux. Do not touch it in this update. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5b906129524d564d61760d04586d6c2301457ead Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Oct 5 14:45:55 2015 +0200 checkpatch: allow open braces on typedef lines The style here seems to be split according to the maintainer, but traditionally open braces were placed on typedef lines. Suggested-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 32857f4d5e165329c03d66000d666975d85f882a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 1 15:29:50 2015 +0100 exec.c: Collect AddressSpace related fields into a CPUAddressSpace struct Gather up all the fields currently in CPUState which deal with the CPU's AddressSpace into a separate CPUAddressSpace struct. This paves the way for allowing the CPU to know about more than one AddressSpace. The rearrangement also allows us to make the MemoryListener a directly embedded object in the CPUAddressSpace (it could not be embedded in CPUState because 'struct MemoryListener' isn't defined for the user-only builds). This allows us to resolve the FIXME in tcg_commit() by going directly from the MemoryListener to the CPUAddressSpace. This patch extracts the actual update of the cached dispatch pointer from cpu_reload_memory_map() (which is renamed accordingly to cpu_reloading_memory_map() as it is only responsible for breaking cpu-exec.c's RCU critical section now). This lets us keep the definition of the CPUAddressSpace struct private to exec.c. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1443709790-25180-4-git-send-email-peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 53f8a5e9e2633a4a3b6918c36aec725aa80f2887 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 1 15:29:49 2015 +0100 cpu-exec-common.c: Clarify comment about cpu_reload_memory_map()'s RCU operations The reason for cpu_reload_memory_map()'s RCU operations is not so much because the guest could make the critical section very long, but that it could have a critical section within which it made an arbitrary number of changes to the memory map and thus accumulate an unbounded amount of memory data structures awaiting reclamation. Clarify the comment to make this clearer. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1443709790-25180-3-git-send-email-peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0a1c71cec63e95f9b8d0dc96d049d2daa00c5210 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 1 15:29:48 2015 +0100 exec.c: Don't call cpu_reload_memory_map() from cpu_exec_init() Currently we call cpu_reload_memory_map() from cpu_exec_init(), but this is not necessary: * KVM doesn't use the data structures maintained by cpu_reload_memory_map() (the TLB and cpu->memory_dispatch) * for TCG, we will call this function via tcg_commit() either as soon as tcg_cpu_address_space_init() registers the listener, or when the first MemoryRegion is added to the AddressSpace if the AS is empty when we register the listener The unnecessary call is awkward for adding support for multiple address spaces per CPU, so drop it. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxx> Message-Id: <1443709790-25180-2-git-send-email-peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fec21036ff516d20721abc01ae7be99ae5bb0c7b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Sep 4 21:53:03 2015 +0200 configure: Require Python 2.6 RHEL-6 and SLES-11 provide Python 2.6. It'll also work on OS X back to 10.6. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1441396383-17304-1-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8ef2eb8d2cad7400236d6b2c152bdb5506761b4d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Sep 30 19:21:10 2015 +0200 megasas: fix megasas_get_sata_addr There are two bugs here. First, the 16-bit id loses the high 8 bits when shifted left by 24. Second, the address must be combined with an "or" or we just get zero. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 633dccb458c4eaa40107cd7026737d804f90b6c0 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Oct 1 12:59:01 2015 +0200 scsi: switch from g_slice allocator to malloc Simplify memory allocation by sticking with a single API. GSlice is not that fast anyway (tcmalloc/jemalloc are better). Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 1729404c62e1adae501feeaaf61b87262d52ae1b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Oct 1 12:59:08 2015 +0200 nbd: switch from g_slice allocator to malloc Simplify memory allocation by sticking with a single API. GSlice is not that fast anyway (tcmalloc/jemalloc are better). Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5451316ed07b758a187dedf21047bed8f843f7f1 Merge: 0bf224d 9201bb9 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Oct 12 15:52:54 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging Pull request v2: * Fix virtio 16lx -> HWADDR_PRIx format specifier [Peter] # gpg: Signature made Mon 12 Oct 2015 11:19:06 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: sdhci.c: Limit the maximum block size block: switch from g_slice allocator to malloc virtio dataplane: adapt dataplane for virtio Version 1 virtio-blk: use blk_io_plug/unplug for Linux AIO batching sdhci: Pass drive parameter to sdhci-pci via qdev property Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0bf224d5da41967a775b328234cda2d19f303908 Merge: 7684922 89b1273 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Oct 12 14:29:29 2015 +0100 Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging # gpg: Signature made Mon 12 Oct 2015 08:56:47 BST using RSA key ID 398D6211 # gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211 * remotes/jasowang/tags/net-pull-request: tests: add test cases for netfilter object netfilter: add a netbuffer filter net/queue: export qemu_net_queue_append_iov netfilter: print filter info associate with the netdev netfilter: add an API to pass the packet to next filter net/queue: introduce NetQueueDeliverFunc net: merge qemu_deliver_packet and qemu_deliver_packet_iov netfilter: hook packets before net queue send init/cleanup of netfilter object vl.c: init delayed object after net_init_clients vmxnet3: Add support for VMXNET3_CMD_GET_ADAPTIVE_RING_INFO command e1000: use alias for default model vmxnet3: Support reading IMR registers on bar0 net/vmxnet3: Refine l2 header validation Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9201bb9a8c7cd3ba2382b7db5b2e40f603e61528 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Oct 6 10:40:41 2015 -0700 sdhci.c: Limit the maximum block size It is possible for the guest to set an invalid block size which is larger then the fifo_buffer[] array. This could cause a buffer overflow. To avoid this limit the maximum size of the blksize variable. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reported-by: Intel Security ATR <secure@xxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: abe4c51f513290bbb85d1ee271cb1a3d463d7561.1444067470.git.alistair.francis@xxxxxxxxxx Suggested-by: Igor Mitsyanko <i.mitsyanko@xxxxxxxxx> Reported-by: Intel Security ATR <secure@xxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c84b31926f018af6fea2ab37a1fc47060b4bcfa1 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Oct 1 13:04:39 2015 +0200 block: switch from g_slice allocator to malloc Simplify memory allocation by sticking with a single API. GSlice is not that fast anyway (tcmalloc/jemalloc are better). Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a9718ef0005d6910097788936dc40c0204713729 Author: Pierre Morel <pmorel@xxxxxxxxxxxxxxxxxx> Date: Mon Sep 7 13:33:56 2015 +0200 virtio dataplane: adapt dataplane for virtio Version 1 Let dataplane allocate different region for the desc/avail/used ring regions. Take VIRTIO_RING_F_EVENT_IDX into account to increase the used/avail rings accordingly. [Fix 32-bit builds by changing 16lx format specifier to HWADDR_PRIx. --Stefan] Signed-off-by: Pierre Morel <pmorel@xxxxxxxxxxxxxxxxxx> Tested-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Message-id: 1441625636-23773-1-git-send-email-pmorel@xxxxxxxxxxxxxxxxxx (changed __virtio16 into uint16_t, map descriptor table and available ring read-only) Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 768492239014cb5e6161f1be80a9c8043c4530c2 Merge: c9003eb 33fe968 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Oct 12 11:07:38 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-10-09' into staging Fix device introspection regressions # gpg: Signature made Fri 09 Oct 2015 14:43:41 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-monitor-2015-10-09: Revert "qdev: Use qdev_get_device_class() for -device <type>,help" qdev: Protect device-list-properties against broken devices qmp: Fix device-list-properties not to crash for abstract device device-introspect-test: New, covering device introspection libqtest: New hmp() & friends libqtest: Clean up unused QTestState member sigact_old tests: Fix how qom-test is run macio: move DBDMA_init from instance_init to realize hw: do not pass NULL to memory_region_init from instance_init memory: allow destroying a non-empty MemoryRegion virtio-input: Fix device introspection on non-Linux hosts update-linux-headers: Rename SW_MAX to SW_MAX_ Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit fc73548e444ae3239f6cef44a5200b5d2c3e85d1 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Jul 20 16:54:16 2015 +0100 virtio-blk: use blk_io_plug/unplug for Linux AIO batching The raw-posix block driver implements Linux AIO batching so multiple requests can be submitted with a single io_submit(2) system call. Batching is currently only used by virtio-scsi and virtio-blk-data-plane. Enable batching for regular virtio-blk so the number of io_submit(2) system calls is reduced for workloads with queue depth > 1. In 4KB random read performance tests with queue depth 32, the CPU utilization on the host is reduced by 9.4%. The fio job is as follows: [global] bs=4k ioengine=libaio iodepth=32 direct=1 sync=0 time_based=1 runtime=30 clocksource=gettimeofday ramp_time=5 [job1] rw=randread filename=/dev/vdb size=4096M write_bw_log=fio write_iops_log=fio write_lat_log=fio log_avg_msec=1000 This benchmark was run on an raw image on LVM. The disk was an SSD drive and -drive cache=none,aio=native was used. Tested-by: Pradeep Surisetty <psuriset@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> commit 5ec911c30ff4337d4185e29e82a254349f5a22da Author: Kevin O'Connor <kevin@xxxxxxxxxxxx> Date: Mon Aug 17 15:20:33 2015 -0400 sdhci: Pass drive parameter to sdhci-pci via qdev property Commit 19109131 disabled the sdhci-pci support because it used drive_get_next(). This patch reenables sdhci-pci and changes it to pass the drive via a qdev property - for example: -device sdhci-pci,drive=drive0 -drive id=drive0,if=sd,file=myimage Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin O'Connor <kevin@xxxxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 89b1273742f45c30927df203532fca0d9a3e1af7 Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:22 2015 +0800 tests: add test cases for netfilter object Using qtest qmp interface to implement following cases: 1) add/remove netfilter 2) add a netfilter then delete the netdev 3) add/remove more than one netfilters 4) add more than one netfilters and then delete the netdev Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 7dbb11c84f25e20301b47a77102db00d68a2c4a4 Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:21 2015 +0800 netfilter: add a netbuffer filter This filter is to buffer/release packets. Can be used when using MicroCheckpointing or other Remus like VM FT solutions. You can also use it to crudely simulate network delay. Doesn't actually delay individual packets, but batches them together, which is a delay of sorts. Usage: -netdev tap,id=bn0 -object filter-buffer,id=f0,netdev=bn0,queue=rx,interval=1000 NOTE: Interval is in microseconds, it can't be omitted currently, and can't be 0. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit b68c7f76926dee3f234ccee88f3167b640d9318e Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:20 2015 +0800 net/queue: export qemu_net_queue_append_iov This will be used by buffer filter implementation later to queue packets. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit a4960f52e7f402a4b7402ace204283de7b9d4879 Author: Yang Hongyang <burnef@xxxxxxxxx> Date: Wed Oct 7 11:52:19 2015 +0800 netfilter: print filter info associate with the netdev When execute "info network", print filter info also. add a info_str member to NetFilterState, store specific filters info. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 7ef7bc8586fb0d41742a896b532c7afa2bbb7f84 Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:18 2015 +0800 netfilter: add an API to pass the packet to next filter add an API qemu_netfilter_pass_to_next() to pass the packet to next filter. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 3e033a46a7e39ea31e15f1b53402df990977115a Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:17 2015 +0800 net/queue: introduce NetQueueDeliverFunc net/queue.c has logic to send/queue/flush packets but a qemu_deliver_packet_iov() call is hardcoded. Abstract this func so that we can use our own deliver function in netfilter. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit fefe2a78abde932e0f340b21bded2c86def1d242 Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:16 2015 +0800 net: merge qemu_deliver_packet and qemu_deliver_packet_iov qemu_deliver_packet_iov already have the compat delivery, we can drop qemu_deliver_packet. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit e64c770d1fa859bd8ee583d339b085fe345ac02b Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:15 2015 +0800 netfilter: hook packets before net queue send Capture packets that will be sent. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit fdccce4596218e49ca4d0f5d4b3f0c453bd99ba0 Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:14 2015 +0800 init/cleanup of netfilter object Add a netfilter object based on QOM. A netfilter is attached to a netdev, captures all network packets that pass through the netdev. When we delete the netdev, we also delete the netfilter object attached to it, because if the netdev is removed, the filter which attached to it is useless. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 9abce56d7b319b0c78b487720d128706272e0a0c Author: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Date: Wed Oct 7 11:52:13 2015 +0800 vl.c: init delayed object after net_init_clients Init delayed object after net_init_clients, because netfilters need to be initialized after net clients initialized. Signed-off-by: Yang Hongyang <yanghy@xxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit d62241eb6da9bd2517f07b3219ba4208b90b4e0d Author: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Date: Fri Sep 18 08:55:04 2015 +0300 vmxnet3: Add support for VMXNET3_CMD_GET_ADAPTIVE_RING_INFO command Some drivers (e.g. vmware-tools) issue the VMXNET3_CMD_GET_ADAPTIVE_RING_INFO command. Currently, due to lack of support, a bogus value (-1) is returned. Support this command, returning the "adaptive-ring disabled" flag. Signed-off-by: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit 8304402033e8dbe8e379017d51ed1dd8344f1dce Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Mon Sep 28 13:37:26 2015 +0800 e1000: use alias for default model Instead of duplicating the "e1000-82540em" device model as "e1000", make the latter an alias for the former. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> commit c6048f849c7e3f009786df76206e895a69de032c Author: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Date: Mon Sep 21 17:09:02 2015 +0300 vmxnet3: Support reading IMR registers on bar0 Instead of asserting, return the actual IMR register value. This is aligned with what's returned on ESXi. Signed-off-by: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Tested-by: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit a7278b36fcab9af469563bd7b9dadebe2ae25e48 Author: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> Date: Tue Aug 18 12:45:55 2015 +0300 net/vmxnet3: Refine l2 header validation Validation of l2 header length assumed minimal packet size as eth_header + 2 * vlan_header regardless of the actual protocol. This caused crash for valid non-IP packets shorter than 22 bytes, as 'tx_pkt->packet_type' hasn't been assigned for such packets, and 'vmxnet3_on_tx_done_update_stats()' expects it to be properly set. Refine header length validation in 'vmxnet_tx_pkt_parse_headers'. Check its return value during packet processing flow. As a side effect, in case IPv4 and IPv6 header validation failure, corrupt packets will be dropped. Signed-off-by: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> Signed-off-by: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> commit c9003eb4662f44c61be9c8d7d5c9d4a02d58b560 Merge: b37686f 925a040 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 9 17:30:03 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-virgl-20151008-1' into staging virtio-gpu: add 3d rendering support using virgl, misc fixes. ui/gtk: add opengl context and scanout support (for virtio-gpu). # gpg: Signature made Thu 08 Oct 2015 10:35:39 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-virgl-20151008-1: gtk/opengl: add opengl context and scanout support (GtkGLArea) gtk/opengl: add opengl context and scanout support (egl) opengl: add egl-context.[ch] helpers virtio-gpu: add cursor update tracepoint virtio-gpu: add 3d mode and virgl rendering support. virtio-gpu: update headers for virgl/3d virtio-gpu: change licence from GPLv2 to GPLv2+ virtio-gpu: move iov free to virtio_gpu_cleanup_mapping_iov ui/console: add opengl context and scanout support interfaces. sdl2: stop flickering shaders: initialize vertexes once Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 33fe96833015cf15f4c0aa5bf8d34f60526e0732 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 1 10:59:59 2015 +0200 Revert "qdev: Use qdev_get_device_class() for -device <type>,help" This reverts commit 31bed5509dfcbdfc293154ce81086a4dbd7a80b6. The reverted commit changed qdev_device_help() to reject abstract devices and devices that have cannot_instantiate_with_device_add_yet set, to fix crash bugs like -device x86_64-cpu,help. Rejecting abstract devices makes sense: they're purely internal, and the implementation of the help feature can't cope with them. Rejecting non-pluggable devices makes less sense: even though you can't use them with -device, the help may still be useful elsewhere, for instance with -global. This is a regression: -device FOO,help used to help even for FOO that aren't pluggable. The previous two commits fixed the crash bug at a lower layer, so reverting this one is now safe. Fixes the -device FOO,help regression, except for the broken devices marked cannot_even_create_with_object_new_yet. For those, the error message is improved. Example of a device where the regression is fixed: $ qemu-system-x86_64 -device PIIX4_PM,help PIIX4_PM.command_serr_enable=bool (on/off) PIIX4_PM.multifunction=bool (on/off) PIIX4_PM.rombar=uint32 PIIX4_PM.romfile=str PIIX4_PM.addr=int32 (Slot and optional function number, example: 06.0 or 06) PIIX4_PM.memory-hotplug-support=bool PIIX4_PM.acpi-pci-hotplug-with-bridge-support=bool PIIX4_PM.s4_val=uint8 PIIX4_PM.disable_s4=uint8 PIIX4_PM.disable_s3=uint8 PIIX4_PM.smb_io_base=uint32 Example of a device where it isn't fixed: $ qemu-system-x86_64 -device host-x86_64-cpu,help Can't list properties of device 'host-x86_64-cpu' Both failed with "Parameter 'driver' expects pluggable device type" before. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1443689999-12182-11-git-send-email-armbru@xxxxxxxxxx> commit 4c315c27661502a0813b129e41c0bf640c34a8d6 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 1 10:59:58 2015 +0200 qdev: Protect device-list-properties against broken devices Several devices don't survive object_unref(object_new(T)): they crash or hang during cleanup, or they leave dangling pointers behind. This breaks at least device-list-properties, because qmp_device_list_properties() needs to create a device to find its properties. Broken in commit f4eb32b "qmp: show QOM properties in device-list-properties", v2.1. Example reproducer: $ qemu-system-aarch64 -nodefaults -display none -machine none -S -qmp stdio {"QMP": {"version": {"qemu": {"micro": 50, "minor": 4, "major": 2}, "package": ""}, "capabilities": []}} { "execute": "qmp_capabilities" } {"return": {}} { "execute": "device-list-properties", "arguments": { "typename": "pxa2xx-pcmcia" } } qemu-system-aarch64: /home/armbru/work/qemu/memory.c:1307: memory_region_finalize: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed. Aborted (core dumped) [Exit 134 (SIGABRT)] Unfortunately, I can't fix the problems in these devices right now. Instead, add DeviceClass member cannot_destroy_with_object_finalize_yet to mark them: * Hang during cleanup (didn't debug, so I can't say why): "realview_pci", "versatile_pci". * Dangling pointer in cpus: most CPUs, plus "allwinner-a10", "digic", "fsl,imx25", "fsl,imx31", "xlnx,zynqmp", because they create such CPUs * Assert kvm_enabled(): "host-x86_64-cpu", host-i386-cpu", "host-powerpc64-cpu", "host-embedded-powerpc-cpu", "host-powerpc-cpu" (the powerpc ones can't currently reach the assertion, because the CPUs are only registered when KVM is enabled, but the assertion is arguably in the wrong place all the same) Make qmp_device_list_properties() fail cleanly when the device is so marked. This improves device-list-properties from "crashes, hangs or leaves dangling pointers behind" to "fails". Not a complete fix, just a better-than-nothing work-around. In the above reproducer, device-list-properties now fails with "Can't list properties of device 'pxa2xx-pcmcia'". This also protects -device FOO,help, which uses the same machinery since commit ef52358 "qdev-monitor: include QOM properties in -device FOO, help output", v2.2. Example reproducer: $ qemu-system-aarch64 -machine none -device pxa2xx-pcmcia,help Before: qemu-system-aarch64: .../memory.c:1307: memory_region_finalize: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed. After: Can't list properties of device 'pxa2xx-pcmcia' Cc: "Andreas Färber" <afaerber@xxxxxxx> Cc: "Edgar E. Iglesias" <edgar.iglesias@xxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Cc: Anthony Green <green@xxxxxxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Cc: Blue Swirl <blauwirbel@xxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Cc: Guan Xuetao <gxt@xxxxxxxxxxxxxxx> Cc: Jia Liu <proljc@xxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Cc: Max Filippov <jcmvbkbc@xxxxxxxxx> Cc: Michael Walle <michael@xxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: qemu-ppc@xxxxxxxxxx Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-Id: <1443689999-12182-10-git-send-email-armbru@xxxxxxxxxx> commit edb1523d90415cb79f60f83b4028ef3820d15612 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 1 10:59:57 2015 +0200 qmp: Fix device-list-properties not to crash for abstract device Broken in commit f4eb32b "qmp: show QOM properties in device-list-properties", v2.1. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Message-Id: <1443689999-12182-9-git-send-email-armbru@xxxxxxxxxx> commit 2d1abb850fd15fd6eb75a92290be5f93b2772ec5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 1 10:59:56 2015 +0200 device-introspect-test: New, covering device introspection The test doesn't check that the output makes any sense, only that QEMU survives. Useful since we've had an astounding number of crash bugs around there. In fact, we have a bunch of them right now: a few devices crash or hang, and some leave dangling pointers behind. The test skips testing the broken parts. The next commits will fix them up, and drop the skipping. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443689999-12182-8-git-send-email-armbru@xxxxxxxxxx> commit 5fb48d9673b76fc53507a0e717a12968e57d846e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 1 10:59:55 2015 +0200 libqtest: New hmp() & friends New convenience function hmp() to facilitate use of human-monitor-command in tests. Use it to simplify its existing uses. To blend into existing libqtest code, also add qtest_hmpv() and qtest_hmp(). That, and the egregiously verbose GTK-Doc comment format make this patch look bigger than it is. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Message-Id: <1443689999-12182-7-git-send-email-armbru@xxxxxxxxxx> commit 82b15c7bdbda6207d1fee2ec824432e64af3ecb4 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 1 10:59:54 2015 +0200 libqtest: Clean up unused QTestState member sigact_old Unused since commit d766825. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1443689999-12182-6-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> commit e253c287153c6f3ce4177686ac12c196f9bd8292 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 1 10:59:53 2015 +0200 tests: Fix how qom-test is run We want to run qom-test for every architecture, without having to manually add it to every architecture's list of tests. Commit 3687d53 accomplished this by adding it to every architecture's list automatically. However, some architectures inherit their tests from others, like this: check-qtest-x86_64-y = $(check-qtest-i386-y) check-qtest-microblazeel-y = $(check-qtest-microblaze-y) check-qtest-xtensaeb-y = $(check-qtest-xtensa-y) For such architectures, we ended up running the (slow!) test twice. Commit 2b8419c attempted to avoid this by adding the test only when it's not already present. Works only as long as we consider adding the test to the architectures on the left hand side *after* the ones on the right hand side: x86_64 after i386, microblazeel after microblaze, xtensaeb after xtensa. Turns out we consider them in $(SYSEMU_TARGET_LIST) order. Defined as SYSEMU_TARGET_LIST := $(subst -softmmu.mak,,$(notdir \ $(wildcard $(SRC_PATH)/default-configs/*-softmmu.mak))) On my machine, this results in the oder xtensa, x86_64, microblazeel, microblaze, i386. Consequently, qom-test runs twice for microblazeel and x86_64. Replace this complex and flawed machinery with a much simpler one: add generic tests (currently just qom-test) to check-qtest-generic-y instead of check-qtest-$(target)-y for every target, then run $(check-qtest-generic-y) for every target. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Message-Id: <1443689999-12182-5-git-send-email-armbru@xxxxxxxxxx> commit c7104402353bf32ac1d3a276e3619a20e910506b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Oct 1 10:59:52 2015 +0200 macio: move DBDMA_init from instance_init to realize DBDMA_init is not idempotent, and calling it from instance_init breaks a simple object_new/object_unref pair. Work around this, pending qdev-ification of DBDMA, by moving the call to realize. Reported-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1443689999-12182-4-git-send-email-armbru@xxxxxxxxxx> commit 81e0ab48dda611e9571dc2e166840205a4208567 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Oct 1 10:59:51 2015 +0200 hw: do not pass NULL to memory_region_init from instance_init This causes the region to outlive the object, because it attaches the region to /machine. This is not nice for the "realize" method, but much worse for "instance_init" because it can cause dangling pointers after a simple object_new/object_unref pair. Reported-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1443689999-12182-3-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> commit 2e2b8eb70fdb7dfbec39f3a19b20f9a73f2f813e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Oct 1 10:59:50 2015 +0200 memory: allow destroying a non-empty MemoryRegion This is legal; the MemoryRegion will simply unreference all the existing subregions and possibly bring them down with it as well. However, it requires a bit of care to avoid an infinite loop. Finalizing a memory region cannot trigger an address space update, but memory_region_del_subregion errs on the side of caution and might trigger a spurious update: avoid that by resetting mr->enabled first. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1443689999-12182-2-git-send-email-armbru@xxxxxxxxxx> commit c6047e9621f77a65993bcda8f58b676996e24bb5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 8 18:11:40 2015 +0200 virtio-input: Fix device introspection on non-Linux hosts When CONFIG_LINUX is off, devices "virtio-keyboard-device", "virtio-mouse-device", "virtio-tablet-device" and "virtio-input-host-device" aren't compiled in, yet "virtio-keyboard-pci", "virtio-mouse-pci", "virtio-tablet-pci" and "virtio-input-host-pci" still are. Attempts to introspect them crash, e.g. $ qemu-system-x86_64 -device virtio-tablet-pci,help ** ERROR:/work/armbru/qemu/qom/object.c:333:object_initialize_with_type: assertion failed: (type != NULL) Broken in commit 710e2d9 and commit 006a5ed. Fix by compiling the "virtio-FOO-pci" exactly when compiling the "virtio-FOO-device": compile "virtio-keyboard-device", "virtio-mouse-device", "virtio-tablet-device" regardless of CONFIG_LINUX, and compile "virtio-input-host-pci" only for CONFIG_LINUX. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Message-Id: <1444320700-26260-3-git-send-email-armbru@xxxxxxxxxx> commit ac98fa849e834f48e5a64cf4b22218ba4047e142 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Oct 8 18:11:39 2015 +0200 update-linux-headers: Rename SW_MAX to SW_MAX_ The next commit will compile hw/input/virtio-input.c and hw/input/virtio-input-hid.c even when CONFIG_LINUX is off. These files include both "include/standard-headers/linux/input.h" and <windows.h> then. Doesn't work, because both define SW_MAX. We don't actually use it. Patch input.h to define SW_MAX_ instead. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1444320700-26260-2-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit b37686f7e84b22cfaf7fd01ac5133f2617cc3027 Merge: 8be6e62 98cf48f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 9 12:18:13 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging # gpg: Signature made Fri 09 Oct 2015 10:15:13 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/tracing-pull-request: trace: remove malloc tracing docs: update the usage example of "dtrace" backend in tracing.txt Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8be6e623a28497d1dcd10547a573c9143ece525c Merge: 1d27b91 deb847b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 9 10:45:09 2015 +0100 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-10-08' into staging trivial patches for 2015-10-08 # gpg: Signature made Thu 08 Oct 2015 17:51:05 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-10-08: tests: Unique test path for /string-visitor/output linux-user: Remove type casts to union type linux-user: Use g_new() & friends where that makes obvious sense rocker: Use g_new() & friends where that makes obvious sense .travis.yml: Run make check for all targets, not just some hw: char: Remove unnecessary variable hw: timer: Remove unnecessary variable qapi: add missing @ MAINTAINERS: Add NSIS file for W32, W64 hosts target-ppc: Remove unnecessary variable target-microblaze: Remove unnecessary variable s/cpu_get_real_ticks/cpu_get_host_ticks/ pc: check for underflow in load_linux pci-assign: do not include sys/io.h block/ssh: remove dead code imx_serial: Generate interrupt on tx empty if enabled sdhci: Change debug prints to compile unconditionally sdhci: use PRIx64 for uint64_t type Add .dir-locals.el file to configure emacs coding style Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 98cf48f60aa4999f5b2808569a193a401a390e6a Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Sep 16 17:38:44 2015 +0200 trace: remove malloc tracing The malloc vtable is not supported anymore in glib, because it broke when constructors called g_malloc. Remove tracing of g_malloc, g_realloc and g_free calls. Note that, for systemtap users, glib also provides tracepoints glib.mem_alloc, glib.mem_free, glib.mem_realloc, glib.slice_alloc and glib.slice_free. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1442417924-25831-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 2e4ccbbc64b212c4d1c7008ca58e141d6a984494 Author: Lin Ma <lma@xxxxxxxx> Date: Fri Sep 11 14:58:50 2015 +0800 docs: update the usage example of "dtrace" backend in tracing.txt The usage example of dtrace is quite ancient, We have tracetool.py with different parameters instead of the original tracetool shell script for a long time, So update the old information. Signed-off-by: Lin Ma <lma@xxxxxxxx> Message-id: 1441954730-17341-1-git-send-email-lma@xxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit deb847bfba7ee0ab8151842f5e9cb12d4daad3a3 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Mon Oct 5 12:04:20 2015 +0100 tests: Unique test path for /string-visitor/output Newer GLib's want unique test paths, and thus moan at dupes. (Seen on Fedora 23 which has glib 2.46) Uniquify the paths. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit d1c002b6ae2dc81d97bbe23fe65e1960abdba9a4 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Sun Feb 8 15:40:58 2015 +0100 linux-user: Remove type casts to union type Casting to a union type is a gcc (and clang) extension. Other compilers might not support it. This is not a problem today, but the type casts can be removed easily. Smatch now no longer complains like before: linux-user/syscall.c:3190:18: warning: cast to non-scalar linux-user/syscall.c:7348:44: warning: cast to non-scalar Cc: Riku Voipio <riku.voipio@xxxxxx> Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit c78d65e8a7d87badf46eda3a0b41330f5d239132 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Sep 14 13:53:03 2015 +0200 linux-user: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 778358d0a8f74a76488daea3c1b6fb327d8135b4 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Sep 14 13:52:23 2015 +0200 rocker: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patchas in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Acked-by: Jiri Pirko <jiri@xxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Jiri Pirko <jiri@xxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit cb157af23833ca0762125f34b3fe73cfdbac297e Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 23 15:27:12 2015 +1000 .travis.yml: Run make check for all targets, not just some ed173cb ".travis.yml: remove "make check" from main matrix" stopped running make check for all the Travis build targets for various reasons. It continued to run make check on one Travis build, which builds for a big list of all (? nearly all) our supported softmmu targets. Unfortunately, due to a spacing / quoting error it only actually builds for the alpha, arm, aarch64 and cris targets. Specifically, the list of targets is split over several lines. Even with YAML folding, this will leave spaces in the list, meaning $TARGETS won't have the value we need. I had a look at the YAML spec and I couldn't quickly see a way of splitting the list so that it doesn't end up with spaces, so this patch fixes the problem by putting the whole list on one huge line. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 65cb2a14cacbc08c754f3cb41436fe6ece46593a Author: Shraddha Barke <shraddha.6596@xxxxxxxxx> Date: Fri Sep 25 20:06:02 2015 +0530 hw: char: Remove unnecessary variable Compress lines and remove the variable. Signed-off-by: Shraddha Barke <shraddha.6596@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit bf5f78efed26054c2ce71e6f4c30ece13bf06e87 Author: Shraddha Barke <shraddha.6596@xxxxxxxxx> Date: Fri Sep 25 20:06:03 2015 +0530 hw: timer: Remove unnecessary variable Compress lines and remove the variable. Signed-off-by: Shraddha Barke <shraddha.6596@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f169f8fbca3999fe59f37a86822f305f7292949d Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Sep 25 16:03:30 2015 +0200 qapi: add missing @ Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 885bdc95b165dc2b63bdc756be4919e948b9d27b Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Fri Sep 25 22:25:32 2015 +0200 MAINTAINERS: Add NSIS file for W32, W64 hosts The NSIS installer configuration is maintained by me. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f9b8e7f63acf9418238444aec654aba249a334ba Author: Shraddha Barke <shraddha.6596@xxxxxxxxx> Date: Fri Sep 25 14:07:58 2015 +0530 target-ppc: Remove unnecessary variable Compress lines and remove the variable. Signed-off-by: Shraddha Barke <shraddha.6596@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 738c8b01ba4d020ee42c72e83a6aa3d9408a2530 Author: Shraddha Barke <shraddha.6596@xxxxxxxxx> Date: Fri Sep 25 14:07:56 2015 +0530 target-microblaze: Remove unnecessary variable Compress lines and remove the variable. Signed-off-by: Shraddha Barke <shraddha.6596@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 4a7428c5a7e82f4dde3646e4a8cc8e54f3257e2a Author: Christopher Covington <cov@xxxxxxxxxxxxxx> Date: Fri Sep 25 10:42:21 2015 -0400 s/cpu_get_real_ticks/cpu_get_host_ticks/ This should help clarify the purpose of the function that returns the host system's CPU cycle count. Signed-off-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> ppc portion Acked-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ec5fd402645fd4f03d89dcd5840b0e8542549e82 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Sep 14 12:07:22 2015 +0200 pc: check for underflow in load_linux If (setup_size+1)*512 is small enough, kernel_size -= setup_size can allocate a huge amount of memory. Avoid that. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 16033ba577059c5675e4c786234c46027380c29b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 15 10:47:36 2015 +0200 pci-assign: do not include sys/io.h This file does not exist on bionic libc and the functions it defines are in fact not used by pci-assign.c. Remove it. Reported-by: Houcheng Lin <houcheng@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit eab2ac9d3c1675a58989000c2647aa33e440906a Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Sep 14 13:12:34 2015 +0200 block/ssh: remove dead code The "err" label cannot be reached with qp != NULL. Remove the free-ing of qp and avoid future regressions by removing the initializer. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> ACKed-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit dc1442204a2235b1ad0c4bdceb3580c97f71f1b5 Author: Guenter Roeck <linux@xxxxxxxxxxxx> Date: Thu Aug 20 08:52:35 2015 -0700 imx_serial: Generate interrupt on tx empty if enabled Generate an interrupt if the tx buffer is empty and the tx empty interrupt is enabled. This fixes a problem seen when running a Linux image since Linux commit 55c3cb1358e ("serial: imx: remove unneeded imx_transmit_buffer() from imx_start_tx()"). Linux now waits for the tx empty interrupt before starting to send data, causing transmit stalls until there is an interrupt for another reason. Signed-off-by: Guenter Roeck <linux@xxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 7af0fc994e85c0ff16eda6d7e328427b02a01008 Author: Sai Pavan Boddu <sai.pavan.boddu@xxxxxxxxxx> Date: Mon Sep 7 23:36:41 2015 +0530 sdhci: Change debug prints to compile unconditionally Conditional compilation hides few type mismatch warnings, fix it to compile unconditionally. Signed-off-by: Sai Pavan Boddu <saipava@xxxxxxxxxx> Suggested-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit be9c5ddeabb73e9dee2d6922c03ffee4e1f4c8ec Author: Sai Pavan Boddu <sai.pavan.boddu@xxxxxxxxxx> Date: Mon Sep 7 23:36:40 2015 +0530 sdhci: use PRIx64 for uint64_t type Fix compile time warnings, because of type mismatch for unsigned long long type. Signed-off-by: Sai Pavan Boddu <saipava@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 91288a58a550be4dc80628456d5e1d2e91424827 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Thu Jun 4 14:30:07 2015 +0100 Add .dir-locals.el file to configure emacs coding style Some default emacs setups indent by 2 spaces and uses tabs which is counter to the QEMU coding style rules. Adding a .dir-locals.el file in the top level of the GIT repo will inform emacs about the QEMU coding style, and so assist contributors in avoiding common style mistakes before they submit patches. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 1d27b91723c252d9a97151dc1959cfd89c5816cb Merge: 31c9bd1 508ce5e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 8 16:50:34 2015 +0100 Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20151007.0' into staging VFIO updates 2015-10-07 - Change platform device IRQ setup sequence for compatibility with upcoming IRQ forwarding (Eric Auger) - Extensions to support vfio-pci devices on spapr-pci-host-bridge (David Gibson) [clang problem patch dropped] # gpg: Signature made Wed 07 Oct 2015 16:30:52 BST using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex@xxxxxxxxxxx>" # gpg: aka "Alex Williamson <alwillia@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex.l.williamson@xxxxxxxxx>" * remotes/awilliam/tags/vfio-update-20151007.0: vfio: Allow hotplug of containers onto existing guest IOMMU mappings memory: Allow replay of IOMMU mapping notifications vfio: Record host IOMMU's available IO page sizes vfio: Check guest IOVA ranges against host IOMMU capabilities vfio: Generalize vfio_listener_region_add failure path vfio: Remove unneeded union from VFIOContainer hw/vfio/platform: do not set resamplefd for edge-sensitive IRQS hw/vfio/platform: change interrupt/unmask fields into pointer hw/vfio/platform: irqfd setup sequence update Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 31c9bd164ddb653915b9029ba0edd40cd57530d9 Merge: ca4e4b8 126d89e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 8 15:33:56 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20151007' into staging Do away with TB retranslation # gpg: Signature made Wed 07 Oct 2015 10:42:08 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20151007: (26 commits) tcg: Adjust CODE_GEN_AVG_BLOCK_SIZE tcg: Check for overflow via highwater mark tcg: Allocate a guard page after code_gen_buffer tcg: Emit prologue to the beginning of code_gen_buffer tcg: Remove tcg_gen_code_search_pc tcg: Remove gen_intermediate_code_pc tcg: Save insn data and use it in cpu_restore_state_from_tb tcg: Pass data argument to restore_state_to_opc tcg: Add TCG_MAX_INSNS target-*: Drop cpu_gen_code define tcg: Merge cpu_gen_code into tb_gen_code target-sparc: Add npc state to insn_start target-sparc: Remove gen_opc_jump_pc target-sparc: Split out gen_branch_n target-sparc: Tidy gen_branch_a interface target-cris: Mirror gen_opc_pc into insn_start target-sh4: Add flags state to insn_start target-s390x: Add cc_op state to insn_start target-mips: Add delayed branch state to insn_start target-i386: Add cc_op state to insn_start ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ca4e4b82848982311a40d0937c1de9db1108fdb0 Merge: fb6345f fec7daa Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 8 13:37:04 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tile-20151007' into staging Collected patches # gpg: Signature made Wed 07 Oct 2015 10:30:17 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tile-20151007: target-tilegx: Support iret instruction and related special registers target-tilegx: Use TILEGX_EXCP_OPCODE_UNKNOWN and TILEGX_EXCP_OPCODE_UNIMPLEMENTED correctly target-tilegx: Implement v2mults instruction target-tilegx: Implement v?int_* instructions. target-tilegx: Implement v2sh* instructions target-tilegx: Handle nofault prefetch instructions target-tilegx: Fix a typo for mnemonic about "ld_add" target-tilegx: Use TILEGX_EXCP_SIGNAL instead of TILEGX_EXCP_SEGV target-tilegx: Decode ill pseudo-instructions linux-user/tilegx: Implement tilegx signal features linux-user/syscall_defs.h: Sync the latest si_code from Linux kernel target-tilegx: Let x1 pipe process bpt instruction only target-tilegx: Implement complex multiply instructions target-tilegx: Implement table index instructions target-tilegx: Implement crc instructions target-tilegx: Implement v1multu instruction target-tilegx: Implement v*add and v*sub instructions target-tilegx: Implement v*shl, v*shru, and v*shrs instructions target-tilegx: Tidy simd_helper.c Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit fb6345f452ba7cefb395389abb17d0af0e42c54b Merge: eed2df6 32532f2 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 8 11:28:17 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging NUMA queue, 2015-10-06 # gpg: Signature made Tue 06 Oct 2015 20:53:42 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" * remotes/ehabkost/tags/numa-pull-request: pc-dimm: Fail realization for invalid nodes in non-NUMA config Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 925a04000231ad865770ba227876ba518ac3e479 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue May 26 12:26:21 2015 +0200 gtk/opengl: add opengl context and scanout support (GtkGLArea) This allows virtio-gpu to render in 3d mode. Uses native opengl support which is present in gtk versions 3.16 and newer. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 4782aeb79fbcb70bb96b52f6d9bc7cadb3cf7d58 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri May 8 11:30:51 2015 +0200 gtk/opengl: add opengl context and scanout support (egl) This allows virtio-gpu to render in 3d mode. Uses egl, for gtk versions 3.14 and older. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 6c18744d0f99138cb19cd9d1241d7b11c478a944 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Apr 29 10:08:04 2015 +0200 opengl: add egl-context.[ch] helpers Add helper functions to manage opengl contexts using egl. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit e9c1b459f28fb4dce52dd5afa6a1ad7fb00ee5e2 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Oct 2 08:30:27 2015 +0200 virtio-gpu: add cursor update tracepoint Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 9d9e152136bdaa75ea98e5c2105f2a7127e369eb Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jul 11 12:51:43 2014 +0200 virtio-gpu: add 3d mode and virgl rendering support. Add virglrenderer library detection. Add 3d mode to virtio-gpu, wire up virglrenderer library. When in 3d mode render using the new context management and texture scanout callbacks. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit bc79e96442283471c92c8ea7ae15563274f7b0cb Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri May 22 15:38:33 2015 +0200 virtio-gpu: update headers for virgl/3d Sync with linux kernel headers with virgl/3d patches applied. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 2e2521452e28399dbc6fecec56d5bbb29f9b6796 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 16 09:15:15 2015 +0200 virtio-gpu: change licence from GPLv2 to GPLv2+ Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 7f3be0f20ff8d976ab982cc06026cac0600f1fb6 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Sep 15 09:23:14 2015 +0200 virtio-gpu: move iov free to virtio_gpu_cleanup_mapping_iov For symmetry reasons: virtio_gpu_create_mapping_iov() allocates it so virtio_gpu_cleanup_mapping_iov() should free it, otherwise it's easy to miss a free() needed and leak memory. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 06020b950c0a6a73cbee0527af846b05679c937a Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jul 11 13:56:51 2014 +0200 ui/console: add opengl context and scanout support interfaces. Add callbacks for opengl context management and scanout texture configuration to DisplayChangeListenerOps. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 136a8d9d444560f71fca89f27475cfeaffa19cf3 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jun 12 12:16:02 2015 +0200 sdl2: stop flickering Optimizing updates by copying the dirty rectangle only do not work because of double-buffering. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit c046d8284474a0f7763dea849433bde37a69023d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jul 10 14:40:01 2015 +0200 shaders: initialize vertexes once Create a buffer for the vertex data and place vertexes there at initialization time. Then just use the buffer for each texture blit. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 126d89e8cdfa3be15d51f76906eaccbcd0023f98 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Sep 26 09:23:42 2015 -0700 tcg: Adjust CODE_GEN_AVG_BLOCK_SIZE At present, the "average" guestimate of TB size is way too small, leading to many unused entries in the pre-allocated TB array. For a guest with 1GB ram, we're currently allocating 256MB for the array. Survey arm, alpha, aarch64, ppc, sparc, i686, x86_64 guests running on x86_64 and ppc64 hosts and select a new average. The size of the array drops to 81MB with no more flushing than before. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit b125f9dc7bd68cd4c57189db4da83b0620b28a72 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 22 13:01:15 2015 -0700 tcg: Check for overflow via highwater mark We currently pre-compute an worst case code size for any TB, which works out to be 122kB. Since the average TB size is near 1kB, this wastes quite a lot of storage. Instead, check for overflow in between generating code for each opcode. The overhead of the check isn't measurable and wastage is minimized. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit f293709c6af7a65a9bcec09cdba7a60183657a3e Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Sep 19 12:03:15 2015 -0700 tcg: Allocate a guard page after code_gen_buffer This will catch any overflow of the buffer. Add a native win32 alternative for alloc_code_gen_buffer; remove the malloc alternative. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 8163b74938d8b7d12e70597c4553dd0dc49443d5 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Sep 18 23:43:05 2015 -0700 tcg: Emit prologue to the beginning of code_gen_buffer By putting the prologue at the end, we risk overwriting the prologue should our estimate of maximum TB size. Given the two different placements of the call to tcg_prologue_init, move the high water mark computation into tcg_prologue_init. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 04fe64000162c45d8974da9ca4d266f8d0e67eb7 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 1 20:07:48 2015 -0700 tcg: Remove tcg_gen_code_search_pc It's no longer used, so tidy up everything reached by it. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 4e5e1215156662b2b153255c49d4640d82c5568b Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 1 20:01:40 2015 -0700 tcg: Remove gen_intermediate_code_pc It is no longer used, so tidy up everything reached by it. This includes the gen_opc_* arrays, the search_pc parameter and the inline gen_intermediate_code_internal functions. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit fca8a500d519a56abeaedf8073167a61d3c6b9c4 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 1 19:11:45 2015 -0700 tcg: Save insn data and use it in cpu_restore_state_from_tb We can now restore state without retranslation. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit bad729e272387de7dbfa3ec4319036552fc6c107 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 1 15:51:12 2015 -0700 tcg: Pass data argument to restore_state_to_opc The gen_opc_* arrays are already redundant with the data stored in the insn_start arguments. Transition restore_state_to_opc to use data from the latter. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 190ce7fbc79fd0883a6170d7f30da59d366e6830 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 31 14:34:41 2015 -0700 tcg: Add TCG_MAX_INSNS Adjust all translators to respect it. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit dc03246cc377268db63abc8c5663ef571aec2eea Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Aug 27 18:18:09 2015 -0700 target-*: Drop cpu_gen_code define This symbol no longer exists. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit fec88f64bda27846add83e924c8f4def9d94e068 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Aug 27 18:17:40 2015 -0700 tcg: Merge cpu_gen_code into tb_gen_code As it's only caller, this tidies things a bit. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit a3d5ad761cafc669e25f4185e63d8d758a989135 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 31 13:30:52 2015 -0700 target-sparc: Add npc state to insn_start Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 6c42444f9a53b6af39d46008cb9f650b11e96cb9 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 31 13:24:44 2015 -0700 target-sparc: Remove gen_opc_jump_pc Since jump_pc[1] is always npc + 4, we can infer after incrementing that jump_pc[1] == pc + 4. Because of that, we can encode the branch destination into a single word, and store that in npc. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2bf2e019ed0a6349220620240c0ba807846793b9 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 31 13:01:47 2015 -0700 target-sparc: Split out gen_branch_n Unify three copies of this code from different branch types. Fix the case when npc == DYNAMIC_PC, i.e. a branch within a delay slot. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit bfa31b765798139804ce9e5e35c7e142d233df31 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 31 12:44:16 2015 -0700 target-sparc: Tidy gen_branch_a interface We always pass pc2 == dc->npc and r_cond == cpu_cond, and always set is_br afterward. Infer all of that. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit bd03c791a6ed1bb7aec17df15cfeea649362e8fd Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sun Aug 30 09:35:14 2015 -0700 target-cris: Mirror gen_opc_pc into insn_start This perhaps isn't ideal in terms of (ab)using the "pc" field to encode both pc and ppc + delay branch state, as one has to be aware of this when examining opcode dumps. But it preserves existing logic, which will be good for bisection, and it certainly does save storage space. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 07f3c16ced2b869228d58683c1dea06e3e1c9aa5 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sun Aug 30 09:28:52 2015 -0700 target-sh4: Add flags state to insn_start Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit a3fd522048f6728d8259e14596c9632c7c67305a Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sun Aug 30 09:26:10 2015 -0700 target-s390x: Add cc_op state to insn_start Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit c20d594e45bc8c4b21be1a7637cba0f279f72879 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sun Aug 30 09:25:36 2015 -0700 target-mips: Add delayed branch state to insn_start Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2066d09516ba34d0d180fdea451436d9babb3308 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sun Aug 30 09:24:58 2015 -0700 target-i386: Add cc_op state to insn_start Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 52e971d9ff67e340ac2a86bd67e14bd31c7991e0 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sun Aug 30 09:22:06 2015 -0700 target-arm: Add condexec state to insn_start Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9aef40ed1f6e2bd794bbb3ba8c8b773e506334c9 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sun Aug 30 09:21:33 2015 -0700 tcg: Allow extra data to be attached to insn_start With an eye toward having this data replace the gen_opc_* arrays that each target collects in order to enable restore_state_from_tb. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit b933066ae03d924a92b2616b4a24e7d91cd5b841 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Sep 17 15:58:10 2015 -0700 target-*: Introduce and use cpu_breakpoint_test Reduce the boilerplate required for each target. At the same time, move the test for breakpoint after calling tcg_gen_insn_start. Note that arm and aarch64 do not use cpu_breakpoint_test, but still move the inline test down after tcg_gen_insn_start. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 959082fc4a93a016a6b697e1e0c2b373d8a3a373 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Sep 17 14:25:46 2015 -0700 target-*: Increment num_insns immediately after tcg_gen_insn_start This does tidy the icount test common to all targets. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 667b8e29c5b1d8c5b4e6ad5f780ca60914eb6e96 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Aug 29 12:59:29 2015 -0700 target-*: Unconditionally emit tcg_gen_insn_start While we're at it, emit the opcode adjacent to where we currently record data for search_pc. This puts gen_io_start et al on the "correct" side of the marker. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 765b842adec4c5a359e69ca08785553599f71496 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Aug 29 12:37:33 2015 -0700 tcg: Rename debug_insn_start to insn_start With an eye toward making it mandatory. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit fec7daab3d63b7b2ca61581fffc40142b22b2bd5 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sun Oct 4 17:41:14 2015 +0800 target-tilegx: Support iret instruction and related special registers EX_CONTEXT_0_0 is used for jumping address, and EX_CONTEXT_0_1 is for INTERRUPT_CRITICAL_SECTION, which should only be 0 or 1 in user mode, or it will cause target SIGILL (and the patch doesn't support system mode). Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 77b3adc0012153e629b48b710ad19a8b544bb507 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sun Oct 4 13:34:33 2015 +0800 target-tilegx: Use TILEGX_EXCP_OPCODE_UNKNOWN and TILEGX_EXCP_OPCODE_UNIMPLEMENTED correctly For some cases, they are for TILEGX_EXCP_OPCODE_UNKNOWN, not for TILEGX_EXCP_OPCODE_UNIMPLEMENTED. Also for some cases, they are for TILEGX_EXCP_OPCODE_UNIMPLEMENTED, not for TILEGX_EXCP_OPCODE_UNKNOWN. When analyzing issues, the correct printing information is necessary, e.g. grep UIMP in gcc testsuite output log for finding qemu tilegx umimplementation issues, grep UNKNOWN for finding unknown instructions. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit a419e22d703667211521d4257df294047c13eca3 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sun Oct 4 19:01:27 2015 +0800 target-tilegx: Implement v2mults instruction Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1443956491-26850-3-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit aaf893a6ad6c7c0a986638ba599000e13f9f4182 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sun Oct 4 19:01:26 2015 +0800 target-tilegx: Implement v?int_* instructions. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1443956491-26850-2-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 78affcb798516dcb5d44a7ed598d79dcd42cd988 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sun Oct 4 19:01:25 2015 +0800 target-tilegx: Implement v2sh* instructions It is just according to v1sh* instructions implementation. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1443956491-26850-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 133b84c819166a6da1425a007cf44d7a96d507a4 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Oct 1 12:32:52 2015 +1000 target-tilegx: Handle nofault prefetch instructions These are mapped onto some of the normal load instructions, when the destination is the zero register. Other load insns do fault even when targeting the zero register. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 95df61e6238c79c2dc14f2bffa76abb2bd3acba7 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Wed Sep 30 05:38:40 2015 +0800 target-tilegx: Fix a typo for mnemonic about "ld_add" Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1443562720-3008-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit a0577d2aa9bd42d5d584fa03649a166ba45c2f3d Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sun Sep 27 14:26:04 2015 -0700 target-tilegx: Use TILEGX_EXCP_SIGNAL instead of TILEGX_EXCP_SEGV Consolidate signal handling under a single exception. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit dd8070d865ad1b32876931f812a80645f97112ff Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sat Sep 26 13:00:35 2015 +0800 target-tilegx: Decode ill pseudo-instructions Notice raise and bpt, decoding the constants embedded in the nop addil instruction in the x0 slot. [rth: Generalize TILEGX_EXCP_OPCODE_ILL to TILEGX_EXCP_SIGNAL. Drop validation of signal values.] Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1443243635-4886-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit bf0f60a61b92f4f9ddf09a3cf4fc41796fa42aed Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sun Sep 27 08:10:18 2015 +0800 linux-user/tilegx: Implement tilegx signal features [rth: Remove the spreg[EX1] handling, as it's irrelevant to user-mode.] Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1443312618-13641-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit de2fdd56b11f4207e6614ee2f56039ef240399f1 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sat Sep 26 12:10:05 2015 +0800 linux-user/syscall_defs.h: Sync the latest si_code from Linux kernel They content several new macro members, also contents TARGET_N*. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1443240605-2924-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit f723287944c30f1bf230f08b4fb03d6d11a16504 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sat Sep 26 07:42:54 2015 +0800 target-tilegx: Let x1 pipe process bpt instruction only According to the related document, bpt can be only in x1 pipe. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1443224574-2718-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9ff5b57c219f38f025b95ebf4b593b5d4e828b53 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Sep 23 10:43:48 2015 -0700 target-tilegx: Implement complex multiply instructions Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 0b4232f10895e863b1759a93ba0d0a1b3380dc31 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Sep 23 10:19:44 2015 -0700 target-tilegx: Implement table index instructions Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit ba1fc78f65fdea9d4b14d6449514c1351ad64fa4 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Sep 23 10:12:16 2015 -0700 target-tilegx: Implement crc instructions Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 38c949ffe7497b1d833bca5f70b22c87df9bd567 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Tue Sep 22 06:26:54 2015 +0800 target-tilegx: Implement v1multu instruction Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Message-Id: <1442874414-3578-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit c6876d7e1c3ff04a9b9f751f6260bf427ab8cf1a Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Tue Sep 22 06:18:38 2015 +0800 target-tilegx: Implement v*add and v*sub instructions [rth: Implement everything inline; handle v1addi and v2addi as well.] Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1442873918-3394-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 0ab0a3d768a4f6ab6747b6fd936c5cf70b5069c2 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Tue Sep 22 05:47:35 2015 +0800 target-tilegx: Implement v*shl, v*shru, and v*shrs instructions v2sh* are implemented with helper functions; v4sh* are implmeneted with inline code. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <1442872055-2836-1-git-send-email-gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 055130107683c3b199c1848a25e5e2c568230cbf Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 21 17:27:11 2015 -0700 target-tilegx: Tidy simd_helper.c Using the V1 macro when we want to replicate a byte across the 8 elements of the word. Using deposit and extract for manipulating specific elements. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 32532f215c49f005aaef942adfae34cbcc5fa678 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Fri Jul 17 18:19:40 2015 +0530 pc-dimm: Fail realization for invalid nodes in non-NUMA config pc_dimm_realize() validates the NUMA node to which memory hotplug is being performed only in case of NUMA configuration. Include a check to fail for invalid nodes in case of non-NUMA configuration too. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit eed2df678574f7f17947180a01127a8ba673a226 Merge: 5fdb467 d9f090e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 6 16:32:16 2015 +0100 Merge remote-tracking branch 'remotes/borntraeger/tags/s390x-20151006' into staging s390: fixes Some fixes all over the place: - ccw bios and gcc 5.1 (avoid floating point ops) - properly print vector registers - sclp and sclp-event-facility no longer hang on object_unref(object_new(T)) - better name for io_subsystem_reset One feature - the gdb server now exposes several virtualization specific register # gpg: Signature made Tue 06 Oct 2015 11:20:24 BST using RSA key ID B5A61C7C # gpg: Good signature from "Christian Borntraeger (IBM) <borntraeger@xxxxxxxxxx>" * remotes/borntraeger/tags/s390x-20151006: s390x: rename io_subsystem_reset -> subsystem_reset s390x/info registers: print vector registers properly s390x: set missing parent for hotplug and quiesce events s390x/gdb: expose virtualization specific registers pc-bios/s390-ccw: avoid floating point operations Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5fdb4671b08e0d1631447e81348b2b50a6b85bf7 Merge: 006d5c7 dfeb867 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 6 13:42:33 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 queue, 2015-10-05 # gpg: Signature made Mon 05 Oct 2015 17:04:38 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" * remotes/ehabkost/tags/x86-pull-request: icc_bus: drop the unused files cpu/apic: drop icc bus/bridge x86: use new method to correct reset sequence apic: move APIC's MMIO region mapping into APIC Correctly re-init EFER state during INIT IPI target-i386: add ABM to Haswell* and Broadwell* CPU models target-i386: get/put MSR_TSC_AUX across reset and migration target-i386: Make check_hw_breakpoints static target-i386: Move breakpoint related functions to new file target-i386: Convert kvm_default_*features to property/value pairs vl: Add another sanity check to smp_parse() function cpu: Introduce X86CPUTopoInfo structure for argument simplification Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 006d5c741bbfcdbedeb59e14527fe58d45c9c76b Merge: 7fe34ca ec6b69c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Oct 6 12:09:56 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Mon 05 Oct 2015 17:01:11 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" * remotes/jnsnow/tags/ide-pull-request: qtest/ide-test: ppc64be correction for ATAPI tests MAINTAINERS: Small IDE/FDC touchup qtest/ahci: fix redundant assertion Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7fe34ca9c2e99560dc65395d599a6920624b127d Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Oct 6 10:17:55 2015 +0100 tests: vhost-user: disable unless CONFIG_VHOST_NET vhost-user depends on vhost-net. We should probably fix that. For now, let's disable the test otherwise. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 508ce5eb00070809f0d19917a1b2960dfcf5a64b Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 30 12:13:56 2015 +1000 vfio: Allow hotplug of containers onto existing guest IOMMU mappings At present the memory listener used by vfio to keep host IOMMU mappings in sync with the guest memory image assumes that if a guest IOMMU appears, then it has no existing mappings. This may not be true if a VFIO device is hotplugged onto a guest bus which didn't previously include a VFIO device, and which has existing guest IOMMU mappings. Therefore, use the memory_region_register_iommu_notifier_replay() function in order to fix this case, replaying existing guest IOMMU mappings, bringing the host IOMMU into sync with the guest IOMMU. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit a788f227ef7bd2912fcaacdfe13d13ece2998149 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 30 12:13:55 2015 +1000 memory: Allow replay of IOMMU mapping notifications When we have guest visible IOMMUs, we allow notifiers to be registered which will be informed of all changes to IOMMU mappings. This is used by vfio to keep the host IOMMU mappings in sync with guest IOMMU mappings. However, unlike with a memory region listener, an iommu notifier won't be told about any mappings which already exist in the (guest) IOMMU at the time it is registered. This can cause problems if hotplugging a VFIO device onto a guest bus which had existing guest IOMMU mappings, but didn't previously have an VFIO devices (and hence no host IOMMU mappings). This adds a memory_region_iommu_replay() function to handle this case. It replays any existing mappings in an IOMMU memory region to a specified notifier. Because the IOMMU memory region doesn't internally remember the granularity of the guest IOMMU it has a small hack where the caller must specify a granularity at which to replay mappings. If there are finer mappings in the guest IOMMU these will be reported in the iotlb structures passed to the notifier which it must handle (probably causing it to flag an error). This isn't new - the VFIO iommu notifier must already handle notifications about guest IOMMU mappings too short for it to represent in the host IOMMU. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 7a140a57c69293a2f19b045f40953a87879e8c76 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 30 12:13:54 2015 +1000 vfio: Record host IOMMU's available IO page sizes Depending on the host IOMMU type we determine and record the available page sizes for IOMMU translation. We'll need this for other validation in future patches. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 3898aad323475cf19127d9fc0846954d591d8e11 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 30 12:13:53 2015 +1000 vfio: Check guest IOVA ranges against host IOMMU capabilities The current vfio core code assumes that the host IOMMU is capable of mapping any IOVA the guest wants to use to where we need. However, real IOMMUs generally only support translating a certain range of IOVAs (the "DMA window") not a full 64-bit address space. The common x86 IOMMUs support a wide enough range that guests are very unlikely to go beyond it in practice, however the IOMMU used on IBM Power machines - in the default configuration - supports only a much more limited IOVA range, usually 0..2GiB. If the guest attempts to set up an IOVA range that the host IOMMU can't map, qemu won't report an error until it actually attempts to map a bad IOVA. If guest RAM is being mapped directly into the IOMMU (i.e. no guest visible IOMMU) then this will show up very quickly. If there is a guest visible IOMMU, however, the problem might not show up until much later when the guest actually attempt to DMA with an IOVA the host can't handle. This patch adds a test so that we will detect earlier if the guest is attempting to use IOVA ranges that the host IOMMU won't be able to deal with. For now, we assume that "Type1" (x86) IOMMUs can support any IOVA, this is incorrect, but no worse than what we have already. We can't do better for now because the Type1 kernel interface doesn't tell us what IOVA range the IOMMU actually supports. For the Power "sPAPR TCE" IOMMU, however, we can retrieve the supported IOVA range and validate guest IOVA ranges against it, and this patch does so. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit ac6dc3894fbb6775245565229953879a0263d27f Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 30 12:13:52 2015 +1000 vfio: Generalize vfio_listener_region_add failure path If a DMA mapping operation fails in vfio_listener_region_add() it checks to see if we've already completed initial setup of the container. If so it reports an error so the setup code can fail gracefully, otherwise throws a hw_error(). There are other potential failure cases in vfio_listener_region_add() which could benefit from the same logic, so move it to its own fail: block. Later patches can use this to extend other failure cases to fail as gracefully as possible under the circumstances. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit ee0bf0e59bb1c07c0196142f2ecfd88f7f8b194e Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 30 12:13:51 2015 +1000 vfio: Remove unneeded union from VFIOContainer Currently the VFIOContainer iommu_data field contains a union with different information for different host iommu types. However: * It only actually contains information for the x86-like "Type1" iommu * Because we have a common listener the Type1 fields are actually used on all IOMMU types, including the SPAPR TCE type as well In fact we now have a general structure for the listener which is unlikely to ever need per-iommu-type information, so this patch removes the union. In a similar way we can unify the setup of the vfio memory listener in vfio_connect_container() that is currently split across a switch on iommu type, but is effectively the same in both cases. The iommu_data.release pointer was only needed as a cleanup function which would handle potentially different data in the union. With the union gone, it too can be removed. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit a5b39cd3f647eaaaef5b648beda5cb2f387418c0 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Oct 5 12:30:12 2015 -0600 hw/vfio/platform: do not set resamplefd for edge-sensitive IRQS In irqfd mode, current code attempts to set a resamplefd whatever the type of the IRQ. For an edge-sensitive IRQ this attempt fails and as a consequence, the whole irqfd setup fails and we fall back to the slow mode. This patch bypasses the resamplefd setting for non level-sentive IRQs. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit a22313deca720e038ebc5805cf451b3a685d29ce Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Oct 5 12:30:12 2015 -0600 hw/vfio/platform: change interrupt/unmask fields into pointer unmask EventNotifier might not be initialized in case of edge sensitive irq. Using EventNotifier pointers make life simpler to handle the edge-sensitive irqfd setup. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 58892b447f0ffcd0967bc6f1bcb40df288ebeebc Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Oct 5 12:30:12 2015 -0600 hw/vfio/platform: irqfd setup sequence update With current implementation, eventfd VFIO signaling is first set up and then irqfd is setup, if supported and allowed. This start sequence causes several issues with IRQ forwarding setup which, if supported, is transparently attempted on irqfd setup: IRQ forwarding setup is likely to fail if the IRQ is detected as under injection into the guest (active at irqchip level or VFIO masked). This currently always happens because the current sequence explicitly VFIO-masks the IRQ before setting irqfd. Even if that masking were removed, we couldn't prevent the case where the IRQ is under injection into the guest. So the simpler solution is to remove this 2-step startup and directly attempt irqfd setup. This is what this patch does. Also in case the eventfd setup fails, there is no reason to go farther: let's abort. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit ec6b69ca0305ab3a3e0461aecb6f190c59a765df Author: John Snow <jsnow@xxxxxxxxxx> Date: Mon Oct 5 12:00:56 2015 -0400 qtest/ide-test: ppc64be correction for ATAPI tests the 16bit ide data register is LE by definition. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1443461938-30039-1-git-send-email-jsnow@xxxxxxxxxx commit aee50319873da4ed1c1d6901260c37d6236c74b5 Author: John Snow <jsnow@xxxxxxxxxx> Date: Mon Oct 5 12:00:56 2015 -0400 MAINTAINERS: Small IDE/FDC touchup libqos/ahci and tests/fdc-test are under my purview also, include them in the appropriate stanzas. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1443117055-29240-1-git-send-email-jsnow@xxxxxxxxxx commit 3d937150dce20cb95cbaae99b6fd48dca4261f32 Author: John Snow <jsnow@xxxxxxxxxx> Date: Mon Oct 5 12:00:55 2015 -0400 qtest/ahci: fix redundant assertion Fixes https://bugs.launchpad.net/qemu/+bug/1497711 (!ncq || (ncq && lba48)) is the same as (!ncq || lba48). The intention is simply: "If a command is NCQ, it must also be LBA48." Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1442868929-17777-1-git-send-email-jsnow@xxxxxxxxxx commit dfeb8679db358e1f8e0ee4dd84f903d71f000378 Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Wed Sep 16 17:19:15 2015 +0800 icc_bus: drop the unused files ICC bus impl has been droped, so all icc related files are not useful any more; delete them. Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 46232aaacb66733d3e16dcbd0d26c32ec388801d Author: Chen Fan <chen.fan.fnst@xxxxxxxxxxxxxx> Date: Wed Sep 16 17:19:14 2015 +0800 cpu/apic: drop icc bus/bridge After CPU hotplug has been converted to BUS-less hot-plug infrastructure, the only function ICC bus performs is to propagate reset to LAPICs. However LAPIC could be reset by registering its reset handler after all device are initialized. Do so and drop ~30LOC of not needed anymore ICCBus related code. Signed-off-by: Chen Fan <chen.fan.fnst@xxxxxxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit ae50c55a09b8a90205972518d8129447000ae188 Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Wed Sep 16 17:19:13 2015 +0800 x86: use new method to correct reset sequence During reset some devices (such as hpet, rtc) might send IRQ to APIC which changes APIC's state from default one it's supposed to have at machine startup time. Fix this by resetting APIC after devices have been reset to cancel any changes that qemu_devices_reset() might have done to its state. Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 8d42d2d32b508484106f1c600f5cdd5496bc867e Author: Chen Fan <chen.fan.fnst@xxxxxxxxxxxxxx> Date: Wed Sep 16 17:19:11 2015 +0800 apic: move APIC's MMIO region mapping into APIC When ICC bus/bridge is removed, APIC MMIO will be left unmapped since it was mapped into system's address space indirectly by ICC bridge. Fix it by moving mapping into APIC code, so it would be possible to remove ICC bus/bridge code later. Signed-off-by: Chen Fan <chen.fan.fnst@xxxxxxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 2188cc52cb363433751f72b991d8fb05fc60e39d Author: Bill Paul <wpaul@xxxxxxxxxxxxx> Date: Wed Sep 30 15:33:29 2015 -0700 Correctly re-init EFER state during INIT IPI When doing a re-initialization of a CPU core, the default state is to _not_ have 64-bit long mode enabled. This means the LME (long mode enable) and LMA (long mode active) bits in the EFER model-specific register should be cleared. However, the EFER state is part of the CPU environment which is preserved by do_cpu_init(), so if EFER.LME and EFER.LMA were set at the time an INIT IPI was received, they will remain set after the init completes. This is contrary to what the Intel architecture manual describes and what happens on real hardware, and it leaves the CPU in a weird state that the guest can't clear. To fix this, the 'efer' member of the CPUX86State structure has been moved to an area outside the region preserved by do_cpu_init(), so that it can be properly re-initialized by x86_cpu_reset(). Signed-off-by: Bill Paul <wpaul@xxxxxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Richard Henderson <rth@xxxxxxxxxxx> CC: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit becb66673ec30cb604926d247ab9449a60ad8b11 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Sep 28 14:00:18 2015 +0200 target-i386: add ABM to Haswell* and Broadwell* CPU models ABM is only implemented as a single instruction set by AMD; all AMD processors support both instructions or neither. Intel considers POPCNT as part of SSE4.2, and LZCNT as part of BMI1, but Intel also uses AMD's ABM flag to indicate support for both POPCNT and LZCNT. It has to be added to Haswell and Broadwell because Haswell, by adding LZCNT, has completed the ABM. Tested with "qemu-kvm -cpu Haswell-noTSX,enforce" (and also with older machine types) on an Haswell-EP machine. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit c9b8f6b6210847b4381c5b2ee172b1c7eb9985d6 Author: Amit Shah <amit.shah@xxxxxxxxxx> Date: Wed Sep 23 11:57:33 2015 +0530 target-i386: get/put MSR_TSC_AUX across reset and migration There's one report of migration breaking due to missing MSR_TSC_AUX save/restore. Fix this by adding a new subsection that saves the state of this MSR. https://bugzilla.redhat.com/show_bug.cgi?id=1261797 Reported-by: Xiaoqing Wei <xwei@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Juan Quintela <quintela@xxxxxxxxxx> CC: "Dr. David Alan Gilbert" <dgilbert@xxxxxxxxxx> CC: Marcelo Tosatti <mtosatti@xxxxxxxxxx> CC: Richard Henderson <rth@xxxxxxxxxxx> CC: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit dd941cdcfec536aad6a310a153778142ed9f3e92 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 15 11:45:07 2015 -0700 target-i386: Make check_hw_breakpoints static The function is now only used from within a single file. Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit ba4b5c65a98ea91dc3b13e42dd9404808c999dda Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 15 11:45:06 2015 -0700 target-i386: Move breakpoint related functions to new file Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 5114e8422201190c3e2e1a4d77e38ad70cf001d2 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 11 12:40:27 2015 -0300 target-i386: Convert kvm_default_*features to property/value pairs Convert the kvm_default_features and kvm_default_unset_features arrays into a simple list of property/value pairs that will be applied to X86CPU objects when using KVM. Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit a32ef3bfc12c8d0588f43f74dcc5280885bbdb30 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Wed Jul 22 15:59:50 2015 +0200 vl: Add another sanity check to smp_parse() function The code in smp_parse already checks the topology information for sockets * cores * threads < cpus and bails out with an error in that case. However, it is still possible to supply a bad configuration the other way round, e.g. with: qemu-system-xxx -smp 4,sockets=1,cores=4,threads=2 QEMU then still starts the guest, with topology configuration that is rather incomprehensible and likely not what the user wanted. So let's add another check to refuse such wrong configurations. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Acked-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit ed256144cd6f0ca2ff59fc3fc8dca547506f433b Author: Chen Fan <chen.fan.fnst@xxxxxxxxxxxxxx> Date: Fri Aug 21 17:34:45 2015 +0800 cpu: Introduce X86CPUTopoInfo structure for argument simplification In order to simplify arguments of function, introduce a new struct named X86CPUTopoInfo. Signed-off-by: Chen Fan <chen.fan.fnst@xxxxxxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit c0b520dfb8890294a9f8879f4759172900585995 Merge: 945507d 6fdac09 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 2 16:59:21 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio,pc features, fixes New features: guest RAM buffer overrun mitigation RAM physical address gaps for memory hotplug (except refactoring which got some review comments) Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Fri 02 Oct 2015 15:04:56 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: vhost-user-test: fix predictable filename on tmpfs vhost-user-test: use tmpfs by default pc: memhp: force gaps between DIMM's GPA memhp: extend address auto assignment to support gaps vhost-user: unit test for new messages vhost-user-test: do not reinvent glib-compat.h virtio: Notice when the system doesn't support MSIx at all pc: Add a comment explaining why pc_compat_2_4() doesn't exist exec: allocate PROT_NONE pages on top of RAM oslib: allocate PROT_NONE pages on top of RAM oslib: rework anonimous RAM allocation virtio-net: correctly drop truncated packets virtio: introduce virtqueue_discard() virtio: introduce virtqueue_unmap_sg() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 945507d6bcde334f42b00cae134b4d47301d1821 Merge: 37dd86a 86abac0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 2 16:04:25 2015 +0100 Merge remote-tracking branch 'remotes/riku/tags/pull-linux-user-20151002' into staging First set of Linux-user que patches for 2.5 # gpg: Signature made Fri 02 Oct 2015 13:38:00 BST using RSA key ID DE3C9BC0 # gpg: Good signature from "Riku Voipio <riku.voipio@xxxxxx>" # gpg: aka "Riku Voipio <riku.voipio@xxxxxxxxxx>" * remotes/riku/tags/pull-linux-user-20151002: linux-user: assert that target_mprotect cannot fail linux-user/signal.c: Use setup_rt_frame() instead of setup_frame() for target openrisc linux-user/syscall.c: Add EAGAIN to host_to_target_errno_table for linux-user: add name_to_handle_at/open_by_handle_at linux-user: Return target error number in do_fork() linux-user: fix cmsg conversion in case of multiple headers linux-user: remove MAX_ARG_PAGES limit linux-user: remove unused image_info members linux-user: Treat --foo options the same as -foo linux-user: use EXIT_SUCCESS and EXIT_FAILURE linux-user: Add proper error messages for bad options linux-user: Add -help linux-user: Exit 0 when -h is used Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6fdac09370530be0cc6fe9e8d425c0670ba994b1 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Oct 1 15:50:52 2015 +0300 vhost-user-test: fix predictable filename on tmpfs vhost-user-test uses getpid to create a unique filename. This name is predictable, and a security problem. Instead, use a tmp directory created by mkdtemp, which is a suggested best practice. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 1b7e1e3b463a6e5c117498b192cb07603c04b668 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Sep 30 18:01:21 2015 +0300 vhost-user-test: use tmpfs by default Most people don't run make check by default, so they skip vhost-user unit tests. Solve this by using tmpfs instead, unless hugetlbfs is specified (using an environment variable). Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit aa8580cddf011e8cedcf87f7a0fdea7549fc4704 Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Tue Sep 29 16:53:29 2015 +0200 pc: memhp: force gaps between DIMM's GPA mapping DIMMs non contiguously allows to workaround virtio bug reported earlier: http://lists.nongnu.org/archive/html/qemu-devel/2015-08/msg00522.html in this case guest kernel doesn't allocate buffers that can cross DIMM boundary keeping each buffer local to a DIMM. Suggested-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Acked-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit df0acded19ec4b826aa095cfc19d341bd66fafd3 Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Tue Sep 29 16:53:28 2015 +0200 memhp: extend address auto assignment to support gaps setting gap to TRUE will make sparse DIMM address auto allocation, leaving gaps between a new DIMM address and preceeding existing DIMM. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8a9b6b37dabf00388e8069a2f5c0f659626693b3 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Sep 24 18:22:01 2015 +0200 vhost-user: unit test for new messages Data is empty for now, but do make sure master sets the new feature bit flag. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ca06d9cc6691e23b6d02e07b44ea549aeac60151 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 29 14:12:03 2015 +0200 vhost-user-test: do not reinvent glib-compat.h glib-compat.h has the gunk to support both old-style and new-style gthread functions. Use it instead of reinventing it. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Tested-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 37dd86a44cc4298f58ac370e0190b069469b6d25 Merge: ff770b0 73ba05d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 2 14:47:10 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches # gpg: Signature made Fri 02 Oct 2015 12:49:13 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: block/raw-posix: Open file descriptor O_RDWR to work around glibc posix_fallocate emulation issue. block: disable I/O limits at the beginning of bdrv_close() iotests: Fix test 128 for password-less sudo tests: Fix test 049 fallout from improved HMP error messages raw-win32: Fix write request error handling Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 73ba05d936e82fe01b2b2cf987bf3aecb4792af5 Author: Richard W.M. Jones <rjones@xxxxxxxxxx> Date: Tue Sep 29 16:54:10 2015 +0100 block/raw-posix: Open file descriptor O_RDWR to work around glibc posix_fallocate emulation issue. https://bugzilla.redhat.com/show_bug.cgi?id=1265196 The following command fails on an NFS mountpoint: $ qemu-img create -f qcow2 -o preallocation=falloc disk.img 262144 Formatting 'disk.img', fmt=qcow2 size=262144 encryption=off cluster_size=65536 preallocation='falloc' lazy_refcounts=off qemu-img: disk.img: Could not preallocate data for the new file: Bad file descriptor The reason turns out to be because NFS doesn't support the posix_fallocate call. glibc emulates it instead. However glibc's emulation involves using the pread(2) syscall. The pread syscall fails with EBADF if the file descriptor is opened without the read open-flag (ie. open (..., O_WRONLY)). I contacted glibc upstream about this, and their response is here: https://bugzilla.redhat.com/show_bug.cgi?id=1265196#c9 There are two possible fixes: Use Linux fallocate directly, or (this fix) work around the problem in qemu by opening the file with O_RDWR instead of O_WRONLY. Signed-off-by: Richard W.M. Jones <rjones@xxxxxxxxxx> BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1265196 Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 99b7e7756780cec03fe5175db0f53b2fffa9426b Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Fri Sep 25 16:41:44 2015 +0300 block: disable I/O limits at the beginning of bdrv_close() Disabling I/O limits from a BDS also drains all pending throttled requests, so it should be done at the beginning of bdrv_close() with the rest of the bdrv_drain() calls before the BlockDriver is closed. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit bb3c801df7ed454b663312326bc29c8b9c2e4de6 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Fri Sep 25 19:19:24 2015 +0200 iotests: Fix test 128 for password-less sudo As of 934659c460d46c948cf348822fda1d38556ed9a4, $QEMU_IO is generally no longer a program name, and therefore "sudo -n $QEMU_IO" will no longer work. Fix this by copying the qemu-io invocation function from common.config, making it use $sudo for invoking $QEMU_IO_PROG, and then use that function instead of $QEMU_IO. Reported-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 552bb52c4bf199ae9c038570187749b93c91310a Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue Sep 22 17:15:52 2015 -0600 tests: Fix test 049 fallout from improved HMP error messages Commit 50b7b000 improved HMP error messages, but forgot to update qemu-iotests to match. Reported-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5d555030ba10ef3be12cd75a121a7cd5f6ef9bd2 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Sep 23 14:58:21 2015 +0200 raw-win32: Fix write request error handling aio_worker() wrote the return code to the wrong variable. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Tested-by: Guangmu Zhu <guangmuzhu@xxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit d9f090ec7794d433b8f222ae8c8f95601369a4a5 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Thu Oct 1 10:49:47 2015 +0200 s390x: rename io_subsystem_reset -> subsystem_reset According to the Pop: "Subsystem reset operates only on those elements in the configuration which are not CPUs". As this is what we actually do, let's simply rename the function. Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Message-Id: <1443689387-34473-6-git-send-email-jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit a6085fab3b6b9f0f9d636170b7d7bd31172b5038 Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Thu Oct 1 10:49:46 2015 +0200 s390x/info registers: print vector registers properly We want F12=0000000000000000 F13=0000000000000000 F14=0000000000000000 F15=0000000000000000 V00=00000000000000000000000000000000 V01=00000000000000000000000000000000 instead of F12=0000000000000000 F13=0000000000000000 F14=0000000000000000 F15=0000000000000000 V00=00000000000000000000000000000000 V01=00000000000000000000000000000000 V02=00000000000000000000000000000000 Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Message-Id: <1443689387-34473-5-git-send-email-jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 7059384c7e27d68c502d8636eb711873a9a6a597 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Thu Oct 1 10:49:45 2015 +0200 s390x: set missing parent for hotplug and quiesce events Existing code missed to set a parent for the quiesce and hotplug event. While this didn't matter in practise, new introspection APIs basically now do an object_unref(object_new(T)), which loops forever. When trying to remove the event facility bus, the code tries to unparent all childs on the bus, so they are properly deleted and therefore removed. As object_unparent() on these child devices doesn't work, as there is no parent, we loop forever. Let's fix this by adding the event facility as a parent. Also switch from object_initialize to object_new, so the only valid reference is in fact the parent property. This makes it more obvious when the device (state) is actually gone (and how the reference counting works). Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Message-Id: <1443689387-34473-4-git-send-email-jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 8a641ff60f38799a10ed44a7c5bddd386bc169ed Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Thu Oct 1 10:49:44 2015 +0200 s390x/gdb: expose virtualization specific registers Let's expose some virtual/fake registers as virtualization specific registers. Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Message-Id: <1443689387-34473-3-git-send-email-jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit af3c15fee54e841d859d003b90a88042daf6cd7a Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Thu Oct 1 10:49:43 2015 +0200 pc-bios/s390-ccw: avoid floating point operations Some gcc versions (e.g. Fedora 22 gcc 5.1.1) seem to use floating point registers for spilling and filling of general purpose registers. As the BIOS does not activate the AFP register setting of CR0 this can cause data exception program checks. Disallow floating point in the BIOS as a simple solution. Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Message-Id: <1443689387-34473-2-git-send-email-jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit ff770b07f34d28b79013a83989bd6c85f8f16b2f Merge: 5250ced 5279efe Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Oct 2 11:01:18 2015 +0100 Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging # gpg: Signature made Thu 01 Oct 2015 20:02:33 BST using RSA key ID C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@xxxxxxxxxx>" # gpg: aka "Jeffrey Cody <jeff@xxxxxxxxxxxxx>" # gpg: aka "Jeffrey Cody <codyprime@xxxxxxxxx>" * remotes/cody/tags/block-pull-request: block: mirror - fix full sync mode when target does not support zero init Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5250ced83173c9534b4a2723b7a50b67b7c7a6ee Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jul 23 08:13:56 2015 -0700 target-microblaze: Set the PC in reset instead of realize Set the Microblaze CPU PC in the reset instead of setting it in the realize. This is required as the PC is zeroed in the reset function and causes problems in some situations. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit c8667283a070d810f7917d69ea84209475c6e75e Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Fri Sep 25 22:45:53 2015 +0200 disas/cris: Fix typo in comment Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 5279efebcf8f8fbf2ed2feed63cdb9d375c7cd07 Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Thu Oct 1 00:06:37 2015 -0400 block: mirror - fix full sync mode when target does not support zero init During mirror, if the target device does not support zero init, a mirror may result in a corrupted image for sync="full" mode. This is due to how the initial dirty bitmap is set up prior to copying data - we did not mark sectors as dirty that are unallocated. This means those unallocated sectors are skipped over on the target, and for a device without zero init, invalid data may reside in those holes. If both of the following conditions are true, then we will explicitly mark all sectors as dirty: 1.) sync = "full" 2.) bdrv_has_zero_init(target) == false If the target does support zero init, but a target image is passed in with data already present (i.e. an "existing" image), it is assumed the data present in the existing image is valid data for those sectors. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 91ed4bc5bda7e2b09eb508b07c83f4071fe0b3c9.1443705220.git.jcody@xxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 0d583647a7fc73f621eeb64ed703556c4bbebfcc Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue May 19 13:29:51 2015 -0700 virtio: Notice when the system doesn't support MSIx at all And do not issue an error_report in that case. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 798595075bf51c7e3125d260a19d860b9aa63e69 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Sep 28 15:07:21 2015 -0300 pc: Add a comment explaining why pc_compat_2_4() doesn't exist pc_compat_2_4() doesn't exist, and we shouldn't create one. Add a comment explaining why the function doesn't exist and why pc_compat_*() functions are deprecated. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8561c9244ddf1122dfe7ccac9b23f506062f1499 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Sep 10 16:41:17 2015 +0300 exec: allocate PROT_NONE pages on top of RAM This inserts a read and write protected page between RAM and QEMU memory, for file-backend RAM. This makes it harder to exploit QEMU bugs resulting from buffer overflows in devices using variants of cpu_physical_memory_map, dma_memory_map etc. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9fac18f03a9040b67ec38e14d3e1ed34db9c7e06 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Sep 10 16:41:17 2015 +0300 oslib: allocate PROT_NONE pages on top of RAM This inserts a read and write protected page between RAM and QEMU memory. This makes it harder to exploit QEMU bugs resulting from buffer overflows in devices using variants of cpu_physical_memory_map, dma_memory_map etc. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c2dfc5ba3fb3a1b7278c99bfd3bf350202169434 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Sep 10 16:36:51 2015 +0300 oslib: rework anonimous RAM allocation At the moment we first allocate RAM, sometimes more than necessary for alignment reasons. We then free the extra RAM. Rework this to avoid the temporary allocation: reserve the range by mapping it with PROT_NONE, then use just the necessary range with MAP_FIXED. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0cf33fb6b49a19de32859e2cdc6021334f448fb3 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Sep 25 13:21:30 2015 +0800 virtio-net: correctly drop truncated packets When packet is truncated during receiving, we drop the packets but neither discard the descriptor nor add and signal used descriptor. This will lead several issues: - sg mappings are leaked - rx will be stalled if a lots of packets were truncated In order to be consistent with vhost, fix by discarding the descriptor in this case. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 29b9f5efd78ae0f9cc02dd169b6e80d2c404bade Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Sep 25 13:21:29 2015 +0800 virtio: introduce virtqueue_discard() This patch introduces virtqueue_discard() to discard a descriptor and unmap the sgs. This will be used by the patch that will discard descriptor when packet is truncated. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ce317461573bac12b10d67699b4ddf1f97cf066c Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Sep 25 13:21:28 2015 +0800 virtio: introduce virtqueue_unmap_sg() Factor out sg unmapping logic. This will be reused by the patch that can discard descriptor. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Andrew James <andrew.james@xxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fa500928ad9da6dd570918e3dfca13c029af07a8 Merge: b2312c6 dc32562 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Oct 1 10:49:38 2015 +0100 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20150930' into staging migration/next for 20150930 # gpg: Signature made Wed 30 Sep 2015 09:24:02 BST using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20150930: migration: Disambiguate MAX_THROTTLE qmp/hmp: Add throttle ratio to query-migrate and info migrate migration: Dynamic cpu throttling for auto-converge migration: Parameters for auto-converge cpu throttling cpu: Provide vcpu throttling interface migration: yet more possible state transitions Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 86abac06c142d20772b3f2e04c9bf02b7936a0b3 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Sep 14 12:31:44 2015 +0200 linux-user: assert that target_mprotect cannot fail All error conditions that target_mprotect checks are also checked by target_mmap. EACCESS cannot happen because we are just removing PROT_WRITE. ENOMEM should not happen because we are modifying a whole VMA (and we have bigger problems anyway if it happens). Fixes a Coverity false positive, where Coverity complains about target_mprotect's return value being passed to tb_invalidate_phys_range. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit d0924a26d8f37ab95fdef99f6850b93e9af3ffb2 Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Sat Sep 12 23:32:30 2015 +0800 linux-user/signal.c: Use setup_rt_frame() instead of setup_frame() for target openrisc qemu has already considered about some targets may have no traditional signals. And openrisc's setup_frame() is dummy, but it can be supported by setup_rt_frame(). Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit dc3256272cf70b2152279b013a8abb16e0f6fe96 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 8 13:12:37 2015 -0400 migration: Disambiguate MAX_THROTTLE Migration has a define for MAX_THROTTLE. Update comment to clarify that this is used for throttling transfer speed. Hopefully this will prevent it from being confused with a guest cpu throttling entity. Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> commit 4782893e099cde24c0b10a48d0412eea575ddcb3 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 8 13:12:36 2015 -0400 qmp/hmp: Add throttle ratio to query-migrate and info migrate Report throttle percentage in info migrate and query-migrate responses when cpu throttling is active. Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> commit 070afca258f973c704dcadf2769aa1ca921209a1 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 8 13:12:35 2015 -0400 migration: Dynamic cpu throttling for auto-converge Remove traditional auto-converge static 30ms throttling code and replace it with a dynamic throttling algorithm. Additionally, be more aggressive when deciding when to start throttling. Previously we waited until four unproductive memory passes. Now we begin throttling after only two unproductive memory passes. Four seemed quite arbitrary and only waiting for two passes allows us to complete the migration faster. Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> commit 1626fee3bdbb295d5e8aff800f7621357bb376d6 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 8 13:12:34 2015 -0400 migration: Parameters for auto-converge cpu throttling Add migration parameters to allow the user to adjust the parameters that control cpu throttling when auto-converge is in effect. The added parameters are as follows: x-cpu-throttle-initial : Initial percantage of time guest cpus are throttled when migration auto-converge is activated. x-cpu-throttle-increment: throttle percantage increase each time auto-converge detects that migration is not making progress. Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> commit 2adcc85d407c1ab985f5abed808c78dbb84f4773 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 8 13:12:33 2015 -0400 cpu: Provide vcpu throttling interface Provide a method to throttle guest cpu execution. CPUState is augmented with timeout controls and throttle start/stop functions. To throttle the guest cpu the caller simply has to call the throttle set function and provide a percentage of throttle time. Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> commit 2a6e6e59dfdeb0b98e744eb8f110a236f26a3ea4 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Tue Jul 28 15:28:28 2015 +0200 migration: yet more possible state transitions On destination, we move from INMIGRATE to FINISH_MIGRATE. Add that to the list of allowed states. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> commit b2312c680084ea18cd55fa7093397cad2224ec14 Merge: 6996a00 b9e6092 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 29 12:41:19 2015 +0100 Merge remote-tracking branch 'remotes/amit-migration/tags/for-juan-201509' into staging Migration queue # gpg: Signature made Tue 29 Sep 2015 07:13:55 BST using RSA key ID 854083B6 # gpg: Good signature from "Amit Shah <amit@xxxxxxxxxxxx>" # gpg: aka "Amit Shah <amit@xxxxxxxxxx>" # gpg: aka "Amit Shah <amitshah@xxxxxxx>" * remotes/amit-migration/tags/for-juan-201509: ram_find_and_save_block: Split out the finding Move dirty page search state into separate structure migration: Use g_new() & friends where that makes obvious sense migration: qemu-file more size_t'ifying migration: size_t'ify some of qemu-file Init page sizes in qtest Split out end of migration code from migration_thread migration/ram.c: Use RAMBlock rather than MemoryRegion vmstate: Remove redefinition of VMSTATE_UINT32_ARRAY Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b9e6092814735853cc1149e2e68245b09f621306 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Sep 23 15:27:11 2015 +0100 ram_find_and_save_block: Split out the finding Split out the finding of the dirty page and all the wrap detection into a separate function since it was getting a bit hairy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-Id: <1443018431-11170-3-git-send-email-dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> [Fix comment -- Amit] Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit b8fb8cb748497aa070304eec27b03edd3b05373d Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Sep 23 15:27:10 2015 +0100 Move dirty page search state into separate structure Pull the search state for one iteration of the dirty page search into a structure. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Message-Id: <1443018431-11170-2-git-send-email-dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit 97f3ad35517e0d02c0149637d1bb10713c52b057 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Sep 14 13:51:31 2015 +0200 migration: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1442231491-23352-1-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit 56f3835ff1e70df97f843f4a27abdff6b4a2ae77 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Aug 13 11:51:34 2015 +0100 migration: qemu-file more size_t'ifying This time convert the external functions: qemu_get_buffer, qemu_peek_buffer qemu_put_buffer and qemu_put_buffer_async Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-Id: <1439463094-5394-6-git-send-email-dgilbert@xxxxxxxxxx> Reviewed-by: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit a202a4c001fd35b50d99abcc329bc9e666eb8eed Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Aug 13 11:51:33 2015 +0100 migration: size_t'ify some of qemu-file This is a start on using size_t more in qemu-file and friends; it fixes up QEMUFilePutBufferFunc and QEMUFileGetBufferFunc to take size_t lengths and return ssize_t return values (like read(2)) and fixes up all the different implementations of them. Note that I've not yet followed this deeply into bdrv_ implementations. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-Id: <1439463094-5394-5-git-send-email-dgilbert@xxxxxxxxxx> Reviewed-by: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit c50766f5a99ef7bf6c9a86cd07341c389faf7ae6 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Aug 13 11:51:32 2015 +0100 Init page sizes in qtest One of my patches used a loop that was based on host page size; it dies in qtest since qtest hadn't bothered init'ing it. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Message-Id: <1439463094-5394-4-git-send-email-dgilbert@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit 09f6c85e39ee9e57bd245adbe6f400d387061707 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Aug 13 11:51:31 2015 +0100 Split out end of migration code from migration_thread The code that gets run at the end of the migration process is getting large, and I'm about to add more for postcopy. Split it into a separate function. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-Id: <1439463094-5394-3-git-send-email-dgilbert@xxxxxxxxxx> Reviewed-by: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit 2f68e39956b7504f6669671fd95b70859afc340d Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Aug 13 11:51:30 2015 +0100 migration/ram.c: Use RAMBlock rather than MemoryRegion RAM migration mainly works on RAMBlocks but in a few places uses data from MemoryRegions to access the same information that's already held in RAMBlocks; clean it up just to avoid the MemoryRegion use. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-Id: <1439463094-5394-2-git-send-email-dgilbert@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit eb5c936e81e2e292ceefec9b6628862599f71c17 Author: Soren Brinkmann <soren.brinkmann@xxxxxxxxxx> Date: Thu Aug 13 23:16:27 2015 -0700 vmstate: Remove redefinition of VMSTATE_UINT32_ARRAY The macro is defined twice in identical ways. Signed-off-by: Soren Brinkmann <soren.brinkmann@xxxxxxxxxx> Message-Id: <1439532987-16335-1-git-send-email-soren.brinkmann@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit 08703b9f7bcd7ca2152d51a4c8893d26f1dc28de Author: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Date: Mon Sep 7 10:35:06 2015 +0800 linux-user/syscall.c: Add EAGAIN to host_to_target_errno_table for Under Alpha host, EAGAIN is redefined to 35, so it need be remapped too. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 0f0426f343886fb5c9f137c2830f35cc2dae7327 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Tue Sep 1 22:27:33 2015 +0200 linux-user: add name_to_handle_at/open_by_handle_at This patch allows to run example given by open_by_handle_at(2): The following shell session demonstrates the use of these two programs: $ echo 'Can you please think about it?' > cecilia.txt $ ./t_name_to_handle_at cecilia.txt > fh $ ./t_open_by_handle_at < fh open_by_handle_at: Operation not permitted $ sudo ./t_open_by_handle_at < fh # Need CAP_SYS_ADMIN Read 31 bytes $ rm cecilia.txt Now we delete and (quickly) re-create the file so that it has the same content and (by chance) the same inode.[...] $ stat --printf="%i\n" cecilia.txt # Display inode number 4072121 $ rm cecilia.txt $ echo 'Can you please think about it?' > cecilia.txt $ stat --printf="%i\n" cecilia.txt # Check inode number 4072121 $ sudo ./t_open_by_handle_at < fh open_by_handle_at: Stale NFS file handle See the man page for source code. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 93b4eff80af9822e4b726dcf21ee61538e088695 Author: Timothy E Baldwin <T.E.Baldwin99@xxxxxxxxxxxxxxxxxxx> Date: Mon Aug 31 00:26:21 2015 +0100 linux-user: Return target error number in do_fork() Whilst calls to do_fork() are wrapped in get_errno() this does not translate return values. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Timothy Edward Baldwin <T.E.Baldwin99@xxxxxxxxxxxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit ee1045877a7e226945c7cec2bda80039bd2d0c8e Author: Jonathan Neuschäfer <j.neuschaefer@xxxxxxx> Date: Thu Sep 3 07:27:26 2015 +0200 linux-user: fix cmsg conversion in case of multiple headers Currently, __target_cmsg_nxthdr compares a pointer derived from target_cmsg against the msg_control field of target_msgh (through subtraction). This failed for me when emulating i386 code under x86_64, because pointers in the host address space and pointers in the guest address space were not the same. This patch passes the initial value of target_cmsg into __target_cmsg_nxthdr. I found and fixed two more related bugs: - __target_cmsg_nxthdr now returns the new cmsg pointer instead of the old one. - tgt_space (in host_to_target_cmsg) doesn't count "sizeof (struct target_cmsghdr)" twice anymore. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@xxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 59baae9a626396a3a05840279084c4bf2beb8f40 Author: Stefan Brüns <stefan.bruens@xxxxxxxxxxxxxx> Date: Wed Sep 2 03:38:53 2015 +0200 linux-user: remove MAX_ARG_PAGES limit Instead of creating a temporary copy for the whole environment and the arguments, directly copy everything to the target stack. For this to work, we have to change the order of stack creation and copying the arguments. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Stefan Brüns <stefan.bruens@xxxxxxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 84646ee25b68321624ef4768011e91064e4bd440 Author: Stefan Brüns <stefan.bruens@xxxxxxxxxxxxxx> Date: Wed Sep 2 03:38:52 2015 +0200 linux-user: remove unused image_info members Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Stefan Brüns <stefan.bruens@xxxxxxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit ba02577cadbe5b53db791522310c977f9960f81f Author: Meador Inge <meadori@xxxxxxxxxxxxxxxx> Date: Mon Jul 6 11:03:41 2015 -0700 linux-user: Treat --foo options the same as -foo The system mode binaries provide a similar alias and it makes common options like --version and --help work as expected. Signed-off-by: Meador Inge <meadori@xxxxxxxxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 4d1275c24d5d64d22ec4a30ce1b6a0db3ba9a25a Author: Riku Voipio <riku.voipio@xxxxxxxxxx> Date: Mon Sep 28 16:12:16 2015 +0300 linux-user: use EXIT_SUCCESS and EXIT_FAILURE As suggested by Laurent, use EXIT_SUCCESS and EXIT_FAILURE from stdlib.h instead of numeric values. Cc: Laurent Vivier <laurent@xxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 138940bf08df1d8e9b862ad019a0d7d451e2413a Author: Meador Inge <meadori@xxxxxxxxxxxxxxxx> Date: Mon Jul 6 11:03:40 2015 -0700 linux-user: Add proper error messages for bad options This patch adds better support for diagnosing option parser errors. The previous implementation just printed the usage text and exited when a bad option or argument was found. This made it very difficult to determine why the usage was being displayed and it was doubly confusing for cases like '--help' (it wasn't clear that --help was actually an error). Signed-off-by: Meador Inge <meadori@xxxxxxxxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit daaf8c8eb7135386134bc7075b9cf4dd57107c43 Author: Meador Inge <meadori@xxxxxxxxxxxxxxxx> Date: Mon Jul 6 11:03:39 2015 -0700 linux-user: Add -help This option is already available on the system mode binaries. It would be better if long options were supported (i.e. --help), but this is okay for now. Signed-off-by: Meador Inge <meadori@xxxxxxxxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit d03f9c320234d2e49ad8b2f4abd049a497afa2be Author: Meador Inge <meadori@xxxxxxxxxxxxxxxx> Date: Mon Jul 6 11:03:38 2015 -0700 linux-user: Exit 0 when -h is used Signed-off-by: Meador Inge <meadori@xxxxxxxxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 6996a002d845be0166e155c016448014a6fbfe05 Merge: 9e07142 365d7f3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 25 23:20:06 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20150925-1' into staging cocoa queue: * fix stuck-key bug if keys were down when QEMU lost focus * prompt the user whether they really meant to quit * remove the 'open image file' dialog box we used to display if the user started QEMU without arguments # gpg: Signature made Fri 25 Sep 2015 23:17:19 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-cocoa-20150925-1: ui/cocoa.m: remove open dialog code ui/cocoa.m: prevent stuck key situation ui/cocoa.m: verify with user before quitting QEMU Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 365d7f3c7aacc789ead96b8eeb5ba5b0a8d93d48 Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Fri Sep 25 23:14:00 2015 +0100 ui/cocoa.m: remove open dialog code Removes the open dialog code that runs when no arguments are supplied with QEMU. Not everyone needs a hard drive or cdrom to boot their target. A user might only need to use their target's bios to do work. With that said, this patch removes the unneeded open dialog code. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Message-id: 33856864-321C-4367-9170-FB0BF81E789B@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3b178b7130ecf4005cd73d0c40e964c9d0d31a48 Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Fri Sep 25 23:14:00 2015 +0100 ui/cocoa.m: prevent stuck key situation When the user puts QEMU in the background while holding down a key, QEMU will not receive the keyup event when the user lets go of the key. When the user goes back to QEMU, QEMU will think the key is still down causing stuck key symptoms. This patch fixes this problem by releasing all down keys when QEMU goes into the background. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Message-id: 7A3FA6EE-84C8-4422-A786-C899B7229D32@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d9bc14f63e880010ba72b3a0169ff8ef52275a63 Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Fri Sep 25 23:13:59 2015 +0100 ui/cocoa.m: verify with user before quitting QEMU This patch prevents the user from accidentally quitting QEMU by pushing Command-Q or by pushing the close button on the main window. When the user does one of these two things, a dialog box appears verifying with the user if he or she wants to quit QEMU. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Message-id: 29169A74-0347-47F5-934F-A5AD24C225CA@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9e071429e649346c14b2dc76902f84f8352d2333 Merge: 8bfbbb4 8e9620a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 25 21:52:30 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * First batch of MAINTAINERS updates * IOAPIC fixes (to pass kvm-unit-tests with -machine kernel_irqchip=off) * NBD API upgrades from Daniel * strtosz fixes from Marc-André * improved support for readonly=on on scsi-generic devices * new "info ioapic" and "info lapic" monitor commands * Peter Crosthwaite's ELF_MACHINE cleanups * docs patches from Thomas and Daniel # gpg: Signature made Fri 25 Sep 2015 11:20:52 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" * remotes/bonzini/tags/for-upstream: (52 commits) doc: Refresh URLs in the qemu-tech documentation docs: describe the QEMU build system structure / design typedef: add typedef for QemuOpts i386: interrupt poll processing i386: partial revert of interrupt poll fix ppc: Rename ELF_MACHINE to be PPC specific i386: Rename ELF_MACHINE to be x86 specific alpha: Remove ELF_MACHINE from cpu.h mips: Remove ELF_MACHINE from cpu.h sparc: Remove ELF_MACHINE from cpu.h s390: Remove ELF_MACHINE from cpu.h sh4: Remove ELF_MACHINE from cpu.h xtensa: Remove ELF_MACHINE from cpu.h tricore: Remove ELF_MACHINE from cpu.h or32: Remove ELF_MACHINE from cpu.h lm32: Remove ELF_MACHINE from cpu.h unicore: Remove ELF_MACHINE from cpu.h moxie: Remove ELF_MACHINE from cpu.h cris: Remove ELF_MACHINE from cpu.h m68k: Remove ELF_MACHINE from cpu.h ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8bfbbb4bcb6e06aaf4a3e2264f53c8c44ed4c655 Merge: 54b3762 9d146b2 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 25 21:11:12 2015 +0100 Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150925.0' into staging VFIO updates 2015-09-25 - Remove use of g_malloc0_n for glib2.22 compat # gpg: Signature made Fri 25 Sep 2015 17:58:04 BST using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex@xxxxxxxxxxx>" # gpg: aka "Alex Williamson <alwillia@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex.l.williamson@xxxxxxxxx>" * remotes/awilliam/tags/vfio-update-20150925.0: vfio/pci: Remove use of g_malloc0_n() from quirks Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 54b376230c795d9f63490fa2e951cb786f7b1e12 Merge: 690b286 e6fd57e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 25 19:01:46 2015 +0100 Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging # gpg: Signature made Fri 25 Sep 2015 16:47:31 BST using RSA key ID C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@xxxxxxxxxx>" # gpg: aka "Jeffrey Cody <jeff@xxxxxxxxxxxxx>" # gpg: aka "Jeffrey Cody <codyprime@xxxxxxxxx>" * remotes/cody/tags/block-pull-request: sheepdog: refine discard support sheepdog: use per AIOCB dirty indexes for non overlapping requests Backup: don't do copy-on-read in before_write_notifier block: Introduce a new API bdrv_co_no_copy_on_readv() sheepdog: add reopen support block/nfs: cache allocated filesize for read-only files block/nfs: fix calculation of allocated file size Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 690b286fefa806f130dfc1931b5ba0b4dd2fb415 Merge: cdf9818 ab60b74 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 25 18:03:19 2015 +0100 Merge remote-tracking branch 'remotes/vivier-misc/tags/pull-muldiv64-20150925' into staging Remove muldiv64() by using period instead of frequency # gpg: Signature made Fri 25 Sep 2015 14:54:37 BST using RSA key ID 3F2FBE3C # gpg: Good signature from "Laurent Vivier <lvivier@xxxxxxxxxx>" # gpg: aka "Laurent Vivier <laurent@xxxxxxxxx>" # gpg: aka "Laurent Vivier (Red Hat) <lvivier@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C * remotes/vivier-misc/tags/pull-muldiv64-20150925: net: remove muldiv64() bt: remove muldiv64() hpet: remove muldiv64() arm: clarify the use of muldiv64() openrisc: remove muldiv64() mips: remove muldiv64() pcnet: remove muldiv64() rtl8139: remove muldiv64() i6300esb: remove muldiv64() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cdf98182420e3bec62e2fd957eb8a17761161c0f Merge: 8a47d57 f178bc6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 25 16:40:05 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio,pc features, fixes New features: vhost-user multiqueue support virtio-ccw virtio 1 support Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Fri 25 Sep 2015 07:40:35 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: MAINTAINERS: add more devices to the PCI section MAINTAINERS: add more devices to the PC section vhost-user: add a new message to disable/enable a specific virt queue. vhost-user: add multiple queue support vhost: introduce vhost_backend_get_vq_index method vhost-user: add VHOST_USER_GET_QUEUE_NUM message vhost: rename VHOST_RESET_OWNER to VHOST_RESET_DEVICE vhost-user: add protocol feature negotiation vhost-user: use VHOST_USER_XXX macro for switch statement virtio-ccw: enable virtio-1 virtio-ccw: feature bits > 31 handling virtio-ccw: support ring size changes virtio: ring sizes vs. reset pc: Introduce pc-*-2.5 machine classes q35: Move options common to all classes to pc_i440fx_machine_options() q35: Move options common to all classes to pc_q35_machine_options() virtio-net: unbreak self announcement and guest offloads after migration virtio: right size for virtio_queue_get_avail_size Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e6fd57ea297ec3aad32b24090c5d3757a99df3fe Author: Hitoshi Mitake <mitake.hitoshi@xxxxxxxxxxxxx> Date: Tue Sep 1 12:03:10 2015 +0900 sheepdog: refine discard support This patch refines discard support of the sheepdog driver. The existing discard mechanism was implemented on SD_OP_DISCARD_OBJ, which was introduced before fine grained reference counting on newer sheepdog. It doesn't care about relations of snapshots and clones and discards objects unconditionally. With this patch, the driver just updates an inode object for updating reference. Removing the object is done in sheep process side. Cc: Teruaki Ishizaki <ishizaki.teruaki@xxxxxxxxxxxxx> Cc: Vasiliy Tolstov <v.tolstov@xxxxxxxxx> Cc: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Hitoshi Mitake <mitake.hitoshi@xxxxxxxxxxxxx> Tested-by: Vasiliy Tolstov <v.tolstov@xxxxxxxxx> Message-id: 1441076590-8015-3-git-send-email-mitake.hitoshi@xxxxxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 498f21405a286f718a0767c791b7d2db19f4e5bd Author: Hitoshi Mitake <mitake.hitoshi@xxxxxxxxxxxxx> Date: Tue Sep 1 12:03:09 2015 +0900 sheepdog: use per AIOCB dirty indexes for non overlapping requests In the commit 96b14ff85acf, requests for overlapping areas are serialized. However, it cannot handle a case of non overlapping requests. In such a case, min_dirty_data_idx and max_dirty_data_idx can be overwritten by the requests and invalid inode update can happen e.g. a case like create(1, 2) and create(3, 4) are issued in parallel. This patch lets SheepdogAIOCB have dirty data indexes instead of BDRVSheepdogState for avoiding the above situation. This patch also does trivial renaming for better description: overwrapping -> overlapping Cc: Teruaki Ishizaki <ishizaki.teruaki@xxxxxxxxxxxxx> Cc: Vasiliy Tolstov <v.tolstov@xxxxxxxxx> Cc: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Hitoshi Mitake <mitake.hitoshi@xxxxxxxxxxxxx> Tested-by: Vasiliy Tolstov <v.tolstov@xxxxxxxxx> Message-id: 1441076590-8015-2-git-send-email-mitake.hitoshi@xxxxxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit ab60b7485cece312ad9c21327ee678f0f9898fb5 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Tue Aug 25 17:24:39 2015 +0200 net: remove muldiv64() muldiv64() is used to convert nanoseconds to microseconds. x = muldiv64(qemu_clock_get_ns(..), 1000000, get_ticks_per_sec()); As get_ticks_per_sec() is 10^9, it can be replaced by: x = qemu_clock_get_us(..); Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit fdfea124f9e12232f99d9f235267ca1eeeb23469 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Tue Aug 25 17:19:57 2015 +0200 bt: remove muldiv64() Originally, timers were ticks based, and it made sense to add ticks to current time to know when to trigger an alarm. But since commit: 7447545 change all other clock references to use nanosecond resolution accessors All timers use nanoseconds and we need to convert ticks to nanoseconds. As get_ticks_per_sec() is 10^9, a = muldiv64(b, get_ticks_per_sec(), 100); y = muldiv64(x, get_ticks_per_sec(), 1000000); can be converted to a = b * 10000000; y = x * 1000; Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0a4f9240f5b8b1bfe2d5c5c2748545bc23771bb4 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Tue Aug 25 17:13:01 2015 +0200 hpet: remove muldiv64() hpet defines a clock period in femtoseconds but then converts it to nanoseconds to use the internal timers. We can define the period in nanoseconds and use it directly, this allows to remove muldiv64(). We only need to convert the period to femtoseconds to put it in internal hpet capability register. Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 352c98e502893dee405d0bd8301264fca3b79179 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Tue Aug 25 17:09:36 2015 +0200 arm: clarify the use of muldiv64() muldiv64() is used to convert microseconds into CPU ticks. But it is not clear and not commented. This patch uses macro to clearly identify what is used: time, CPU frequency and ticks. For an elapsed time and a given frequency, we compute how many ticks we have. Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ccaf1749239aa33c5a5b755972232ffe1c0cf946 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Tue Aug 25 17:17:15 2015 +0200 openrisc: remove muldiv64() Originally, timers were ticks based, and it made sense to add ticks to current time to know when to trigger an alarm. But since commit: 7447545 change all other clock references to use nanosecond resolution accessors All timers use nanoseconds and we need to convert ticks to nanoseconds, by doing something like: y = muldiv64(x, get_ticks_per_sec(), TIMER_FREQ) where x is the number of device ticks and y the number of system ticks. y is used as nanoseconds in timer functions, it works because 1 tick is 1 nanosecond. (get_ticks_per_sec() is 10^9) But as openrisc timer frequency is 20 MHz, we can also do: y = x * 50; /* 20 MHz period is 50 ns */ Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> commit 683dca6bd5057a87d9376475b0c7e30d56d8e532 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Tue Aug 25 16:16:21 2015 +0200 mips: remove muldiv64() Originally, timers were ticks based, and it made sense to add ticks to current time to know when to trigger an alarm. But since commit: 7447545 change all other clock references to use nanosecond resolution accessors All timers use nanoseconds and we need to convert ticks to nanoseconds, by doing something like: y = muldiv64(x, get_ticks_per_sec(), TIMER_FREQ) where x is the number of device ticks and y the number of system ticks. y is used as nanoseconds in timer functions, it works because 1 tick is 1 nanosecond. (get_ticks_per_sec() is 10^9) But as MIPS timer frequency is 100 MHz, we can also do: y = x * 10; /* 100 MHz period is 10 ns */ Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit c6acbe861f1ed4203f4864baf756686064ba561f Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Mon Aug 24 19:29:45 2015 +0200 pcnet: remove muldiv64() Originally, timers were ticks based, and it made sense to add ticks to current time to know when to trigger an alarm. But since commit: 7447545 change all other clock references to use nanosecond resolution accessors All timers use nanoseconds and we need to convert ticks to nanoseconds, by doing something like: y = muldiv64(x, get_ticks_per_sec(), PCI_FREQUENCY) where x is the number of device ticks and y the number of system ticks. y is used as nanoseconds in timer functions, it works because 1 tick is 1 nanosecond. (get_ticks_per_sec() is 10^9) But as PCI frequency is 33 MHz, we can also do: y = x * 30; /* 33 MHz PCI period is 30 ns */ Which is much more simple. This implies a 33.333333 MHz PCI frequency, but this is correct. Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 37b9ab92f7f8295c61daa4a8893eb8fb1add63e2 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Mon Aug 24 19:29:45 2015 +0200 rtl8139: remove muldiv64() Originally, timers were ticks based, and it made sense to add ticks to current time to know when to trigger an alarm. But since commit: 7447545 change all other clock references to use nanosecond resolution accessors All timers use nanoseconds and we need to convert ticks to nanoseconds, by doing something like: y = muldiv64(x, get_ticks_per_sec(), PCI_FREQUENCY) where x is the number of device ticks and y the number of system ticks. y is used as nanoseconds in timer functions, it works because 1 tick is 1 nanosecond. (get_ticks_per_sec() is 10^9) But as PCI frequency is 33 MHz, we can also do: y = x * 30; /* 33 MHz PCI period is 30 ns */ Which is much more simple. This implies a 33.333333 MHz PCI frequency, but this is correct. Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 9491e9bc019a365dfa9780f462984a0d052f4c0d Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Mon Aug 24 19:29:45 2015 +0200 i6300esb: remove muldiv64() Originally, timers were ticks based, and it made sense to add ticks to current time to know when to trigger an alarm. But since commit: 7447545 change all other clock references to use nanosecond resolution accessors All timers use nanoseconds and we need to convert ticks to nanoseconds, by doing something like: y = muldiv64(x, get_ticks_per_sec(), PCI_FREQUENCY) where x is the number of device ticks and y the number of system ticks. y is used as nanoseconds in timer functions, it works because 1 tick is 1 nanosecond. (get_ticks_per_sec() is 10^9) But as PCI frequency is 33 MHz, we can also do: y = x * 30; /* 33 MHz PCI period is 30 ns */ Which is much more simple. This implies a 33.333333 MHz PCI frequency, but this is correct. Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> commit 06c3916b35a1cf6db548450a0cfb96983c33c82f Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Tue Sep 8 11:28:33 2015 +0800 Backup: don't do copy-on-read in before_write_notifier We will copy data in before_write_notifier to do backup. It is a nested I/O request, so we cannot do copy-on-read. The steps to reproduce it: 1. -drive copy-on-read=on,... // qemu option 2. drive_backup -f disk0 /path_to_backup.img // monitor command Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Tested-by: Jeff Cody <jcody@xxxxxxxxxx> Message-id: 1441682913-14320-3-git-send-email-wency@xxxxxxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 9568b511c9f91c3d21ea3e83426d4ee7168c98bb Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Tue Sep 8 11:28:32 2015 +0800 block: Introduce a new API bdrv_co_no_copy_on_readv() In some cases, we need to disable copy-on-read, and just read the data. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Message-id: 1441682913-14320-2-git-send-email-wency@xxxxxxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 4da65c80921139f3e0ff63f5ea20c5d9c778364f Author: Liu Yuan <liuyuan@xxxxxxxxxxxxxxxxxxxx> Date: Fri Aug 28 10:53:58 2015 +0800 sheepdog: add reopen support With reopen supported, block-commit (and offline commit) is now supported for image files whose base image uses the Sheepdog protocol driver. Cc: qemu-devel@xxxxxxxxxx Cc: Jeff Cody <jcody@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Liu Yuan <liuyuan@xxxxxxxxxxxxxxxxxxxx> Message-id: 1440730438-24676-1-git-send-email-namei.unix@xxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 18a8056e0bc744e5dd2bb5cb998423b607d99f19 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Aug 27 12:30:41 2015 +0200 block/nfs: cache allocated filesize for read-only files If the file is readonly its not expected to grow so save the blocking call to nfs_fstat_async and use the value saved at connection time. Also important the monitor (and thus the main loop) will not hang if block device info is queried and the NFS share is unresponsive. Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: 1440671441-7978-1-git-send-email-pl@xxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 055c6f912c8d3cd9a901972ae432c47e5872f71a Author: Peter Lieven <pl@xxxxxxx> Date: Thu Aug 20 12:46:47 2015 +0200 block/nfs: fix calculation of allocated file size st.st_blocks is always counted in 512 byte units. Do not use st.st_blksize as multiplicator which may be larger. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Message-id: 1440067607-14547-1-git-send-email-pl@xxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 8e9620a683925daf9900c2ac5f2dfa14b6439932 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Fri Sep 25 11:38:36 2015 +0200 doc: Refresh URLs in the qemu-tech documentation The TwoOStwo and Willows page seem to have disappeared completely, and also some of the other links were not pointing to the right locations anymore. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Message-Id: <1443173916-8895-1-git-send-email-thuth@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 717171bd2025f732d7fcf43efc08f1551953a0e3 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Thu Sep 24 14:41:38 2015 +0100 docs: describe the QEMU build system structure / design Developers who are new to QEMU, or have a background familiarity with GNU autotools, can have trouble getting their head around the home-grown QEMU build system. This document attempts to explain the structure / design of the configure script and the various Makefile pieces that live across the source tree. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1443102098-13642-1-git-send-email-berrange@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ae1e93801d9a60642b349c571122909f0019d59e Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:25:01 2015 +0300 typedef: add typedef for QemuOpts This patch moves typedefs for QemuOpts and related types to qemu/typedefs.h file. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162501.8676.85435.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit a4fc321219cc1c6bd5ca1262cdbbb2e8cee8d56e Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:24:11 2015 +0300 i386: interrupt poll processing This patch updates x86_cpu_exec_interrupt function. It can process two interrupt request at a time (poll and another one). This makes its execution non-deterministic. Determinism is requred for recorded icount execution. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162410.8676.13042.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6220e900bcdc524a175b2d2e725ebb9bb11a0008 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Thu Sep 17 19:23:31 2015 +0300 i386: partial revert of interrupt poll fix Processing CPU_INTERRUPT_POLL requests in cpu_has_work functions break the determinism of cpu_exec. This patch is required to make interrupts processing deterministic. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150917162331.8676.15286.stgit@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 4ecd4d16a0af714ff7d9a1ad2559c621bf27649f Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 ppc: Rename ELF_MACHINE to be PPC specific Rename ELF_MACHINE to be PPC specific. This is used as-is by the various PPC bootloaders and is locally defined to ELF_MACHINE in linux user in PPC specific ifdeffery. This removes another architecture specific definition from the global namespace (as desired by multi-arch). Cc: Alexander Graf <agraf@xxxxxxx> Cc: qemu-ppc@xxxxxxxxxx Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit a5e8788f89312f19f54dba0454ee5bf7209b4cd7 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 i386: Rename ELF_MACHINE to be x86 specific Rename ELF_MACHINE to be I386 specific. This is used as-is by the multiboot loader. Linux-user previously used this definition but will not anymore, falling back to the default bahaviour of using ELF_ARCH as ELF_MACHINE. This removes another architecture specific definition from the global namespace. Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Acked-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit a0036becd80f8eae260df68d7f2fd2d8d7d90f35 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 alpha: Remove ELF_MACHINE from cpu.h ELF_MACHINE is unused by target alpha. Cc: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 04ce380e9e3fad1dbf4e86ebdf9315573a06b30e Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 mips: Remove ELF_MACHINE from cpu.h The only generic code relying on this is linux-user, but linux users' default behaviour of defaulting ELF_MACHINE to ELF_ARCH will handle this. The bootloaders can just pass EM_MIPS directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 77452383e0c45704e2339b58eac29a3730bc18b1 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 sparc: Remove ELF_MACHINE from cpu.h The bootloaders can just pass EM_SPARC or EM_SPARCV9 directly, as they are architecture specific code (to one or the other). This removes another architecture specific definition from the global namespace. Cc: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 99a4434ed7355ba9b282b872ba2c2eb294f5dbec Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 s390: Remove ELF_MACHINE from cpu.h The bootloader can just pass EM_S390 directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bf337d4eae5ccf4d7f5d91b8d4471e7523f051de Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 sh4: Remove ELF_MACHINE from cpu.h The only generic code relying on this is linux-user, but linux users' default behaviour of defaulting ELF_MACHINE to ELF_ARCH will handle this. This removes another architecture specific definition from the global namespace. Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Acked-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 943cd387223df9398279a473ef20605c315ed2df Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 xtensa: Remove ELF_MACHINE from cpu.h The bootloaders can just pass EM_XTENSA directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Max Filippov <jcmvbkbc@xxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7183128bc9f335d66ed84316431c14e733e01a03 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 tricore: Remove ELF_MACHINE from cpu.h The bootloader can just pass EM_TRICORE directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Acked-By: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ed03ecf8f07a0c59a2fb422f91e80a6edd068d06 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 or32: Remove ELF_MACHINE from cpu.h The only generic code relying on this is linux-user, but linux users' default behaviour of defaulting ELF_MACHINE to ELF_ARCH will handle this. The bootloader can just pass EM_OPENRISC directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Jia Liu <proljc@xxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 22d2fb4c594e8ac540f5b3132ce0d7a635112b1a Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 lm32: Remove ELF_MACHINE from cpu.h The bootloaders can just pass EM_LATTICEMICO32 directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Michael Walle <michael@xxxxxxxx> Acked-By: Michael Walle <michael@xxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 663c40a50d06c8c299cc7449bf2c7b8f3261c8a9 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 unicore: Remove ELF_MACHINE from cpu.h The only generic code relying on this is linux-user, but linux users' default behaviour of defaulting ELF_MACHINE to ELF_ARCH will handle this. This removes another architecture specific definition from the global namespace. Cc: Guan Xuetao <gxt@xxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b744d332f3ef17adc1219be7098b0a4cc30b2dbe Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 moxie: Remove ELF_MACHINE from cpu.h The bootloader can just pass EM_MOXIE directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Anthony Green <green@xxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7233df4949df2b6c2b417beaf336a180b3c66e25 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 cris: Remove ELF_MACHINE from cpu.h The only generic code relying on this is linux-user, but linux users' default behaviour of defaulting ELF_MACHINE to ELF_ARCH will handle this. The bootloader can just pass EM_CRIS directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 45e6b8b61a7bbb71d1fa6c4193b47ba3a1f9f033 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 m68k: Remove ELF_MACHINE from cpu.h The only generic code relying on this is linux-user, but linux users' default behaviour of defaulting ELF_MACHINE to ELF_ARCH will handle this. The machine model bootloaders can just pass EM_68K directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Laurent Vivier <laurent@xxxxxxxxx> Cc: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Reviewed-by: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Laurent Vivier <laurent@xxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f4fc2bbfa2abd655ddcc622a8ae18c368bbce992 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:10 2015 -0700 mb: Remove ELF_MACHINE from cpu.h The only generic code relying on this is linux-user, but linux-users' default behaviour or setting ELF_MACHINE to ELF_ARCH will handle this. The microblaze bootloader can just pass EM_MICROBLAZE directly, as that is architecture specific code. This removes another architecture specific definition from the global namespace. Cc: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b597c3f7da17fcb37d394a16a6c0ef0a02846177 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 10 23:29:25 2015 -0700 arm: Remove ELF_MACHINE from cpu.h The only generic code relying on this is linux-user. Linux user already has a lot of #ifdef TARGET_ customisation so instead, define ELF_ARCH as either EM_ARM or EM_AARCH64 appropriately. The armv7m bootloader can just pass EM_ARM directly, as that is architecture specific code. Note that arm_boot already has its own logic selecting an arm specific elf machine so this makes V7M more consistent with arm_boot. This removes another architecture specific definition from the global namespace. Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 98dbe5aca8c328b40a0598d6ab478d9b869d1b5c Author: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Date: Sat Aug 29 12:07:50 2015 -0700 elf: Update EM_MOXIE definition EM_MOXIE now has a proper assigned elf code. Use it. Register the old interim value as EM_MOXIE_OLD and accept either in elf loading. Cc: Anthony Green <green@xxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7cc472218c807ef85714ec71b161c39ee29d634e Author: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Date: Mon Aug 17 21:53:16 2015 -0700 elf_ops: Fix coding style for EM alias case statement Fix the coding style for these cases as per CODING_STYLE. Reverse the Yoda conditions and add missing if braces. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d276a604bfba002aafc3af2a906b7412907ea598 Author: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Date: Sun Jul 19 11:29:32 2015 -0700 linux-user: elfload: Provide default for elf_check_arch For many arch's this macro is defined as the predicatable behaviour of checking the argument for eqaulity against ELF_ARCH. Provide a default define as such, so only archs with special handling (usually allowing multiple EM values) need to provide a def. Arches that do any of: 1: provide this def exactly the same way as the new default (alpha, x86_64) 2: check against ELF_MACHINE while defining ELF_ARCH == ELF_MACHINE (arm, aarch64) 3: check against EM_FOO directly while defining ELF_ARCH == EM_FOO (unicore32, sparc32, ppc32, mips, openrisc, sh4, cris, m86k) have their elf_check_arch removed as the default will provide the correct behaviour. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 75be901cdcd20acc724534e2dff58bc7b539292f Author: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Date: Sun Jul 19 05:02:37 2015 -0700 linux_user: elfload: Default ELF_MACHINE to ELF_ARCH In most (but not all) cases, ELF_MACHINE and ELF_ARCH are safely the same. Default ELF_MACHINE to ELF_ARCH. This makes defining ELF_MACHINE optional for target-*/cpu.h when they are known to match. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Acked-By: Riku Voipio <riku.voipio@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6bde8fd69f874a107f04cea2695ebece849213c5 Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:21 2015 +0300 hmp: implemented io apic dump state for TCG Added support emulator for the hmp command "info ioapic" Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-10-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d665d696c53f776ec2cb91505658969b9eb9906b Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:20 2015 +0300 hmp: added io apic dump state Added the hmp command to query io apic state, may be usefull after guest crashes to understand IRQ routing in guest. Implementation is only for kvm here. The dump will look like (qemu) info ioapic ioapic id=0x00 sel=0x26 (redir[11]) pin 0 0x0000000000010000 dest=0 vec=0 active-hi edge masked fixed physical pin 1 0x0000000000000031 dest=0 vec=49 active-hi edge fixed physical ... pin 23 0x0000000000010000 dest=0 vec=0 active-hi edge masked fixed physical IRR (none) Remote IRR (none) Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-9-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit af599407352a2e05235d96196e8841ad1b39dd0f Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:19 2015 +0300 ioapic_internal.h: added more constants Added the masks for easy access to fields of the redirection table entry Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-8-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 1f871d49e3446f34a434860ce403c43eaad820a1 Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:18 2015 +0300 hmp: added local apic dump state Added the hmp command to query local apic registers state, may be usefull after guest crashes to understand IRQ routing in guest. (qemu) info lapic dumping local APIC state for CPU 0 LVT0 0x00010700 active-hi edge masked ExtINT (vec 0) LVT1 0x00000400 active-hi edge NMI LVTPC 0x00010000 active-hi edge masked Fixed (vec 0) LVTERR 0x000000fe active-hi edge Fixed (vec 254) LVTTHMR 0x00010000 active-hi edge masked Fixed (vec 0) LVTT 0x000000ef active-hi edge one-shot Fixed (vec 239) Timer DCR=0x3 (divide by 16) initial_count = 61360 SPIV 0x000001ff APIC enabled, focus=off, spurious vec 255 ICR 0x000000fd physical edge de-assert no-shorthand ICR2 0x00000001 cpu 1 (X2APIC ID) ESR 0x00000000 ISR (none) IRR 239 APR 0x00 TPR 0x00 DFR 0x0f LDR 0x00 PPR 0x00 Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-7-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit caf15319e8b636a2606e232a95c1623857db8152 Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:17 2015 +0300 monitor: make monitor_fprintf and mon_get_cpu externally visible monitor_fprintf and mon_get_cpu will be used in the target-specific monitor, so it is advisable to make it external. Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-6-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b6cfc3c2ac5a1025d8fe7d74421a73ec495408f9 Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:16 2015 +0300 apic_internal.h: fix formatting and drop unused consts Fix formatting of local apic definitions and drop unused constant APIC_INPUT_POLARITY, APIC_SEND_PENDING. Magic numbers in shifts are replaced with constants defined just above. Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-5-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6519d187e301c5a14a8c9b32fb93027b04a4336d Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:15 2015 +0300 apic_internal.h: added more constants These constants are needed for optimal access to bit fields local apic registers without magic numbers. Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-4-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit a22bf99c5852f369dc620be2c3c93535a5b69a58 Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:14 2015 +0300 apic_internal.h: rename ESR_ILLEGAL_ADDRESS to APIC_ESR_ILLEGAL_ADDRESS Added prefix APIC_ for determining the constant of a particular subsystem, improve the overall readability and match other constant names. Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-3-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 82a5e042fafe3def60380c847fa194220069f888 Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Tue Sep 22 16:18:13 2015 +0300 apic_internal.h: make some apic_get_* functions externally visible Move apic_get_bit(), apic_set_bit() to apic_internal.h, make the apic_get_ppr symbol external. It's necessary to work with isr, tmr, irr and ppr outside hw/intc/apic.c Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1442927901-1084-2-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2f5a3b1252ac238590cba83a38494e1103c32e4e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jul 30 10:21:00 2015 +0200 ioapic: fix contents of arbitration register The arbitration register should read to the same value as the IOAPIC id register. Fixes kvm-unit-tests ioapic.flat. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c5955a561ccdb95ede14e83de0ee8eec00868bd3 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jul 30 10:19:24 2015 +0200 ioapic: coalesce level interrupts If a level-triggered interrupt goes down and back up before the corresponding EOI, it should be coalesced. This fixes one testcase in kvm-unit-tests' ioapic.flat. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f536f1124265026a0ab597773bd9df396fb59565 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:40:00 2015 +0200 MAINTAINERS: add maintainer for network device front-ends Only "Odd Fixes" status, but let's add a point of contact. Cc: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 61af0ee61b551b64f9a59b7e08133e357cae4b64 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:40:00 2015 +0200 MAINTAINERS: add maintainer for character device front-ends Only "Odd Fixes" status, but let's add a point of contact. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 28d54e58fd21e3176a2825c824a5921215835a3c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:37:27 2015 +0200 MAINTAINERS: add IPack section Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0c6aa7ee4026105a43bc36b93279ecb8e55cd843 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:37:07 2015 +0200 MAINTAINERS: Add more s390 files Cc: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c17652ee4094ce4feb1daf2f064c45db0e58ed02 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:36:16 2015 +0200 MAINTAINERS: Add disassemblers to the various backends Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit dcc1a2fd95d9e3e786fd5c7c61466c2fccef1e31 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:35:49 2015 +0200 MAINTAINERS: there is no PPC64 TCG backend anymore PPC32 and PPC64 were unified. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ba10f729f1f158333fcffe00f8656365a74cc662 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:54:32 2015 +0200 get_maintainer.pl: \C is deprecated "Match a single C-language char (octet) even if that is part of a larger UTF-8 character. Thus it breaks up characters into their UTF-8 bytes, so you may end up with malformed pieces of UTF-8." Just use a period instead. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 500887768a2428e480d13f6f0978f85d349bc312 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Sep 18 16:18:40 2015 +0200 vhost-scsi: include linux/vhost.h Replace ad-hoc declarations with the linux header. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Message-Id: <1442585920-28373-1-git-send-email-marcandre.lureau@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 57f54629299de6ad2981a275049ace2c3c165173 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Sep 18 11:01:35 2015 +0100 Makefile: fix build when VPATH is outside GIT tree Steve Ellcey / Leon Alrae reported that QEMU fails to build when the VPATH directory is outside of the GIT tree, and the system emulators & tools build is disabled. eg cd .. mkdir build cd build ../qemu/configure --disable-system --disable-tools make (...) make[1]: *** No rule to make target `../qom/object.o', needed by `qemu-aarch64'. Stop. make: *** [subdir-aarch64-linux-user] Error 2 The problem is due to the fact that some sub directory deps were listed against SOFTMMU_SUBDIR_RULES instead of SUBDIR_RULES, so were only processed for system emulators, not user emalutors. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442570495-22029-1-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0eb2baeb449d27d6e6208a257dba6be1aad4d476 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Sep 16 17:26:16 2015 +0200 scsi-generic: let guests recognize readonly=on on passthrough devices Passed-through SCSI devices can be opened with the readonly=on option. When this happens, Linux filters away write commands so that the guest cannot overwrite the contents of the device. However, the guest does not know that the device is read-only, and accepts writes. The writes only fail later when the page cache is flushed. This patch modifies scsi-generic to modify the MODE SENSE data and set the read-only bit in the device-specific parameters, so that the guest OS treats the disk as write protected. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5e43efb29ae877da131e6c1a4761cd7f4eec5a16 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Sep 16 18:35:09 2015 +0200 checkpatch: do not recommend qemu_strtok over strtok If anything it should recommend strtok_r! Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fe8545386726a2b1f8af409bcd5ea3d33218af54 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Wed Sep 16 18:02:57 2015 +0200 tests: add some qemu_strtosz() tests While reading the function I decided to write some tests. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Message-Id: <1442419377-9309-2-git-send-email-marcandre.lureau@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 4677bb40f809394bef5fa07329dea855c0371697 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Wed Sep 16 18:02:56 2015 +0200 utils: rename strtosz to use qemu prefix Not only it makes sense, but it gets rid of checkpatch warning: WARNING: consider using qemu_strtosz in preference to strtosz Also remove get rid of tabs to please checkpatch. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Message-Id: <1442419377-9309-1-git-send-email-marcandre.lureau@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 48bec07e8de2782fea2ea293998044bef2ab676d Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Sep 16 14:52:23 2015 +0100 qemu-nbd: convert to use the QAPI SocketAddress object The qemu-nbd program currently uses a QemuOpts objects when setting up sockets. Switch it over to use the QAPI SocketAddress objects instead. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442411543-28513-3-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7a5ed43764c04866b7642c7b6afcfb67bd2d424f Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Sep 16 14:52:22 2015 +0100 nbd: convert to use the QAPI SocketAddress object The nbd block driver currently uses a QemuOpts object when setting up sockets. Switch it over to use the QAPI SocketAddress object instead. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442411543-28513-2-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f178bc6b68e6c65cda7354ec4a671860b3123f7a Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:56:48 2015 +0200 MAINTAINERS: add more devices to the PCI section Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 9cc3b73cd8a88e16756f5d14fa87e156a4ce1e8d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Sep 22 11:56:47 2015 +0200 MAINTAINERS: add more devices to the PC section For chipset devices, I can co-maintain it with Michael. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8a47d575dfac0f6675e2ac56c5921cc520d021a6 Merge: 9438fe9 4d9310f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 24 22:09:41 2015 +0100 Merge remote-tracking branch 'remotes/weil/tags/pull-wxx-20150924' into staging wxx patch queue # gpg: Signature made Thu 24 Sep 2015 20:24:50 BST using RSA key ID 677450AD # gpg: Good signature from "Stefan Weil <sw@xxxxxxxxxxx>" # gpg: aka "Stefan Weil <stefan.weil@xxxxxxxxxxx>" # gpg: aka "Stefan Weil <stefan.weil@xxxxxxxxxxxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 4923 6FEA 75C9 5D69 8EC2 B78A E08C 21D5 6774 50AD * remotes/weil/tags/pull-wxx-20150924: oslib-win32: only provide localtime_r/gmtime_r if missing gtk: avoid redefining _WIN32_WINNT macro qemu-thread: add a fast path to the Win32 QemuEvent slirp: Fix non blocking connect for w32 nsis: Add QEMU version information to Windows registry Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4d9310f427b477a126f6f2006c3a73b9764948b6 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Sep 22 15:13:26 2015 +0100 oslib-win32: only provide localtime_r/gmtime_r if missing The oslib-win32 file currently provides a localtime_r and gmtime_r replacement unconditionally. Some versions of Mingw-w64 would provide crude macros for localtime_r/gmtime_r which QEMU takes care to disable. Latest versions of Mingw-w64 now provide actual functions for localtime_r/gmtime_r, but with a twist that you have to include unistd.h or pthread.h before including time.h. By luck some files in QEMU have such an include order, resulting in compile errors: CC util/osdep.o In file included from include/qemu-common.h:48:0, from util/osdep.c:48: include/sysemu/os-win32.h:77:12: error: redundant redeclaration of 'gmtime_r' [-Werror=redundant-decls] struct tm *gmtime_r(const time_t *timep, struct tm *result); ^ In file included from include/qemu-common.h:35:0, from util/osdep.c:48: /usr/i686-w64-mingw32/sys-root/mingw/include/time.h:272:107: note: previous definition of 'gmtime_r' was here In file included from include/qemu-common.h:48:0, from util/osdep.c:48: include/sysemu/os-win32.h:79:12: error: redundant redeclaration of 'localtime_r' [-Werror=redundant-decls] struct tm *localtime_r(const time_t *timep, struct tm *result); ^ In file included from include/qemu-common.h:35:0, from util/osdep.c:48: /usr/i686-w64-mingw32/sys-root/mingw/include/time.h:269:107: note: previous definition of 'localtime_r' was here This change adds a configure test to see if localtime_r exits, and only enables the QEMU impl if missing. We also re-arrange qemu-common.h try attempt to guarantee that all source files get unistd.h before time.h and thus see the localtime_r/gmtime_r defs. [sw: Use "official" spellings for Mingw-w64, MinGW in comments.] [sw: Terminate sentences with a dot in comments.] Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> commit c8f3f17cf1015d6621f79aa6a88280539621a108 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Sep 8 11:34:35 2015 +0100 gtk: avoid redefining _WIN32_WINNT macro When building for Mingw64 target on Fedora 22 a warning is issued about _WIN32_WINNT being redefined. In file included from ui/gtk.c:40:0: include/ui/gtk.h:5:0: warning: "_WIN32_WINNT" redefined # define _WIN32_WINNT 0x0601 /* needed to get definition of MAPVK_VK_TO_VSC */ ^ In file included from /usr/i686-w64-mingw32/sys-root/mingw/include/crtdefs.h:10:0, from /usr/i686-w64-mingw32/sys-root/mingw/include/stdio.h:9, from /home/berrange/src/virt/qemu/include/qemu/fprintf-fn.h:12, from /home/berrange/src/virt/qemu/include/qemu-common.h:18, from ui/gtk.c:37: /usr/i686-w64-mingw32/sys-root/mingw/include/_mingw.h:225:0: note: this is the location of the previous definition #define _WIN32_WINNT 0x502 ^ Rather than try to get MAPVK_VK_TO_VSC defined indirectly by defining _WIN32_WINNT, instead just define it explicitly if missing. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7c9b2bf67775ecc1359ce973580807d173e7f710 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Aug 12 15:38:18 2015 +0200 qemu-thread: add a fast path to the Win32 QemuEvent QemuEvents are used heavily by call_rcu. We do not want them to be slow, but the current implementation does a kernel call on every invocation of qemu_event_* and won't cut it. So, wrap a Win32 manual-reset event with a fast userspace path. The states and transitions are the same as for the futex and mutex/condvar implementations, but the slow path is different of course. The idea is to reset the Win32 event lazily, as part of a test-reset-test-wait sequence. Such a sequence is, indeed, how QemuEvents are used by RCU and other subsystems! The patch includes a formal model of the algorithm. Tested-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> commit a246a01631f90230374c2b8ffce608232e2aa654 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Thu Jul 30 23:08:12 2015 +0200 slirp: Fix non blocking connect for w32 Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> commit 805d8a67647768173c27761cd86e6f99a9d3b7cd Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Sun May 3 19:57:09 2015 +0200 nsis: Add QEMU version information to Windows registry The uninstall keys include an option key "DisplayVersion" which we set now. By default the version value is read from file VERSION, but it is also possible to pass VERSION=#.#.# to make. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> commit 9438fe9e56760e5e5e11d6c7d12ed9c64a0c8446 Merge: eb9d0ea 7b02f54 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 24 17:04:31 2015 +0100 Merge remote-tracking branch 'remotes/elmarco/tags/rm-libcacard' into staging Remove libcacard # gpg: Signature made Wed 23 Sep 2015 22:37:11 BST using RSA key ID 75969CE5 # gpg: Good signature from "Marc-André Lureau <marcandre.lureau@xxxxxxxxxx>" # gpg: aka "Marc-André Lureau <marcandre.lureau@xxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 87A9 BD93 3F87 C606 D276 F62D DAE8 E109 7596 9CE5 * remotes/elmarco/tags/rm-libcacard: libcacard: use the standalone project Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7263a0ad7899994b719ebed736a1119cc2e08110 Author: Changchun Ouyang <changchun.ouyang@xxxxxxxxx> Date: Wed Sep 23 12:20:01 2015 +0800 vhost-user: add a new message to disable/enable a specific virt queue. Add a new message, VHOST_USER_SET_VRING_ENABLE, to enable or disable a specific virt queue, which is similar to attach/detach queue for tap device. virtio driver on guest doesn't have to use max virt queue pair, it could enable any number of virt queue ranging from 1 to max virt queue pair. Signed-off-by: Changchun Ouyang <changchun.ouyang@xxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> commit b931bfbf042983f311b3b09894d8030b2755a638 Author: Changchun Ouyang <changchun.ouyang@xxxxxxxxx> Date: Wed Sep 23 12:20:00 2015 +0800 vhost-user: add multiple queue support This patch is initially based a patch from Nikolay Nikolaev. This patch adds vhost-user multiple queue support, by creating a nc and vhost_net pair for each queue. Qemu exits if find that the backend can't support the number of requested queues (by providing queues=# option). The max number is queried by a new message, VHOST_USER_GET_QUEUE_NUM, and is sent only when protocol feature VHOST_USER_PROTOCOL_F_MQ is present first. The max queue check is done at vhost-user initiation stage. We initiate one queue first, which, in the meantime, also gets the max_queues the backend supports. In older version, it was reported that some messages are sent more times than necessary. Here we came an agreement with Michael that we could categorize vhost user messages to 2 types: non-vring specific messages, which should be sent only once, and vring specific messages, which should be sent per queue. Here I introduced a helper function vhost_user_one_time_request(), which lists following messages as non-vring specific messages: VHOST_USER_SET_OWNER VHOST_USER_RESET_DEVICE VHOST_USER_SET_MEM_TABLE VHOST_USER_GET_QUEUE_NUM For above messages, we simply ignore them when they are not sent the first time. Signed-off-by: Nikolay Nikolaev <n.nikolaev@xxxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Changchun Ouyang <changchun.ouyang@xxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> commit fc57fd9900dc6344b8833e7641f63cddc6840301 Author: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Date: Wed Sep 23 12:19:59 2015 +0800 vhost: introduce vhost_backend_get_vq_index method Minusing the idx with the base(dev->vq_index) for vhost-kernel, and then adding it back for vhost-user doesn't seem right. Here introduces a new method vhost_backend_get_vq_index() for getting the right vq index for following vhost messages calls. Suggested-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> commit e2051e9e004649b53af4db34f78c689fb44e075b Author: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Date: Wed Sep 23 12:19:58 2015 +0800 vhost-user: add VHOST_USER_GET_QUEUE_NUM message This is for querying how many queues the backend supports if it has mq support(when VHOST_USER_PROTOCOL_F_MQ flag is set from the quried protocol features). vhost_net_get_max_queues() is the interface to export that value, and to tell if the backend supports # of queues user requested, which is done in the following patch. Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> commit d1f8b30ec8dde0318fd1b98d24a64926feae9625 Author: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Date: Wed Sep 23 12:19:57 2015 +0800 vhost: rename VHOST_RESET_OWNER to VHOST_RESET_DEVICE Quote from Michael: We really should rename VHOST_RESET_OWNER to VHOST_RESET_DEVICE. Suggested-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> commit dcb10c000cdd4d14f5ac4f07b04fb666494ef4a8 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Sep 23 12:19:56 2015 +0800 vhost-user: add protocol feature negotiation Support a separate bitmask for vhost-user protocol features, and messages to get/set protocol features. Invoke them at init. No features are defined yet. [ leverage vhost_user_call for request handling -- Yuanhan Liu ] Signed-off-by: Michael S. Tsirkin <address@hidden> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> commit 7305483a3d113456681ba6c6e8dd41513decd5f6 Author: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Date: Wed Sep 23 12:19:55 2015 +0800 vhost-user: use VHOST_USER_XXX macro for switch statement So that we could let vhost_user_call to handle extented requests, such as VHOST_USER_GET/SET_PROTOCOL_FEATURES, instead of invoking vhost_user_read/write and constructing the msg again by ourself. Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Yuanhan Liu <yuanhan.liu@xxxxxxxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> commit 542571d523268357fd8f5b1a523ba2a6191c4c18 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Sep 11 15:16:44 2015 +0200 virtio-ccw: enable virtio-1 Let's enable revision 1 for virtio-ccw devices. We can always offer VERSION_1 as drivers in legacy mode won't be able to see it anyway. We have to introduce a way to set a lower maximum revision for a device to accommodate the following cases: - compat machines (to enforce legacy only) - virtio-blk with scsi support (version 1 + scsi is fenced by common code, with a user-configured max revision of 0 we can allow scsi via not offering VERSION_1) Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b4f8f9df152fca0e79b7a3ca40a3eea700a40855 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Sep 11 15:16:43 2015 +0200 virtio-ccw: feature bits > 31 handling We currently switch off the VERSION_1 feature bit if the guest has not negotiated at least revision 1. As no feature bits beyond 31 are valid however unless VERSION_1 has been negotiated, make sure that legacy guests never see a feature bit beyond 31. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 79cd0c80f82215a32890e3d30ff621b32ece5156 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Sep 11 15:16:42 2015 +0200 virtio-ccw: support ring size changes Wire up changing the ring size for virtio-1 devices. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 46c5d0823d0186daf4064065bf739858dadfcf8c Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Sep 11 15:16:41 2015 +0200 virtio: ring sizes vs. reset We allow guests to change the size of the virtqueue rings by supplying a number of buffers that is different from the number of buffers the device was initialized with. Current code has some problems, however, since reset does not reset the ringsizes to the default values (as this is not saved anywhere). Let's extend the core code to keep track of the default ringsizes and migrate them once the guest changed them for any of the virtqueues for a device. Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 87e896abe6d926caba19a9b8a83936fca2137f05 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 11 17:14:25 2015 -0300 pc: Introduce pc-*-2.5 machine classes Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 254bdb1cbfd467ff9897c75a28a472e4381ce4cf Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 11 17:14:24 2015 -0300 q35: Move options common to all classes to pc_i440fx_machine_options() The existing default_machine_opts and default_display settings will still apply to future machine classes. So it makes sense to move them to pc_i440fx_machine_options() instead of keeping them in a version-specific machine_options function. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 0b7783a79ef73a06f3a67b68e72d109afe975b77 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 11 17:14:23 2015 -0300 q35: Move options common to all classes to pc_q35_machine_options() The existing default_machine_opts, default_display, no_floppy, and no_tco settings will still apply to future machine classes. So it makes sense to move them to pc_q35_machine_options() instead of keeping them in a version-specific machine_options function. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1f8828ef573c83365b4a87a776daf8bcef1caa21 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Sep 11 16:01:56 2015 +0800 virtio-net: unbreak self announcement and guest offloads after migration After commit 019a3edbb25f1571e876f8af1ce4c55412939e5d ("virtio: make features 64bit wide"). Device's guest_features was actually set after vdc->load(). This breaks the assumption that device specific load() function can check guest_features. For virtio-net, self announcement and guest offloads won't work after migration. Fixing this by defer them to virtio_net_load() where guest_features were guaranteed to be set. Other virtio devices looks fine. Fixes: 019a3edbb25f1571e876f8af1ce4c55412939e5d ("virtio: make features 64bit wide") Cc: qemu-stable@xxxxxxxxxx Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 50764fc8a382dc17ccc06c0ba29184d0fd73016e Author: Pierre Morel <pmorel@xxxxxxxxxxxxxxxxxx> Date: Thu Sep 10 13:37:10 2015 +0200 virtio: right size for virtio_queue_get_avail_size Being working on dataplane I notice something strange: virtio_queue_get_avail_size() used a 64bit size index for the calculation of the available ring size. It is quite strange but it did work with the old calculation of the avail ring, at most with performance penalty, and I wonder where I missed something. This patch let use a 16bit size as defined in virtio_ring.h Signed-off-by: Pierre Morel <pmorel@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 9d146b2e2fbc1c2e42be1e3ee6c0d507ea79f0f9 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 21:27:17 2015 -0600 vfio/pci: Remove use of g_malloc0_n() from quirks For compatibility with glib 2.22. Reported-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit eb9d0ea063fc7bdfab76b84085602a9e48d13ec7 Merge: fefa4b1 85b4d5d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 24 01:32:11 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150924' into staging target-arm queue: * support VGICv3 in KVM * fix bug in ACPI table entries for flash devices in virt board * update Allwinner entry in MAINTAINERS # gpg: Signature made Thu 24 Sep 2015 01:29:55 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150924: MAINTAINERS: update Allwinner A10 maintainer hw/arm/virt-acpi-build: Fix wrong size of flash in ACPI table hw/arm/virt: Add gic-version option to virt machine hw/intc: Initial implementation of vGICv3 arm_kvm: Do not assume particular GIC type in kvm_arch_irqchip_create() intc/gic: Extract some reusable vGIC code hw/intc: Implement GIC-500 base class Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 85b4d5dae12580ecdd446c0f71afa04a95641c91 Author: Beniamino Galvani <b.galvani@xxxxxxxxx> Date: Thu Sep 24 01:29:37 2015 +0100 MAINTAINERS: update Allwinner A10 maintainer Change the maintainer for Allwinner A10 to myself as Li Guang's mail address bounces. While at it, extend the file pattern for the entry to include allwinner_emac.[ch]. Signed-off-by: Beniamino Galvani <b.galvani@xxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 1442865156-5598-1-git-send-email-b.galvani@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cd37aaf876717a75d7af3a7465e8706cc4e13661 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Thu Sep 24 01:29:37 2015 +0100 hw/arm/virt-acpi-build: Fix wrong size of flash in ACPI table While virt machine creates two flash devices with total size 0x08000000, the ACPI table generation code was wrongly using this total size as the size of each flash device, so it would overlap other MMIO spaces. Make each device entry in the table half the total; this brings the ACPI table into line with the code which generates the device tree and which creates the flash devices themselves. Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Andrew Jones <drjones@xxxxxxxxxx> Reviewed-by: Wei Huang <wei@xxxxxxxxxx> Tested-by: Graeme Gregory <graeme.gregory@xxxxxxxxxx> Message-id: 1442455041-6596-1-git-send-email-shannon.zhao@xxxxxxxxxx [PMM: edited commit message] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b92ad3949bc9cacd1652b4e07e7f6003b9e512af Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Sep 24 01:29:37 2015 +0100 hw/arm/virt: Add gic-version option to virt machine Add gic_version to VirtMachineState, set it to value of the option and pass it around where necessary. Instantiate devices and fdt nodes according to the choice. max_cpus for virt machine increased to 123 (calculated from redistributor space available in the memory map). GICv2 compatibility check happens inside arm_gic_common_realize(). ITS region is added to the memory map too, however currently it not used, just reserved. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Tested-by: Ashok kumar <ashoks@xxxxxxxxxxxx> [PMM: Added missing cpu_to_le* calls, thanks to Shannon Zhao] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a7bf30342e6a7924132a5c70047928261d3c7e42 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Sep 24 01:29:37 2015 +0100 hw/intc: Initial implementation of vGICv3 This is the initial version of KVM-accelerated GICv3 support. State load and save are not yet supported, live migration is not possible. In order to get correct class name in a simpler way, gicv3_class_name() function is implemented, similar to gic_class_name(). Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Ashok kumar <ashoks@xxxxxxxxxxxx> Message-id: 69d8f01d14994d7a1a140e96aef59fd332d02293.1441784344.git.p.fedin@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 34e85cd9173816cd48f5578c7838c26afbe592c4 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Sep 24 01:29:37 2015 +0100 arm_kvm: Do not assume particular GIC type in kvm_arch_irqchip_create() This allows us to use different GIC types from v2. There are no kernels which could advertise KVM_CAP_DEVICE_CTRL without the actual ability to create GIC with it. GIC version probe code moved to kvm_arm_vgic_probe() which will be used later. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Eric Auger <eric.auger@xxxxxxxxxx> Tested-by: Ashok kumar <ashoks@xxxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 015f4d9e4a8a50dfbdd734c4730558e24a69c6dc.1441784344.git.p.fedin@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4b3cfe72d9b9c53be31a88e7eebdda14f1757d3e Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Sep 24 01:29:36 2015 +0100 intc/gic: Extract some reusable vGIC code Some functions previously used only by vGICv2 are useful also for vGICv3 implementation. Untie them from GICState and make accessible from within other modules: - kvm_arm_gic_set_irq() - kvm_gic_supports_attr() - moved to common code and renamed to kvm_device_check_attr() - kvm_gic_access() - turned into GIC-independent kvm_device_access(). Data pointer changed to void * because some GICv3 registers are 64-bit wide Some of these changes are not used right now, but they will be helpful for implementing live migration. Actually kvm_dist_get() and kvm_dist_put() could also be made reusable, but they would require two extra parameters (s->dev_fd and s->num_cpu) as well as lots of typecasts of 's' to DeviceState * and back to GICState *. This makes the code very ugly so i decided to stop at this point. I tried also an approach with making a base class for all possible GICs, but it would contain only three variables (dev_fd, cpu_num and irq_num), and accessing them through the rest of the code would be again tedious (either ugly casts or qemu-style separate object pointer). So i disliked it too. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Tested-by: Ashok kumar <ashoks@xxxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 2ef56d1dd64ffb75ed02a10dcdaf605e5b8ff4f8.1441784344.git.p.fedin@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ff8f06ee7680fb505079d33caaf8f5ebff0853bc Author: Shlomo Pongratz <shlomo.pongratz@xxxxxxxxxx> Date: Thu Sep 24 01:29:36 2015 +0100 hw/intc: Implement GIC-500 base class This class is to be used by both software and KVM implementations of GICv3 Currently it is mostly a placeholder, but in future it is supposed to hold qemu's representation of GICv3 state, which is necessary for migration. The interface of this class is fully compatible with GICv2 one. This is done in order to simplify integration with existing code. Signed-off-by: Shlomo Pongratz <shlomo.pongratz@xxxxxxxxxx> Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Eric Auger <eric.auger@xxxxxxxxxx> Tested-by: Ashok kumar <ashoks@xxxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: aff8baaee493cdcab0694b4a1d4dd5ff27c37ed2.1441784344.git.p.fedin@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7b02f5447c64d1854468f758398c9f6fe9e5721f Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Sun Aug 30 11:48:40 2015 +0200 libcacard: use the standalone project libcacard is now a standalone project hosted with the Spice project (see the 2.5.0 release announcement), remove it from qemu tree. Use the library if found during configure or if --enable-smartcard. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Tokarev <mjt@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Tested-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fefa4b128de06cec6d513f00ee61e8208aed4a87 Merge: 684bb57 89dcccc Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Sep 23 21:39:46 2015 +0100 Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150923.0' into staging VFIO updates 2015-09-23 - Tracing improvements to use common prefixes for functional areas - Quirks overhaul: - Split PCI quirks to separate file - Make them understandable and more extensible - Improve use of MemoryRegions and eliminate use of target pagesize - Eliminate build-time debugging, everything migrated to runtime opts # gpg: Signature made Wed 23 Sep 2015 21:09:05 BST using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex@xxxxxxxxxxx>" # gpg: aka "Alex Williamson <alwillia@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex.l.williamson@xxxxxxxxx>" * remotes/awilliam/tags/vfio-update-20150923.0: vfio/pci: Add emulated PCI IDs vfio/pci: Cache vendor and device ID vfio/pci: Move AMD device specific reset to quirks vfio/pci: Remove old config window and mirror quirks vfio/pci: Config mirror quirk vfio/pci: Config window quirks vfio/pci: Rework RTL8168 quirk vfio/pci: Cleanup Nvidia 0x3d0 quirk vfio/pci: Cleanup ATI 0x3c3 quirk vfio/pci: Foundation for new quirk structure vfio/pci: Cleanup ROM blacklist quirk vfio/pci: Split quirks to a separate file vfio/pci: Extract PCI structures to a separate header vfio: Change polarity of our no-mmap option vfio/pci: Make interrupt bypass runtime configurable vfio/pci: Rename MSI/X functions for easier tracing vfio/pci: Rename INTx functions for easier tracing vfio/pci: Cleanup vfio_early_setup_msix() error path vfio/pci: Cleanup RTL8168 quirk and tracing Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 89dcccc5931cc8afc2ccc7cd378695165768148b Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:49 2015 -0600 vfio/pci: Add emulated PCI IDs Specifying an emulated PCI vendor/device ID can be useful for testing various quirk paths, even though the behavior and functionality of the device with bogus IDs is fully unsupportable. We need to use a uint32_t for the vendor/device IDs, even though the registers themselves are only 16-bit in order to be able to determine whether the value is valid and user set. The same support is added for subsystem vendor/device ID, though these have the possibility of being useful and supported for more than a testing tool. An emulated platform might want to impose their own subsystem IDs or at least hide the physical subsystem ID. Windows guests will often reinstall drivers due to a change in subsystem IDs, something that VM users may want to avoid. Of course careful attention would be required to ensure that guest drivers do not rely on the subsystem ID as a basis for device driver quirks. All of these options are added using the standard experimental option prefix and should not be considered stable. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit ff635e3775447b7e797f1bad8cf33403199faba1 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:49 2015 -0600 vfio/pci: Cache vendor and device ID Simplify access to commonly referenced PCI vendor and device ID by caching it on the VFIOPCIDevice struct. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit c9c5000991148383d628aac59f1593937be572e4 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:49 2015 -0600 vfio/pci: Move AMD device specific reset to quirks This is just another quirk, for reset rather than affecting memory regions. Move it to our new quirks file. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 958d553405462e95b9d15e8ca6cfb602f7815277 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:48 2015 -0600 vfio/pci: Remove old config window and mirror quirks These are now unused. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 0d38fb1c5f921acc050d5f80a2ff4e627b565494 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:48 2015 -0600 vfio/pci: Config mirror quirk Re-implement our mirror quirk using the new infrastructure. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 0e54f24a5b4bb756715928058b60a7d5f70ccd7f Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:48 2015 -0600 vfio/pci: Config window quirks Config windows make use of an address register and a data register. In VGA cards, these are often used to provide real mode code in the BIOS an easy way to access MMIO registers since the window often resides in an I/O port register. When the MMIO register has a mirror of PCI config space, we need to trap those accesses and redirect them to emulated config space. The previous version of this functionality made use of a single MemoryRegion and single match address. This version uses separate MemoryRegions for each of the address and data registers and allows for multiple match addresses. This is useful for Nvidia cards which have two ranges which index into PCI config space. The previous implementation is left for the follow-on patch for a more reviewable diff. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 954258a5f11b51abd1ceed7c96d1204d4cef1353 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:47 2015 -0600 vfio/pci: Rework RTL8168 quirk Another rework of this quirk, this time to update to the new quirk structure. We can handle the address and data registers with separate MemoryRegions and a quirk specific data structure, making the code much more understandable. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 6029a424be37e0d7949546af7593b9b604611480 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:47 2015 -0600 vfio/pci: Cleanup Nvidia 0x3d0 quirk The Nvidia 0x3d0 quirk makes use of a two separate registers and gives us our first chance to make use of separate memory regions for each to simplify the code a bit. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit b946d286114e09a81c303c7ec8ec3f7b33dff9e8 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:47 2015 -0600 vfio/pci: Cleanup ATI 0x3c3 quirk This is an easy quirk that really doesn't need a data structure if its own. We can pass vdev as the opaque data and access to the MemoryRegion isn't required. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 8c4f234853d9d438dc1733ca98674b1139a87c99 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:46 2015 -0600 vfio/pci: Foundation for new quirk structure VFIOQuirk hosts a single memory region and a fixed set of data fields that try to handle all the quirk cases, but end up making those that don't exactly match really confusing. This patch introduces a struct intended to provide more flexibility and simpler code. VFIOQuirk is stripped to its basics, an opaque data pointer for quirk specific data and a pointer to an array of MemoryRegions with a counter. This still allows us to have common teardown routines, but adds much greater flexibility to support multiple memory regions and quirk specific data structures that are easier to maintain. The existing VFIOQuirk is transformed into VFIOLegacyQuirk, which further patches will eliminate entirely. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 056dfcb695cde3c62b7dc1d5ed6d2e38b3a73e29 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:45 2015 -0600 vfio/pci: Cleanup ROM blacklist quirk Create a vendor:device ID helper that we'll also use as we rework the rest of the quirks. Re-reading the config entries, even if we get more blacklist entries, is trivial overhead and only incurred during device setup. There's no need to typedef the blacklist structure, it's a static private data type used once. The elements get bumped up to uint32_t to avoid future maintenance issues if PCI_ANY_ID gets used for a blacklist entry (avoiding an actual hardware match). Our test loop is also crying out to be simplified as a for loop. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit c00d61d8fa22b096b15e19ee2fde846ffc1c0b5d Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:45 2015 -0600 vfio/pci: Split quirks to a separate file Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 78f33d2bfd26ec552d9e824bcc1dbb8e2736ce34 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:44 2015 -0600 vfio/pci: Extract PCI structures to a separate header Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 5e15d79b8681c7f4e2079833288785708e7520d3 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:44 2015 -0600 vfio: Change polarity of our no-mmap option The default should be to allow mmap and new drivers shouldn't need to expose an option or set it to other than the allocation default in their initfn. Take advantage of the experimental flag to change this option to the correct polarity. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 46746dbaa8c2c421b9bda78193caad57d7fb1136 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:44 2015 -0600 vfio/pci: Make interrupt bypass runtime configurable Tracing is more effective when we can completely disable all KVM bypass paths. Make these runtime rather than build-time configurable. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 0de70dc7bab1cd58d02e86ed27e291843983b13b Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:43 2015 -0600 vfio/pci: Rename MSI/X functions for easier tracing This allows vfio_msi* tracing. The MSI/X interrupt tracing is also pulled out of #ifdef DEBUG_VFIO to avoid a recompile for tracing this path. A few cycles to read the message is hardly anything if we're already in QEMU. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 870cb6f104e5d3364288d894746dd88fe9ac59cb Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:43 2015 -0600 vfio/pci: Rename INTx functions for easier tracing Rename functions and tracing callbacks so that we can trace vfio_intx* to see all the INTx related activities. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit b5bd049fa907bccc4600ad1855e1c9c0e62f0be3 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:43 2015 -0600 vfio/pci: Cleanup vfio_early_setup_msix() error path With the addition of the Chelsio quirk we have an error path out of vfio_early_setup_msix() that doesn't free the allocated VFIOMSIXInfo struct. This doesn't introduce a leak as it still gets freed in the vfio_put_device() path, but it's complicated and sloppy to rely on that. Restructure to free the allocated data on error and only link it into the vdev on success. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> Reported-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit d451008e0fdf7fb817c791397e7999d5f3687e58 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Sep 23 13:04:42 2015 -0600 vfio/pci: Cleanup RTL8168 quirk and tracing There's quite a bit of cleanup that can be done to the RTL8168 quirk, as well as the tracing to prevent a spew of uninteresting accesses for anything else the driver might choose to use the window registers for besides the MSI-X table. There should be no functional change, but it's now possible to get compact and useful traces by enabling vfio_rtl8168_quirk*, ex: vfio_rtl8168_quirk_write 0000:04:00.0 [address]: 0x1f000 vfio_rtl8168_quirk_read 0000:04:00.0 [address]: 0x8001f000 vfio_rtl8168_quirk_read 0000:04:00.0 [data]: 0xfee0100c vfio_rtl8168_quirk_write 0000:04:00.0 [address]: 0x1f004 vfio_rtl8168_quirk_read 0000:04:00.0 [address]: 0x8001f004 vfio_rtl8168_quirk_read 0000:04:00.0 [data]: 0x0 vfio_rtl8168_quirk_write 0000:04:00.0 [address]: 0x1f008 vfio_rtl8168_quirk_read 0000:04:00.0 [address]: 0x8001f008 vfio_rtl8168_quirk_read 0000:04:00.0 [data]: 0x49b1 vfio_rtl8168_quirk_write 0000:04:00.0 [address]: 0x1f00c vfio_rtl8168_quirk_read 0000:04:00.0 [address]: 0x8001f00c vfio_rtl8168_quirk_read 0000:04:00.0 [data]: 0x0 Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 684bb5770ec5d72a66620f64fc5d9672bf8d3509 Merge: 27c7275 d76548a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Sep 23 16:52:54 2015 +0100 Merge remote-tracking branch 'remotes/dgibson/tags/spapr-next-20150923' into staging sPAPR Patch Queue: 2015-09-23 Highlights: * pseries-2.5 machine type * Memory hotplug for "pseries" guests * Fixes to the PAPR Dynamic Reconfiguration hotplug code * Several PAPR compliance fixes * New SLOF with: * GPT support * Much faster VGA handling # gpg: Signature made Wed 23 Sep 2015 02:50:10 BST using DSA key ID FDDA6FC6 # gpg: Good signature from "David Gibson <david@xxxxxxxxxxxxxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: F730 2185 38B4 D13E FD80 34F2 6882 CAC6 FDDA 6FC6 * remotes/dgibson/tags/spapr-next-20150923: (36 commits) sPAPR: Enable EEH on VFIO PCI device only sPAPR: Revert don't enable EEH on emulated PCI devices ppc/spapr: Implement H_RANDOM hypercall in QEMU ppc/spapr: Fix buffer overflow in spapr_populate_drconf_memory() spapr: Fix default NUMA node allocation for threads spapr: Move memory hotplug to RTAS_LOG_V6_HP_ID_DRC_COUNT type spapr: Support hotplug by specifying DRC count spapr: Revert to memory@XXXX representation for non-hotplugged memory spapr: Populate ibm,associativity-lookup-arrays correctly for non-NUMA spapr: Provide better error message when slots exceed max allowed spapr: Don't allow memory hotplug to memory less nodes spapr: Memory hotplug support spapr: Make hash table size a factor of maxram_size spapr: Support ibm,dynamic-reconfiguration-memory spapr: Add LMB DR connectors spapr: Use QEMU limit for maximum CPUs number spapr: Don't use QOM [*] syntax for DR connectors. spapr_drc: use RTAS return codes for methods called by RTAS spapr: Initialize hotplug memory address space spapr_drc: don't allow 'empty' DRCs to be unisolated or allocated ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d76548a98f4e18d3c65a3d921bbb70caf9be6138 Author: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Date: Fri Sep 18 17:30:44 2015 +1000 sPAPR: Enable EEH on VFIO PCI device only This checks if the PCI device retrieved from the PCI device address is VFIO PCI device when enabling EEH functionality. If it's not VFIO PCI device, the EEH functonality isn't enabled. Signed-off-by: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 47445c80fb57035331574ac1ac0bcee67fb84aeb Author: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Date: Fri Sep 18 17:30:43 2015 +1000 sPAPR: Revert don't enable EEH on emulated PCI devices This reverts commit 7cb18007 ("sPAPR: Don't enable EEH on emulated PCI devices") as rtas_ibm_set_eeh_option() isn't the right place to check if there has the corresponding PCI device for the input address, which can be PE address, not PCI device address. Signed-off-by: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 4d9392be6c1aada69ce86c0f6584128976985394 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu Sep 17 10:49:41 2015 +0200 ppc/spapr: Implement H_RANDOM hypercall in QEMU The PAPR interface defines a hypercall to pass high-quality hardware generated random numbers to guests. Recent kernels can already provide this hypercall to the guest if the right hardware random number generator is available. But in case the user wants to use another source like EGD, or QEMU is running with an older kernel, we should also have this call in QEMU, so that guests that do not support virtio-rng yet can get good random numbers, too. This patch now adds a new pseudo-device to QEMU that either directly provides this hypercall to the guest or is able to enable the in-kernel hypercall if available. The in-kernel hypercall can be enabled with the use-kvm property, e.g.: qemu-system-ppc64 -device spapr-rng,use-kvm=true For handling the hypercall in QEMU instead, a "RngBackend" is required since the hypercall should provide "good" random data instead of pseudo-random (like from a "simple" library function like rand() or g_random_int()). Since there are multiple RngBackends available, the user must select an appropriate back-end via the "rng" property of the device, e.g.: qemu-system-ppc64 -object rng-random,filename=/dev/hwrng,id=gid0 \ -device spapr-rng,rng=gid0 ... See http://wiki.qemu-project.org/Features-Done/VirtIORNG for other example of specifying RngBackends. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit ef001f069e0f175a036929782c5c63053df9569a Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Tue Sep 15 21:34:20 2015 +0200 ppc/spapr: Fix buffer overflow in spapr_populate_drconf_memory() The buffer that is allocated in spapr_populate_drconf_memory() is used for setting both, the "ibm,dynamic-memory" and the "ibm,associativity-lookup-arrays" property. However, only the size of the first one is taken into account when allocating the memory. So if the length of the second property is larger than the length of the first one, we run into a buffer overflow here! Fix it by taking the length of the second property into account, too. Fixes: "spapr: Support ibm,dynamic-reconfiguration-memory" patch Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 20bb648dca6d7fe8cdd1941194e7851950b25dc5 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Tue Sep 8 11:21:52 2015 +1000 spapr: Fix default NUMA node allocation for threads At present, if guest numa nodes are requested, but the cpus in each node are not specified, spapr just uses the default behaviour or assigning each vcpu round-robin to nodes. If smp_threads != 1, that will assign adjacent threads in a core to different NUMA nodes. As well as being just weird, that's a configuration that can't be represented in the device tree we give to the guest, which means the guest and qemu end up with different ideas of the NUMA topology. This patch implements mc->cpu_index_to_socket_id in the spapr code to make sure vcpus get assigned to nodes only at the socket granularity. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Alexey Kardashevskiy <aik@xxxxxxxxx> commit 0a4178692c2375a4516da7b71629bd08ee8697ee Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Aug 3 11:05:43 2015 +0530 spapr: Move memory hotplug to RTAS_LOG_V6_HP_ID_DRC_COUNT type Till now memory hotplug used RTAS_LOG_V6_HP_ID_DRC_INDEX hotplug type which meant that we generated one hotplug type of EPOW event for every 256MB (SPAPR_MEMORY_BLOCK_SIZE). This quickly overruns the kernel rtas log buffer thus resulting in loss of memory hotplug events. Switch to RTAS_LOG_V6_HP_ID_DRC_COUNT hotplug type for memory so that we generate only one event per hotplug request. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 7a36ae7a9f4f136d40fe1da4aab66b364d4aa56d Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Aug 3 11:05:42 2015 +0530 spapr: Support hotplug by specifying DRC count Support hotplug identifier type RTAS_LOG_V6_HP_ID_DRC_COUNT that allows hotplugging of DRCs by specifying the DRC count. While we are here, rename spapr_hotplug_req_add_event() to spapr_hotplug_req_add_by_index() spapr_hotplug_req_remove_event() to spapr_hotplug_req_remove_by_index() so that they match with spapr_hotplug_req_add_by_count(). Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit e8f986fc57a664a74b9f685b466506366a15201b Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Aug 3 11:05:41 2015 +0530 spapr: Revert to memory@XXXX representation for non-hotplugged memory Don't represent non-hotluggable memory under drconf node. With this we don't have to create DRC objects for them. The effect of this patch is that we revert back to memory@XXXX representation for all the memory specified with -m option and represent the cold plugged memory and hot-pluggable memory under ibm,dynamic-reconfiguration-memory. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 6663864e950d40c467ae4ab81c4dac64d7a8d9e6 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Aug 3 11:05:40 2015 +0530 spapr: Populate ibm,associativity-lookup-arrays correctly for non-NUMA When NUMA isn't configured explicitly, assume node 0 is present for the purpose of creating ibm,associativity-lookup-arrays property under ibm,dynamic-reconfiguration-memory DT node. This ensures that the associativity index property is correctly updated in ibm,dynamic-memory for the LMB that is hotplugged. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 19a35c9e1b964f420ee07141f049e6c96c63b740 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Aug 3 11:05:39 2015 +0530 spapr: Provide better error message when slots exceed max allowed Currently when user specifies more slots than allowed max of SPAPR_MAX_RAM_SLOTS (32), we error out like this: qemu-system-ppc64: unsupported amount of memory slots: 64 Let the user know about the max allowed slots like this: qemu-system-ppc64: Specified number of memory slots 64 exceeds max supported 32 Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit b556854bd8524c26b8be98ab1bfdf0826831e793 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 14:14:32 2015 +0530 spapr: Don't allow memory hotplug to memory less nodes Currently PowerPC kernel doesn't allow hot-adding memory to memory-less node, but instead will silently add the memory to the first node that has some memory. This causes two unexpected behaviours for the user. - Memory gets hotplugged to a different node than what the user specified. - Since pc-dimm subsystem in QEMU still thinks that memory belongs to memory-less node, a reboot will set things accordingly and the previously hotplugged memory now ends in the right node. This appears as if some memory moved from one node to another. So until kernel starts supporting memory hotplug to memory-less nodes, just prevent such attempts upfront in QEMU. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit c20d332a85c95245e3b720bfea1bd02e3a311463 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 1 11:22:35 2015 +1000 spapr: Memory hotplug support Make use of pc-dimm infrastructure to support memory hotplug for PowerPC. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit ce881f774d69d941eb999c25f0cb1f72cd228795 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 14:14:30 2015 +0530 spapr: Make hash table size a factor of maxram_size The hash table size is dependent on ram_size, but since with hotplug the memory can grow till maxram_size. Hence make hash table size dependent on maxram_size. This allows to hotplug huge amounts of memory to the guest. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 03d196b7c57f22f796197f221f9d95336debee9e Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jul 13 10:34:00 2015 +1000 spapr: Support ibm,dynamic-reconfiguration-memory Parse ibm,architecture.vec table obtained from the guest and enable memory node configuration via ibm,dynamic-reconfiguration-memory if guest supports it. This is in preparation to support memory hotplug for sPAPR guests. This changes the way memory node configuration is done. Currently all memory nodes are built upfront. But after this patch, only memory@0 node for RMA is built upfront. Guest kernel boots with just that and rest of the memory nodes (via memory@XXX or ibm,dynamic-reconfiguration-memory) are built when guest does ibm,client-architecture-support call. Note: This patch needs a SLOF enhancement which is already part of SLOF binary in QEMU. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 224245bf524189789d231f38434c9f8fd57a249c Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Aug 12 13:16:48 2015 +1000 spapr: Add LMB DR connectors Enable memory hotplug for pseries 2.4 and add LMB DR connectors. With memory hotplug, enforce RAM size, NUMA node memory size and maxmem to be a multiple of SPAPR_MEMORY_BLOCK_SIZE (256M) since that's the granularity in which LMBs are represented and hot-added. LMB DR connectors will be used by the memory hotplug code. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> [spapr_drc_reset implementation] [since this missed the 2.4 cutoff, changing to only enable for 2.5] Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 38b02bd846672f33bc2eabcb9847c4b78069e097 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu Aug 6 13:37:24 2015 +1000 spapr: Use QEMU limit for maximum CPUs number sPAPR uses hard coded limit of maximum 255 supported CPUs which is exactly the same as QEMU-wide limit which is MAX_CPUMASK_BITS and also defined as 255. This makes use of a global CPU number limit for the "pseries" machine. In order to anticipate future increase of the MAX_CPUMASK_BITS (or to help debugging large systems), this also bumps the FDT_MAX_SIZE limit from 256K to 1M assuming that 1 CPU core needs roughly 512 bytes in the device tree so the new limit can cover up to 2048 CPU cores. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 94649d423e4647fca3bc3e8b2b363d6d2adee9ce Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Sep 16 16:57:51 2015 +1000 spapr: Don't use QOM [*] syntax for DR connectors. The dynamic reconfiguration (hotplug) code for the pseries machine type uses a "DR connector" QOM object for each resource it will be possible to hotplug. Each of these is added to its owner using object_property_add_child(owner, "dr-connector[*], ...); That works ok, mostly, but it means that the property indices are arbitrary, depending on the order in which the connectors are constructed. That might line up to something useful, but it doesn't have to. It will get worse once we add hotplug RAM support. That will add a DR connector object for every 256MB of potential memory. So if maxmem=2T, for example, there are 8192 objects under the same parent. The QOM interfaces aren't really designed for this. In particular object_property_add() with [*] has O(n^2) time complexity (in the number of existing children): first it has a linear search through array indices to find a free slot, each of which is attempted to a recursive call to object_property_add() with a specific [N]. Those calls are O(n) because there's a linear search through all properties to check for duplicates. By using a meaningful index value, which we already know is unique we can avoid the [*] special behaviour. That lets us reduce the total time for creating the DR objects from O(n^3) to O(n^2). O(n^2) is still kind of crappy, but it's enough to reduce the startup time of qemu (with in-progress memory hotplug support) with maxmem=2T from ~20 minutes to ~4 seconds. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Cc: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Tested-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: Alexey Kardashevskiy <aik@xxxxxxxxx> commit 0cb688d22b3941af02fee78ba21dc3a39c367e0b Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu Sep 10 16:11:02 2015 -0500 spapr_drc: use RTAS return codes for methods called by RTAS Certain methods in sPAPRDRConnector objects are only ever called by RTAS and in many cases are responsible for the logic that determines the RTAS return codes. Rather than having a level of indirection requiring RTAS code to re-interpret return values from such methods to determine the appropriate return code, just pass them through directly. This requires changing method return types to uint32_t to match the type of values currently passed to RTAS helpers. In the case of read accesses like drc->entity_sense() where we weren't previously reporting any errors, just the read value, we modify the function to return RTAS return code, and pass the read value back via reference. Suggested-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Suggested-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Cc: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 4a1c9cf0073e733b421e7b82ad673e7cf6ed8454 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 14:14:27 2015 +0530 spapr: Initialize hotplug memory address space Initialize a hotplug memory region under which all the hotplugged memory is accommodated. Also enable memory hotplug by setting CONFIG_MEM_HOTPLUG. Modelled on i386 memory hotplug. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 9d1852ce11c888e3ad5096be505d14045d8b49ae Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu Sep 10 16:11:03 2015 -0500 spapr_drc: don't allow 'empty' DRCs to be unisolated or allocated Logical resources start with allocation-state:UNUSABLE / isolation-state:ISOLATED. During hotplug, guests will transition them to allocation-state:USABLE, and then to isolation-state:UNISOLATED. For cases where we cannot transition to allocation-state:USABLE, in this case due to no device/resource being association with the logical DRC, we should return an error -3. For physical DRCs, we default to allocation-state:USABLE and stay there, so in this case we should report an error -3 when the guest attempts to make the isolation-state:ISOLATED transition for a DRC with no device associated. These are as documented in PAPR 2.7, 13.5.3.4. We also ensure allocation-state:USABLE when the guest attempts transition to isolation-state:UNISOLATED to deal with misbehaving guests attempting to bring online an unallocated logical resource. This is as documented in PAPR 2.7, 13.7. Currently we implement no such error logic. Fix this by handling these error cases as PAPR defines. Cc: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit a8ad731a001d41582c9cec4015f73ab3bc11a28d Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 15 16:34:59 2015 -0500 spapr_pci: fix device tree props for MSI/MSI-X PAPR requires ibm,req#msi and ibm,req#msi-x to be present in the device node to define the number of msi/msi-x interrupts the device supports, respectively. Currently we have ibm,req#msi-x hardcoded to a non-sensical constant that happens to be 2, and are missing ibm,req#msi entirely. The result of that is that msi-x capable devices get limited to 2 msi-x interrupts (which can impact performance), and msi-only devices likely wouldn't work at all. Additionally, if devices expect a minimum that exceeds 2, the guest driver may fail to load entirely. SLOF still owns the generation of these properties at boot-time (although other device properties have since been offloaded to QEMU), but for hotplugged devices we rely on the values generated by QEMU and thus hit the limitations above. Fix this by generating these properties in QEMU as expected by guests. In the future it may make sense to modify SLOF to pass through these values directly as we do with other props since we're duplicating SLOF code. Cc: qemu-ppc@xxxxxxxxxx Cc: qemu-stable@xxxxxxxxxx Cc: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Cc: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit ef9971dd69bdd84b0987b0e1e4f421223b080afd Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Tue Sep 8 11:25:13 2015 +1000 spapr: Enable in-kernel H_SET_MODE handling For setting debug watchpoints, sPAPR guests use H_SET_MODE hypercall. The existing QEMU H_SET_MODE handler does not support this but the KVM handler in HV KVM does. However it is not enabled. This enables the in-kernel H_SET_MODE handler which handles: - Completed Instruction Address Breakpoint Register - Watch point 0 registers. The rest is still handled in QEMU. Reported-by: Anton Blanchard <anton@xxxxxxxxx> Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 22419c2a90b859dcab49f9472259ad8a3ce091d6 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Tue Sep 8 11:21:31 2015 +1000 pseries: Fix incorrect calculation of threads per socket for chip-id The device tree presented to pseries machine type guests includes an ibm,chip-id property which gives essentially the socket number of each vcpu core (individual vcpu threads don't get a node in the device tree). To calculate this, it uses a vcpus_per_socket variable computed as (smp_cpus / #sockets). This is correct for the usual case where smp_cpus == smp_threads * smp_cores * #sockets. However, you can start QEMU with the number of cores and threads mismatching the total number of vcpus (whether that _should_ be permitted is a topic for another day). It's a bit hard to say what the "real" number of vcpus per socket here is, but for most purposes (smp_threads * smp_cores) will more meaningfully match how QEMU behaves with respect to socket boundaries. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Alexey Kardashevskiy <aik@xxxxxxxxx> commit 92d7a30cb3656f577f87b19042d9b66ff3b20e3b Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu Aug 13 19:24:16 2015 +1000 pseries: Update SLOF firmware image to qemu-slof-20150813 The changes are: 1. GPT support; 2. Much faster VGA support. The full changelog is: > Add missing half word access case to _FASTRMOVE and _FASTMOVE > Remove unused RMOVE64 stub > fbuffer: Implement RFILL as an accelerated primitive > fbuffer: Implement MRMOVE as an accelerated primitive > fbuffer: Precalculate line length in bytes > terminal: Disable the terminal-write trace by default > boot: remove trailing ":" in the bootpath > ci: implement boot client interface > boot: bootpath should be complete device path > fbuffer: Use a smaller cursor > fbuffer: Improve invert-region helper > usb-hid: Caps is not always shift > cas: Increase FDT buffer size to accomodate larger ibm, cas node properties > README: Update with patch submittion note > disk-label: add support for booting from GPT FAT partition > disk-label: introduce helper to check fat filesystem > introduce 8-byte LE helpers > disk-label: simplify gpt-prep-partition? routine > fbuffer: introduce the invert-region-x helper > fbuffer: introduce the invert-region helper > fbuffer: simplify address computations in fb8-toggle-cursor Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 785652dc4db2023aeda4e381eb08e0beae67b870 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Thu Aug 13 14:53:02 2015 +0200 pseries: define coldplugged devices as "configured" When a device is hotplugged, attach() sets "configured" to false, waiting an action from the OS to configure it and then to call ibm,configure-connector. On ibm,configure-connector, the hypervisor sets "configured" to true. In case of coldplugged device, attach() sets "configured" to false, but firmware and OS never call the ibm,configure-connector in this case, so it remains set to false. It could be harmless, but when we unplug a device, hypervisor waits the device becomes configured because for it, a not configured device is a device being configured, so it waits the end of configuration to unplug it... and it never happens, so it is never unplugged. This patch set by default coldplugged device to "configured=true", hotplugged device to "configured=false". Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit a14aa92b20c5482b9b694901304b8100b3c4b5a1 Author: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 1 11:05:12 2015 +1000 sPAPR: Introduce rtas_ldq() This introduces rtas_ldq() to load 64-bits parameter from continuous two 4-bytes memory chunk of RTAS parameter buffer, to simplify the code. Signed-off-by: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit e6fc9568c865f2f81499475a4e322cd563fdfd90 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Tue Sep 1 09:53:52 2015 +1000 spapr_rtas: Prevent QEMU crash during hotplug without a prior device_add If drmgr is used in the guest to hotplug a device before a device_add has been issued via the QEMU monitor, QEMU segfaults in configure_connector call. This occurs due to accessing of NULL FDT which otherwise would have been created and associated with the DRC during device_add command. Check for NULL FDT and return failure from configure_connector call. As per PAPR+, an error value of -9003 seems appropriate for this failure. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Cc: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit aaf87c6616370685a7cff6a21616fc5db7495014 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Tue Sep 1 11:29:02 2015 +1000 ppc/spapr: Use qemu_log_mask() for hcall_dprintf() To see the output of the hcall_dprintf statements, you currently have to enable the DEBUG_SPAPR_HCALLS macro in include/hw/ppc/spapr.h. This is ugly because a) not every user who wants to debug guest problems can or wants to recompile QEMU to be able to see such issues, and b) since this macro is disabled by default, the code in the hcall_dprintf() brackets tends to bitrot until somebody temporarily enables that macro again. Since the hcall_dprintf statements except one indicate guest problems, let's always use qemu_log_mask(LOG_GUEST_ERROR, ...) for this macro instead. One spot indicated an unimplemented host feature, so this is changed into qemu_log_mask(LOG_UNIMP, ...) instead. Now it's possible to see all those messages by simply adding the CLI parameter "-d guest_errors,unimp", without the need to re-compile the binary. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 627c2ef7898794a28d706ecdf094491bebbb083a Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Sep 3 10:08:23 2015 +1000 spapr_drc: Fix potential undefined behaviour The DRC_INDEX_ID_MASK macro does a left shift on ~0, which is a signed quantity, and therefore undefined behaviour according to the C spec. In particular this causes warnings from the clang sanitizer. This fixes it by calculating the same mask without using ~0 (I think the new method is a more common idiom for generating masks anyway). For good measure I also use 1ULL to force the expression's type to unsigned long long, which should be good for assigning to anything we're going to want to. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Alexey Kardashevskiy <aik@xxxxxxxxx> commit ad440b4ae0727dbef5cace419d94d774de96886c Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Tue Sep 1 11:25:35 2015 +1000 spapr: add dumpdtb support dumpdtb (-machine dumpdtb=<file>) allows one to inspect the generated device tree of machine types that generate device trees. This is useful for a) seeing what's there b) debugging/testing device tree generator patches. It can be used as follows $QEMU_CMDLINE -machine dumpdtb=dtb dtc -I dtb -O dts dtb Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit e39432282e2d2db42645c2ce183dfcaa1488752b Author: Sam Bobroff <sam.bobroff@xxxxxxxxxxx> Date: Tue Sep 1 11:24:37 2015 +1000 spapr: SPLPAR Characteristics Improve the SPLPAR Characteristics information: Add MaxPlatProcs: set to max_cpus, the maximum CPUs that could be addded to the system. Add DesMem: set to the initial memory of the system. Add DesProcs: set to smp_cpus, the inital number of CPUs in the system. These tokens and values are specified by PAPR. Signed-off-by: Sam Bobroff <sam.bobroff@xxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit b359bd6a424b8de7db994d7120e87a7465b69337 Author: Sam Bobroff <sam.bobroff@xxxxxxxxxxx> Date: Tue Sep 1 11:23:47 2015 +1000 spapr: Make ibm, change-msi respect 3 return values Currently, rtas_ibm_change_msi() always returns four values even if less are specified. Correct this by only returning the fourth parameter if it was requested. This is specified by PAPR. Signed-off-by: Sam Bobroff <sam.bobroff@xxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit a95f99224c08efcf91b4259c34754f69d962bf23 Author: Sam Bobroff <sam.bobroff@xxxxxxxxxxx> Date: Tue Sep 1 11:23:34 2015 +1000 spapr: Add /rtas/ibm,change-msix-capable QEMU is MSI-X capable and makes it available via ibm,change-msi, so we should indicate this by adding /rtas/ibm,change-msix-capable to the device tree. This is specificed by PAPR. Signed-off-by: Sam Bobroff <sam.bobroff@xxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 2c1aaa819a0d68a51086f5d7e8f9a0114ae0305c Author: Sam Bobroff <sam.bobroff@xxxxxxxxxxx> Date: Tue Sep 1 11:23:19 2015 +1000 spapr: Add /ibm,partition-name QEMU has a notion of the guest name, so if it's present we might as well put that into the device tree as /ibm,partition-name. This is specificed by PAPR. Signed-off-by: Sam Bobroff <sam.bobroff@xxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit fb0fc8f62c16b5b0910545f56c64aaafc91533ce Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Wed Aug 12 13:15:56 2015 +1000 spapr: Create pseries-2.5 machine Add pseries-2.5 machine version. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> [Altered to merge before memory hotplug -- dwg] [Altered to work with b9f072d01 -- dwg] Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 613e7a764501a236cdfce39561f9bcf60c78cf49 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 30 20:25:15 2015 +0530 spapr: Provide an error message when migration fails due to htab_shift mismatch Include an error message when migration fails due to mismatch in htab_shift values at source and target. This should provide a bit more verbose message in addition to the current migration failure message that reads like: qemu-system-ppc64: error while loading state for instance 0x0 of device 'spapr/htab' After this patch, the failure message will look like this: qemu-system-ppc64: htab_shift mismatch: source 29 target 24 qemu-system-ppc64: error while loading state for instance 0x0 of device 'spapr/htab' Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> commit 27c7275a56948f48f536e2d1599b22355f5714ac Merge: 482d7c0 f479832 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 22 19:22:23 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-ipxe-20150903-1' into staging ipxe: update to 35c53797 to 4e03af8, build tweaks. # gpg: Signature made Thu 03 Sep 2015 13:52:01 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-ipxe-20150903-1: ipxe: update binaries ipxe: use upstream configuration ipxe: don't override GITVERSION ipxe: update from 35c53797 to 4e03af8 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 482d7c0854423608e20e56b5824b7340bd3af7df Merge: 6138fbd abadcbc Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 22 16:51:36 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-09-22' into staging Monitor patches # gpg: Signature made Tue 22 Sep 2015 10:33:34 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-monitor-2015-09-22: hmp: Restore "info pci" monitor: allow device_del to accept QOM paths Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit abadcbc838a3b256819fd8932c34a4af41ec187f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Sep 18 17:18:29 2015 +0200 hmp: Restore "info pci" Dropped by commit da76ee76f78b9705e2a91e3c964aef28fecededb's transition to hmp-commands-info.hx. Reported-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1442589509-10806-1-git-send-email-pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 6287d827d494b5850049584c3f7fb1a589dbb1de Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Sep 11 13:33:56 2015 +0100 monitor: allow device_del to accept QOM paths Currently device_del requires that the client provide the device short ID. device_add allows devices to be created without giving an ID, at which point there is no way to delete them with device_del. The QOM object path, however, provides an alternative way to identify the devices. Allowing device_del to accept an object path ensures all devices are deletable regardless of whether they have an ID. (qemu) device_add usb-mouse (qemu) qom-list /machine/peripheral-anon device[0] (child<usb-mouse>) type (string) (qemu) device_del /machine/peripheral-anon/device[0] Devices are required to be marked as hotpluggable otherwise an error is raised (qemu) device_del /machine/unattached/device[4] Device 'PIIX3' does not support hotplugging Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1441974836-17476-1-git-send-email-berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> [Commit message touched up, accidental white-space change dropped] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 6138fbdebd72f6822367e88d14ddc635b5a5ddfb Merge: 9e72681 b2af43c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 22 00:37:05 2015 +0100 Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20150921-1' into staging spice: surface switch fast path requires same format too. # gpg: Signature made Mon 21 Sep 2015 10:05:54 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/spice/tags/pull-spice-20150921-1: spice: surface switch fast path requires same format too. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9e72681d16792d0ffc42bab634b1753ff299bdfd Merge: 75ebcd7 1a9a507 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 21 22:33:51 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-09-21' into staging qapi: QMP introspection # gpg: Signature made Mon 21 Sep 2015 08:59:17 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-09-21: (26 commits) qapi-introspect: Hide type names qapi: New QMP command query-qmp-schema for QMP introspection qapi: Pseudo-type '**' is now unused, drop it qapi-schema: Fix up misleading specification of netdev_add qom: Don't use 'gen': false for qom-get, qom-set, object-add qapi: Introduce a first class 'any' type qapi: Make output visitor return qnull() instead of NULL qapi: Improve built-in type documentation qapi-commands: De-duplicate output marshaling functions qapi: De-duplicate parameter list generation qapi: Rename qmp_marshal_input_FOO() to qmp_marshal_FOO() qapi-commands: Rearrange code qapi-visit: Rearrange code a bit qapi: Clean up after recent conversions to QAPISchemaVisitor qapi: Replace dirty is_c_ptr() by method c_null() qapi-event: Convert to QAPISchemaVisitor, fixing data with base qapi-event: Eliminate global variable event_enum_value qapi: De-duplicate enum code generation qapi-commands: Convert to QAPISchemaVisitor qapi-visit: Convert to QAPISchemaVisitor, fixing bugs ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 75ebcd7f080fa30893272f6fe07354e4ffa11b46 Merge: d345e0d 81dfaf1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 21 19:42:33 2015 +0100 Merge remote-tracking branch 'remotes/aurel/tags/pull-tcg-mips-20150921' into staging TCG MIPS queue - Fixes for 64-bit guests - Small cleanups # gpg: Signature made Sun 20 Sep 2015 23:33:15 BST using RSA key ID 1DDD8C9B # gpg: Good signature from "Aurelien Jarno <aurelien@xxxxxxxxxxx>" # gpg: aka "Aurelien Jarno <aurelien@xxxxxxxx>" # gpg: aka "Aurelien Jarno <aurel32@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 7746 2642 A9EF 94FD 0F77 196D BA9C 7806 1DDD 8C9B * remotes/aurel/tags/pull-tcg-mips-20150921: tcg/mips: pass oi to tcg_out_tlb_load tcg/mips: move tcg_out_addsub2 tcg/mips: Fix clobbering of qemu_ld inputs Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d345e0d7b755591da379b23c628613d0a5cd2566 Merge: 1864098 8f60f8e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 21 17:01:46 2015 +0100 Merge remote-tracking branch 'remotes/agraf/tags/signed-ppc-for-upstream' into staging Patch queue for ppc - 2015-09-20 Highlights this time around: - e500: Fix u-boot boot with -M virt by updating to new version - e500: fix ATMU reads - book3s: Fixes (unaligned exceptions, vector instructions) - yet another dbdma ide fix I'm out taking care of my son for the next 2 months. During that time please consider David Gibson the interim ppc queue maintainer. I'm sure Aurelien will be more than happy to help him review patches as well ;-). # gpg: Signature made Sun 20 Sep 2015 21:51:16 BST using RSA key ID 03FEDC60 # gpg: Good signature from "Alexander Graf <agraf@xxxxxxx>" # gpg: aka "Alexander Graf <alex@xxxxxxxxx>" * remotes/agraf/tags/signed-ppc-for-upstream: target-ppc: fix xscmpodp and xscmpudp decoding target-ppc: fix vcipher, vcipherlast, vncipherlast and vpermxor PPC: E500: Update u-boot to commit 79c884d7e4 target-ppc: Fix SRR0 when taking unaligned exceptions PPC: e500 pci host: Fix ATMUs register reads mac_dbdma: always clear FLUSH bit once DBDMA channel flush is complete kvm_ppc: remove kvmppc_timer_hack Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1a9a507b2e3e90aa719c96b4c092e7fad7215f21 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:29 2015 +0200 qapi-introspect: Hide type names To eliminate the temptation for clients to look up types by name (which are not ABI), replace all type names by meaningless strings. Reduces output of query-schema by 13 out of 85KiB. As a debugging aid, provide option -u to suppress the hiding. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1442401589-24189-27-git-send-email-armbru@xxxxxxxxxx> commit 39a181581650f4d50f4445bc6276d9716cece050 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:28 2015 +0200 qapi: New QMP command query-qmp-schema for QMP introspection qapi/introspect.json defines the introspection schema. It's designed for QMP introspection, but should do for similar uses, such as QGA. The introspection schema does not reflect all the rules and restrictions that apply to QAPI schemata. A valid QAPI schema has an introspection value conforming to the introspection schema, but the converse is not true. Introspection lowers away a number of schema details, and makes implicit things explicit: * The built-in types are declared with their JSON type. All integer types are mapped to 'int', because how many bits we use internally is an implementation detail. It could be pressed into external interface service as very approximate range information, but that's a bad idea. If we need range information, we better do it properly. * Implicit type definitions are made explicit, and given auto-generated names: - Array types, named by appending "List" to the name of their element type, like in generated C. - The enumeration types implicitly defined by simple union types, named by appending "Kind" to the name of their simple union type, like in generated C. - Types that don't occur in generated C. Their names start with ':' so they don't clash with the user's names. * All type references are by name. * The struct and union types are generalized into an object type. * Base types are flattened. * Commands take a single argument and return a single result. Dictionary argument or list result is an implicit type definition. The empty object type is used when a command takes no arguments or produces no results. The argument is always of object type, but the introspection schema doesn't reflect that. The 'gen': false directive is omitted as implementation detail. The 'success-response' directive is omitted as well for now, even though it's not an implementation detail, because it's not used by QMP. * Events carry a single data value. Implicit type definition and empty object type use, just like for commands. The value is of object type, but the introspection schema doesn't reflect that. * Types not used by commands or events are omitted. Indirect use counts as use. * Optional members have a default, which can only be null right now Instead of a mandatory "optional" flag, we have an optional default. No default means mandatory, default null means optional without default value. Non-null is available for optional with default (possible future extension). * Clients should *not* look up types by name, because type names are not ABI. Look up the command or event you're interested in, then follow the references. TODO Should we hide the type names to eliminate the temptation? New generator scripts/qapi-introspect.py computes an introspection value for its input, and generates a C variable holding it. It can generate awfully long lines. Marked TODO. A new test-qmp-input-visitor test case feeds its result for both tests/qapi-schema/qapi-schema-test.json and qapi-schema.json to a QmpInputVisitor to verify it actually conforms to the schema. New QMP command query-qmp-schema takes its return value from that variable. Its reply is some 85KiBytes for me right now. If this turns out to be too much, we have a couple of options: * We can use shorter names in the JSON. Not the QMP style. * Optionally return the sub-schema for commands and events given as arguments. Right now qmp_query_schema() sends the string literal computed by qmp-introspect.py. To compute sub-schema at run time, we'd have to duplicate parts of qapi-introspect.py in C. Unattractive. * Let clients cache the output of query-qmp-schema. It changes only on QEMU upgrades, i.e. rarely. Provide a command query-qmp-schema-hash. Clients can have a cache indexed by hash, and re-query the schema only when they don't have it cached. Even simpler: put the hash in the QMP greeting. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 2d21291ae645955fcc4652ebfec81ad338169ac6 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:27 2015 +0200 qapi: Pseudo-type '**' is now unused, drop it 'gen': false needs to stay for now, because netdev_add is still using it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-25-git-send-email-armbru@xxxxxxxxxx> commit b8a98326d565516bfcaa6582781605d167471b48 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:26 2015 +0200 qapi-schema: Fix up misleading specification of netdev_add It doesn't take a 'props' argument, let alone one in the format "NAME=VALUE,..." The bogus arguments specification doesn't matter due to 'gen': false. Clean it up to be incomplete rather than wrong, and document the incompleteness. While there, improve netdev_add usage example in the manual: add a device option to show how it's done. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-24-git-send-email-armbru@xxxxxxxxxx> commit 6eb3937e9b20319e1c4f4d53e906fda8f5ccda10 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:25 2015 +0200 qom: Don't use 'gen': false for qom-get, qom-set, object-add With the previous commit, the generated marshalers just work, and save us a bit of handwritten code. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-23-git-send-email-armbru@xxxxxxxxxx> commit 28770e057f265a4e70bcbdfc2447cce7b5f2dc19 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:24 2015 +0200 qapi: Introduce a first class 'any' type It's first class, because unlike '**', it actually works, i.e. doesn't require 'gen': false. '**' will go away next. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 6c2f9a15dfc8c18ba94defb0f819109902a817cb Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:23 2015 +0200 qapi: Make output visitor return qnull() instead of NULL Before commit 1d10b44, it crashed. Since then, it returns NULL, with a FIXME comment. The FIXME is valid: code that assumes QObject * can't be null exists. I'm not aware of a way to feed this problematic return value to code that actually chokes on null in the current code, but the next few commits will create one, failing "make check". Commit 481b002 solved a very similar problem by introducing a special null QObject. Using this special null QObject is clearly the right way to resolve this FIXME, so do that, and update the test accordingly. However, the patch isn't quite right: it messes up the reference counting. After about SIZE_MAX visits, the reference counter overflows, failing the assertion in qnull_destroy_obj(). Because that's many orders of magnitude more visits of nulls than we expect, we take this patch despite its flaws, to get the QMP introspection stuff in without further delay. We'll want to fix it for real before the release. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-21-git-send-email-armbru@xxxxxxxxxx> commit f133f2db1eedd409d3c1b0892f65b99f83c74754 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:22 2015 +0200 qapi: Improve built-in type documentation Clarify how they map to JSON. Add how they map to C. Fix the reference to StringInputVisitor. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-20-git-send-email-armbru@xxxxxxxxxx> commit 56d92b003a223585980df5403ee9e3a55de90adf Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:21 2015 +0200 qapi-commands: De-duplicate output marshaling functions gen_marshal_output() uses its parameter name only for name of the generated function. Name it after the type being marshaled instead of its caller, and drop duplicates. Saves 7 copies of qmp_marshal_output_int() in qemu-ga, and one copy of qmp_marshal_output_str() in qemu-system-*. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-19-git-send-email-armbru@xxxxxxxxxx> commit 03b4367a556179e3e59affa535493427bd009e9d Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:20 2015 +0200 qapi: De-duplicate parameter list generation Generated qapi-event.[ch] lose line breaks. No change otherwise. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-18-git-send-email-armbru@xxxxxxxxxx> commit 7fad30f06eb6aa57aaa8f3d264288f24ae7646f0 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:19 2015 +0200 qapi: Rename qmp_marshal_input_FOO() to qmp_marshal_FOO() These functions marshal both input and output. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-17-git-send-email-armbru@xxxxxxxxxx> commit f15380190a6e635e6c579ca24d672aa4aa068632 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:18 2015 +0200 qapi-commands: Rearrange code Rename gen_marshal_input() to gen_marshal(), because the generated function marshals both arguments and results. Rename gen_visitor_input_containers_decl() to gen_marshal_vars(), and move the other variable declarations there, too. Rename gen_visitor_input_block() to gen_marshal_input_visit(), and rearrange its code slightly. Rename gen_marshal_input_decl() to gen_marshal_proto(), because the result isn't a full declaration, unlike gen_command_decl()'s. New gen_marshal_decl() actually returns a full declaration. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-16-git-send-email-armbru@xxxxxxxxxx> commit 60f8546acd113e636bf2ba8af991ebe0f6e8ad66 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:17 2015 +0200 qapi-visit: Rearrange code a bit Move gen_visit_decl() to a better place. Inline generate_visit_struct_body(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-15-git-send-email-armbru@xxxxxxxxxx> commit e98859a9b96d71dea8f9af43325edd43c7effe66 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:16 2015 +0200 qapi: Clean up after recent conversions to QAPISchemaVisitor Generate just 'FOO' instead of 'struct FOO' when possible. Drop helper functions that are now unused. Make pep8 and pylint reasonably happy. Rename generate_FOO() functions to gen_FOO() for consistency. Use more consistent and sensible variable names. Consistently use c_ for mapping keys when their value is a C identifier or type. Simplify gen_enum() and gen_visit_union() Consistently use single quotes for C text string literals. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1442401589-24189-14-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 5710153e7310995b5d4127af267e36d8529b3b30 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:15 2015 +0200 qapi: Replace dirty is_c_ptr() by method c_null() is_c_ptr() looks whether the end of the C text for the type looks like a pointer. Works, but is fragile. We now have a better tool: use QAPISchemaType method c_null(). The initializers for non-pointers become prettier: 0, false or the enumeration constant with the value 0 instead of {0}. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-13-git-send-email-armbru@xxxxxxxxxx> commit 05f43a960877cf941635324b2d0a74c0d0f7128e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:14 2015 +0200 qapi-event: Convert to QAPISchemaVisitor, fixing data with base Fixes events whose data is struct with base to include the struct's base members. Test case is qapi-schema-test.json's event __org.qemu_x-command: { 'event': '__ORG.QEMU_X-EVENT', 'data': '__org.qemu_x-Struct' } { 'struct': '__org.qemu_x-Struct', 'base': '__org.qemu_x-Base', 'data': { '__org.qemu_x-member2': 'str' } } { 'struct': '__org.qemu_x-Base', 'data': { '__org.qemu_x-member1': '__org.qemu_x-Enum' } } Patch's effect on generated qapi_event_send___org_qemu_x_event(): -void qapi_event_send___org_qemu_x_event(const char *__org_qemu_x_member2, +void qapi_event_send___org_qemu_x_event(__org_qemu_x_Enum __org_qemu_x_member1, + const char *__org_qemu_x_member2, Error **errp) { QDict *qmp; @@ -224,6 +225,10 @@ void qapi_event_send___org_qemu_x_event( goto clean; } + visit_type___org_qemu_x_Enum(v, &__org_qemu_x_member1, "__org.qemu_x-member1", &local_err); + if (local_err) { + goto clean; + } visit_type_str(v, (char **)&__org_qemu_x_member2, "__org.qemu_x-member2", &local_err); if (local_err) { goto clean; Code is generated in a different order now, but that doesn't matter. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 7b24626cd019ed5084c8e3370999176a1ebd44be Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:13 2015 +0200 qapi-event: Eliminate global variable event_enum_value Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-11-git-send-email-armbru@xxxxxxxxxx> commit efd2eaa6c2992c214a13f102b6ddd4dca4697fb3 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:12 2015 +0200 qapi: De-duplicate enum code generation Duplicated in commit 21cd70d. Yes, we can't import qapi-types, but that's no excuse. Move the helpers from qapi-types.py to qapi.py, and replace the duplicates in qapi-event.py. The generated event enumeration type's lookup table becomes const-correct (see commit 2e4450f), and uses explicit indexes instead of relying on order (see commit 912ae9c). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1442401589-24189-10-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit ee44602857660e79f46547de02e26d65bcaf1519 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:11 2015 +0200 qapi-commands: Convert to QAPISchemaVisitor Output unchanged apart from reordering and white-space. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1442401589-24189-9-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 441cbac0c7e641780decbc674a9a68c6a5200f71 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:10 2015 +0200 qapi-visit: Convert to QAPISchemaVisitor, fixing bugs Fixes flat unions to visit the base's base members (the previous commit merely added them to the struct). Same test case. Patch's effect on visit_type_UserDefFlatUnion(): static void visit_type_UserDefFlatUnion_fields(Visitor *m, UserDefFlatUnion **obj, Error **errp) { Error *err = NULL; + visit_type_int(m, &(*obj)->integer, "integer", &err); + if (err) { + goto out; + } visit_type_str(m, &(*obj)->string, "string", &err); if (err) { goto out; Test cases updated for the bug fix. Fixes alternates to generate a visitor for their implicit enumeration type. None of them are currently used, obviously. Example: block-core.json's BlockdevRef now generates visit_type_BlockdevRefKind(). Code is generated in a different order now, and therefore has got a few new forward declarations. Doesn't matter. The guard QAPI_VISIT_BUILTIN_VISITOR_DECL is renamed to QAPI_VISIT_BUILTIN. The previous commit's two ugly special cases exist here, too. Mark both TODO. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 2b162ccbe875e5323fc04c1009addbdea4d35220 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:09 2015 +0200 qapi-types: Convert to QAPISchemaVisitor, fixing flat unions Fixes flat unions to get the base's base members. Test case is from commit 2fc0043, in qapi-schema-test.json: { 'union': 'UserDefFlatUnion', 'base': 'UserDefUnionBase', 'discriminator': 'enum1', 'data': { 'value1' : 'UserDefA', 'value2' : 'UserDefB', 'value3' : 'UserDefB' } } { 'struct': 'UserDefUnionBase', 'base': 'UserDefZero', 'data': { 'string': 'str', 'enum1': 'EnumOne' } } { 'struct': 'UserDefZero', 'data': { 'integer': 'int' } } Patch's effect on UserDefFlatUnion: struct UserDefFlatUnion { /* Members inherited from UserDefUnionBase: */ + int64_t integer; char *string; EnumOne enum1; /* Own members: */ union { /* union tag is @enum1 */ void *data; UserDefA *value1; UserDefB *value2; UserDefB *value3; }; }; Flat union visitors remain broken. They'll be fixed next. Code is generated in a different order now, but that doesn't matter. The two guards QAPI_TYPES_BUILTIN_STRUCT_DECL and QAPI_TYPES_BUILTIN_CLEANUP_DECL are replaced by just QAPI_TYPES_BUILTIN. Two ugly special cases for simple unions now stand out like sore thumbs: 1. The type tag is named 'type' everywhere, except in generated C, where it's 'kind'. 2. QAPISchema lowers simple unions to semantically equivalent flat unions. However, the C generated for a simple unions differs from the C generated for its equivalent flat union, and we therefore need special code to preserve that pointless difference for now. Mark both TODO. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit b2af43cc379e1d4c30d92af257bedebf0e3f618a Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Sep 18 12:07:18 2015 +0200 spice: surface switch fast path requires same format too. Commit "555e72f spice: rework mirror allocation, add no-resize fast path" adds a fast path for surface switches which does't go through the full primary surface destroy and re-recreation in case the new surface is identical to the old one (page-flip). It checks the size only though, but the format must be identical too. This patch adds the format check. Commit "0002a51 ui/spice: Support shared surface for most pixman formats" increases the chance to actually trigger this. https://bugzilla.redhat.com/show_bug.cgi?id=1247479 Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 156402e5042193c45e70c378a93ccafd3832d8ff Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:08 2015 +0200 tests/qapi-schema: Convert test harness to QAPISchemaVisitor The old code prints the result of parsing (list of expression dictionaries), and partial results of semantic analysis (list of enum dictionaries, list of struct dictionaries). The new code prints a trace of a schema visit, i.e. what the back-ends are going to use. Built-in and array types are omitted, because they're boring. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 3f7dc21bee1e930d5cccf607b8f83831c3bbdb09 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:07 2015 +0200 qapi: New QAPISchemaVisitor The visitor will help keeping the code generation code simple and reasonably separated from QAPISchema details. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1442401589-24189-5-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit f51d8c3db11b0f3052b3bb4b8b0c7f0bc76f7136 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:06 2015 +0200 qapi: QAPISchema code generation helper methods New methods c_name(), c_type(), c_null(), json_type(), alternate_qtype(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1442401589-24189-4-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit ac88219a6c78302c693fb60fe6cf04358540fbce Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:05 2015 +0200 qapi: New QAPISchema intermediate reperesentation The QAPI code generators work with a syntax tree (nested dictionaries) plus a few symbol tables (also dictionaries) on the side. They have clearly outgrown these simple data structures. There's lots of rummaging around in dictionaries, and information is recomputed on the fly. For the work I'm going to do, I want more clearly defined and more convenient interfaces. Going forward, I also want less coupling between the back-ends and the syntax tree, to make messing with the syntax easier. Create a bunch of classes to represent QAPI schemata. Have the QAPISchema initializer call the parser, then walk the syntax tree to create the new internal representation, and finally perform semantic analysis. Shortcut: the semantic analysis still relies on existing check_exprs() to do the actual semantic checking. All this code needs to move into the classes. Mark as TODO. Simple unions are lowered to flat unions. Flat unions and structs are represented as a more general object type. Catching name collisions in generated code would be nice. Mark as TODO. We generate array types eagerly, even though most of them aren't used. Mark as TODO. Nothing uses the new intermediate representation just yet, thus no change to generated files. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit a4bcb2080d5c1d08bab512d76fb260296e2cae74 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Sep 16 13:06:04 2015 +0200 qapi: Rename class QAPISchema to QAPISchemaParser I want to name a new class QAPISchema. While there, make it a new-style class. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1442401589-24189-2-git-send-email-armbru@xxxxxxxxxx> commit 8f60f8e2e574f341709128ff7637e685fd640254 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Sep 13 23:03:45 2015 +0200 target-ppc: fix xscmpodp and xscmpudp decoding The xscmpodp and xscmpudp instructions only have the AX, BX bits in there encoding, the lowest bit (usually TX) is marked as an invalid bit. We therefore can't decode them with GEN_XX2FORM, which decodes the two lowest bit. Introduce a new form GEN_XX2FORM, which decodes AX and BX and mark the lowest bit as invalid. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 65cf1f65be0fc4883edbd66feeab3ddaceb11c00 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Sep 13 23:03:44 2015 +0200 target-ppc: fix vcipher, vcipherlast, vncipherlast and vpermxor For vector instructions, the helpers get pointers to the vector register in arguments. Some operands might point to the same register, including the operand holding the result. When emulating instructions which access the vector elements in a non-linear way, we need to store the result in an temporary variable. This fixes openssl when emulating a POWER8 CPU. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit d4574435a6530bbd96ae130eddfe5b676f91367a Author: Alexander Graf <agraf@xxxxxxx> Date: Fri Aug 28 13:10:17 2015 +0200 PPC: E500: Update u-boot to commit 79c884d7e4 The current U-Boot binary in QEMU has a bug where it fails to support dynamic CCSR addressing. Without this support, u-boot can not boot the ppce500 machine anymore. This has been fixed upstream in u-boot commit e834975b. Update the u-boot blob we carry in QEMU to the latest u-boot upstream, so that we can successfully run u-boot with the ppce500 machine again. CC: qemu-stable@xxxxxxxxxx Signed-off-by: Alexander Graf <agraf@xxxxxxx> Tested-by: Thomas Huth <thuth@xxxxxxxxxx> commit 6bb9a0a9ef9b9b1c2434a52d1c1d066ce179adf8 Author: Anton Blanchard <anton@xxxxxxxxx> Date: Thu Jul 2 14:44:06 2015 +1000 target-ppc: Fix SRR0 when taking unaligned exceptions We are setting SRR0 to the instruction before the one causing the unaligned exception. A quick testcase: . = 0x100 .globl _start _start: /* Cause a 0x600 */ li 3,0x1 stwcx. 3,0,3 1: b 1b . = 0x600 1: b 1b Built into something we can load as a BIOS image: gcc -mbig -c test.S ld -EB -Ttext 0x0 -o test test.o objcopy -O binary test test.bin Run with: qemu-system-ppc64 -nographic -bios test.bin Shows an incorrect SRR0 (points at the li): SRR0 0000000000000100 With the patch we get the correct SRR0: SRR0 0000000000000104 Signed-off-by: Anton Blanchard <anton@xxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit e7f08320f055e1093007b3f1d55b145d5f4daaa1 Author: Rudolf Marek <mar@xxxxxxxxx> Date: Fri Aug 14 13:38:55 2015 +0200 PPC: e500 pci host: Fix ATMUs register reads There is a bug in the register mask when reading the ATMUs registers. As the result some registers cannot be read, and read is aliased to the other registers. Fix it. Signed-off-by: Rudolf Marek <rudolf.marek@xxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 1cde732d88af34849343dc1f0e68072eab0841b9 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Sun Aug 23 11:50:55 2015 +0100 mac_dbdma: always clear FLUSH bit once DBDMA channel flush is complete The code to flush the DBDMA channel was effectively duplicated in dbdma_control_write(), except for the fact that the copy executed outside of a RUN bit transition was broken by not clearing the FLUSH bit once the flush was complete. Newer PPC Linux kernels would timeout waiting for the FLUSH bit to clear again after submitting a FLUSH command. Fix this by always clearing the FLUSH bit once the channel flush is complete and removing the repeated code. Reported-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 116dc18db6854cc38c6abff799019b7237365a36 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Jul 27 14:46:02 2015 +0200 kvm_ppc: remove kvmppc_timer_hack QEMU does have an I/O thread now, that can be interrupted at any time because the VCPU thread runs outside the iothread mutex. Therefore, the kvmppc_timer_hack is obsolete. Remove it. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 18640989a9f5e4d2e84b566c52ff1fccfa0dbf4a Merge: b12a84c 3b53e45 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sat Sep 19 15:59:52 2015 +0100 Merge remote-tracking branch 'remotes/afaerber/tags/qom-devices-for-peter' into staging QOM infrastructure fixes and device conversions * QOM API error handling fixes * Performance improvements for device GPIO property creation * Remaining conversion of QEMUMachine to QOM # gpg: Signature made Sat 19 Sep 2015 15:40:44 BST using RSA key ID 3E7E013F # gpg: Good signature from "Andreas Färber <afaerber@xxxxxxx>" # gpg: aka "Andreas Färber <afaerber@xxxxxxxx>" * remotes/afaerber/tags/qom-devices-for-peter: (21 commits) machine: Eliminate QEMUMachine and qemu_register_machine() Revert use of DEFINE_MACHINE() for registrations of multiple machines Use DEFINE_MACHINE() to register all machines mac_world: Break long line machine: DEFINE_MACHINE() macro exynos4: Declare each QEMUMachine as a separate variable exynos4: Use MachineClass instead of exynos4_machines array exynos4: Use EXYNOS4210_NCPUS instead of max_cpus on error message machine: Set MachineClass::name automatically machine: Ensure all TYPE_MACHINE subclasses have the right suffix mac99: Use MACHINE_TYPE_NAME to encode class name s390: Rename s390-ccw-virtio-2.4 class name to use MACHINE_TYPE_NAME s390-virtio: Rename machine class name to use MACHINE_TYPE_NAME pseries: Rename machine class names to use MACHINE_TYPE_NAME arm: Rename virt machine class to use MACHINE_TYPE_NAME vexpress: Rename machine classes to use MACHINE_TYPE_NAME vexpress: Don't set name on abstract class machine: MACHINE_TYPE_NAME macro qdev: Do not use slow [*] expansion for GPIO creation qom: Fix invalid error check in property_get_str() ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3b53e45f43825caaaf4fad6a5b85ce6a9949ff02 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 4 15:37:09 2015 -0300 machine: Eliminate QEMUMachine and qemu_register_machine() The struct is not used anymore and can be eliminated. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 8a661aea0e7f6e776c6ebc9abe339a85b34fea1d Author: Andreas Färber <afaerber@xxxxxxx> Date: Sat Sep 19 10:49:44 2015 +0200 Revert use of DEFINE_MACHINE() for registrations of multiple machines The script used for converting from QEMUMachine had used one DEFINE_MACHINE() per machine registered. In cases where multiple machines are registered from one source file, avoid the excessive generation of module init functions by reverting this unrolling. Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit e264d29de28c5b0be3d063307ce9fb613b427cc3 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 4 15:37:08 2015 -0300 Use DEFINE_MACHINE() to register all machines Convert all machines to use DEFINE_MACHINE() instead of QEMUMachine automatically using a script. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> [AF: Style cleanups, convert imx25_pdk machine] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit f309ae852c67833c3cac11747474fbb013529382 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 4 15:37:07 2015 -0300 mac_world: Break long line Coding style change only. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit ed0b6de343448d1014b53bcf541041373322fa1c Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 4 15:37:06 2015 -0300 machine: DEFINE_MACHINE() macro The macro will allow easy registration of a TYPE_MACHINE subclass, using only the machine name and a MachineClass initialization function as parameter. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 97c6671cf16640f997fc8c54ef456bbad125b635 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 4 15:37:05 2015 -0300 exynos4: Declare each QEMUMachine as a separate variable This will make the code follow the same pattern used for other machines, and will make it easier to automatically convert the code to be QOM-based. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit ca17776088e41dabdc3bb07334dbc73d631e30e3 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 4 15:37:04 2015 -0300 exynos4: Use MachineClass instead of exynos4_machines array We don't need a QEMUMachine array to query max_cpus, if we can get the corresponding MachineClass. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 6aadcc71354bc683fdedd8a3d369095d23095e1c Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Sep 4 15:37:03 2015 -0300 exynos4: Use EXYNOS4210_NCPUS instead of max_cpus on error message The code is checking smp_cpus against EXYNOS4210_NCPUS, not against max_cpus, so use EXYNOS4210_NCPUS in the error message for consistency. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 98cec76a7076c4a38e16f1a9de170a7942b3be54 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:36 2015 -0700 machine: Set MachineClass::name automatically Now all TYPE_MACHINE subclasses use MACHINE_TYPE_NAME to generate the class name. So instead of requiring each subclass to set MachineClass::name manually, we can now set it automatically at the TYPE_MACHINE class_base_init() function. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> [AF/ehabkost: Updated for s390-ccw machines] [AF: Cleanup of intermediate virt and vexpress name handling] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit dcb3d601115eed77aef543fe3a920adc17544e06 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:35 2015 -0700 machine: Ensure all TYPE_MACHINE subclasses have the right suffix Now that all non-abstract TYPE_MACHINE subclasses have the -machine suffix, add an assert to ensure this will be always true. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit c0f365186b30f97ef221489834e7ae146fc22db8 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:34 2015 -0700 mac99: Use MACHINE_TYPE_NAME to encode class name It will result in exactly the same class name, but it will make the code consistent with the other classes. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit af62e639fcc190f09c51e8b73dc6492b30ae2111 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:33 2015 -0700 s390: Rename s390-ccw-virtio-2.4 class name to use MACHINE_TYPE_NAME Machine class names should use the "-machine" suffix to allow class-name-based machine class lookup to work. Rename the s390-ccw-virtio-2.4 machine class using the MACHINE_TYPE_NAME macro. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> [AF/ehabkost: Updated for 2.5 machine] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 4c264d4b3d352d55663bd81667b5d177af1e871e Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:32 2015 -0700 s390-virtio: Rename machine class name to use MACHINE_TYPE_NAME Machine class names should use the "-machine" suffix to allow class-name-based machine class lookup to work. Rename the s390-virtio machine class using the MACHINE_TYPE_NAME macro. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit b9f072d01f81786f577c24d4f45050e63872cb13 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:31 2015 -0700 pseries: Rename machine class names to use MACHINE_TYPE_NAME Machine class names should use the "-machine" suffix to allow class-name-based machine class lookup to work. Rename the the pseries machine classes using the MACHINE_TYPE_NAME macro. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 64d3459c8586c8821970cbc99450340278507cfe Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:30 2015 -0700 arm: Rename virt machine class to use MACHINE_TYPE_NAME Machine class names should use the "-machine" suffix to allow class-name-based machine class lookup to work. Rename the arm virt machine class using the MACHINE_TYPE_NAME macro. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit fc603d29e96a2982f1b02123f83176f00a660b40 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:29 2015 -0700 vexpress: Rename machine classes to use MACHINE_TYPE_NAME Machine class names should use the "-machine" suffix to allow class-name-based machine class lookup to work. Rename the vexpress machine classes using the MACHINE_TYPE_NAME macro. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> [AF: Introduce VEXPRESS_*_MACHINE_NAME] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 54477b07fb81ab4a55c263f3449bc07469db30fb Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:28 2015 -0700 vexpress: Don't set name on abstract class The MachineClass::name field won't be ever be used on TYPE_VEXPRESS, as it is an abstract class and the machine class lookup code explicitly skips abstract classes. We can remove it to make the code simpler. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit c84a8f01b2a5d8bf98c447796d4a747333a5b1fd Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Aug 20 14:54:27 2015 -0700 machine: MACHINE_TYPE_NAME macro The macro will be useful to ensure the machine class names follow the right format to make machine class lookup by class name work correctly. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 81dfaf1a8f7f95259801da9732472f879023ef77 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Fri Jul 10 22:10:02 2015 +0200 tcg/mips: pass oi to tcg_out_tlb_load Instead of computing mem_index and s_bits in both tcg_out_qemu_ld and tcg_out_qemu_st function and passing them to tcg_out_tlb_load, directly pass oi to the tcg_out_tlb_load function and compute mem_index and s_bits there. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit d9f26847f1429bdb8ccaa4e7bd5f8b57a9da0e8d Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Fri Jul 10 22:04:48 2015 +0200 tcg/mips: move tcg_out_addsub2 Somehow the tcg_out_addsub2 function ended-up in the middle of the qemu_ld/st related functions. Move it with other arithmetics related functions. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 5eb4f645eba8a79ea643b228c74a79183d436c97 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Mon Sep 14 11:34:54 2015 +0100 tcg/mips: Fix clobbering of qemu_ld inputs The MIPS TCG backend implements qemu_ld with 64-bit targets using the v0 register (base) as a temporary to load the upper half of the QEMU TLB comparator (see line 5 below), however this happens before the input address is used (line 8 to mask off the low bits for the TLB comparison, and line 12 to add the host-guest offset). If the input address (addrl) also happens to have been placed in v0 (as in the second column below), it gets clobbered before it is used. addrl in t2 addrl in v0 1 srl a0,t2,0x7 srl a0,v0,0x7 2 andi a0,a0,0x1fe0 andi a0,a0,0x1fe0 3 addu a0,a0,s0 addu a0,a0,s0 4 lw at,9136(a0) lw at,9136(a0) set TCG_TMP0 (at) 5 lw v0,9140(a0) lw v0,9140(a0) set base (v0) 6 li t9,-4093 li t9,-4093 7 lw a0,9160(a0) lw a0,9160(a0) set addend (a0) 8 and t9,t9,t2 and t9,t9,v0 use addrl 9 bne at,t9,0x836d8c8 bne at,t9,0x836d838 use TCG_TMP0 10 nop nop 11 bne v0,t8,0x836d8c8 bne v0,a1,0x836d838 use base 12 addu v0,a0,t2 addu v0,a0,v0 use addrl, addend 13 lw t0,0(v0) lw t0,0(v0) Fix by using TCG_TMP0 (at) as the temporary instead of v0 (base), pushing the load on line 5 forward into the delay slot of the low comparison (line 10). The early load of the addend on line 7 also needs pushing even further for 64-bit targets, or it will clobber a0 before we're done with it. The output for 32-bit targets is unaffected. srl a0,v0,0x7 andi a0,a0,0x1fe0 addu a0,a0,s0 lw at,9136(a0) -lw v0,9140(a0) load high comparator li t9,-4093 -lw a0,9160(a0) load addend and t9,t9,v0 bne at,t9,0x836d838 - nop + lw at,9140(a0) load high comparator +lw a0,9160(a0) load addend -bne v0,a1,0x836d838 +bne at,a1,0x836d838 addu v0,a0,v0 lw t0,0(v0) Cc: qemu-stable@xxxxxxxxxx Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 6c76b37742d4db8176af37b667b5420727e79e2c Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Fri Jul 31 15:23:22 2015 +0300 qdev: Do not use slow [*] expansion for GPIO creation Expansion of [*] suffix is very slow because index expansion is done using trial and error strategy, starting every time from zero and retrying with the next index until insertion succeeds. With large number of already added properties this process takes huge amount of time (O(n^2) complexity). Some architectures (like ARM) use very large amount of IRQ pins in interrupt controller models. This flaw makes machine startup extremely slow (~20 seconds for ARM64 with 32 CPUs). This patch decreases this time down to ~10 seconds. Also in qdev_init_gpio_out_named() memset() is now called only once for the whole array instead of per-cell cleaning Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit e1c8237df5395f6a453f18109bd9dd33fb2a397c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Aug 25 20:00:46 2015 +0200 qom: Fix invalid error check in property_get_str() When a function returns a null pointer on error and only on error, you can do if (!foo(foos, errp)) { ... handle error ... } instead of the more cumbersome Error *err = NULL; if (!foo(foos, &err)) { error_propagate(errp, err); ... handle error ... } A StringProperty's getter, however, may return null on success! We then fail to call visit_type_str(). Screwed up in 6a146eb, v1.1. Fails tests/qom-test in my current, heavily hacked QAPI branch. No reproducer for master known (but I didn't look hard). Cc: Anthony Liguori <anthony@xxxxxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 4715d42efe8632b0f9d2594a80e917de45e4ef88 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Aug 25 20:00:45 2015 +0200 qom: Do not reuse errp after a possible error The argument for an Error **errp parameter must point to a null pointer. If it doesn't, and an error happens, error_set() fails its assertion. Instead of foo(foos, errp); bar(bars, errp); you need to do something like Error *err = NULL; foo(foos, &err); if (err) { error_propagate(errp, err); goto out; } bar(bars, errp); out: Screwed up in commit 0e55884 (v1.3.0): property_get_bool(). Screwed up in commit 1f21772 (v2.1.0): object_property_get_enum() and object_property_get_uint16List(). Screwed up in commit a8e3fbe (v2.4.0): property_get_enum(), property_set_enum(). Found by inspection, no actual crashes observed. Fix them up. Cc: Anthony Liguori <anthony@xxxxxxxxxxxxx> Cc: Hu Tao <hutao@xxxxxxxxxxxxxx> Cc: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit b12a84ce3c27e42c8f51c436aa196938d5cc2c71 Author: Rainer Müller <raimue@xxxxxxxxxxxxx> Date: Wed Sep 9 16:08:30 2015 +0200 cocoa: Suppress Cocoa window with -display Do not open a Cocoa window when another display is selected that will be initialized later. The Cocoa display cannot be selected with -display, so there is no need to check its argument. Signed-off-by: Rainer Müller <raimue@xxxxxxxxxxxxx> Reviewed-by: Andreas Färber <andreas.faerber@xxxxxx> Message-id: 1441807710-25431-1-git-send-email-raimue@xxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a53efe9c47c9a441b307c5cec64d08d9647ab6a4 Merge: ffa4822 e47f9eb Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 18 16:57:59 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Fri 18 Sep 2015 15:59:02 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" * remotes/jnsnow/tags/ide-pull-request: ahci: clean up initial d2h semantics ahci: remove cmd_fis argument from write_fis_d2h ahci: fix signature generation ahci: remove dead reset code atapi: abort transfers with 0 byte limits ide: fix ATAPI command permissions ide-test: add cdrom dma test ide-test: add cdrom pio test qtest/ahci: export generate_pattern qtest/ahci: use generate_pattern everywhere ide: unify io_buffer_offset increments Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e47f9eb148fc3b9a67d318951ebceb834205f94c Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Sep 1 16:50:41 2015 -0400 ahci: clean up initial d2h semantics with write_fis_d2h and signature generation tidied up, let's adjust the initial d2h semantics to make more sense. The initial d2h is considered delivered if there is guest memory to save it to. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1441140641-17631-5-git-send-email-jsnow@xxxxxxxxxx commit 28ee82557cdbf3d9023b58f7229b0d0fd1a3d776 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Sep 1 16:50:40 2015 -0400 ahci: remove cmd_fis argument from write_fis_d2h It's no longer used. We used to generate a D2H FIS based upon the command FIS that prompted the update, but in reality, the D2H FIS is generated purely from register state. cmd_fis is vestigial, so get rid of it. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1441140641-17631-4-git-send-email-jsnow@xxxxxxxxxx commit 33a983cb2821600f4ed5720919434256e8371ec2 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Sep 1 16:50:39 2015 -0400 ahci: fix signature generation The initial register device-to-host FIS no longer needs to specially set certain fields, as these can be handled generically by setting those fields explicitly with the signatures we want at port reset time. (1) Signatures are decomposed into their four component registers and set upon (AHCI) port reset. (2) the signature cache register is no longer set manually per-each device type, but instead just once during ahci_init_d2h. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1441140641-17631-3-git-send-email-jsnow@xxxxxxxxxx commit f91a0aa3743c8bdf0dc0f646606a3dc8bb2c7df8 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Sep 1 16:50:38 2015 -0400 ahci: remove dead reset code This check is dead due to an earlier conditional. AHCI does not currently support hotplugging, so checks to see if devices are present or not are useless. Remove it. Reported-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1441140641-17631-2-git-send-email-jsnow@xxxxxxxxxx commit 9ef2e93f9b1888c7d0deb4a105149138e6ad2e98 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Sep 17 14:17:05 2015 -0400 atapi: abort transfers with 0 byte limits We're supposed to abort on transfers like this, unless we fill Word 125 of our IDENTIFY data with a default transfer size, which we don't currently do. This is an ATA error, not a SCSI/ATAPI one. See ATA8-ACS3 sections 7.17.6.49 or 7.21.5. If we don't do this, QEMU will loop forever trying to transfer zero bytes, which isn't particularly useful. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-id: 1442253685-23349-2-git-send-email-jsnow@xxxxxxxxxx commit d9033e1d3aa666c5071580617a57bd853c5d794a Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Sep 17 14:17:05 2015 -0400 ide: fix ATAPI command permissions We're a little too lenient with what we'll let an ATAPI drive handle. Clamp down on the IDE command execution table to remove CD_OK permissions from commands that are not and have never been ATAPI commands. For ATAPI command validity, please see: - ATA4 Section 6.5 ("PACKET Command feature set") - ATA8/ACS Section 4.3 ("The PACKET feature set") - ACS3 Section 4.3 ("The PACKET feature set") ACS3 has a historical command validity table in Table B.4 ("Historical Command Assignments") that can be referenced to find when a command was introduced, deprecated, obsoleted, etc. The only reference for ATAPI command validity is by checking that version's PACKET feature set section. ATAPI was introduced by T13 into ATA4, all commands retired prior to ATA4 therefore are assumed to have never been ATAPI commands. Mandatory commands, as listed in ATA8-ACS3, are: - DEVICE RESET - EXECUTE DEVICE DIAGNOSTIC - IDENTIFY DEVICE - IDENTIFY PACKET DEVICE - NOP - PACKET - READ SECTOR(S) - SET FEATURES Optional commands as listed in ATA8-ACS3, are: - FLUSH CACHE - READ LOG DMA EXT - READ LOG EXT - WRITE LOG DMA EXT - WRITE LOG EXT All other commands are illegal to send to an ATAPI device and should be rejected by the device. CD_OK removal justifications: 0x06 WIN_DSM Defined in ACS2. Not valid for ATAPI. 0x21 WIN_READ_ONCE Retired in ATA5. Not ATAPI in ATA4. 0x94 WIN_STANDBYNOW2 Retired in ATA4. Did not coexist with ATAPI. 0x95 WIN_IDLEIMMEDIATE2 Retired in ATA4. Did not coexist with ATAPI. 0x96 WIN_STANDBY2 Retired in ATA4. Did not coexist with ATAPI. 0x97 WIN_SETIDLE2 Retired in ATA4. Did not coexist with ATAPI. 0x98 WIN_CHECKPOWERMODE2 Retired in ATA4. Did not coexist with ATAPI. 0x99 WIN_SLEEPNOW2 Retired in ATA4. Did not coexist with ATAPI. 0xE0 WIN_STANDBYNOW1 Not part of ATAPI in ATA4, ACS or ACS3. 0xE1 WIN_IDLEIMMDIATE Not part of ATAPI in ATA4, ACS or ACS3. 0xE2 WIN_STANDBY Not part of ATAPI in ATA4, ACS or ACS3. 0xE3 WIN_SETIDLE1 Not part of ATAPI in ATA4, ACS or ACS3. 0xE4 WIN_CHECKPOWERMODE1 Not part of ATAPI in ATA4, ACS or ACS3. 0xE5 WIN_SLEEPNOW1 Not part of ATAPI in ATA4, ACS or ACS3. 0xF8 WIN_READ_NATIVE_MAX Obsoleted in ACS3. Not ATAPI in ATA4 or ACS. This patch fixes a divide by zero fault that can be caused by sending the WIN_READ_NATIVE_MAX command to an ATAPI drive, which causes it to attempt to use zeroed CHS values to perform sector arithmetic. Reported-by: Qinghao Tang <luodalongde@xxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-id: 1441816082-21031-1-git-send-email-jsnow@xxxxxxxxxx CC: qemu-stable@xxxxxxxxxx commit 00ea63fd18d0b7e0248e476c5150a04a06e79a3b Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Sep 17 14:17:05 2015 -0400 ide-test: add cdrom dma test Now, test the DMA functionality of the ATAPI drive. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1441926555-19471-5-git-send-email-jsnow@xxxxxxxxxx commit f7ba8d7fb6a7f22f8ecf99f61a35079accaba5c4 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Sep 17 14:17:04 2015 -0400 ide-test: add cdrom pio test Add a simple read test for ATAPI devices, using the PIO mechanism. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1441926555-19471-4-git-send-email-jsnow@xxxxxxxxxx commit ab4f705751c39d59e5039a145cf4703320e4207e Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Sep 17 14:17:04 2015 -0400 qtest/ahci: export generate_pattern Share the pattern function for ide and ahci test. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1441926555-19471-3-git-send-email-jsnow@xxxxxxxxxx commit d7531638db73396c9e89ade086bbeab6023656f9 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Sep 17 14:17:04 2015 -0400 qtest/ahci: use generate_pattern everywhere Fix the pattern generation to actually be interesting, and make sure all buffers in the ahci-test actually use it. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1441926555-19471-2-git-send-email-jsnow@xxxxxxxxxx commit ffa4822c015d5670ef6a2239f3cbd2ff2cec57de Merge: 3bf1f5e 0bdaa3a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 18 14:41:53 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2015-09-18' into staging Error reporting patches # gpg: Signature made Fri 18 Sep 2015 13:42:49 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-error-2015-09-18: memory: Fix bad error handling in memory_region_init_ram_ptr() loader: Fix memory_region_init_resizeable_ram() error handling Fix bad error handling after memory_region_init_ram() error: New error_fatal MAINTAINERS: Add "Error reporting" entry error: Copy location information in error_copy() hmp: Allow for error message hints on HMP error: only prepend timestamp on stderr Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0bdaa3a429c6d07cd437b442a1f15f70be1addaa Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Sep 11 16:51:45 2015 +0200 memory: Fix bad error handling in memory_region_init_ram_ptr() Commit ef701d7 screwed up handling of out-of-memory conditions. Before the commit, we report the error and exit(1), in one place. The commit lifts the error handling up the call chain some, to three places. Fine. Except it uses &error_abort in these places, changing the behavior from exit(1) to abort(), and thus undoing the work of commit 3922825 "exec: Don't abort when we can't allocate guest memory". The previous two commits fixed one of the three places, another one was fixed in commit 33e0eb5. This commit fixes the third one. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1441983105-26376-5-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> commit df8abec8cb48f6c439516fd78b3ab6535e6fd493 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Sep 11 16:51:44 2015 +0200 loader: Fix memory_region_init_resizeable_ram() error handling Commit ef701d7 screwed up handling of out-of-memory conditions. Before the commit, we report the error and exit(1), in one place. The commit lifts the error handling up the call chain some, to three places. Fine. Except it uses &error_abort in these places, changing the behavior from exit(1) to abort(), and thus undoing the work of commit 3922825 "exec: Don't abort when we can't allocate guest memory". The previous commit fixed up uses of memory_region_init_ram(). One of them was replaced by memory_region_init_resizeable_ram() [sic!] in commit a166614, so Coccinelle missed it. Fix it up. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1441983105-26376-4-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> commit f8ed85ac992c48814d916d5df4d44f9a971c5de4 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Sep 11 16:51:43 2015 +0200 Fix bad error handling after memory_region_init_ram() Symptom: $ qemu-system-x86_64 -m 10000000 Unexpected error in ram_block_add() at /work/armbru/qemu/exec.c:1456: upstream-qemu: cannot set up guest memory 'pc.ram': Cannot allocate memory Aborted (core dumped) Root cause: commit ef701d7 screwed up handling of out-of-memory conditions. Before the commit, we report the error and exit(1), in one place, ram_block_add(). The commit lifts the error handling up the call chain some, to three places. Fine. Except it uses &error_abort in these places, changing the behavior from exit(1) to abort(), and thus undoing the work of commit 3922825 "exec: Don't abort when we can't allocate guest memory". The three places are: * memory_region_init_ram() Commit 4994653 (right after commit ef701d7) lifted the error handling further, through memory_region_init_ram(), multiplying the incorrect use of &error_abort. Later on, imitation of existing (bad) code may have created more. * memory_region_init_ram_ptr() The &error_abort is still there. * memory_region_init_rom_device() Doesn't need fixing, because commit 33e0eb5 (soon after commit ef701d7) lifted the error handling further, and in the process changed it from &error_abort to passing it up the call chain. Correct, because the callers are realize() methods. Fix the error handling after memory_region_init_ram() with a Coccinelle semantic patch: @r@ expression mr, owner, name, size, err; position p; @@ memory_region_init_ram(mr, owner, name, size, ( - &error_abort + &error_fatal | err@p ) ); @script:python@ p << r.p; @@ print "%s:%s:%s" % (p[0].file, p[0].line, p[0].column) When the last argument is &error_abort, it gets replaced by &error_fatal. This is the fix. If the last argument is anything else, its position is reported. This lets us check the fix is complete. Four positions get reported: * ram_backend_memory_alloc() Error is passed up the call chain, ultimately through user_creatable_complete(). As far as I can tell, it's callers all handle the error sanely. * fsl_imx25_realize(), fsl_imx31_realize(), dp8393x_realize() DeviceClass.realize() methods, errors handled sanely further up the call chain. We're good. Test case again behaves: $ qemu-system-x86_64 -m 10000000 qemu-system-x86_64: cannot set up guest memory 'pc.ram': Cannot allocate memory [Exit 1 ] The next commits will repair the rest of commit ef701d7's damage. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1441983105-26376-3-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> commit a29a37b994ca3c5a1d39fa0e8934f7e0f2cf57ef Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Sep 11 16:51:42 2015 +0200 error: New error_fatal Similar to error_abort, but doesn't report where the error was created, and terminates the process with exit(1) rather than abort(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1441983105-26376-2-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> commit 4f966768acd1d677d24d60a01c160c18a09cce80 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Sat Sep 12 13:29:56 2015 +0200 MAINTAINERS: Add "Error reporting" entry Error reporting work has been flowing through my tree for a while. Time for MAINTAINERS to catch up. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1442057396-21989-1-git-send-email-armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> commit 88e2ce291595ed8f12636b40523fdb215a9d3374 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Sep 10 10:34:50 2015 -0600 error: Copy location information in error_copy() Commit 1e9b65bb forgot to propagate source information to copied errors. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1441902890-23064-1-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 50b7b000c9171c1253c1c875f46f654c3c0e1fc8 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Sep 10 10:19:16 2015 -0600 hmp: Allow for error message hints on HMP Commits 7216ae3d and d2828429 disabled some error message hints, all because a change to use modern error reporting meant that the hint would be output prior to the actual error. Fix this by making hints a first-class member of Error. For example, we are now back to the pleasant: $ qemu-system-x86_64 --nodefaults -S --vnc :0 --chardev null,id=, qemu-system-x86_64: --chardev null,id=,: Parameter 'id' expects an identifier Identifiers consist of letters, digits, '-', '.', '_', starting with a letter. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1441901956-21991-1-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 615cf669b55a689f9e535ecf87075e50004b6e0a Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Aug 10 14:15:41 2015 +0100 error: only prepend timestamp on stderr The -msg timestamp=on option prepends a timestamp to error messages. This is useful on stderr where it allows users to identify when an error was raised. Timestamps do not make sense on the monitor since error_report() is called in response to a synchronous monitor command and the user already knows "when" the command was issued. Additionally, the rest of the monitor conversation lacks timestamps so the error timestamp cannot be correlated with other activity. Only prepend timestamps on stderr. This fixes libvirt's 'drive_del' processing, which did not expect a timestamp. Other QEMU monitor clients are probably equally confused by timestamps on monitor error messages. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Seiji Aguchi <seiji.aguchi@xxxxxxx> Cc: Frank Schreuder <fschreuder@xxxxxxxxxx> Cc: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1439212541-16997-1-git-send-email-stefanha@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Tested-by: Frank Schreuder <fschreuder@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 3bf1f5ec6a7ec8ee06c95bf308d213ebaa129ee0 Merge: 16a1b6e 9c708c7 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 18 12:55:27 2015 +0100 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150918' into staging MIPS patches 2015-09-18 Changes: * fixes for rdhwr, tlbwr, mtc0, recip.fmt, rsqrt.fmt and daui instructions * removal of MIPS_DEBUG code * use tcg_gen_extrh_i64_i32() * improve random tlb index generation in cpu_mips_get_random() * exception handling improvements to correctly restore icount # gpg: Signature made Fri 18 Sep 2015 12:15:28 BST using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" * remotes/lalrae/tags/mips-20150918: target-mips: improve exception handling target-mips: correct MTC0 instruction on MIPS64 target-mips: add missing restriction in DAUI instruction target-mips: fix corner case in TLBWR causing QEMU to hang pic32: use LCG algorithm for generated random index of TLBWR instruction target-mips: get rid of MIPS_DEBUG_SIGN_EXTENSIONS target-mips: get rid of MIPS_DEBUG target-mips: Fix RDHWR on CP0.Count target-mips: remove wrong checks for recip.fmt and rsqrt.fmt target-mips: Use tcg_gen_extrh_i64_i32 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9c708c7f9fbb813a3fac02f2728e51e62f2f5ffc Author: Pavel Dovgaluk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:57:08 2015 +0300 target-mips: improve exception handling This patch improves exception handling in MIPS. Instructions generate several types of exceptions. When exception is generated, it breaks the execution of the current translation block. Implementation of the exceptions handling does not correctly restore icount for the instruction which caused the exception. In most cases icount will be decreased by the value equal to the size of TB. This patch passes pointer to the translation block internals to the exception handler. It allows correct restoring of the icount value. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> [leon.alrae@xxxxxxxxxx: avoid retranslation in linux-user SC, break lines which are over 80 chars, remove v3 changelog from the commit message] Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit d54a299b83a07642c85a22bfe19b69ca4def9ec4 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Wed Sep 9 12:44:25 2015 +0100 target-mips: correct MTC0 instruction on MIPS64 MTC0 on a 64-bit processor should move entire 64-bit GPR content to CP0 register. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit db77d8523909b32d798cd2c80de422b68f9e5c42 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Wed Sep 9 14:45:36 2015 +0100 target-mips: add missing restriction in DAUI instruction rs cannot be the zero register, Reserved Instruction exception must be signalled for this case. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 3adafef2f35d9061b56a09071b2589b9e0b36f76 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Thu Sep 10 10:15:28 2015 +0100 target-mips: fix corner case in TLBWR causing QEMU to hang cpu_mips_get_random() function is used to generate a random index from CP0.Wired to TLBSize-1 range. Current implementation avoids generating the same as before value, hence the while loop. If the guest sets CP0.Wired to TLBSize-1 (which actually does not sound to be very practical) QEMU will get stuck in the loop infinitely as we always generate the same index. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit ceb0ee147df35adc7b705da1c84a4624c9cabb21 Author: Serge Vakulenko <serge.vakulenko@xxxxxxxxx> Date: Sun Jul 5 23:14:50 2015 -0700 pic32: use LCG algorithm for generated random index of TLBWR instruction The LFSR algorithm, used for generating random TLB indexes for TLBWR instruction, was inclined to produce a degenerate sequence in some cases. For example, for 16-entry TLB size and Wired=1, it gives: 15, 6, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2, 7, 2... When replaced with LCG algorithm from ISO/IEC 9899 standard, the sequence looks much better, with about the same computational effort needed. Signed-off-by: Serge Vakulenko <serge.vakulenko@xxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit b307446e04232b3a87e9da04886895a8e5a4a407 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Sep 13 23:07:59 2015 +0200 target-mips: get rid of MIPS_DEBUG_SIGN_EXTENSIONS MIPS_DEBUG_SIGN_EXTENSIONS was used sometimes ago to verify that 32-bit instructions correctly sign extend their results. It's now not need anymore, remove it. Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 9d68ac14dab3f5af33a6b23458941dc6fb261fce Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Sep 13 23:07:58 2015 +0200 target-mips: get rid of MIPS_DEBUG MIPS_DEBUG is a define used to dump the instruction disassembling. It has to be defined at compile time. In practice I believe it's more efficient to just look at the instruction disassembly and op dump using -d in_asm,op. This patch therefore removes the corresponding code, which clutters translate.c. Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit cdfcad788394ff53e317043e07b8e34f4987c659 Author: Alex Smith <alex.smith@xxxxxxxxxx> Date: Tue Sep 8 11:34:11 2015 +0100 target-mips: Fix RDHWR on CP0.Count For RDHWR on the CP0.Count register, env->CP0_Count was being returned. This value is a delta against the QEMU_CLOCK_VIRTUAL clock, not the correct current value of CP0.Count. Use cpu_mips_get_count() instead. Signed-off-by: Alex Smith <alex.smith@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit ca6c7803d2beae43299a80f4549d36579881fc0b Author: Petar Jovanovic <petar.jovanovic@xxxxxxxxxx> Date: Wed Aug 26 14:12:20 2015 +0200 target-mips: remove wrong checks for recip.fmt and rsqrt.fmt Instructions recip.{s|d} and rsqrt.{s|d} do not require 64-bit FPU neither they require any particular mode for its FPU. This patch removes the checks that may break a program that uses these instructions. Signed-off-by: Petar Jovanovic <petar.jovanovic@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 71f303cd246ae22ce6fdacb3801b5abbca25c409 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Sep 2 15:50:14 2015 -0700 target-mips: Use tcg_gen_extrh_i64_i32 We can tidy gen_load_fpr32h, as well as introduce a helper to cleanup the MACC instructions. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit aaeda4a3c9e4d1d25c65ce8ca98e2de06daf1eec Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Sep 17 14:17:04 2015 -0400 ide: unify io_buffer_offset increments IDEState's io_buffer_offset was originally added to keep track of offsets in AHCI rather exclusively, but it was added to IDEState instead of an AHCI-specific structure. AHCI fakes all PIO transfers using DMA and a scatter-gather list. When the core or atapi layers invoke HBA-specific mechanisms for transfers, they do not always know that it is being backed by DMA or a sglist, so this offset is not always updated by the HBA code everywhere. If we modify it in dma_buf_commit, however, any HBA that needs to use this offset to manage operating on only part of a sglist will have access to it. This will fix ATAPI PIO transfers performed through the AHCI HBA, which were previously not modifying this value appropriately. This will fix ATAPI PIO transfers larger than one sector. Reported-by: Hannes Reinecke <hare@xxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Tested-by: Laszlo Ersek <lersek@xxxxxxxxxx> Message-id: 1440546331-29087-2-git-send-email-jsnow@xxxxxxxxxx CC: qemu-stable@xxxxxxxxxx commit 16a1b6e97c2a2919fd296db4bea2f9da2ad3cc4d Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Fri May 4 12:54:34 2012 +0200 target-cris: update CPU state save/load to use VMStateDescription Update the CRIS CPU state save/load to use a VMStateDescription struct rather than cpu_save/cpu_load functions. Have to define TLBSet struct. Multidimensional arrays in C are a mess, just unroll them. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> [PMM: * expand commit message a little since it's no longer one patch in a 35-patch series * add header/copyright comment to machine.c; credited copyright is Red Hat and author is Juan, since this commit gives the file all-new contents; license is LGPL-2-or-later, to match other target-cris code * remove hardcoded tab * add fields for locked_irq, interrupt_vector, fault_vector, trap_vector * drop minimum_version_id_old fields * bump version_id to 2 as we are not compatible with old state format * remove unnecessary hw/boards.h include * update to register via dc->vmsd] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Acked-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit cc450bfdc030d1943d99b3cb526a3e2cb4f3cd72 Merge: 1c9f03b 271a234 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 17 13:07:50 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Thu 17 Sep 2015 12:43:56 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: net: smc91c111: flush packets on RCR register changes net: smc91c111: gate can_receive() on rx FIFO having a slot net: smc91c111: guard flush_queued_packets() on can_rx() MAINTAINERS: Stefan will not maintain net subsystem Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 271a234a2359975101396916f37f3c7d347c61b8 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 21:24:12 2015 -0700 net: smc91c111: flush packets on RCR register changes The SOFT_RST or RXEN in the control register can be used as a condition to unblock the net layer via can_receive(). So check for possible flushes on RCR changes. This will drop all pending packets on soft reset or disable which is the functional intent of the can_receive() logic. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard Purdie <richard.purdie@xxxxxxxxxxxxxxxxxxx> Message-id: b114d4c96f4afbdaa15f1361d9c07e3021755915.1441873621.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e62cb54cd5d08dc1c029f254b0d18faa138971b2 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 21:23:57 2015 -0700 net: smc91c111: gate can_receive() on rx FIFO having a slot Return false from can_receive() when the FIFO doesn't have a free RX slot. This fixes a bug in the current code where the allocated buffer is freed before the fifo pop, triggering a premature flush of queued RX packets. It also will handle a corner case, where the guest manually frees the allocated buffer before popping the rx FIFO (hence it is not enough to just delay the flush_queued_packets()). Reported-by: Richard Purdie <richard.purdie@xxxxxxxxxxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard Purdie <richard.purdie@xxxxxxxxxxxxxxxxxxx> Message-id: 97bfdfc5cbce0bd5e0cbbbff35ce7a1bf6f8603d.1441873621.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 8d06b149271cbd5b19bed5bde8da5ecef40ecbc6 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 21:23:43 2015 -0700 net: smc91c111: guard flush_queued_packets() on can_rx() Check that the core can once again receive packets before asking the net layer to do a flush. This will make it more convenient to flush packets when adding new conditions to can_receive. Add missing if braces while moving the can_receive() core code. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard Purdie <richard.purdie@xxxxxxxxxxxxxxxxxxx> Message-id: 92e15e12a6964274f4bc0eb71b61a7d94326f6c6.1441873621.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1c9f03b81ce9136cf1bd3c111582b320b507dfec Merge: 3c4698d d626834 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Sep 16 18:06:54 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * Linux header update and cleanup * Support for HyperV crash report * Cleanup of target-specific HMP commands * Multiarch batch * Checkpatch fix for Perl 5.22 * NBD fix * Revert incorrect commit 5243722376 # gpg: Signature made Wed 16 Sep 2015 16:39:01 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" * remotes/bonzini/tags/for-upstream: (24 commits) nbd: release exp->blk after all clients are closed checkpatch: Escape left braces in regex monitor: uninclude cpu_ldst include/exec: Move cputlb exec.c defs out cputlb: Change tlb_set_dirty() arg to cpu cputlb: move CPU_LOOP() for tlb_reset() to exec.c translate: move real_host_page setting to -common tcg: Move tci_tb_ptr to -common tcg: split tcg_op_defs to -common translate-all: Move tcg_handle_interrupt() to -common cpu-exec: Migrate some generic fns to cpu-exec-common qemu-char: Use g_new() & friends where that makes obvious sense monitor: added generation of documentation for hmp-commands-info.hx hmp-commands.hx: fix end of table info monitor: remove target-specific code from monitor.c hmp-commands-info: move info_cmds content out of monitor.c i386/kvm: Hyper-v crash msrs set/get'ers and migration kvm: Add kvm system event crash handler cpu: Add crash_occurred flag into CPUState target-i386: move asm-x86/hyperv.h to standard-headers ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d6268348493f32ecc096caa637620757472a1196 Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Wed Sep 16 16:35:46 2015 +0800 nbd: release exp->blk after all clients are closed If the socket fd is shutdown, there may be some data which is received before shutdown. We will read the data and do read/write in nbd_trip(). But the exp's blk is NULL, and it will cause qemu crashed. Reported-by: Li Zhijian <lizhijian@xxxxxxxxxxxxxx> Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Message-Id: <55F929E2.1020501@xxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 04f2562f8ec6af573508880ac607d098a5d3ad7f Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Sep 11 19:07:36 2015 +0800 checkpatch: Escape left braces in regex Latest perl now deprecates "{" literal in regex and print warnings like "unescaped left brace in regex is deprecated". Add escape to keep it happy. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1441969656-2640-1-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e6b65fe1c234b5f63af075b9c85691ea744ead34 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:45 2015 -0700 monitor: uninclude cpu_ldst This header is non-needed anymore and wont work in multi-arch where this service is not provided to core code. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <4e96622ab5320603829b6f94b8c4e94d573d34fc.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit dfccc7602374c9fd3b083208b552d62daa244811 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:43 2015 -0700 include/exec: Move cputlb exec.c defs out Move the architecture agnostic function prototypes for exec.c out of cputlb.h to exec-all.h. This allows hiding of the arch specific cputlb.h from exec.c which should be getting close to having no architecture specifics. Prepares support for multi-arch, which will have a minimal cpu.h that services exec.c but not cputlb.h. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <b4fe754c58c860315e35d44430c26b1c967ce2c9.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bcae01e468d961ad9afaf4148329147e4be209ab Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:42 2015 -0700 cputlb: Change tlb_set_dirty() arg to cpu Change tlb_set_dirty() to accept a CPU instead of an env pointer. This allows for removal of another CPUArchState usage from prototypes that need to be QOMified. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <d2b1dcbe7945112989861d8ba7369449c11cc273.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9a13565d52bfd321934fb44ee004bbaf5f5913a8 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:41 2015 -0700 cputlb: move CPU_LOOP() for tlb_reset() to exec.c To prepare for multi-arch, cputlb.c should only have awareness of one single architecture. This means it should not have access to the full CPU lists which may be heterogeneous. Instead, push the CPU_LOOP() up to the one and only caller in exec.c. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <db06dc6c49f8970caaf116d0385f00ee10a56f2f.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5f12a788c04cf36442f3be00ebf6fdc3b8c8c4ba Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:36 2015 -0700 translate: move real_host_page setting to -common Move the size and mask globals for the "real" host page size to translate-common. This is to allow system-level code to use REAL_HOST_PAGE_ALIGN and friends in builds which hide translate-all behind arch-obj. Cc: dgilbert@xxxxxxxxxx Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <b437638691f044bc690a7f03b1240c8b0f34ab57.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 162e992270fd3587b21fa77fd4a8ccc879c402c9 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:35 2015 -0700 tcg: Move tci_tb_ptr to -common This requires global visibility to common code. Move to tcg-common. Cc: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <cb0340eba225ab4945aa6cf7c9013f33aa05bcf8.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7d8f787d9d261d6880b69e35ed682241e3f9242f Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:34 2015 -0700 tcg: split tcg_op_defs to -common tcg_op_defs (and the _max) are both needed by the TCI disassembler. For multi-arch, tcg.c will be multiple-compiled (arch-obj) with its symbols hidden from common code. So split the definition off to new file, tcg-common.c which will remain a regular obj-y for use by both the TCI disas as well as the multiple tcg.c's. Cc: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <4b607425886d85aee65878e4935dfad46b3e6085.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9b68a7754a892d8deb7696cfe609fe2ec3c6034a Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:33 2015 -0700 translate-all: Move tcg_handle_interrupt() to -common Move this function to common code. It has no arch specific dependencies. Prepares support for multi-arch where the translate-all interface needs to be virtualised. One less thing to virtualise. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <44a7c73604ed2552af47ed02b047b6a772b683e0.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5abf9495ca9ff41160260ac274115825c10545cc Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Sep 10 22:39:31 2015 -0700 cpu-exec: Migrate some generic fns to cpu-exec-common The goal is to split the functions such that cpu-exec is CPU specific content, while cpus-exec-common.c is generic code only. The function interface to cpu-exec needs to be virtualised to prepare support for multi-arch and moving these definitions out saves bloating the QOM interface. So move these definitions out of cpu-exec to a new module, cpu-exec-common. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <3cefeb3fbbb33031670951a0e74de2778529da3f.1441614289.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2d528d45ecf5ee3c1a566a9f3d664464925ef830 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Sep 14 13:54:03 2015 +0200 qemu-char: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-Id: <1442231643-23630-1-git-send-email-armbru@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2cd8af2d44268ffd4d224d6c297e8c644c01fa8d Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Thu Sep 10 18:39:01 2015 +0300 monitor: added generation of documentation for hmp-commands-info.hx It will be easier if you need to add info-commands to edit only hmp-commands-info.hx, before this had to edit monitor.c and hmp-commands.hx. From the build point of view all documentation is saved into qemu-monitor-info.texi which from now on is used for all user documentation building. Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1441899541-1856-5-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 70703344de56c2119fcb7c2e01be3fa02087fb3c Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Thu Sep 10 18:39:00 2015 +0300 hmp-commands.hx: fix end of table info The table info(information about the system state) closes earlier and some of its elements are outside(trace-events, rocker, etc). This can be confusing and lead to additional bugs. Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1441899541-1856-4-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bf957284006b6325e6ed64fd839c237c15b42029 Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Thu Sep 10 18:38:59 2015 +0300 monitor: remove target-specific code from monitor.c Move target-specific code out of /monitor.c to /target-*/monitor.c, this will avoid code cluttering and using random ifdeffery. The solution is quite simple, but solves the issue of the separation of target-specific code from monitor. Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1441899541-1856-3-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit da76ee76f78b9705e2a91e3c964aef28fecededb Author: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Date: Thu Sep 10 18:38:58 2015 +0300 hmp-commands-info: move info_cmds content out of monitor.c For moving target- and device-specific code from monitor.c, to beginning we move info_cmds content to hmp-commands-info.hx Signed-off-by: Pavel Butsykin <pbutsykin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1441899541-1856-2-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f2a53c9e05a24352a0f9740db0539ce5aeed22ca Author: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Date: Wed Sep 9 14:41:30 2015 +0200 i386/kvm: Hyper-v crash msrs set/get'ers and migration KVM Hyper-V based guests can notify hypervisor about occurred guest crash by writing into Hyper-V crash MSR's. This patch does handling and migration of HV_X64_MSR_CRASH_P0-P4, HV_X64_MSR_CRASH_CTL msrs. User can enable these MSR's by 'hv-crash' option. Signed-off-by: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas Färber <afaerber@xxxxxxx> Message-Id: <1435924905-8926-13-git-send-email-den@xxxxxxxxxx> [Folks, stop abrviating variable names!!! Also fix compilation on non-Linux/x86. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7c207b90465bc16a39b9fb8d9194f161059f69bf Author: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Date: Fri Jul 3 15:01:43 2015 +0300 kvm: Add kvm system event crash handler KVM kernel can send guest crash events into userspace. Appropriate guest crash handler is called when kernel guest crash event received. Guest crash event recognized by a KVM_SYSTEM_EVENT_CRASH type of system event. Signed-off-by: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas Färber <afaerber@xxxxxxx> Message-Id: <1435924905-8926-11-git-send-email-den@xxxxxxxxxx> [Rebase: add lock/unlock iothread around qemu_system_guest_panicked - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bac05aa9a77af1ca7972c8dc07560f4daa7c2dfc Author: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Date: Fri Jul 3 15:01:44 2015 +0300 cpu: Add crash_occurred flag into CPUState CPUState::crash_occurred field inside CPUState marks that guest crash occurred. This value is added into cpu common migration subsection. Signed-off-by: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas Färber <afaerber@xxxxxxx> Message-Id: <1435924905-8926-12-git-send-email-den@xxxxxxxxxx> [Document the new field. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 73aa529a48b4ed7fce21fc74e62fb24db526af5f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Sep 9 15:25:52 2015 +0200 target-i386: move asm-x86/hyperv.h to standard-headers The Hyper-V definitions are an industry standard and can be used from code that is not KVM-specific. Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit eddb4de3cc1403546b29e260068c4c1397cbd62d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Sep 9 15:25:52 2015 +0200 update-linux-headers: copy standard-headers files one by one cp_virtio is called for both the asm-s390/ and linux/ directories, so it looks for pci_regs.h and input.h files in asm-s390/ too. This makes little sense. In the next patch we will have the opposite problem; we want to add asm-x86/hyperv.h, and there's also a linux/hyperv.h file with unwanted dependencies on additional Linux uapi headers. We do not want to copy linux/hyperv.h. The solution is to make cp_virtio (now renamed to cp_portable) copy one file only, instead of using the "find" command, and call it multiple times. The new function is really just a reindentation of the old one. Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 120758fba4c52d1ccf3a8ae1fe3b7495f2b584d8 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Sep 9 14:50:17 2015 +0200 update Linux headers to 4.3-rc1 The update to 4.2 was reviewed by Michael S. Tsirkin and Cornelia Huck. The further update to 4.3-rc1 only touches KVM files. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 84090bbce91a386ae6e5f61b26f36783196712d2 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Sep 10 11:31:12 2015 +0200 pci: remove Link Training error from AER error list The spec says: Undefined â?? The value read from this bit is undefined. In previous versions of this specification, this bit was used to indicate a Link Training Error. System software must ignore the value read from this bit. System software is permitted to write any value to this bit. Do not allow injecting it. Suggested-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 05620f85e930b0ac3dc22fdf8e4c390fa11afdeb Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Sep 16 14:26:59 2015 +0200 Revert "rcu: init rcu_registry_lock after fork" This reverts commit 5243722376873a48e9852a58b91f4d4101ee66e4. The patch forgot about rcu_sync_lock and was committed by mistake. Reported-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3c4698d0b5cb19212868f94f0ba4743c2c86f91f Merge: 1a3abef 4054cde Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Sep 16 16:19:49 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-target-i386-20150915' into staging Exception handling improvments from Pavel Dovgalyuk. # gpg: Signature made Tue 15 Sep 2015 20:36:14 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-target-i386-20150915: target-i386: exception handling for other helper functions target-i386: exception handling for seg_helper functions target-i386: exception handling for memory helpers target-i386: exception handling for div instructions target-i386: exception handling for FPU instructions target-i386: introduce new raise_exception functions Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5fc51cc3ddcc7035313fc3e0ee6f351b5c083491 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Wed Sep 16 11:05:30 2015 +0800 MAINTAINERS: Stefan will not maintain net subsystem Talked with Stefan, he will not maintain net subsystem. Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1442372730-11360-1-git-send-email-jasowang@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 4054cdec0423c7190bfc733c27c303d513d531ab Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:57:41 2015 +0300 target-i386: exception handling for other helper functions This patch fixes exception handling for other helper functions. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 100ec0991958d0c1b61f140e64dbe92991c6dd2c Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:57:36 2015 +0300 target-i386: exception handling for seg_helper functions This patch fixes exception handling for seg_helper functions. Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2afbdf84807d673eb682cb78158e11cdacbf4673 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:57:30 2015 +0300 target-i386: exception handling for memory helpers This patch fixes exception handling for memory helpers and removes obsolete PC update from translate.c. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit cc33c5d66bb315f77739f761a3f868a7d138c041 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:57:25 2015 +0300 target-i386: exception handling for div instructions This patch fixes exception handling for div instructions and removes obsolete PC update from translate.c. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 6cad09d2f74d7318f737acaa21b3da49a0c9e670 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:57:19 2015 +0300 target-i386: exception handling for FPU instructions This patch fixes exception handling for FPU instructions and removes obsolete PC update from translate.c. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9198009529d06b6489b68a7505942cca3a50893f Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:57:13 2015 +0300 target-i386: introduce new raise_exception functions This patch introduces new versions of raise_exception functions that receive TB return address as an argument. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 1a3abef74b5df6d6d3e851aaeacac8f265adcf80 Merge: 6196224 461aa67 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 15 17:24:27 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tile-20150915' into staging TileGX basic instructions # gpg: Signature made Tue 15 Sep 2015 15:57:08 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tile-20150915: (35 commits) target-tilegx: Handle v1shl, v1shru, v1shrs target-tilegx: Handle v1shli, v1shrui target-tilegx: Handle v4int_l/h target-tilegx: Handle atomic instructions target-tilegx: Handle mtspr, mfspr target-tilegx: Handle v1cmpeq, v1cmpne target-tilegx: Handle mask instructions target-tilegx: Handle scalar multiply instructions target-tilegx: Handle conditional move instructions target-tilegx: Handle shift instructions target-tilegx: Handle bitfield instructions target-tilegx: Implement system and memory management instructions target-tilegx: Handle comparison instructions target-tilegx: Handle conditional branch instructions target-tilegx: Handle unconditional jump instructions target-tilegx: Handle post-increment load and store instructions target-tilegx: Handle basic load and store instructions target-tilegx: Handle most bit manipulation instructions target-arm: Use new revbit functions host-utils: Add revbit functions ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 461aa6783eec27f209b026c6647fc7a83b2997cd Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 24 08:56:45 2015 -0700 target-tilegx: Handle v1shl, v1shru, v1shrs Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 3be19e8c83949b62895dd27866e26a1bf806ad56 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 24 08:13:59 2015 -0700 target-tilegx: Handle v1shli, v1shrui Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 5151c69abcc049a587b894f0b8e19e1c6d72dc1d Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 24 08:01:52 2015 -0700 target-tilegx: Handle v4int_l/h Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 0583b2332355dadb2d4681fe5a4eca882eb5b889 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 24 07:55:47 2015 -0700 target-tilegx: Handle atomic instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 03b217b168edfb45501146e98f60a6aea6bbb943 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Aug 22 14:19:45 2015 -0700 target-tilegx: Handle mtspr, mfspr Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit e7346cf0366b2167ddd2cfe9197018bf0ebccbaf Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Aug 22 12:37:59 2015 -0700 target-tilegx: Handle v1cmpeq, v1cmpne Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 661ff7431fb33bc29c6b27e053e1e7656105a106 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Aug 22 10:42:44 2015 -0700 target-tilegx: Handle mask instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 4ff49775ecc5e975ca5e4c1b6be25fb611ab38fa Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Aug 22 10:37:38 2015 -0700 target-tilegx: Handle scalar multiply instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit f090f9f7ce6bc112710a693e176341b5031eafd8 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Aug 22 00:15:07 2015 -0700 target-tilegx: Handle conditional move instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2369976deb9fa03bb32be690025a6f51de4cd377 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 14:41:41 2015 -0700 target-tilegx: Handle shift instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit c06b1817297b4486c372950b4f65d34417aa01d0 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 14:06:57 2015 -0700 target-tilegx: Handle bitfield instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit d5dbd6eb388a936bb4ea027c48f8f960ae3977c9 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 13:14:25 2015 -0700 target-tilegx: Implement system and memory management instructions Most of which are either nops or exceptions. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 73c543776b6983178026f744d3579ae16ae9b5b2 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 11:57:42 2015 -0700 target-tilegx: Handle comparison instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit e04e98bf277309c3964cfd773c0d4c0428f64399 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 11:03:37 2015 -0700 target-tilegx: Handle conditional branch instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit c230a9944dc902e595852b9cd764e4b12d0dc541 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 10:23:07 2015 -0700 target-tilegx: Handle unconditional jump instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 01cd675cfe89c62b27d3d6e28c0fae503c803bf0 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 09:49:44 2015 -0700 target-tilegx: Handle post-increment load and store instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 0426335d4fedb506197ccfd5aadbee2c9c5cd13b Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 09:47:56 2015 -0700 target-tilegx: Handle basic load and store instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 7f41a8d67232bee48ede90ea43f962fdb9e98371 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Aug 20 21:30:51 2015 -0700 target-tilegx: Handle most bit manipulation instructions The crc instructions are omitted from this set. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 42fedbca8f5b54324ed89be3484d4a3dc9946387 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 13:38:53 2015 -0700 target-arm: Use new revbit functions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 652a4b7e736f432a6809d1d2b52d169ab0b9aa3b Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 13:00:34 2015 -0700 host-utils: Add revbit functions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 89b8c7504fbc53a35c76e7738dbdf53f3c254b8f Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Aug 20 21:11:28 2015 -0700 target-tilegx: Handle arithmetic instructions Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit a9fdfc7e7bf122f603486f4277db91a3d0d274ab Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 24 08:31:10 2015 -0700 target-tilegx: Handle simple logical operations Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 444e06b17201a16a77f070955dc2d518cbaf36aa Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:43:37 2015 +0800 target-tilegx: Add TILE-Gx building files Add related configuration and make files for tilegx. The target can now build, though not run anything. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <BLU436-SMTP1588E5A03AD5E94B07E988B9660@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9b9dc7aceca411f1fb69d5426e5e88dd204813ed Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 11:49:38 2015 -0700 target-tilegx: Generate SEGV properly Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 619622424dba749feef752d76d79ef2569f7f250 Merge: 1078f5d 3e305e4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 15 15:42:58 2015 +0100 Merge remote-tracking branch 'remotes/berrange/tags/vnc-crypto-v9-for-upstream' into staging Merge vnc-crypto-v9 # gpg: Signature made Tue 15 Sep 2015 15:32:38 BST using RSA key ID 15104FDF # gpg: Good signature from "Daniel P. Berrange <dan@xxxxxxxxxxxx>" # gpg: aka "Daniel P. Berrange <berrange@xxxxxxxxxx>" * remotes/berrange/tags/vnc-crypto-v9-for-upstream: ui: convert VNC server to use QCryptoTLSSession ui: fix return type for VNC I/O functions to be ssize_t crypto: introduce new module for handling TLS sessions crypto: add sanity checking of TLS x509 credentials crypto: introduce new module for TLS x509 credentials crypto: introduce new module for TLS anonymous credentials crypto: introduce new base module for TLS credentials qom: allow QOM to be linked into tools binaries crypto: move crypto objects out of libqemuutil.la tests: remove repetition in unit test object deps qapi: allow override of default enum prefix naming Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8fd29dd72b44b08af536248cbfc77f5c6bdf803d Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Aug 20 20:36:48 2015 -0700 target-tilegx: Framework for decoding bundles Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 5b212be632c8ec1e1fd851055445562ebe705352 Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:41:51 2015 +0800 target-tilegx: Add several helpers for instructions translation The related instructions are exception, cntlz, cnttz, shufflebytes. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Message-Id: <BLU436-SMTP83F96FD8422BE49AFDC9DFB9660@xxxxxxx> [rth: Remove incorrect implementation of add_saturate.] Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9f64170df2c767ea65adee6434968034fb2ff5aa Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:41:01 2015 +0800 target-tilegx: Add cpu basic features for linux-user It implements minimized cpu features for linux-user. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <BLU436-SMTP114819BB03D853801AA9C3CB9660@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit b69773a8a70d64189c5caa8d328dc2b6bfb7007d Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:40:18 2015 +0800 target-tilegx: Add special register information from Tilera Corporation The related copy is from Linux kernel "arch/tile/include/uapi/arch/ spr_def_64.h". Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <BLU436-SMTP1093D605AAE9B4837B564B8B9660@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 4fe221820f99251eaa4307bf45145651740803e5 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 21 09:49:30 2015 -0700 target-tilegx: Fix LDNA_ADD_IMM8_OPCODE_X1 An obvious typo in the mnemonic here. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit c6c00e17229863dedd710e53da732190f7660aa6 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Aug 20 20:40:14 2015 -0700 target-tilegx: Modify _SPECIAL_ opcodes Both ADDX_SPECIAL_0_OPCODE_Y1 and ADD_SPECIAL_0_OPCODE_Y1 do not appear to be "special" in any way, except that they don't follow the normal naming convention using _RRR_. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2c56c87fcf1355fbc9da20d06ebe7ddb320ada92 Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:39:33 2015 +0800 target-tilegx: Modify opcode_tilegx.h to fit QEMU usage Use 'inline' instead of '__inline', and also use 'uint64_t' instead of "unsigned long long" Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <BLU436-SMTP1945B04384351D5EE7D9DECB9660@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit b1406c6c5912d820b0a0b11b89623fae96fc74bc Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:38:46 2015 +0800 target-tilegx: Add opcode basic implementation from Tilera Corporation It is copied from Linux kernel "arch/tile/include/uapi/arch/ opcode_tilegx.h". Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <BLU436-SMTP2087FA98B64A20B25155D9AB9660@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 704eff6c23fc807e0c7f729518f73fb7ad26d98c Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:37:33 2015 +0800 linux-user: Conditionalize syscalls which are not defined in tilegx Some of architectures (e.g. tilegx), several syscall macros are not supported, so switch them. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <BLU436-SMTP457D6FC9B2B9BA87AEB22CB9660@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit b16189b22244e4cc158a3425b377b219586ec8ca Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:36:37 2015 +0800 linux-user: Support tilegx architecture in linux-user Add main working flow feature, system call processing feature, and elf64 tilegx binary loading feature, based on Linux kernel tilegx 64-bit implementation. [rth: Moved all of the implementation of atomic instructions to a later patch.] Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <BLU436-SMTP938552D42808AA60634582B9660@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 3e305e4a4752f70c0b5c3cf5b43ec957881714f7 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Thu Aug 6 14:39:32 2015 +0100 ui: convert VNC server to use QCryptoTLSSession Switch VNC server over to using the QCryptoTLSSession object for the TLS session. This removes the direct use of gnutls from the VNC server code. It also removes most knowledge about TLS certificate handling from the VNC server code. This has the nice effect that all the CONFIG_VNC_TLS conditionals go away and the user gets an actual error message when requesting TLS instead of it being silently ignored. With this change, the existing configuration options for enabling TLS with -vnc are deprecated. Old syntax for anon-DH credentials: -vnc hostname:0,tls New syntax: -object tls-creds-anon,id=tls0,endpoint=server \ -vnc hostname:0,tls-creds=tls0 Old syntax for x509 credentials, no client certs: -vnc hostname:0,tls,x509=/path/to/certs New syntax: -object tls-creds-x509,id=tls0,dir=/path/to/certs,endpoint=server,verify-peer=no \ -vnc hostname:0,tls-creds=tls0 Old syntax for x509 credentials, requiring client certs: -vnc hostname:0,tls,x509verify=/path/to/certs New syntax: -object tls-creds-x509,id=tls0,dir=/path/to/certs,endpoint=server,verify-peer=yes \ -vnc hostname:0,tls-creds=tls0 This aligns VNC with the way TLS credentials are to be configured in the future for chardev, nbd and migration backends. It also has the benefit that the same TLS credentials can be shared across multiple VNC server instances, if desired. If someone uses the deprecated syntax, it will internally result in the creation of a 'tls-creds' object with an ID based on the VNC server ID. This allows backwards compat with the CLI syntax, while still deleting all the original TLS code from the VNC server. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 2cb154bc19854232b5379236dd9dfc06d83ced1e Author: Chen Gang <xili_gchen_5257@xxxxxxxxxxx> Date: Fri Aug 21 05:35:43 2015 +0800 linux-user: tilegx: Add architecture related features They are based on Linux kernel tilegx architecture for 64 bit binary, and also based on tilegx ABI reference document, and also reference from other targets implementations. Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <BLU436-SMTP2508945F92945BB525605A3B9660@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit fdd1ab6ad5c27a1564a1c73045908736b228458b Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Thu Aug 6 15:35:55 2015 +0100 ui: fix return type for VNC I/O functions to be ssize_t Various VNC server I/O functions return 'long' and then also pass this to a method accepting 'int'. All these should be ssize_t to match the signature of read/write APIs and thus avoid potential for integer truncation / wraparound. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit d321e1e5268103af616ec4c623c6326c3f7c7bc7 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Mon Mar 2 17:23:31 2015 +0000 crypto: introduce new module for handling TLS sessions Introduce a QCryptoTLSSession object that will encapsulate all the code for setting up and using a client/sever TLS session. This isolates the code which depends on the gnutls library, avoiding #ifdefs in the rest of the codebase, as well as facilitating any possible future port to other TLS libraries, if desired. It makes use of the previously defined QCryptoTLSCreds object to access credentials to use with the session. It also includes further unit tests to validate the correctness of the TLS session handshake and certificate validation. This is functionally equivalent to the current TLS session handling code embedded in the VNC server, and will obsolete it. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 9a2fd4347c40321f5cbb4ab4220e759fcbf87d03 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Mon Apr 13 14:01:39 2015 +0100 crypto: add sanity checking of TLS x509 credentials If the administrator incorrectly sets up their x509 certificates, the errors seen at runtime during connection attempts are very obscure and difficult to diagnose. This has been a particular problem for people using openssl to generate their certificates instead of the gnutls certtool, because the openssl tools don't turn on the various x509 extensions that gnutls expects to be present by default. This change thus adds support in the TLS credentials object to sanity check the certificates when QEMU first loads them. This gives the administrator immediate feedback for the majority of common configuration mistakes, reducing the pain involved in setting up TLS. The code is derived from equivalent code that has been part of libvirt's TLS support and has been seen to be valuable in assisting admins. It is possible to disable the sanity checking, however, via the new 'sanity-check' property on the tls-creds object type, with a value of 'no'. Unit tests are included in this change to verify the correctness of the sanity checking code in all the key scenarios it is intended to cope with. As part of the test suite, the pkix_asn1_tab.c from gnutls is imported. This file is intentionally copied from the (long since obsolete) gnutls 1.6.3 source tree, since that version was still under GPLv2+, rather than the GPLv3+ of gnutls >= 2.0. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 85bcbc789eb65b54548a507b747ffffe6175b404 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Mar 13 17:39:26 2015 +0000 crypto: introduce new module for TLS x509 credentials Introduce a QCryptoTLSCredsX509 class which is used to manage x509 certificate TLS credentials. This will be the preferred credential type offering strong security characteristics Example CLI configuration: $QEMU -object tls-creds-x509,id=tls0,endpoint=server,\ dir=/path/to/creds/dir,verify-peer=yes The 'id' value in the -object args will be used to associate the credentials with the network services. For example, when the VNC server is later converted it would use $QEMU -object tls-creds-x509,id=tls0,.... \ -vnc 127.0.0.1:1,tls-creds=tls0 Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit e00adf6c3edf8dbbe7eb60c94e24fe2158e8342f Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Mar 13 17:39:26 2015 +0000 crypto: introduce new module for TLS anonymous credentials Introduce a QCryptoTLSCredsAnon class which is used to manage anonymous TLS credentials. Use of this class is generally discouraged since it does not offer strong security, but it is required for backwards compatibility with the current VNC server implementation. Simple example CLI configuration: $QEMU -object tls-creds-anon,id=tls0,endpoint=server Example using pre-created diffie-hellman parameters $QEMU -object tls-creds-anon,id=tls0,endpoint=server,\ dir=/path/to/creds/dir The 'id' value in the -object args will be used to associate the credentials with the network services. For example, when the VNC server is later converted it would use $QEMU -object tls-creds-anon,id=tls0,.... \ -vnc 127.0.0.1:1,tls-creds=tls0 Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit a090187de116a3d0b8146ca481249c8fc83ad3ee Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Mar 13 17:39:26 2015 +0000 crypto: introduce new base module for TLS credentials Introduce a QCryptoTLSCreds class to act as the base class for storing TLS credentials. This will be later subclassed to provide handling of anonymous and x509 credential types. The subclasses will be user creatable objects, so instances can be created & deleted via 'object-add' and 'object-del' QMP commands respectively, or via the -object command line arg. If the credentials cannot be initialized an error will be reported as a QMP reply, or on stderr respectively. The idea is to make it possible to represent and manage TLS credentials independently of the network service that is using them. This will enable multiple services to use the same set of credentials and minimize code duplication. A later patch will convert the current VNC server TLS code over to use this object. The representation of credentials will be functionally equivalent to that currently implemented in the VNC server with one exception. The new code has the ability to (optionally) load a pre-generated set of diffie-hellman parameters, if the file dh-params.pem exists, whereas the current VNC server will always generate them on startup. This is beneficial for admins who wish to avoid the (small) time sink of generating DH parameters at startup and/or avoid depleting entropy. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 0c7012e0558e4312e575fd4c70652d8ef2265ff7 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Sep 2 11:18:16 2015 +0100 qom: allow QOM to be linked into tools binaries The qom objects are currently added to common-obj-y which is only linked into the system emulators. The later crypto patches will depend on QOM infrastructure and will also be used from tools binaries. Thus the QOM objects are moved into a new qom-obj-y variable which can be referenced when linking tools, system emulators and tests. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit fb37726db77b21f3731b90693d2c93ade1777528 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Sep 2 10:57:27 2015 +0100 crypto: move crypto objects out of libqemuutil.la Future patches will be adding more crypto related APIs which rely on QOM infrastructure. This creates a problem, because QOM relies on library constructors to register objects. When you have a file in a static .a library though which is only referenced by a constructor the linker is dumb and will drop that file when linking to the final executable :-( The only workaround for this is to link the .a library to the executable using the -Wl,--whole-archive flag, but this creates its own set of problems because QEMU is relying on lazy linking for libqemuutil.a. Using --whole-archive majorly increases the size of final executables as they now contain a bunch of object code they don't actually use. The least bad option is to thus not include the crypto objects in libqemuutil.la, and instead define a crypto-obj-y variable that is referenced directly by all the executables that need this code (tools + softmmu, but not qemu-ga). We avoid pulling entire of crypto-obj-y into the userspace emulators as that would force them to link to gnutls too, which is not required. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 1078f5db8ada5097600443838492ef07103790c2 Merge: b76a0d5 2cb5d2a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 15 14:11:28 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-gtk-20150915-1' into staging gtk: misc grab tweaks, locale fix. # gpg: Signature made Tue 15 Sep 2015 11:35:36 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-gtk-20150915-1: gtk: use setlocale() for LC_MESSAGES only gtk: don't grab input when entering fullscreen. gtk: set free_scale when setting zoom_fit gtk: trace input grab reason gtk: move gd_update_caption calls to gd_{grab,ungrab}_{pointer,keyboard} gtk: check for existing grabs in gd_grab_{pointer,keyboard} Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b76a0d5db25ad9f81346930230092fdf1e88a5a1 Merge: 007e620 737d2b3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 15 13:03:53 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging This net pull request contains security fixes for qemu.git/master. The patches should also be applied to stable trees. The ne2000 NIC model has QEMU memory corruption issue. Both ne2000 and e1000 have an infinite loop. Please see the patches for CVE numbers and details on the bugs. # gpg: Signature made Tue 15 Sep 2015 13:02:21 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: net: avoid infinite loop when receiving packets(CVE-2015-5278) net: add checks to validate ring buffer pointers(CVE-2015-5279) e1000: Avoid infinite loop in processing transmit descriptor (CVE-2015-6815) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 737d2b3c41d59eb8f94ab7eb419b957938f24943 Author: P J P <pjp@xxxxxxxxxxxxxxxxx> Date: Tue Sep 15 16:46:59 2015 +0530 net: avoid infinite loop when receiving packets(CVE-2015-5278) Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152) bytes to process network packets. While receiving packets via ne2000_receive() routine, a local 'index' variable could exceed the ring buffer size, leading to an infinite loop situation. Reported-by: Qinghao Tang <luodalongde@xxxxxxxxx> Signed-off-by: P J P <pjp@xxxxxxxxxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 9bbdbc66e5765068dce76e9269dce4547afd8ad4 Author: P J P <pjp@xxxxxxxxxxxxxxxxx> Date: Tue Sep 15 16:40:49 2015 +0530 net: add checks to validate ring buffer pointers(CVE-2015-5279) Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152) bytes to process network packets. While receiving packets via ne2000_receive() routine, a local 'index' variable could exceed the ring buffer size, which could lead to a memory buffer overflow. Added other checks at initialisation. Reported-by: Qinghao Tang <luodalongde@xxxxxxxxx> Signed-off-by: P J P <pjp@xxxxxxxxxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b947ac2bf26479e710489739c465c8af336599e7 Author: P J P <pjp@xxxxxxxxxxxxxxxxx> Date: Fri Sep 4 17:21:06 2015 +0100 e1000: Avoid infinite loop in processing transmit descriptor (CVE-2015-6815) While processing transmit descriptors, it could lead to an infinite loop if 'bytes' was to become zero; Add a check to avoid it. [The guest can force 'bytes' to 0 by setting the hdr_len and mss descriptor fields to 0. --Stefan] Signed-off-by: P J P <pjp@xxxxxxxxxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Message-id: 1441383666-6590-1-git-send-email-stefanha@xxxxxxxxxx commit 2cb5d2a47c655331bcf0ab16bab8fe4701182c58 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Thu Sep 10 18:19:32 2015 +0300 gtk: use setlocale() for LC_MESSAGES only The QEMU code is not internationalized and assumes that it runs under the C locale, but if we use the GTK+ UI we'll end up importing the locale settings from the environment. This can break things, such as the JSON generator and iotest 120 in locales that use a decimal comma. We do however have translations for a few simple strings for the GTK+ menu items, so in order to run QEMU using the C locale, and yet have a translated UI let's use setlocale() for LC_MESSAGES only. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 78aee081122837cb488b12657a00deeb676b4730 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 9 10:14:54 2015 +0200 gtk: don't grab input when entering fullscreen. Kick off all grabbing logic from fullscreen mode. In the current state it seems to create more problems than it solves. Try running qemu/gtk fullscreen on one head of a multihead host for example ... There probably was a reason the grab-on-fullscreen logic was added in the first place. So please test and report any issues so we can try to find a sane way to handle it. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 1d73cd782fb910811a2e6b9d9b3375c4803d731c Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 9 10:34:41 2015 +0200 gtk: set free_scale when setting zoom_fit free_scale field tracks zoom-fit menu toggle state, so we should keep them in sync ... Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit d531deef119666d4b3605e186a43010782efd899 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 9 10:12:20 2015 +0200 gtk: trace input grab reason Add a reason to grab calls and trace points, so it is easier to debug grab related ui issues. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit 695cc59d42f2e285abd5cf278bdc07360a995eaa Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 9 10:03:59 2015 +0200 gtk: move gd_update_caption calls to gd_{grab,ungrab}_{pointer,keyboard} Then we don't have to pair the grab/ungrab calls with update_caption calls any more because things happen automatically ;) Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit aa4f4058ba8cde200e62ef3dafc4e1595f6033e9 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 9 09:57:01 2015 +0200 gtk: check for existing grabs in gd_grab_{pointer,keyboard} If a grab is already active for our window, do nothing. If a grab is already active for another window, release it. Cleanup some checks and ungrab calls in the code which are not needed any more. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit b124533e069a6624316da2096d170b0bd9197d86 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Sep 2 11:35:52 2015 +0100 tests: remove repetition in unit test object deps Most of the unit tests have identical sets of object deps. For example all block unit tests need to depend on $(block-obj-y) libqemuutil.a libqemustub.a Currently each unit test repeats this list of test deps. This list of deps will grow as future patches add more modules to the build, so define some common variables that can be used by all unit tests to remove the repetition. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 351d36e454cddc67a1675740916636a7ccbf1c4b Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Aug 26 14:21:20 2015 +0100 qapi: allow override of default enum prefix naming The camel_to_upper() method applies some heuristics to turn a mixed case type name into an all-uppercase name. This is used for example, to generate enum constant name prefixes. The heuristics don't also generate a satisfactory name though. eg { 'enum': 'QCryptoTLSCredsEndpoint', 'data': ['client', 'server']} Results in Q_CRYPTOTLS_CREDS_ENDPOINT_CLIENT. This has an undesirable _ after the initial Q and is missing an _ between the CRYPTO & TLS strings. Rather than try to add more and more heuristics to try to cope with this, simply allow the QAPI schema to specify the desired enum constant prefix explicitly. eg { 'enum': 'QCryptoTLSCredsEndpoint', 'prefix': 'QCRYPTO_TLS_CREDS_ENDPOINT', 'data': ['client', 'server']} Now gives the QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT name. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 007e620a7576e4ce2ea6955541e87d8ae8ed32ae Merge: 2752e5b 2ac0152 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 14 18:51:09 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches (v2) # gpg: Signature made Mon 14 Sep 2015 15:56:54 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: (23 commits) qcow2: Make qcow2_alloc_bytes() more explicit vmdk: Fix next_cluster_sector for compressed write iotests: Add test for checking large image files qcow2: Make size_to_clusters() return uint64_t qemu-iotests: More qcow2 reopen tests qemu-iotests: Reopen qcow2 with lazy-refcounts change qcow2: Support updating driver-specific options in reopen qcow2: Make qcow2_update_options() suitable for transactions qcow2: Fix memory leak in qcow2_update_options() error path qcow2: Leave s unchanged on qcow2_update_options() failure qcow2: Move rest of option handling to qcow2_update_options() qcow2: Move qcow2_update_options() call up qcow2: Factor out qcow2_update_options() qcow2: Improve error message qemu-io: Add command 'reopen' qemu-io: Remove duplicate 'open' error message block: Allow specifying driver-specific options to reopen qcow2: Rename BDRVQcowState to BDRVQcow2State block: Drop bdrv_find_whitelisted_format() block: Drop drv parameter from bdrv_fill_options() ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2752e5bedb26fa0c7291f810f9f534b688b2f1d2 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Sep 7 17:45:55 2015 +0200 qapi: Fix cgen() for Python older than 2.7 A feature new in Python 2.7 crept into commit 77e703b: re.subn()'s fifth argument. Avoid that, use re.compile(). Reported-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Tested-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Message-id: 1441640755-23902-1-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a2aa09e18186801931763fbd40a751fa39971b18 Merge: 7e4804d 47d4be1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 14 16:13:16 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * Support for jemalloc * qemu_mutex_lock_iothread "No such process" fix * cutils: qemu_strto* wrappers * iohandler.c simplification * Many other fixes and misc patches. And some MTTCG work (with Emilio's fixes squashed): * Signal-free TCG kick * Removing spinlock in favor of QemuMutex * User-mode emulation multi-threading fixes/docs # gpg: Signature made Thu 10 Sep 2015 09:03:07 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" * remotes/bonzini/tags/for-upstream: (44 commits) cutils: work around platform differences in strto{l,ul,ll,ull} cpu-exec: fix lock hierarchy for user-mode emulation exec: make mmap_lock/mmap_unlock globally available tcg: comment on which functions have to be called with mmap_lock held tcg: add memory barriers in page_find_alloc accesses remove unused spinlock. replace spinlock by QemuMutex. cpus: remove tcg_halt_cond and tcg_cpu_thread globals cpus: protect work list with work_mutex scripts/dump-guest-memory.py: fix after RAMBlock change configure: Add support for jemalloc add macro file for coccinelle configure: factor out adding disas configure vhost-scsi: fix wrong vhost-scsi firmware path checkpatch: remove tests that are not relevant outside the kernel checkpatch: adapt some tests to QEMU CODING_STYLE: update mixed declaration rules qmp: Add example usage of strto*l() qemu wrapper cutils: Add qemu_strtoull() wrapper cutils: Add qemu_strtoll() wrapper ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2ac01520be8717f3492b10a083c3e0e22cb52cda Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Fri Sep 11 18:47:51 2015 +0200 qcow2: Make qcow2_alloc_bytes() more explicit In case of -EAGAIN returned by update_refcount(), we should discard the cluster offset we were trying to allocate and request a new one, because in theory that old offset might now be taken by a refcount block. In practice, this was not the case due to update_refcount() generally returning strictly monotonic increasing cluster offsets. However, this behavior is not set in stone, and it is also not obvious when looking at qcow2_alloc_bytes() alone, so we should not rely on it. Reported-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 3efffc3292d94271a15b1606b4a56adf6c6f04ed Author: Radoslav Gerganov <rgerganov@xxxxxxxxxx> Date: Thu Sep 10 10:53:14 2015 +0300 vmdk: Fix next_cluster_sector for compressed write When the VMDK is streamOptimized (or compressed), the next_cluster_sector must not be incremented by a fixed number of sectors. Instead of this, it must be rounded up to the next consecutive sector. Fixing this results in much smaller compressed images. Signed-off-by: Radoslav Gerganov <rgerganov@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 097b500c2dff7addfcd5f4c8a111f6bfd0cb3977 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Sep 9 18:09:47 2015 +0200 iotests: Add test for checking large image files Add a test for checking a qcow2 file with a multiple of 2^32 clusters. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b6d36def6d9e9fd187327182d0abafc9b7085d8f Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Sep 14 16:39:47 2015 +0200 qcow2: Make size_to_clusters() return uint64_t Sadly, some images may have more clusters than what can be represented using a plain int. We should be prepared for that case (in qcow2_check_refcounts() we actually were trying to catch that case, but since size_to_clusters() truncated the returned value, that check never did anything useful). Cc: qemu-stable <qemu-stable@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 231f66d2a3401473778c70a75d5f670765ab6d91 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Fri Sep 4 19:13:14 2015 +0200 qemu-iotests: More qcow2 reopen tests Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit e615053b1bd3e108a73958a54e3d0c5b965e15d3 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Fri Sep 4 18:26:09 2015 +0200 qemu-iotests: Reopen qcow2 with lazy-refcounts change Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 5b0959a7d432062dcd740f8065004285b15695fa Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 16 13:42:27 2015 +0200 qcow2: Support updating driver-specific options in reopen For updating the cache sizes, disabling lazy refcounts and updating the clean_cache_timer there is a bit more to do than just changing the variables, but otherwise we're all set for changing options during bdrv_reopen(). Just implement the missing pieces and hook the functions up in bdrv_reopen(). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit ee55b17304d998ddf9c792496110da0cca37aac5 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 16 16:16:02 2015 +0200 qcow2: Make qcow2_update_options() suitable for transactions Before we can allow updating options at runtime with bdrv_reopen(), we need to split the function into prepare/commit/abort parts. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit c1344ded70cf7d471aeb6fc08134997414631811 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Fri Apr 17 16:35:50 2015 +0200 qcow2: Fix memory leak in qcow2_update_options() error path Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 007dbc396cfc613d72ecea7744fe7398b300aa7d Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 16 13:11:39 2015 +0200 qcow2: Leave s unchanged on qcow2_update_options() failure On return, either all new options should be applied to BDRVQcowState (on success), or all of the old settings should be preserved (on failure). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 94edf3fbe8277284ad7d33de632839c7b93414a9 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 16 11:44:26 2015 +0200 qcow2: Move rest of option handling to qcow2_update_options() With this commit, the handling of driver-specific options in qcow2_open() is completely separated out into qcow2_update_options(). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 90efa0eaef2d1bbd161db6fd7a74d8e5a00d35a8 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 16 11:36:10 2015 +0200 qcow2: Move qcow2_update_options() call up qcow2_update_options() only updates some variables in BDRVQcowState and doesn't really depend on other parts of it being initialised yet, so it can be moved so that it immediately follows the other half of option handling code in qcow2_open(). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 4c75d1a157a6a0a6163c31f775b5e8ee5dd29f11 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 16 11:29:27 2015 +0200 qcow2: Factor out qcow2_update_options() Eventually we want to be able to change options at runtime. As a first step towards that goal, separate some option handling code from the general initialisation code in qcow2_open(). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit f113ae839ec9d6d25169bfa521a1affb999201c2 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed May 13 11:07:07 2015 +0200 qcow2: Improve error message Eric says that "any" sounds better than "either", and my non-native feeling says the same, so let's change it. Suggested-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 5bbd2e595e542ef6e5c76537e2bbad06192f72f4 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Dec 8 17:37:28 2014 +0100 qemu-io: Add command 'reopen' Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit ff7cfd7d926eca40abeb9a1440829dc83facf54a Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed May 13 10:39:13 2015 +0200 qemu-io: Remove duplicate 'open' error message qemu_opts_parse_noisily() already prints an error message with the exact reason why the parsing failed. No need to add another less specific one. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 4d2cb0925176f3eb75ef8e5f9c02cc84d7930de2 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Fri Apr 10 17:50:50 2015 +0200 block: Allow specifying driver-specific options to reopen Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit ff99129ab89a532f0ca0a0b89b9aa004c09d9b9d Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Sep 7 17:12:56 2015 +0200 qcow2: Rename BDRVQcowState to BDRVQcow2State BDRVQcowState is already used by qcow1, and gdb is always confused which one to use. Rename the qcow2 one so they can be distinguished. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> commit cf25ff850f0b5d44cb79daea88daaf24ce7e4c44 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Aug 26 19:47:52 2015 +0200 block: Drop bdrv_find_whitelisted_format() It is unused by now, so we can drop it. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 053e1578c9fa6a58e50e44de689f288063c77dbe Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Aug 26 19:47:51 2015 +0200 block: Drop drv parameter from bdrv_fill_options() Now that this parameter is effectively unused, we can drop it and change the function accordingly. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ce343771243a656b420c7a1b4099130f4a35bd5e Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Aug 26 19:47:50 2015 +0200 block: Drop drv parameter from bdrv_open_inherit() Now that this parameter is effectively unused, we can drop it and just pass NULL to bdrv_fill_options(). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 6ebf9aa2ef7f3e094d91ea27140dc6e73774386a Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Aug 26 19:47:49 2015 +0200 block: Drop drv parameter from bdrv_open() Now that this parameter is effectively unused, we can drop it and just pass NULL on to bdrv_open_inherit(). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e6641719fed794be8e0c48a69761528ae6c95ed9 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Aug 26 19:47:48 2015 +0200 block: Always pass NULL as drv for bdrv_open() Change all callers of bdrv_open() to pass the driver name in the options QDict instead of passing its BlockDriver pointer. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7e4804dafd4689312ef1172b549927a973bb5414 Merge: 2b750d9 f0d574d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 14 14:57:50 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150914' into staging target-arm queue: * fix GIC region size in xlnx-zynqmp * xlnx-zynqmp: Remove unnecessary brackets * improve A64 generated TCG code * add GPIO devices to i.MX25 and i.MX31 * more missing pieces for EL2 support # gpg: Signature made Mon 14 Sep 2015 14:51:12 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150914: (24 commits) target-arm: Add VMPIDR_EL2 target-arm: Break out mpidr_read_val() target-arm: Add VPIDR_EL2 target-arm: Suppress EPD for S2, EL2 and EL3 translations target-arm: Suppress TBI for S2 translations target-arm: Add VTTBR_EL2 target-arm: Add VTCR_EL2 hw/cpu/{a15mpcore, a9mpcore}: Handle missing has_el3 CPU props gracefully i.MX: Add GPIO devices to i.MX25 SOC i.MX: Add GPIO devices to i.MX31 SOC i.MX: Add GPIO device target-arm: Use tcg_gen_extrh_i64_i32 target-arm: Recognize ROR target-arm: Eliminate unnecessary zero-extend in disas_bitfield target-arm: Recognize UXTB, UXTH, LSR, LSL target-arm: Recognize SXTB, SXTH, SXTW, ASR target-arm: Implement fcsel with movcond target-arm: Implement ccmp branchless target-arm: Use setcond and movcond for csel target-arm: Handle always condition codes within arm_test_cc ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f0d574d63f4603ec431f16ad535a555bf7548b94 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Sep 14 14:39:51 2015 +0100 target-arm: Add VMPIDR_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1442135278-25281-9-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 06a7e6477c129ceaa72bd400cf281d44c456be43 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Sep 14 14:39:51 2015 +0100 target-arm: Break out mpidr_read_val() Break out mpidr_read_val() to allow future sharing of the code that conditionally sets the M and U bits of MPIDR. No functional changes. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1442135278-25281-8-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 731de9e60074620aa7d565f01f989adacd493514 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Sep 14 14:39:50 2015 +0100 target-arm: Add VPIDR_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1442135278-25281-7-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0c5fbf3b4c1e5210354de71a3dc2ebc8c8a01f31 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Sep 14 14:39:50 2015 +0100 target-arm: Suppress EPD for S2, EL2 and EL3 translations Stage-2 translations, EL2 and EL3 regimes don't have the EPD control. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1442135278-25281-6-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1edee4708a0e3163cbf20fac325be456abd960bb Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Sep 14 14:39:50 2015 +0100 target-arm: Suppress TBI for S2 translations Stage-2 MMU translations do not have configurable TBI as the top byte is always 0 (48-bit IPAs). Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1442135278-25281-5-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b698e9cfd282b228b36d426b75facb83e07a1072 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Sep 14 14:39:50 2015 +0100 target-arm: Add VTTBR_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1442135278-25281-4-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 68e9c2fe65bca7fc1bdc2411923333c3e87544a3 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Sep 14 14:39:50 2015 +0100 target-arm: Add VTCR_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1442135278-25281-3-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> [PMM: fixed typo in comment] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6533a1fcc2efa08570aa6d85851638783dddf2c6 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Mon Sep 14 14:39:49 2015 +0100 hw/cpu/{a15mpcore, a9mpcore}: Handle missing has_el3 CPU props gracefully Handle missing CPU support for EL3 gracefully. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1442135278-25281-2-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6abc7158cb62e559ce7b3a99e116e3ec051a0c45 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 14 14:39:49 2015 +0100 i.MX: Add GPIO devices to i.MX25 SOC Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 2eb129ba8713aedfe877eaa3d8de80061d880fbb.1441828793.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dde0c4ca6b849eb5c376f255767c019bb45a1d57 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 14 14:39:49 2015 +0100 i.MX: Add GPIO devices to i.MX31 SOC Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 60b67c9a8b948159f4b4163ead86fbf701c011c6.1441828793.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f4427280977902273f98280b2572d88b6ed53144 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 14 14:39:49 2015 +0100 i.MX: Add GPIO device Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 5ea3b0021e47cf7f7d883a7edbabee44980f3df7.1441828793.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7cb36e18b2f1c1f971ebdc2121de22a8c2e94fd6 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:49 2015 +0100 target-arm: Use tcg_gen_extrh_i64_i32 Usually, eliminate an operation from the translator by combining a shift with an extract. In the case of gen_set_NZ64, we don't need a boolean value for cpu_ZF, merely a non-zero value. Given that we can extract both halves of a 64-bit input in one call, this simplifies the code. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-12-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8fb0ad8e16ab3d03433244a1a03e1df757342ad8 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:49 2015 +0100 target-arm: Recognize ROR Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-11-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d3a77b42decd0cbfa62a5526e67d1d6d380c83a9 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:48 2015 +0100 target-arm: Eliminate unnecessary zero-extend in disas_bitfield For !SF, this initial ext32u can't be optimized away by the current TCG code generator. (It would require backward bit liveness propagation.) But since the range of bits for !SF are already constrained by unallocated_encoding, we'll never reference the high bits anyway. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-10-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9924e85829fe21b5f38a5d267c9aea44c5d478ac Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:48 2015 +0100 target-arm: Recognize UXTB, UXTH, LSR, LSL These are all special case aliases of UBFM. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-9-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ef60151bee9a95e3a5cc98b345a19ed7eb435ddb Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:48 2015 +0100 target-arm: Recognize SXTB, SXTH, SXTW, ASR These are all special case aliases of SBFM. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-8-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6e061029d74455d83f6fa070ac33de7a356cf60d Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:48 2015 +0100 target-arm: Implement fcsel with movcond Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-7-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7dd03d773e0dafae9271318fc8d6b2b14de74403 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:48 2015 +0100 target-arm: Implement ccmp branchless This can allow much of a ccmp to be elided when particular flags are subsequently dead. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-6-git-send-email-rth@xxxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 259cb68491ab36427e7e5d820fe543d53b006ec6 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:47 2015 +0100 target-arm: Use setcond and movcond for csel Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-5-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9305eac09e61d857c9cc11e20db754dfc25a82db Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:47 2015 +0100 target-arm: Handle always condition codes within arm_test_cc Handling this with TCG_COND_ALWAYS will allow these unlikely cases to be handled without special cases in the rest of the translator. The TCG optimizer ought to be able to reduce these ALWAYS conditions completely. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-4-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6c2c63d3a02c79e9035ca0370cc549d0f938a4dd Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:47 2015 +0100 target-arm: Introduce DisasCompare Split arm_gen_test_cc into 3 functions, so that it can be reused for non-branch TCG comparisons. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-3-git-send-email-rth@xxxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 78bcaa3e37afbd0c5316634f917c13487384b6ca Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Sep 14 14:39:47 2015 +0100 target-arm: Share all common TCG temporaries This is a bug fix for aarch64. At present, we have branches using the 32-bit (translate.c) versions of cpu_[NZCV]F, but we set the flags using the 64-bit (translate-a64.c) versions of cpu_[NZCV]F. From the view of the TCG code generator, these are unrelated variables. The bug is hard to see because we currently only read these variables from branches, and upon reaching a branch TCG will first spill live variables and then reload the arguments of the branch. Since the 32-bit versions were never live until reaching the branch, we'd re-read the data that had just been spilled from the 64-bit versions. There is currently no such problem with the cpu_exclusive_* variables, but there's no point in tempting fate. Cc: qemu-stable@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: 1441909103-24666-2-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 24cfc8dc583db57303137fd41f9f42806ea315a0 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Mon Sep 14 14:39:47 2015 +0100 xlnx-zynqmp: Remove unnecessary brackets around error messages The errp and err variable have unnecessary brackets around them, so remove the brackets. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 9900393572b63f2ec3d68785ca98193d81e0ac71.1441758563.git.alistair.francis@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 52c16b458ab2f8766867bc5fc099b0a604a36f77 Author: Nathan Rossi <nathan@xxxxxxxxxxxxxxx> Date: Mon Sep 14 14:39:47 2015 +0100 arm: xlnx-zynqmp: Fix up GIC region size The GIC in ZynqMP cover a 64K address space, however the actual registers are decoded within a 4K address space and mirrored at the 4K boundaries. This change fixes the defined size for these regions as it was set to 0x4000/16K incorrectly. Signed-off-by: Nathan Rossi <nathan@xxxxxxxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1441719672-25296-1-git-send-email-nathan@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2b750d9d261bda7f75b39dfc1e1e5f22502929d5 Merge: 8f6e82e cdd14a8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 14 10:46:38 2015 +0100 Merge remote-tracking branch 'remotes/aurel/tags/pull-sh4-next-20150913' into staging sh4-next: - TCG optimizations - fix initramfs endianness issue # gpg: Signature made Sun 13 Sep 2015 22:16:12 BST using RSA key ID 1DDD8C9B # gpg: Good signature from "Aurelien Jarno <aurelien@xxxxxxxxxxx>" # gpg: aka "Aurelien Jarno <aurelien@xxxxxxxx>" # gpg: aka "Aurelien Jarno <aurel32@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 7746 2642 A9EF 94FD 0F77 196D BA9C 7806 1DDD 8C9B * remotes/aurel/tags/pull-sh4-next-20150913: sh4: Fix initramfs initialization for endiannes-mismatched targets target-sh4: improve shad instruction target-sh4: improve shld instruction target-sh4: improve cmp/str instruction target-sh4: use deposit in swap.b instruction target-sh4: add flags markups for FP helpers Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cdd14a8cf25c34ff8d0777530e8d16565f6bf7a1 Author: Guenter Roeck <linux@xxxxxxxxxxxx> Date: Wed Aug 12 07:20:36 2015 -0700 sh4: Fix initramfs initialization for endiannes-mismatched targets If host and target endianness does not match, loding an initramfs does not work. Fix by writing boot parameters with appropriate endianness conversion. Signed-off-by: Guenter Roeck <linux@xxxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit be654c83608eaba199ed45444debf2dd46a88fe6 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Jul 5 22:39:03 2015 +0200 target-sh4: improve shad instruction The SH4 shad instruction can shift in both direction, depending on the sign of the shift. This is currently implemented using branches, which is not really efficient and prevents the optimizer to do its job. In practice it is often used with a constant loaded in a register just before. Simplify the implementation by computing both the value shifted to the left and to the right, and then selecting the correct one with a movcond. As with a negative value the shift amount can go up to 32 which is undefined, we shift the value in two steps. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 577601616dea10db10a716de1be448f8564076f4 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Jul 5 22:37:18 2015 +0200 target-sh4: improve shld instruction The SH4 shld instruction can shift in both direction, depending on the sign of the shift. This is currently implemented using branches, which is not really efficient and prevents the optimizer to do its job. In practice it is often used with a constant loaded in a register just before. Simplify the implementation by computing both the value shifted to the left and to the right, and then selecting the correct one with a movcond. As with a negative value the shift amount can go up to 32 which is undefined, we shift the value in two steps. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit eb6ca2b4a69325e95526bc0f2897791df04e44dc Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Jul 5 18:50:09 2015 +0200 target-sh4: improve cmp/str instruction Instead of testing bytes one by one, we can use the following trick from https://graphics.stanford.edu/~seander/bithacks.html: haszero(v) = (v - 0x01010101) & ~v & 0x80808080 The subexpression v - 0x01010101, evaluates to a high bit set in any byte whenever the corresponding byte in v is zero or greater than 0x80. The sub-expression ~v & 0x80808080 evaluates to high bits set in bytes where the byte of v doesn't have its high bit set (so the byte was less than 0x80). Finally, by ANDing these two sub-expressions the result is the high bits set where the bytes in v were zero, since the high bits set due to a value greater than 0x80 in the first sub-expression are masked off by the second. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 218fd7301f88df440da3e16b9cfca000cd2fe111 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Jul 5 17:05:08 2015 +0200 target-sh4: use deposit in swap.b instruction Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 7f6bdc431a5c567fca0130d79c8b14f531a0eb14 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 17 12:53:13 2015 +0200 target-sh4: add flags markups for FP helpers Most floating point helpers can trigger an exception, but don't change the globals. Mark these helpers as TCG_CALL_NO_WG. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 8f6e82e4ecec9bc2726725275a138bc30f3ffc81 Merge: 30c38c9 1c3c8af Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 11 18:01:56 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150911' into staging queued tcg related patches # gpg: Signature made Fri 11 Sep 2015 16:17:00 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20150911: cpu-exec: introduce loop exit with restore function softmmu: remove now unused functions softmmu: add helper function to pass through retaddr tlb: Add "ifetch" argument to cpu_mmu_index() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 30c38c90bd3f1bb105ebc069ac1821067c980b7c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 14 18:46:32 2015 +0100 scripts/qemu-gdb: Add brief comment describing usage Add a brief comment describing how to use the debug support from GDB. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1439574392-4403-5-git-send-email-peter.maydell@xxxxxxxxxx commit 5e3c72d41e6909450e32f0b99545748cc25e9597 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 14 18:46:31 2015 +0100 scripts/qemu-gdb: Silently pass through SIGUSR1 SIGUSR1 is QEMU's IPI signal, and it gets sent a lot, so is best silently passed through to the guest without stopping. Make qemu-gdb.py do this bit of configuration for the user. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1439574392-4403-4-git-send-email-peter.maydell@xxxxxxxxxx commit 191590f09dcbd26822a8bc67628cbd341dd5c07f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 14 18:46:30 2015 +0100 scripts/qemu-gdb: Split CoroutineCommand into its own file Split the implementation of CoroutineCommand into its own file. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1439574392-4403-3-git-send-email-peter.maydell@xxxxxxxxxx commit 93b1b365dc06ff7c69d3131d68c083f824db5311 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 14 18:46:29 2015 +0100 scripts/qemu-gdb: Split MtreeCommand into its own module As we add more commands to our Python gdb debugging support, it's going to get unwieldy to have everything in a single file. Split the implementation of the 'mtree' command from qemu-gdb.py into its own module. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1439574392-4403-2-git-send-email-peter.maydell@xxxxxxxxxx commit 1c3c8af1fb40a481c07749e0448644d9b7700415 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:57:02 2015 +0300 cpu-exec: introduce loop exit with restore function This patch introduces loop exit function, which also restores guest CPU state according to the value of host program counter. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150710095702.13280.97477.stgit@PASHA-ISP> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit b8611499b940b1b4db67aa985e3a844437bcbf00 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:56:56 2015 +0300 softmmu: remove now unused functions Now that the cpu_ld/st_* function directly call helper_ret_ld/st, we can drop the old helper_ld/st functions. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150710095656.13280.7085.stgit@PASHA-ISP> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 282dffc8a4bfe8724548cabb8a26698bde0a6e18 Author: Pavel Dovgalyuk <Pavel.Dovgaluk@xxxxxxxxx> Date: Fri Jul 10 12:56:50 2015 +0300 softmmu: add helper function to pass through retaddr This patch introduces several helpers to pass return address which points to the TB. Correct return address allows correct restoring of the guest PC and icount. These functions should be used when helpers embedded into TB invoke memory operations. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx> Message-Id: <20150710095650.13280.32255.stgit@PASHA-ISP> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 97ed5ccdee95f0b98bedc601ff979e368583472c Author: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Date: Mon Aug 17 17:34:10 2015 +1000 tlb: Add "ifetch" argument to cpu_mmu_index() This is set to true when the index is for an instruction fetch translation. The core get_page_addr_code() sets it, as do the SOFTMMU_CODE_ACCESS acessors. All targets ignore it for now, and all other callers pass "false". This will allow targets who wish to split the mmu index between instruction and data accesses to do so. A subsequent patch will do just that for PowerPC. Signed-off-by: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Message-Id: <1439796853-4410-2-git-send-email-benh@xxxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit ba9cef7b6e487a5a8969db81d09b8eec8a2b50c6 Merge: 7b9c09f af5b83d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 11 12:07:29 2015 +0100 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-09-11' into staging trivial patches for 2015-09-11 # gpg: Signature made Fri 11 Sep 2015 12:02:43 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-09-11: (26 commits) virtio-vga: enable for i386 hw/arm/spitz: Remove meaningless blank Property hw/gpio/zaurus: Remove meaningless blank Property hw/virtio/virtio-pci: Remove meaningless blank Property hw/s390x/s390-virtio-bus: Remove meaningless blank Property typofixes - v4 qapi-schema: remove legacy<> from doc disas/microblaze: Remove unused code help: dd missing newline Target-ppc: Remove unnecessary variable baum: Fix build with debugging enabled linux-user: Fix warnings caused by missing 'static' attribute opts: produce valid command line in qemu_opts_print docs: fix a qga/qapi-schema.json comment trivial: remove trailing newline from error_report maint: avoid useless "if (foo) free(foo)" pattern maint: avoid useless "if (foo) free(foo)" pattern maint: remove unused include for strings.h maint: remove unused include for signal.h maint: remove unused include for dirent.h ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit af5b83d7d5297f8bdfd3353a420c120c4fd5adfd Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Mon Jul 13 13:58:46 2015 +0200 virtio-vga: enable for i386 This one just syncs x86_64 and i386. Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: qemu-trivial@xxxxxxxxxx Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a3c088a72c70401fd4d1342173dd971c2fce5e4d Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue May 12 10:25:20 2015 +0800 hw/arm/spitz: Remove meaningless blank Property Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit c11b05836ead1e6354aa31857d31c0d908e7e08c Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue May 12 10:25:19 2015 +0800 hw/gpio/zaurus: Remove meaningless blank Property Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 6328d69de09243929d90665eb6a6e0c96c4d06fc Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue May 12 10:25:18 2015 +0800 hw/virtio/virtio-pci: Remove meaningless blank Property Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 01630e24b0993adb4874b5416e897646c964bb8f Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue May 12 10:25:16 2015 +0800 hw/s390x/s390-virtio-bus: Remove meaningless blank Property Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 67cc32ebfd8c0ee3fcdb26780a8991baf5eb1d45 Author: Veres Lajos <vlajos@xxxxxxxxx> Date: Tue Sep 8 22:45:14 2015 +0100 typofixes - v4 Signed-off-by: Veres Lajos <vlajos@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 33b23b4b5e15923acaf315b01a535c15b239483b Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Sep 4 21:41:01 2015 +0200 qapi-schema: remove legacy<> from doc The legacy<> type is no longer used since 7ce7ffe02. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 76621d1faa25405ab13cfe73890f9069b2890ed4 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Sat Aug 29 09:44:33 2015 +0200 disas/microblaze: Remove unused code Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 2382053f1deea2a2b49cf15571be7b542bec5fcf Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Fri Sep 4 21:30:04 2015 +0200 help: dd missing newline Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 74c373e42f3dccae3b3b1e91a82ab8f748a39a6f Author: Shraddha Barke <shraddha.6596@xxxxxxxxx> Date: Sat Sep 5 00:50:28 2015 +0530 Target-ppc: Remove unnecessary variable Compress lines and remove the variable ret. Change made using Coccinelle script @@ expression ret; @@ - if (ret) return ret; - return 0; + return ret; @@ local idexpression ret; expression e; @@ - ret = e; - return ret; + return e; @@ type T; identifier i; @@ - T i; ... when != i Signed-off-by: Shraddha Barke <shraddha.6596@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 70cbae1dd85c9b4bb7c42bb282baacaaed0dd9bd Author: Samuel Thibault <samuel.thibault@xxxxxxx> Date: Sun Aug 30 17:12:13 2015 +0200 baum: Fix build with debugging enabled cur and buf are pointers, so the difference is a ptrdiff_t Signed-off-by: Samuel Thibault <samuel.thibault@xxxxxxxxxxxx> Reviewed-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 8cb76755615326dd824ee3c7f3588afcd17acb28 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Sat Aug 29 09:29:52 2015 +0200 linux-user: Fix warnings caused by missing 'static' attribute Warnings from the Sparse static analysis tool: linux-user/main.c:40:12: warning: symbol 'filename' was not declared. Should it be static? linux-user/main.c:41:12: warning: symbol 'argv0' was not declared. Should it be static? linux-user/main.c:42:5: warning: symbol 'gdbstub_port' was not declared. Should it be static? linux-user/main.c:43:11: warning: symbol 'envlist' was not declared. Should it be static? Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit fe646693acc13ac48b98435d14149ab04dc597bc Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Tue Jul 7 16:42:10 2015 +0200 opts: produce valid command line in qemu_opts_print This will let us print options in a format that the user would actually write it on the command line (foo=bar,baz=asd,etc=def), without prepending a spurious comma at the beginning of the list, or quoting values unnecessarily. This patch provides the following changes: * write and id=, if the option has an id * do not print separator before the first element * do not quote string arguments * properly escape commas (,) for QEMU Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 71e0e067b2bef8823c389c3705a8bcbb2bb12429 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 12:48:35 2015 +0200 docs: fix a qga/qapi-schema.json comment For consistency with the rest of the comment blocks. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 594fd21102aa7b7dce1509b31944d10836108c6b Author: John Snow <jsnow@xxxxxxxxxx> Date: Mon Jun 29 16:56:26 2015 -0400 trivial: remove trailing newline from error_report Minor cleanup. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 012aef073461fd24a901d7a8742532093b7f6ae5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Aug 26 14:02:53 2015 +0200 maint: avoid useless "if (foo) free(foo)" pattern My Coccinelle semantic patch finds a few more, because it also fixes up the equally pointless conditional if (foo) { free(foo); foo = NULL; } Result (feel free to squash it into your patch): Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ef1e1e0782e99c9dcf2b35e5310cdd8ca9211374 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Aug 26 12:17:18 2015 +0100 maint: avoid useless "if (foo) free(foo)" pattern The free() and g_free() functions both happily accept NULL on any platform QEMU builds on. As such putting a conditional 'if (foo)' check before calls to 'free(foo)' merely serves to bloat the lines of code. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 4595a48a10e576638795950b61957f83d2ed09b4 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Aug 26 12:17:17 2015 +0100 maint: remove unused include for strings.h A number of files were including strings.h but not using any of the functions it provides Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 1618d2ae7f1728ea26fa38cb661253f134d389ed Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Aug 26 12:17:16 2015 +0100 maint: remove unused include for signal.h A number of files were including signal.h but not using any of the functions it provides Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit d7646f241c8efc17b4b86cc7a304472792f0cc74 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Aug 26 12:17:15 2015 +0100 maint: remove unused include for dirent.h A number of files were including dirent.h but not using any of the functions it provides Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 8abae4d31d92be2085fd66566585cba7699ad332 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Aug 26 12:17:14 2015 +0100 maint: remove unused include for assert.h A number of files were including assert.h but not using any of the functions it provides Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b6af097528caba5b23b79db3f1f1fd08fa4fa11e Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Aug 26 12:17:13 2015 +0100 maint: remove / fix many doubled words Many source files have doubled words (eg "the the", "to to", and so on). Most of these can simply be removed, but a couple were actual mis-spellings (eg "to to" instead of "to do"). There was even one triple word score "to to to" :-) Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a8f15a27752d855d339befd8de4f0ad1c4dbb0ab Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Aug 26 12:17:12 2015 +0100 maint: remove double semicolons in many files A number of source files have statements accidentally terminated by a double semicolon - eg 'foo = bar;;'. This is harmless but a mistake none the less. The tcg/ia64/tcg-target.c file is whitelisted because it has valid use of ';;' in a comment containing assembly code. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit fee562e9e41290a22623de83b673a8929ec5280d Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Tue Aug 4 10:27:31 2015 +0200 i6300esb: fix timer overflow We use muldiv64() to compute the time to wait: timeout = muldiv64(get_ticks_per_sec(), timeout, 33000000); but get_ticks_per_sec() is 10^9 (30 bit value) and timeout is a 35 bit value. Whereas muldiv64 is: uint64_t muldiv64(uint64_t a, uint32_t b, uint32_t c) So we loose 3 bits of timeout. Swapping get_ticks_per_sec() and timeout fixes it. We can also replace it by a multiplication by 30 ns, but this changes PCI clock frequency from 33MHz to 33.333333MHz and we need to do this on all the QEMU PCI devices (later...) Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 6883de6c9b647d5629ffe131ed5d97c06bb0db1a Author: Andrey Korolyov <andrey@xxxxxxx> Date: Fri Jul 31 22:12:54 2015 +0300 Trivial: fix commandline help message Fix obvious typo in printed help for qemu-nbd. Signed-off-by: Andrey Korolyov <andrey@xxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a23797efb14f4d8f093e3b68f8265c88e9ff1de6 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Thu Jul 30 07:46:43 2015 +0200 Update language files for QEMU 2.4.0 Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 7b9c09f7d486647784c605739d69b708a7249c9b Merge: fe55641 cae99f1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 10 18:25:52 2015 +0100 Merge remote-tracking branch 'remotes/sstabellini/tags/xen-2015-09-10-tag' into staging xen-2015-09-10 # gpg: Signature made Thu 10 Sep 2015 17:52:08 BST using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>" * remotes/sstabellini/tags/xen-2015-09-10-tag: (29 commits) xen/pt: Don't slurp wholesale the PCI configuration registers xen/pt: Check for return values for xen_host_pci_[get|set] in init xen/pt: Move bulk of xen_pt_unregister_device in its own routine. xen/pt: Make xen_pt_unregister_device idempotent xen/pt: Log xen_host_pci_get/set errors in MSI code. xen/pt: Log xen_host_pci_get in two init functions xen/pt: Remove XenPTReg->data field. xen/pt: Check if reg->init function sets the 'data' past the reg->size xen/pt: Sync up the dev.config and data values. xen/pt: Use xen_host_pci_get_[byte|word] instead of dev.config xen/pt: Use XEN_PT_LOG properly to guard against compiler warnings. xen/pt/msi: Add the register value when printing logging and error messages xen: use errno instead of rc for xc_domain_add_to_physmap xen/pt: xen_host_pci_config_read returns -errno, not -1 on failure xen/pt: Make xen_pt_msi_set_enable static xen/pt: Update comments with proper function name. xen/HVM: atomically access pointers in bufioreq handling xen-hvm: When using xc_domain_add_to_physmap also include errno when reporting xen, gfx passthrough: add opregion mapping xen, gfx passthrough: register host bridge specific to passthrough ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cae99f1d779a6e2c8721ce2dd80bafdbf0abe7a0 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Wed Jul 8 15:58:41 2015 -0400 xen/pt: Don't slurp wholesale the PCI configuration registers Instead we have the emulation registers ->init functions which consult the host values to see what the initial value should be and they are responsible for populating the dev.config. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 3d3697f2576424a2c0830a7b2e7c94c79dea9b50 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Thu Jul 2 14:33:44 2015 -0400 xen/pt: Check for return values for xen_host_pci_[get|set] in init and if we have failures we call xen_pt_destroy introduced in 'xen/pt: Move bulk of xen_pt_unregister_device in its own routine.' and free all of the allocated structures. Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit df6aa45752bf8145adcba9b077c346e9b758ebd1 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Tue Sep 8 16:21:59 2015 -0400 xen/pt: Move bulk of xen_pt_unregister_device in its own routine. This way we can call it if we fail during init. This code movement introduces no changes. Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit bce33948178e338eac2629284b199c0c1f05f8a3 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Tue Sep 8 16:21:29 2015 -0400 xen/pt: Make xen_pt_unregister_device idempotent To deal with xen_host_pci_[set|get]_ functions returning error values and clearing ourselves in the init function we should make the .exit (xen_pt_unregister_device) function be idempotent in case the generic code starts calling .exit (or for fun does it before calling .init!). Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit fe2da64c5ab882124aaf14c27d62409d02ff1786 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Wed Jun 24 17:27:40 2015 -0400 xen/pt: Log xen_host_pci_get/set errors in MSI code. We seem to only use these functions when de-activating the MSI - so just log errors. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit ea6c50f99de4b36a2c3e90dedabac46aef7992ac Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Wed Jun 24 17:18:26 2015 -0400 xen/pt: Log xen_host_pci_get in two init functions To help with troubleshooting in the field. Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit e2779de053b64f023de382fd87b3596613d47d1e Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Wed Jul 1 15:41:33 2015 -0400 xen/pt: Remove XenPTReg->data field. We do not want to have two entries to cache the guest configuration registers: XenPTReg->data and dev.config. Instead we want to use only the dev.config. To do without much complications we rip out the ->data field and replace it with an pointer to the dev.config. This way we have the type-checking (uint8_t, uint16_t, etc) and as well and pre-computed location. Alternatively we could compute the offset in dev.config by using the XenPTRRegInfo and XenPTRegGroup every time but this way we have the pre-computed values. This change also exposes some mis-use: - In 'xen_pt_status_reg_init' we used u32 for the Capabilities Pointer register, but said register is an an u16. - In 'xen_pt_msgdata_reg_write' we used u32 but should have only use u16. Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 5b4dd0f55ed3027557ed9a6fd89d5aa379122feb Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Mon Jun 29 16:41:14 2015 -0400 xen/pt: Check if reg->init function sets the 'data' past the reg->size It should never happen, but in case it does (an developer adds a new register and the 'init_val' expands past the register size) we want to report. The code will only write up to reg->size so there is no runtime danger of the register spilling across other ones - however to catch this sort of thing we still return an error. Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 2e87512eccf3c5e40f3142ff5a763f4f850839f4 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Mon Jun 29 16:24:40 2015 -0400 xen/pt: Sync up the dev.config and data values. For a passthrough device we maintain a state of emulated registers value contained within d->config. We also consult the host registers (and apply ro and write masks) whenever the guest access the registers. This is done in xen_pt_pci_write_config and xen_pt_pci_read_config. Also in this picture we call pci_default_write_config which updates the d->config and if the d->config[PCI_COMMAND] register has PCI_COMMAND_MEMORY (or PCI_COMMAND_IO) acts on those changes. On startup the d->config[PCI_COMMAND] are the host values, not what the guest initial values should be, which is exactly what we do _not_ want to do for 64-bit BARs when the guest just wants to read the size of the BAR. Huh you say? To get the size of 64-bit memory space BARs, the guest has to calculate ((BAR[x] & 0xFFFFFFF0) + ((BAR[x+1] & 0xFFFFFFFF) << 32)) which means it has to do two writes of ~0 to BARx and BARx+1. prior to this patch and with XSA120-addendum patch (Linux kernel) the PCI_COMMAND register is copied from the host it can have PCI_COMMAND_MEMORY bit set which means that QEMU will try to update the hypervisor's P2M with BARx+1 value to ~0 (0xffffffff) (to sync the guest state to host) instead of just having xen_pt_pci_write_config and xen_pt_bar_reg_write apply the proper masks and return the size to the guest. To thwart this, this patch syncs up the host values with the guest values taking into account the emu_mask (bit set means we emulate, PCI_COMMAND_MEMORY and PCI_COMMAND_IO are set). That is we copy the host values - masking out any bits which we will emulate. Then merge it with the initial emulation register values. Lastly this value is then copied both in dev.config _and_ XenPTReg->data field. There is also reg->size accounting taken into consideration that ends up being used in patch. xen/pt: Check if reg->init function sets the 'data' past the reg->size This fixes errors such as these: (XEN) memory_map:add: dom2 gfn=fffe0 mfn=fbce0 nr=20 (DEBUG) 189 pci dev 04:0 BAR16 wrote ~0. (DEBUG) 200 pci dev 04:0 BAR16 read 0x0fffe0004. (XEN) memory_map:remove: dom2 gfn=fffe0 mfn=fbce0 nr=20 (DEBUG) 204 pci dev 04:0 BAR16 wrote 0x0fffe0004. (DEBUG) 217 pci dev 04:0 BAR16 read upper 0x000000000. (XEN) memory_map:add: dom2 gfn=ffffffff00000 mfn=fbce0 nr=20 (XEN) p2m.c:883:d0v0 p2m_set_entry failed! mfn=ffffffffffffffff rc:-22 (XEN) memory_map:fail: dom2 gfn=ffffffff00000 mfn=fbce0 nr=20 ret:-22 (XEN) memory_map:remove: dom2 gfn=ffffffff00000 mfn=fbce0 nr=20 (XEN) p2m.c:920:d0v0 gfn_to_mfn failed! gfn=ffffffff00000 type:4 (XEN) p2m.c:920:d0v0 gfn_to_mfn failed! gfn=ffffffff00001 type:4 .. (XEN) memory_map: error -22 removing dom2 access to [fbce0,fbcff] (DEBUG) 222 pci dev 04:0 BAR16 read upper 0x0ffffffff. (XEN) memory_map:remove: dom2 gfn=ffffffff00000 mfn=fbce0 nr=20 (XEN) memory_map: error -22 removing dom2 access to [fbce0,fbcff] [The DEBUG is to illustate what the hvmloader was doing] Also we swap from xen_host_pci_long to using xen_host_pci_get_[byte,word,long]. Otherwise we get: xen_pt_config_reg_init: Offset 0x0004 mismatch! Emulated=0x0000, host=0x2300017, syncing to 0x2300014. xen_pt_config_reg_init: Error: Offset 0x0004:0x2300014 expands past register size(2)! which is not surprising. We read the value as an 32-bit (from host), then operate it as a 16-bit - and the remainder is left unchanged. We end up writing the value as 16-bit (so 0014) to dev.config (as we use proper xen_set_host_[byte,word,long] so we don't spill to other registers) but in XenPTReg->data it is as 32-bit (0x2300014)! It is harmless as the read/write functions end up using an size mask and never modify the bits past 16-bit (reg->size is 2). This patch fixes the warnings by reading the value using the proper size. Note that the check for size is still left in-case the developer sets bits past the reg->size in the ->init routines. The author tried to fiddle with QEMU_BUILD_BUG to make this work but failed. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Reported-by: Sander Eikelenboom <linux@xxxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 6aa07b1494d2725f24af097ca19c750ac25a7c11 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Mon Jun 29 14:01:13 2015 -0400 xen/pt: Use xen_host_pci_get_[byte|word] instead of dev.config During init time we treat the dev.config area as a cache of the host view. However during execution time we treat it as guest view (by the generic PCI API). We need to sync Xen's code to the generic PCI API view. This is the first step by replacing all of the code that uses dev.config or pci_get_[byte|word] to get host value to actually use the xen_host_pci_get_[byte|word] functions. Interestingly in 'xen_pt_ptr_reg_init' we also needed to swap reg_field from uint32_t to uint8_t - since the access is only for one byte not four bytes. We can split this as a seperate patch however we would have to use a cast to thwart compiler warnings in the meantime. We also truncated 'flags' to 'flag' to make the code fit within the 80 characters. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit fe556410cf09d6181a4e694c6db31562fdcfbeba Merge: fbf054c 1e9b65b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 10 14:51:35 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2015-09-10' into staging error: On abort, report where the error was created # gpg: Signature made Thu 10 Sep 2015 13:01:39 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-error-2015-09-10: error: On abort, report where the error was created error: Revamp interface documentation error: error_set_errno() is unused, drop qga/vss-win32: Document the DLL requires non-null errp qga: Clean up unnecessarily dirty casts error: Make error_setg() a function error: De-duplicate code creating Error objects Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 54fd08136e4ac8b88b88b15c397010e3b0de379f Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Mon Jun 29 16:06:19 2015 -0400 xen/pt: Use XEN_PT_LOG properly to guard against compiler warnings. If XEN_PT_LOGGING_ENABLED is enabled the XEN_PT_LOG macros start using the first argument. Which means if within the function there is only one user of the argument ('d') and XEN_PT_LOGGING_ENABLED is not set, we get compiler warnings. This is not the case now but with the "xen/pt: Use xen_host_pci_get_[byte|word] instead of dev.config" we will hit - so this sync up the function to the rest of them. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit faf5f56bf9f45ffc24a41fc8fc5ab76677aef688 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Mon Jun 29 12:30:37 2015 -0400 xen/pt/msi: Add the register value when printing logging and error messages We would like to know what the MSI register value is to help in troubleshooting in the field. As such modify the logging logic to include such details in xen_pt_msgctrl_reg_write. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 20a544c7dc2428e8816ed4a87af732884e885f2d Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Mon Jun 29 12:51:05 2015 -0400 xen: use errno instead of rc for xc_domain_add_to_physmap In Xen 4.6 commit cd2f100f0f61b3f333d52d1737dd73f02daee592 "libxc: Fix do_memory_op to return negative value on errors" made the libxc API less odd-ball: On errors, return value is -1 and error code is in errno. On success the return value is either 0 or an positive value. Since we could be running with an old toolstack in which the Exx value is in rc or the newer, we add an wrapper around the xc_domain_add_to_physmap (called xen_xc_domain_add_to_physmap) which will always return the EXX. Xen 4.6 did not change the libxc functions mentioned (same parameters) so we piggyback on the fact that Xen 4.6 has a new function: commit 504ed2053362381ac01b98db9313454488b7db40 "tools/libxc: Expose new hypercall xc_reserved_device_memory_map" and check for that. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Suggested-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 52c7265f602701751b55d437b347bd73debf9d91 Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Mon Jun 29 13:58:17 2015 -0400 xen/pt: xen_host_pci_config_read returns -errno, not -1 on failure However the init routines assume that on errors the return code is -1 (as the libxc API is) - while those xen_host_* routines follow another paradigm - negative errno on return, 0 on success. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit cf8124f0078a7625fdf9836589210267817ae0ae Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Wed Jun 24 17:26:43 2015 -0400 xen/pt: Make xen_pt_msi_set_enable static As we do not use it outside our code. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit d3b9facba71ed45c9c1c09ca28eb5568a194b4de Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Wed Jun 24 17:16:01 2015 -0400 xen/pt: Update comments with proper function name. It has changed but the comments still refer to the old names. Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit d8b441a3fbfd075c48ab2a519d779d926624ed79 Author: Jan Beulich <JBeulich@xxxxxxxx> Date: Fri Jul 24 03:38:28 2015 -0600 xen/HVM: atomically access pointers in bufioreq handling The number of slots per page being 511 (i.e. not a power of two) means that the (32-bit) read and write indexes going beyond 2^32 will likely disturb operation. The hypervisor side gets I/O req server creation extended so we can indicate that we're using suitable atomic accesses where needed, allowing it to atomically canonicalize both pointers when both have gone through at least one cycle. The Xen side counterpart (which is not a functional prereq to this change, albeit a build one) went in already (commit b7007bc6f9). Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit e763addd19e59dbd1986d4b0faae63dcb9a0f6aa Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Date: Fri Mar 13 15:36:58 2015 -0400 xen-hvm: When using xc_domain_add_to_physmap also include errno when reporting .errors - as it will most likely have the proper error value. Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 5cec8aa38cc3b7c8cf9ce66abdda28b3598e2d88 Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:50 2015 +0800 xen, gfx passthrough: add opregion mapping The OpRegion shouldn't be mapped 1:1 because the address in the host can't be used in the guest directly. This patch traps read and write access to the opregion of the Intel GPU config space (offset 0xfc). The original patch is from Jean Guyader <jean.guyader@xxxxxxxxxxxxx> Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 998250e976613decf9e0da68b3922df330eac3f6 Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:49 2015 +0800 xen, gfx passthrough: register host bridge specific to passthrough Just register that pci host bridge specific to passthrough. Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit f37d630a69992822f2eb4a47a5a5fc6a54a6dd08 Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:48 2015 +0800 xen, gfx passthrough: register a isa bridge Currently we just register this isa bridge when we use IGD passthrough in Xen side. Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit bd8107d7301d3fa44f04aa435e06efb2226ca58c Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:47 2015 +0800 igd gfx passthrough: create a isa bridge Currently IGD drivers always need to access PCH by 1f.0. But we don't want to poke that directly to get ID, and although in real world different GPU should have different PCH. But actually the different PCH DIDs likely map to different PCH SKUs. We do the same thing for the GPU. For PCH, the different SKUs are going to be all the same silicon design and implementation, just different features turn on and off with fuses. The SW interfaces should be consistent across all SKUs in a given family (eg LPT). But just same features may not be supported. Most of these different PCH features probably don't matter to the Gfx driver, but obviously any difference in display port connections will so it should be fine with any PCH in case of passthrough. So currently use one PCH version, 0x8c4e, to cover all HSW(Haswell) scenarios, 0x9cc3 for BDW(Broadwell). Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 881213f1b9c5a8f4101405a5802d548cb62a4274 Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:46 2015 +0800 xen, gfx passthrough: retrieve VGA BIOS to work Now we retrieve VGA bios like kvm stuff in qemu but we need to fix Device Identification in case if its not matched with the real IGD device since Seabios is always trying to compare this ID to work out VGA BIOS. Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 798141799ccd5235a928b8fc0411d7d74e706489 Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:45 2015 +0800 xen, gfx passthrough: basic graphics passthrough support basic gfx passthrough support: - add a vga type for gfx passthrough - register/unregister legacy VGA I/O ports and MMIOs for passthrough GFX Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit bcd7461e7e84a65f1dfaa6af6e00aa498978d29d Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:44 2015 +0800 hw/pci-assign: split pci-assign.c We will try to reuse assign_dev_load_option_rom in xen side, and especially its a good beginning to unify pci assign codes both on kvm and xen in the future. [Fix build for Windows] Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 595a4f07d6bd18ba11c78b95d6a78089fee26eca Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:43 2015 +0800 piix: create host bridge to passthrough Implement a pci host bridge specific to passthrough. Actually this just inherits the standard one. And we also just expose a minimal real host bridge pci configuration subset. [Replace pread with lseek and read to fix Windows build] Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1e9b65bb1bad51735cab6c861c29b592dccabf0e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 19 19:21:59 2015 +0200 error: On abort, report where the error was created This is particularly useful when we abort in error_propagate(), because there the stack backtrace doesn't lead to where the error was created. Looks like this: Unexpected error in parse_block_error_action() at .../qemu/blockdev.c:322: qemu-system-x86_64: -drive if=none,werror=foo: 'foo' invalid write error action Aborted (core dumped) Note: to get this example output, I monkey-patched drive_new() to pass &error_abort to blockdev_init(). To keep the error handling boiler plate from growing even more, all error_setFOO() become macros expanding into error_setFOO_internal() with additional __FILE__, __LINE__, __func__ arguments. Not exactly pretty, but it works. The macro trickery breaks down when you take the address of an error_setFOO(). Fortunately, we do that in just one place: qemu-ga's Windows VSS provider and requester DLL wants to call error_setg_win32() through a function pointer "to avoid linking glib to the DLL". Use error_setg_win32_internal() there. The use of the function pointer is already wrapped in a macro, so the churn isn't bad. Code size increases by some 35KiB for me (0.7%). Tolerable. Could be less if we passed relative rather than absolute source file names to the compiler, or forwent reporting __func__. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit edf6f3b3358597d37da0cf636ce3ed8a546d0f26 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 19 18:29:24 2015 +0200 error: Revamp interface documentation Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 4463dcb85c9f992f0c4d93f2142c8d64dcc85c5c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 19 22:16:14 2015 +0200 error: error_set_errno() is unused, drop Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 08e64640357cd9517aa30fd49840f05f0f2ee3a4 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Sat Jun 20 09:33:56 2015 +0200 qga/vss-win32: Document the DLL requires non-null errp requester.cpp uses this pattern to receive an error and pass it on to the caller (err_is_set() macro peeled off for clarity): ... code that may set errset->errp ... if (errset->errp && *errset->errp) { ... handle error ... } This breaks when errset->errp is null. As far as I can tell, it currently isn't, so this is merely fragile, not actually broken. The robust way to do this is to receive the error in a local variable, then propagate it up, like this: Error *err = NULL; ... code that may set err ... if (err) ... handle error ... error_propagate(errset->errp, err); } See also commit 5e54769, 0f230bf, a903f40. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit e7cf59e84767e30b507b6bd7c1347072ec12b636 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 19 20:44:54 2015 +0200 qga: Clean up unnecessarily dirty casts qga_vss_fsfreeze() casts error_set_win32() from void (*)(Error **, int, ErrorClass, const char *, ...) to void (*)(void **, int, int, const char *, ...) The result is later called. Since the two types are not compatible, the call is undefined behavior. It works in practice anyway. However, there's no real need for trickery here. Clean it up as follows: * Declare struct Error, and fix the first parameter. * Switch to error_setg_win32(). This gets rid of the troublesome ErrorClass parameter. Requires converting error_setg_win32() from macro to function, but that's trivially easy, because this is the only user of error_set_win32(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit a9499ddd82a99c66cc72a08e72427c423acfea1c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 19 15:36:16 2015 +0200 error: Make error_setg() a function Saves a tiny amount of code at every call site. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 552375088a832fd5945ede92d01f98977b4eca13 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 19 13:59:47 2015 +0200 error: De-duplicate code creating Error objects Duplicated when commit 680d16d added error_set_errno(), and again when commit 20840d4 added error_set_win32(). Make the original copy in error_set() reusable by factoring out error_setv(), then rewrite error_set_errno() and error_set_win32() on top of it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit fbf054cb0a8ce2dc8f2d3012fb9204ef50d28d17 Merge: fc04a73 0f288f8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 10 10:24:30 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio,pc,acpi fixes, cleanups Fixes all over the place. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu 10 Sep 2015 10:16:18 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: hw/pci: fix pci_update_mappings() trace events pc: memhotplug: keep reserved-memory-end broken on 2.4 and earlier machines pc: memhotplug: fix incorrectly set reserved-memory-end acpi: Remove unused definition. virtio: avoid leading underscores for helpers pc: Remove redundant arguments from xen_hvm_init() pci: Fix pci_device_iommu_address_space() bus propagation Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0f288f854b96f56247e38f4207f71647133f0184 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Tue Sep 1 23:33:23 2015 +0200 hw/pci: fix pci_update_mappings() trace events The current trace prototypes and (matching) trace calls lead to "unorthodox" PCI BDF notation in at least the stderr trace backend. For example, the four BARs of a QXL video card at 00:01.0 (bus 0, slot 1, function 0) are traced like this (PID and timestamps removed): pci_update_mappings_add d=0x7f14a73bf890 00:00.1 0,0x84000000+0x4000000 pci_update_mappings_add d=0x7f14a73bf890 00:00.1 1,0x80000000+0x4000000 pci_update_mappings_add d=0x7f14a73bf890 00:00.1 2,0x88200000+0x2000 pci_update_mappings_add d=0x7f14a73bf890 00:00.1 3,0xd060+0x20 The slot and function values are in reverse order. Stick with the conventional BDF notation. Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Don Koch <dkoch@xxxxxxxxxxx> Cc: qemu-trivial@xxxxxxxxxx Fixes: 7828d75045 Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 2f8b50083b321e470ef8e2502910ade40cbfa020 Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Mon Sep 7 13:55:32 2015 +0200 pc: memhotplug: keep reserved-memory-end broken on 2.4 and earlier machines it will prevent guests on old machines from seeing inconsistent memory mapping in firmware/ACPI views. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 3385e8e2640e5c38582f6e8413042bd23d97c640 Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Mon Sep 7 13:55:31 2015 +0200 pc: memhotplug: fix incorrectly set reserved-memory-end reserved-memory-end tells firmware address from which it could start treating memory as PCI address space and map PCI BARs after it to avoid collisions with RAM. Currently it is incorrectly pointing to address where hotplugged memory range starts which could redirect hotplugged RAM accesses to PCI BARs when firmware maps them over RAM or viceverse. Fix this by pointing reserved-memory-end to the end of memory hotplug area. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 9372e3f5678cdd86e1ddfb957d9da4b1889a0dd0 Author: Richard W.M. Jones <rjones@xxxxxxxxxx> Date: Wed Sep 2 20:03:38 2015 +0100 acpi: Remove unused definition. Signed-off-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 95129d6fc9ead97155627a4ca0cfd37282883658 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Mon Aug 17 11:48:29 2015 +0200 virtio: avoid leading underscores for helpers Commit ef546f1275f6563e8934dd5e338d29d9f9909ca6 ("virtio: add feature checking helpers") introduced a helper __virtio_has_feature. We don't want to use reserved identifiers, though, so let's rename __virtio_has_feature to virtio_has_feature and virtio_has_feature to virtio_vdev_has_feature. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 91176e310527fac8414c417c093659e42e4564ea Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Aug 17 11:42:29 2015 -0700 pc: Remove redundant arguments from xen_hvm_init() Remove arguments that can be found in PCMachineState. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 5af2ae2305143f1805a696f9554231e1fc246edc Author: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Date: Sun Jul 5 09:19:15 2015 +1000 pci: Fix pci_device_iommu_address_space() bus propagation he current code walks up the bus tree for an iommu, however it passes to the iommu_fn() callback the bus/devfn of the immediate child of the level where the callback was found, rather than the original bus/devfn where the search started from. This prevents iommu's like POWER8 (and in fact also Q35) to properly provide an address space for a subset of devices that aren't immediate children of the iommu. PCIe carries the originator bdfn acccross to the iommu on all DMA transactions, so we must be able to properly identify devices at all levels. This changes the function pci_device_iommu_address_space() to pass the original pointers to the iommu_fn() callback instead. Signed-off-by: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 47d4be12c3997343e436c6cca89aefbbbeb70863 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Sep 10 10:02:00 2015 +0200 cutils: work around platform differences in strto{l,ul,ll,ull} Linux returns 0 if no conversion was made, while OS X and presumably the BSDs return EINVAL. The OS X convention rejects more invalid inputs, so convert to it and adjust the test case. Windows returns 1 from strtoul and strtoull (instead of -1) for negative out-of-range input; fix it up. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9fd1a94888cd6a559f95c3596ec1ac28b74838c1 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 11 11:33:24 2015 +0200 cpu-exec: fix lock hierarchy for user-mode emulation tb_lock has to be taken inside the mmap_lock (example: tb_invalidate_phys_range is called by target_mmap), but tb_link_page is taking the mmap_lock and it is called with the tb_lock held. To fix this, take the mmap_lock in tb_find_slow, not in tb_link_page. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8fd19e6cfd5b6cdf028c6ac2ff4157ed831ea3a6 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 11 10:57:52 2015 +0200 exec: make mmap_lock/mmap_unlock globally available There is some iffy lock hierarchy going on in translate-all.c. To fix it, we need to take the mmap_lock in cpu-exec.c. Make the functions globally available. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 756920876f60829fad0d15df4f3fa205077a8131 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 11 10:59:50 2015 +0200 tcg: comment on which functions have to be called with mmap_lock held Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6940fab84b826175cf90d48d0e3da1b76518f5b4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Aug 12 09:41:40 2015 +0200 tcg: add memory barriers in page_find_alloc accesses page_find is reading the radix tree outside all locks, so it has to use the RCU primitives. It does not need RCU critical sections because the PageDescs are never removed, so there is never a need to wait for the end of code sections that use a PageDesc. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2496ff1311283480f9de3614080b8842d838ade4 Author: KONRAD Frederic <fred.konrad@xxxxxxxxxxxxx> Date: Mon Aug 10 17:27:03 2015 +0200 remove unused spinlock. This just removes spinlock as it is not used anymore. Signed-off-by: KONRAD Frederic <fred.konrad@xxxxxxxxxxxxx> Message-Id: <1439220437-23957-6-git-send-email-fred.konrad@xxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 677ef6230b603571ae05125db469f7b4c8912a77 Author: KONRAD Frederic <fred.konrad@xxxxxxxxxxxxx> Date: Mon Aug 10 17:27:02 2015 +0200 replace spinlock by QemuMutex. spinlock is only used in two cases: * cpu-exec.c: to protect TranslationBlock * mem_helper.c: for lock helper in target-i386 (which seems broken). It's a pthread_mutex_t in user-mode, so we can use QemuMutex directly, with an #ifdef. The #ifdef will be removed when multithreaded TCG will need the mutex as well. Signed-off-by: KONRAD Frederic <fred.konrad@xxxxxxxxxxxxx> Message-Id: <1439220437-23957-5-git-send-email-fred.konrad@xxxxxxxxxxxxx> Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> [Merge Emilio G. Cota's patch to remove volatile. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d5f8d61390de8f2acc0da93f184e421a709cb503 Author: KONRAD Frederic <fred.konrad@xxxxxxxxxxxxx> Date: Mon Aug 10 17:27:06 2015 +0200 cpus: remove tcg_halt_cond and tcg_cpu_thread globals This hides the tcg_halt_cond and tcg_cpu_thread global variables inside qemu_tcg_init_vcpu. Multi-threaded TCG will need one QemuCond and one QemuThread per virtual cpu, so it's preferrable to use cpu->halt_cond and cpu->thread. Signed-off-by: KONRAD Frederic <fred.konrad@xxxxxxxxxxxxx> Message-Id: <1439220437-23957-9-git-send-email-fred.konrad@xxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 376692b9dc6f02303ee07a4146d08d8727d79c0c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Jul 10 12:32:32 2015 +0200 cpus: protect work list with work_mutex Protect the list of queued work items with something other than the BQL, as a preparation for running the work items outside it. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: KONRAD Frederic <fred.konrad@xxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0c71d41e2aa3c7356500ae624166f3bb8c201aee Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Aug 27 12:06:23 2015 +0300 scripts/dump-guest-memory.py: fix after RAMBlock change commit 9b8424d5735278ca382f11adc7c63072b632ab83 "exec: split length -> used_length/max_length" changed field names in struct RAMBlock It turns out that scripts/dump-guest-memory.py was poking at this field, update it accordingly. Cc: qemu-stable@xxxxxxxxxx Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-Id: <1440666378-3152-1-git-send-email-mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7b01cb974f1093885c40bf4d0d3e78e27e531363 Author: Alexandre Derumier <aderumier@xxxxxxxxx> Date: Fri Jun 19 12:56:58 2015 +0200 configure: Add support for jemalloc This adds "--enable-jemalloc" and "--disable-jemalloc" to allow linking to jemalloc memory allocator. We have already tcmalloc support, but it seem to not working well with a lot of iothreads/disks. The main problem is that tcmalloc use a shared thread cache of 16MB by default. With more threads, this cache is shared, and some bad garbage collections can occur if the cache is too low. It's possible to tcmalloc cache increase it with a env var: TCMALLOC_MAX_TOTAL_THREAD_CACHE_BYTES=256MB With default 16MB, performances are really bad with more than 2 disks. Increasing to 256MB, it's helping but still have problem with 16 disks/iothreads. Jemalloc don't have performance problem with default configuration. Here the benchmark results in iops of 1 qemu vm randread 4K iodepth=32, with rbd block backend (librbd is doing a lot of memory allocation), 1 iothread by disk glibc malloc ------------ 1 disk 29052 2 disks 55878 4 disks 127899 8 disks 240566 15 disks 269976 jemalloc -------- 1 disk 41278 2 disks 75781 4 disks 195351 8 disks 294241 15 disks 298199 tcmalloc 2.2.1 default 16M cache -------------------------------- 1 disk 37911 2 disks 67698 4 disks 41076 8 disks 43312 15 disks 37569 tcmalloc : 256M cache --------------------------- 1 disk 33914 2 disks 58839 4 disks 148205 8 disks 213298 15 disks 218383 Signed-off-by: Alexandre Derumier <aderumier@xxxxxxxxx> Message-Id: <1434711418-20429-1-git-send-email-aderumier@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3f7a899ff4e0681ed148b1cea07dc65550114fdb Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Sep 7 09:50:09 2015 +0200 add macro file for coccinelle Coccinelle chokes on some idioms from compiler.h and queue.h. Extract those in a macro file, to be used with "--macro-file scripts/cocci-macro-file.h". Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c765fcac96e111199225c7387c01694fe076b341 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat Aug 29 03:33:59 2015 -0700 configure: factor out adding disas configure Every arch adds its disas configury to both its own config as well config_disas_all. Make a small function do to both at once. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <1440844439-19391-1-git-send-email-crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f42bf6a262ab5923a1a3bc8f731b830396937c47 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed Aug 26 09:52:51 2015 +0800 vhost-scsi: fix wrong vhost-scsi firmware path vhost-scsi bootindex does't work because Qemu passes wrong fireware path to seabios. before: /pci@i0cf8/scsi@7channel@0/vhost-scsi@0,0 after applying the patch: /pci@i0cf8/scsi@7/channel@0/vhost-scsi@0,0 Reported-by: Subo <subo7@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Message-Id: <1440553971-11108-1-git-send-email-arei.gonglei@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f1e155bbf863ade457019c6f09d4cba06b2d6bb4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Sun Aug 16 23:01:19 2015 +0200 checkpatch: remove tests that are not relevant outside the kernel Fully removing Sparse support requires more invasive changes. Only remove the really kernel-specific parts such as address space names. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 71c47b01ca0df34d6b41e0975be6e0633c5254cf Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Sun Aug 16 23:15:46 2015 +0200 checkpatch: adapt some tests to QEMU Mostly change severity levels, but some tests can also be adjusted to refer to QEMU APIs or data structures. Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 690a35e1f2acf4ccd0501b18228bc6fba8f9c768 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Jun 19 09:28:13 2015 +0200 CODING_STYLE: update mixed declaration rules Mixed declarations do come in handy at the top of #ifdef blocks. Reluctantly allow this particular usage and suggest an alternative. Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d4ba8cb0a17e7de54753ff1bdeee4428118bb9ab Author: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Date: Sun Jul 19 18:02:21 2015 -0500 qmp: Add example usage of strto*l() qemu wrapper Signed-off-by: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Message-Id: <11ac63e95d88551f1c2c9b1216b15d3cb8ba4468.1437346779.git.carlos.torres@xxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3904e6bf042391abc749d717465022e96e276fc7 Author: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Date: Sun Jul 19 18:02:20 2015 -0500 cutils: Add qemu_strtoull() wrapper Add wrapper for strtoull() function. Include unit tests. Signed-off-by: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Message-Id: <e0f0f611c9a81f3c29f451d0b17d755dfab1e90a.1437346779.git.carlos.torres@xxxxxxxxxxxxx> [Use uint64_t in prototype. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8ac4df40cc5de606a8ac9174e2340c21093b4e3b Author: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Date: Sun Jul 19 18:02:19 2015 -0500 cutils: Add qemu_strtoll() wrapper Add wrapper for strtoll() function. Include unit tests. Signed-off-by: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Message-Id: <7454a6bb9ec03b629e8beb4f109dd30dc2c9804c.1437346779.git.carlos.torres@xxxxxxxxxxxxx> [Use int64_t in prototype, since that's what QEMU uses. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c817c01548b1500753d0bea3852938d919161778 Author: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Date: Sun Jul 19 18:02:18 2015 -0500 cutils: Add qemu_strtoul() wrapper Add wrapper for strtoul() function. Include unit tests. Signed-off-by: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Message-Id: <9621b4ae8e35fded31c715c2ae2a98f904f07ad0.1437346779.git.carlos.torres@xxxxxxxxxxxxx> [Fix tests for 32-bit build. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 764e0fa497ff5bbc9c9d7c116da2f00f34e71716 Author: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Date: Sun Jul 19 18:02:17 2015 -0500 cutils: Add qemu_strtol() wrapper Add wrapper for strtol() function. Include unit tests. Signed-off-by: Carlos L. Torres <carlos.torres@xxxxxxxxxxxxx> Message-Id: <07199f1c0ff3892790c6322123aee1e92f580550.1437346779.git.carlos.torres@xxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d1142fb83efdcf8a6c2dee825569892203e16d2c Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Sun Aug 23 20:23:39 2015 -0400 translate-all: remove obsolete comment about l1_map l1_map is based on physical addresses in full-system mode, as pointed out in an earlier comment. Said comment also mentions that virtual addresses are only used in l1_map in user-only mode. Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Message-Id: <1440375847-17603-11-git-send-email-cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 709037636992e9289ce9147e59d56fb35d90b140 Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Sun Aug 23 20:23:41 2015 -0400 linux-user: call rcu_(un)register_thread on pthread_(exit|create) Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Message-Id: <1440375847-17603-13-git-send-email-cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 492e1ca9bd3f43ba417a5cf918e6c769aa2478b9 Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Sun Aug 23 20:23:38 2015 -0400 rcu: fix comment with s/rcu_gp_lock/rcu_registry_lock/ Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Message-Id: <1440375847-17603-10-git-send-email-cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5243722376873a48e9852a58b91f4d4101ee66e4 Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Sun Aug 23 20:23:37 2015 -0400 rcu: init rcu_registry_lock after fork We were unlocking this lock after fork, which is wrong since only the thread that holds a mutex is allowed to unlock it. Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Message-Id: <1440375847-17603-9-git-send-email-cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 12a1ddc160cb6a73e8a6c319f3962a20da2cd22f Author: Michael Marineau <michael.marineau@xxxxxxxxxx> Date: Sun Aug 9 00:02:55 2015 -0700 Makefile.target: include top level build dir in vpath Using ccache with CCACHE_BASEDIR set to $(SRC_PATH) or a parent will rewrite all absolute paths to relative paths. This interacts poorly with QEMU's two-level build directory scheme. For example, lets say BUILD_DIR=$(SRC_PATH)/build so build/blockdev.d will contain: blockdev.o: ../blockdev.c ../include/sysemu/block-backend.h \ Now the target build under build/x86_64-softmmu or similar will depend on ../blockdev.o which in turn will get make to source ../blockdev.d to check its dependencies. Since make always considers paths relative to the current working directory rather than the makefile the path appeared in the relative path to ../blockdev.c is useless. This change simply adds the top level build directory to vpath so paths relative to the source directory, top build directory, and target build directory all work just fine. Signed-off-by: Michael Marineau <michael.marineau@xxxxxxxxxx> Message-Id: <1439103775-11836-1-git-send-email-michael.marineau@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3c9589e180d98cdadb143bd2a792fb9d19d9aec6 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Fri Aug 14 11:25:14 2015 +0100 Move RAMBlock and ram_list to ram_addr.h Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-Id: <1439547914-18249-1-git-send-email-dgilbert@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e0c382113f768cc375a0d61b7cb3692f1b4bba58 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Aug 26 00:19:19 2015 +0200 tcg: signal-free qemu_cpu_kick Signals are slow and do not exist on Win32. The previous patches have done most of the legwork to introduce memory barriers (some of them were even there already for the sake of Windows!) and we can now set the flags directly in the iothread. qemu_cpu_kick_thread is not used anymore on TCG, since the TCG thread is never outside usermode while the CPU is running (not halted). Instead run the content of the signal handler (now in qemu_cpu_kick_no_halt) directly. qemu_cpu_kick_no_halt is also used in qemu_mutex_lock_iothread to avoid the overhead of qemu_cond_broadcast. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9102dedaa1ee1e89ce4a81283c403ff4928e9ef9 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 18 06:52:09 2015 -0700 use qemu_cpu_kick instead of cpu_exit or qemu_cpu_kick_thread Use the same API to trigger interruption of a CPU, no matter if under TCG or KVM. There is no difference: these calls come from the CPU thread, so the qemu_cpu_kick calls will send a signal to the running thread and it will be processed synchronously, just like a call to cpu_exit. The only difference is in the overhead, but neither call to cpu_exit (now qemu_cpu_kick) is in a hot path. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit aed807c8e2bf009b2c6a35490d4fd4383887221d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 18 06:43:15 2015 -0700 tcg: synchronize exit_request and tcg_current_cpu accesses Synchronize the remaining pair of accesses in cpu_signal. These should be necessary on Windows as well, at least in theory. Probably SuspendProcess and ResumeProcess introduce some implicit memory barrier. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ab096a75cd626dcd4ad34b2a11652df0269bee0d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 18 06:34:19 2015 -0700 tcg: synchronize cpu->exit_request and cpu->tcg_exit_req accesses Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b0a46fa796504c7334202877a68c857e49f7c96c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 18 06:32:02 2015 -0700 tcg: assign cpu->current_tb in a simpler place TCG has not been reading cpu->current_tb from signal handlers for years. The code that synchronized cpu_exec with the signal handler is not needed anymore. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f240eb6fdcf63a5600e15fb44c6960586459a97f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Aug 26 00:17:58 2015 +0200 remove qemu/tls.h TLS is now required on all platforms, so DECLARE_TLS/DEFINE_TLS is not needed anymore. Removing it does not break Windows because of the previous patch. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9373e63297c43752f9cf085feb7f5aed57d959f8 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Aug 18 06:24:34 2015 -0700 tcg: introduce tcg_current_cpu This is already useful on Windows in order to remove tls.h, because accesses to current_cpu are done from a different thread on that platform. It will be used on POSIX platforms as soon TCG stops using signals to interrupt the execution of translated code. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5039d6e23586fe6bbedc5e4fe302b48a66890ade Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Feb 16 14:13:11 2015 +0100 i8257: remove cpu_request_exit irq This is unused. cpu_exit now is almost exclusively an internal function to the CPU execution loop. In a few patches, we'll change the remaining occurrences to qemu_cpu_kick, making it truly internal. Reviewed-by: Richard henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 19d2b5e6ff7202c2bf45c547efa85ae6c2d76bbd Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Feb 16 14:08:22 2015 +0100 i8257: rewrite DMA_schedule to avoid hooking into the CPU loop The i8257 DMA controller uses an idle bottom half, which by default does not cause the main loop to exit. Therefore, the DMA_schedule function is there to ensure that the CPU relinquishes the iothread mutex to the iothread. However, this is not enough since the iothread will call aio_compute_timeout() and go to sleep again. In the iothread world, forcing execution of the idle bottom half is much simpler, and only requires a call to qemu_notify_event(). Do it, removing the need for the "cpu_request_exit" pseudo-irq. The next patch will remove it. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fc04a730b7e60f4a62d6260d4eb9c537d1d3643f Merge: 8611280 6fdf328 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 18:02:36 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150908' into staging target-arm queue: * Implement priority handling properly via GICC_APR * Enable TZ extensions on the GIC if we're using them * Minor preparatory patches for EL3 support * cadence_gem: Correct Marvell PHY SPCFC reset value * Support AHCI in ZynqMP # gpg: Signature made Tue 08 Sep 2015 17:48:33 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150908: xlnx-zynqmp: Connect the sysbus AHCI to ZynqMP xlnx-zynqmp.c: Convert some of the error_propagate() calls to error_abort ahci.c: Don't assume AHCIState's parent is AHCIPCIState ahci: Separate the AHCI state structure into the header cadence_gem: Correct Marvell PHY SPCFC reset value target-arm: Add AArch64 access to PAR_EL1 target-arm: Correct opc1 for AT_S12Exx target-arm: Log the target EL when taking exceptions target-arm: Fix default_exception_el() function for the case when EL3 is not supported hw/arm/virt: Enable TZ extensions on the GIC if we are using them hw/arm/virt: Default to not providing TrustZone support hw/cpu/{a15mpcore, a9mpcore}: enable TrustZone in GIC if it is enabled in CPUs hw/intc/arm_gic_common: Configure IRQs as NS if doing direct NS kernel boot hw/arm: new interface for devices which need to behave differently for kernel boot qom: Add recursive version of object_child_for_each hw/intc/arm_gic: Actually set the active bits for active interrupts hw/intc/arm_gic: Drop running_irq and last_active arrays hw/intc/arm_gic: Fix handling of GICC_APR<n>, GICC_NSAPR<n> registers hw/intc/arm_gic: Running priority is group priority, not full priority armv7m_nvic: Implement ICSR without using internal GIC state Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6fdf3282d16e7fb6e798824fb5f4f60c6a73067d Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Sep 8 17:38:45 2015 +0100 xlnx-zynqmp: Connect the sysbus AHCI to ZynqMP Connect the Sysbus AHCI device to ZynqMP. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Sai Pavan Boddu <saipava@xxxxxxxxxx> [PMM: removed unnecessary brackets in error_propagate call] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e1292517103f7ad6a8dc9f0795d170a78ed408a8 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Sep 8 17:38:45 2015 +0100 xlnx-zynqmp.c: Convert some of the error_propagate() calls to error_abort Convert all of the non-realize error_propagate() calls into error_abort calls as they shouldn't be user visible failure cases. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bb639f829f139ddc83325b3b6825f93096ee44f1 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Sep 8 17:38:45 2015 +0100 ahci.c: Don't assume AHCIState's parent is AHCIPCIState The AHCIState struct can either have AHCIPCIState or SysbusAHCIState as a parent. The ahci_irq_lower() and ahci_irq_raise() functions assume that it is always AHCIPCIState, which is not always the case, which causes a seg fault. Verify what the container of AHCIState is before setting the PCIDevice struct. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Acked-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5ea8b9c5a3e823d1446a7e67d6d3b8d86bfd33d8 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Sep 8 17:38:45 2015 +0100 ahci: Separate the AHCI state structure into the header Pull the AHCI state structure out into the header. This allows other containers to access the struct. This is required to add the device to modern SoC containers. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Sai Pavan Boddu <saipava@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7777b7a0ba27696ddf34a19818be17cc415551cc Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Sep 8 17:38:45 2015 +0100 cadence_gem: Correct Marvell PHY SPCFC reset value Bit 15 of the PHY Specific Status Register is reserved and should remain 0. Fix the reset value to ensure that the 15th bit is not set. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: c795069e49040ff770fe2ece19dfe1791b729e22.1441316450.git.alistair.francis@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c96fc9b52d0a318d8026a0bcaba204d319ad91e0 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Sep 8 17:38:44 2015 +0100 target-arm: Add AArch64 access to PAR_EL1 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Message-id: 1441311266-8644-4-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7a379c7e68f1b2286602b0beeeb58dcef7c9e760 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Sep 8 17:38:44 2015 +0100 target-arm: Correct opc1 for AT_S12Exx Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Message-id: 1441311266-8644-3-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dbc29a868cf5b7e6fa7bb2e6c4f188b9470779c5 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Sep 8 17:38:44 2015 +0100 target-arm: Log the target EL when taking exceptions Log the target EL when taking exceptions. This is useful when debugging guest SW or QEMU itself while transitioning through the various ELs. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Message-id: 1441311266-8644-2-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cef9ee706792b1e205fe472b67053a0e82cd058e Author: Sergey Sorokin <afarallax@xxxxxxxxx> Date: Tue Sep 8 17:38:44 2015 +0100 target-arm: Fix default_exception_el() function for the case when EL3 is not supported If EL3 is not supported in current configuration, we should not try to get EL3 bitness. Signed-off-by: Sergey Sorokin <afarallax@xxxxxxxxx> Message-id: 1441208342-10601-2-git-send-email-afarallax@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0e21f183ca2d000bbda1fb63959a3d41a1c3ff42 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:44 2015 +0100 hw/arm/virt: Enable TZ extensions on the GIC if we are using them If we're creating a board with support for TrustZone, then enable it on the GIC model as well as on the CPUs. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1441383782-24378-7-git-send-email-peter.maydell@xxxxxxxxxx commit 2d710006a0da4a9b7ddf5c02d072e178906d0ef6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:44 2015 +0100 hw/arm/virt: Default to not providing TrustZone support Switch the default for the 'virt' board to not providing TrustZone support in either the CPU or the GIC. This is primarily for the benefit of UEFI, which currently assumes there is no TrustZone support, and does not set the GIC up correctly if it is TZ-aware. It also means the board is consistent about its behaviour whether we're using KVM or TCG (KVM never has TrustZone support). If TrustZone support is required (for instance for running test suites or TZ-aware firmware) it can be enabled with the "-machine secure=on" command line option. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1441383782-24378-6-git-send-email-peter.maydell@xxxxxxxxxx commit 4182bbb19d2e266dde0d4ed32e85e1b1be79bc61 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:43 2015 +0100 hw/cpu/{a15mpcore, a9mpcore}: enable TrustZone in GIC if it is enabled in CPUs If the A9 and A15 CPUs which we're creating the peripherals for have TrustZone (EL3) enabled, then also enable it in the GIC we create. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1441383782-24378-5-git-send-email-peter.maydell@xxxxxxxxxx commit 8ff41f3995ad2d942ecafb72519c1f09cb811259 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:43 2015 +0100 hw/intc/arm_gic_common: Configure IRQs as NS if doing direct NS kernel boot If we directly boot a kernel in NonSecure on a system where the GIC supports the security extensions then we must cause the GIC to configure its interrupts into group 1 (NonSecure) rather than the usual group 0, and with their initial priority set to the highest NonSecure priority rather than the usual highest Secure priority. Otherwise the guest kernel will be unable to use any interrupts. Implement this behaviour, controlled by a flag which we set if appropriate when the ARM bootloader code calls our ARMLinuxBootIf interface callback. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1441383782-24378-4-git-send-email-peter.maydell@xxxxxxxxxx commit d8b1ae4237b5f8cf5037a7f341ff43dc02955256 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:43 2015 +0100 hw/arm: new interface for devices which need to behave differently for kernel boot For ARM we have a little minimalist bootloader in hw/arm/boot.c which takes the place of firmware if we're directly booting a Linux kernel. Unfortunately a few devices need special case handling in this situation to do the initialization which on real hardware would be done by firmware. (In particular if we're booting a kernel in NonSecure state then we need to make a TZ-aware GIC put all its interrupts into Group 1, or the guest will be unable to use them.) Create a new QOM interface which can be implemented by devices which need to do something different from their default reset behaviour. The callback will be called after machine initialization and before first reset. Suggested-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1441383782-24378-3-git-send-email-peter.maydell@xxxxxxxxxx commit d714b8de7747f20fe42e5716d1d44f91e2b891f4 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Tue Sep 8 17:38:43 2015 +0100 qom: Add recursive version of object_child_for_each Useful for iterating through an entire QOM subtree. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1441383782-24378-2-git-send-email-peter.maydell@xxxxxxxxxx commit d5523a13656fb8df902a15a9fd8bd652b85e97e0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:43 2015 +0100 hw/intc/arm_gic: Actually set the active bits for active interrupts Although we were correctly handling interrupts becoming active and then inactive, we weren't actually exposing this to the guest by setting the 'active' flag for the interrupt, so reads of GICD_ICACTIVERn and GICD_ISACTIVERn would generally incorrectly return zeroes. Correct this oversight. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1438089748-5528-6-git-send-email-peter.maydell@xxxxxxxxxx commit 72889c8a809f4c65796b98d5af6a18c92510ed86 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:42 2015 +0100 hw/intc/arm_gic: Drop running_irq and last_active arrays The running_irq and last_active arrays represent state which doesn't exist in a real hardware GIC. The only thing we use them for is updating the running priority when an interrupt is completed, but in fact we can use the active-priority registers to do this. The running priority is always the priority corresponding to the lowest set bit in the active priority registers, because only one interrupt at any particular priority can be active at once. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1438089748-5528-5-git-send-email-peter.maydell@xxxxxxxxxx commit 51fd06e0eee8257fdcc147200796e362cf2298ea Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:42 2015 +0100 hw/intc/arm_gic: Fix handling of GICC_APR<n>, GICC_NSAPR<n> registers A GICv2 has both GICC_APR<n> and GICC_NSAPR<n> registers, with the latter holding the active priority bits for Group 1 interrupts (usually Nonsecure interrupts), and the Nonsecure view of the GICC_APR<n> is the second half of the GICC_NSAPR<n> registers. Turn our half-hearted implementation of APR<n> into a proper implementation of both APR<n> and NSAPR<n>: * Add the underlying state for NSAPR<n> * Make sure APR<n> aren't visible for pre-GICv2 * Implement reading of NSAPR<n> * Make non-secure reads of APR<n> behave correctly * Implement writing to APR<n> and NSAPR<n> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1438089748-5528-4-git-send-email-peter.maydell@xxxxxxxxxx commit df92cfa60eef82dad112ca5c5d0239ec5ba7aac3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:42 2015 +0100 hw/intc/arm_gic: Running priority is group priority, not full priority Priority values for the GIC are divided into a "group priority" and a "subpriority" (with the division being determined by the binary point register). The running priority is only determined by the group priority of the active interrupts, not the subpriority. In particular, this means that there can't be more than one active interrupt at any particular group priority. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1438089748-5528-3-git-send-email-peter.maydell@xxxxxxxxxx commit b06c262b45cf7afcf56dd0f2189ad8948b117e7d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 8 17:38:42 2015 +0100 armv7m_nvic: Implement ICSR without using internal GIC state Change the implementation of the Interrupt Control and State Register in the v7M NVIC to not use the running_irq and last_active internal state fields in the GIC. These fields don't correspond to state in a real GIC and will be removed soon. The changes to the ICSR are: * the VECTACTIVE field is documented as identical to the IPSR[8:0] field, so implement it that way * implement RETTOBASE via looking at the active state bits Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1438089748-5528-2-git-send-email-peter.maydell@xxxxxxxxxx commit 76d39ab49ec68608a3c0bafec7bed70f21302b0e Author: Tiejun Chen <tiejun.chen@xxxxxxxxx> Date: Wed Jul 15 13:37:42 2015 +0800 pc_init1: pass parameters just with types Pass types to configure pc_init1(). Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 7bb836e4a27b7e364f3c8c4ebe41172fc8c70f75 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Jul 15 13:37:41 2015 +0800 i440fx: make types configurable at run-time IGD passthrough wants to supply a different pci and host devices, inheriting i440fx devices. Make types configurable. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit eeb6b13a5a45d16a7b348891921d496bc5d6df2c Author: Don Slutz <dslutz@xxxxxxxxxxx> Date: Thu Apr 30 14:27:09 2015 -0400 xen-hvm: Add trace to ioreq Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Don Slutz <dslutz@xxxxxxxxxxx> commit 8611280505119e296757a60711a881341603fa5a Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Sep 2 14:46:01 2015 -0700 target-microblaze: Use setcond for pcmp* Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 88174019d2e1d2e1c304d507654d37f6d7504957 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Sep 2 11:38:10 2015 -0700 target-cris: Use movcond and setcond Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 5f5b5942d56a138baad0ae01458d5d0e62d5be68 Author: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Date: Fri Jul 3 15:01:42 2015 +0300 Added generic panic handler qemu_system_guest_panicked() There are pieces of guest panic handling code that can be shared in one generic function. These code replaced by call qemu_system_guest_panicked(). Signed-off-by: Andrey Smetanin <asmetanin@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> Message-Id: <1435924905-8926-10-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6d1f252d8c1ba73bf6ed9af28731a9c9c3d473a2 Author: Peter Lieven <pl@xxxxxxx> Date: Fri Aug 14 13:33:36 2015 +0200 block/iscsi: validate block size returned from target It has been reported that at least tgtd returns a block size of 0 for LUN 0. To avoid running into divide by zero later on and protect against other problematic block sizes validate the block size right at connection time. Cc: qemu-stable@xxxxxxxxxx Reported-by: Andrey Korolyov <andrey@xxxxxxx> Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-Id: <1439552016-8557-1-git-send-email-pl@xxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f3926945c85689e8af324c0db0b39be771dbbebb Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Sep 7 11:28:58 2015 +0800 iohandler: Use aio API iohandler.c shares the same interface with aio, but with duplicated code. It's better to rebase iohandler, also because that aio is a more friendly interface to multi-threads. Create a global AioContext instance and let its GSource handle the iohandler events. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1441596538-4412-1-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 46036b2462c7ff56c0af6466ea6b9248197a38a8 Author: AnÃbal Limón <anibal.limon@xxxxxxxxxxxxxxx> Date: Thu Sep 3 15:48:33 2015 -0500 cpus.c: qemu_mutex_lock_iothread fix race condition at cpu thread init When QEMU starts the RCU thread executes qemu_mutex_lock_thread causing error "qemu:qemu_cpu_kick_thread: No such process" and exits. This isn't occur frequently but in glibc the thread id can exist and this not guarantee that the thread is on active/running state. If is inserted a sleep(1) after newthread assignment [1] the issue appears. So not make assumption that thread exist if first_cpu->thread is set then change the validation of cpu to created that is set into cpu threads (kvm, tcg, dummy). [1] https://sourceware.org/git/?p=glibc.git;a=blob;f=nptl/pthread_create.c;h=d10f4ea8004e1d8f3a268b95cc0f8d93b8d89867;hb=HEAD#l621 Cc: qemu-stable@xxxxxxxxxx Signed-off-by: AnÃbal Limón <anibal.limon@xxxxxxxxxxxxxxx> Message-Id: <1441313313-3040-1-git-send-email-anibal.limon@xxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d12f7309483e20d1bae9304f4b812bf53a8e6510 Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Sun Aug 23 20:23:36 2015 -0400 seqlock: read sequence number atomically With this change we make sure that the compiler will not optimise the read of the sequence number in any way. Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Message-Id: <1440375847-17603-8-git-send-email-cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 123fdbac9b8f1e394fbe92e8b5359193e94ba5bf Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Sun Aug 23 20:23:35 2015 -0400 seqlock: add missing 'inline' to seqlock_read_retry Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Message-Id: <1440375847-17603-7-git-send-email-cota@xxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9d34158a5af734e8de0b42b0a7228200c426a8d0 Merge: 8f1ed5f bd80a8a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 16:07:47 2015 +0100 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20150907' into staging s390x fixes and improvements: - various bugfixes (css/event-facility) - more efficient adapter interrupt routes setup - gdb enhancement - sclp got treated with a lot of remodelling/cleanup # gpg: Signature made Mon 07 Sep 2015 15:42:43 BST using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20150907: (23 commits) s390/sclp: simplify calculation of rnmax s390/sclp: store the increment_size in the sclp device s390: unify allocation of initial memory s390: move memory calculation into the sclp device s390/sclp: ignore memory hotplug operations if it is disabled s390: disallow memory hotplug for the s390-virtio machine s390: no need to manually parse for slots and maxmem s390/sclp: move sclp_service_interrupt into the sclp device s390/sclp: move sclp_execute related functions into the SCLP class s390/sclp: introduce a root sclp device s390/sclp: temporarily fix unassignment/reassignment of memory subregions s390/sclp: replace sclp event types with proper defines s390/sclp: rework sclp event facility initialization + device realization sclp/s390: rework sclp cpu hotplug device notification s390x/gdb: support reading/writing of control registers s390x/kvm: make setting of in-kernel irq routes more efficient pc-bios/s390-ccw: rebuild image pc-bios/s390-ccw: Device detection in higher subchannel sets s390x/event-facility: fix location of receive mask s390x/css: start with cleared cstat/dstat ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bd80a8ad555c2b5f79591b29edcf8196b8a5109b Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 1 13:04:03 2015 +0200 s390/sclp: simplify calculation of rnmax rnmax can be directly calculated using machine->maxram_size. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 71a2fd355d8fa429bcc04740c260635e084255f2 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 1 13:03:23 2015 +0200 s390/sclp: store the increment_size in the sclp device Let's calculate it once and reuse it. Suggested-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 80d23275e3c4bc93fa6f123613d5ff389ed3fc62 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Fri May 29 15:01:55 2015 +0200 s390: unify allocation of initial memory Now that the calculation of the initial memory is hidden in the sclp device, we can unify the allocation of the initial memory. The remaining ugly part is the reserved memory for the virtio queues, but that can be cleaned up later. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 1cf065fb87e8787e3e9cebcdb4713b81e4e61422 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Fri May 29 13:53:08 2015 +0200 s390: move memory calculation into the sclp device The restrictions for memory calculation belong to the sclp device. Let's move the calculation to that point, so we are able to unify it for both s390 machines. The sclp device is the first device to be initialized. It performs the calculation and safely stores it in the machine, where other parts of the system can access an reuse it. The memory hotplug device is now only created when it is really needed. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit b02ef3d92b19ad304a84433d3817f0903296ebc7 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Fri May 29 14:06:39 2015 +0200 s390/sclp: ignore memory hotplug operations if it is disabled If no memory hotplug device was created, the sclp command facility is not exposed (SCLP_FC_ASSIGN_ATTACH_READ_STOR). We therefore have no memory hotplug and should correctly report SCLP_RC_INVALID_SCLP_COMMAND if any such command is executed. This gets rid of these ugly asserts that could have been triggered for the s390-virtio machine. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 2998ffee245e3a141ce1b6fca127744c3e19dc63 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Fri May 29 13:22:12 2015 +0200 s390: disallow memory hotplug for the s390-virtio machine That machine type doesn't currently support memory hotplug, so let's abort if it is requested. Reason is, that the virtio queues are allocated for now at the end of the initial ram - extending the ram is therefore not possible. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 311467f77eab5c3e1f8e0f6f446201e3a1f46e70 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Fri May 29 13:14:50 2015 +0200 s390: no need to manually parse for slots and maxmem ram_slots and maxram_size has already been parsed and verified by common code for us. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 1723a1b6313851d9704961e1f527312ee0a5fce4 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Wed May 13 15:06:44 2015 +0200 s390/sclp: move sclp_service_interrupt into the sclp device Let's make that function a method of the new sclp device, keeping the wrapper for existing users. We can now let go of get_event_facility(). Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 25a3c5af57db0319f5cfb4c439efbc78b230599e Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Wed May 27 10:04:56 2015 +0200 s390/sclp: move sclp_execute related functions into the SCLP class Let's move the sclp_execute related functions into the SCLP class and pass the device state as parameter, so we have easy access to the SCLPDevice later on. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 515190d9da0c85084d32d6ad36afb15a6d35729e Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Wed May 27 09:49:43 2015 +0200 s390/sclp: introduce a root sclp device Let's create a root sclp device, which has other sclp devices as children (e.g. the event facility for now) and can later be used for migration of sclp specific attributes and setup of memory. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 732bdd383ee06be2655b1a849a628ff03b0000b8 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Sat Jun 13 08:46:54 2015 +0200 s390/sclp: temporarily fix unassignment/reassignment of memory subregions Commit 374f2981d1f1 ("memory: protect current_map by RCU") broke unassignment of standby memory on s390x. Looks like that the new parallelism allows races with our (semi broken) memory hotplug code. The flatview_unref() can now be executed after our unparenting. Therefore memory_region_unref() tries to unreference the MemoryRegion itself instead of the parent. In theory, MemoryRegions are now bound to separate devices that control their lifetime. We don't have this yet, so we really want to control their lifetime manually. This patch fixes it temporarily, until we have a proper rework. The only drawback is that they won't pop up in "info qom-tree", but that's better than qemu crashes. We have to release the reference to a memory region after a memory_region_find, as it automatically takes a reference. As we're now able to reassign memory, the MemoryRegion is in fact deleted (otherwise vmstate_register_ram() would complain). Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 35925a7a73e7df4118cb11667095bd2d8fc4e091 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Mon May 11 15:31:47 2015 +0200 s390/sclp: replace sclp event types with proper defines Introduce TYPE_SCLP_QUIESCE and make use of it. Also use TYPE_SCLP_CPU_HOTPLUG where applicable. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit f6102c329c43d7d5e0bee1fc2fe4043e05f9810c Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Thu May 21 12:43:31 2015 +0200 s390/sclp: rework sclp event facility initialization + device realization The current code only works by chance. The event facility is a sysbus device, but specifies in its class structure as parent the DeviceClass (instead of a device class). The init function in return lies therefore at the same position as the init function of SysBusDeviceClass and gets triggered instead - a very bad idea of doing that (e.g. the parameter types don't match). Let's bring the initialization code up to date, initializing the event facility + child events in .instance_init and moving the realization of the child events out of the init call, into the realization step. Device realization is now automatically performed when the event facility itself is realized. That realization implicitly triggers realization of the child bus, which in turn initializes the events. Please note that we have to manually propagate the realization of the bus children, common code still has a TODO set for that task. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 073f57ae347a41cbcc940ae0286bbbab993b9148 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Mon May 11 15:30:43 2015 +0200 sclp/s390: rework sclp cpu hotplug device notification Let's get rid of this strange local variable + irq logic and work directly on the QOM. (hint: what happens if two such devices are created?) We could introduce proper QOM class + state for the cpu hotplug device, however that would result in too much overhead for a simple "trigger_signal" function. Also remove one unnecessary class function initialization. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 5b9f6345a616c321a5ea2f35e09043edd933767e Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Tue Jun 23 11:00:09 2015 +0200 s390x/gdb: support reading/writing of control registers Let's support reading and writing of control registers for kvm and tcg. We have to take care of flushing the tlb (tcg) and pushing the changed registers into kvm. Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit c0194a00b0beb66814756ee255a8a86b2a92c27e Author: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Date: Mon Jul 27 16:53:27 2015 +0200 s390x/kvm: make setting of in-kernel irq routes more efficient When we add new adapter routes we call kvm_irqchip_add_route() for every virtqueue and in the same step also do the KVM_SET_GSI_ROUTING ioctl. This is unnecessary costly as the interface allows us to set multiple routes in one go. Let's first add all routes to the table stored in the global kvm_state and then do the ioctl to commit the routes to the in-kernel irqchip. This saves us several ioctls to the kernel where for each call a list is reallocated and populated. Signed-off-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 9f70b85c405093f24d9df22215ead6596819832f Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Aug 11 10:53:41 2015 +0200 pc-bios/s390-ccw: rebuild image Contains: - Device detection in higher subchannel sets Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 0f79b89bc2bdbed35d2c57d722acc4c31a5a2ce4 Author: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Date: Thu Jun 25 18:35:58 2015 +0300 pc-bios/s390-ccw: Device detection in higher subchannel sets If no bootdevice was specified, we try to autodetect a suitable IPL device. Current code only searched in subchannel set 0; extend this search to higher subchannel sets as well. Signed-off-by: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit f7822aa8b610a4fec57a09066974e5c088592c08 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Mon Jul 27 16:55:23 2015 +0200 s390x/event-facility: fix location of receive mask For read event mask, we assumed that the layout of the sccb was |sccb header|event buffer header|receive mask|...| The correct layout, however, is |sccb header|receive mask|...| as in-buffer and |sccb header|event buffer header|...| as out-buffer. Fix this: This makes selective read work. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 6b7741c2bedeae2e8c54fffce81723ca0a0c25c0 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Jul 24 12:08:37 2015 +0200 s390x/css: start with cleared cstat/dstat When executing the start function, we should start with a clear state regarding subchannel and device status; it is easy to forget updating one of them after the ccw has been processed. Note that we don't need to care about resetting the various control fields: They are cleared by tsch(), and if they were still pending, we wouldn't be able to execute the start function in the first place. Also note that we don't want to clear cstat/dstat if a suspended subchannel is resumed. This fixes a bug where we would continue to present channel-program check in cstat even though later ccw requests for the subchannel finished without error (i.e. cstat should be 0). Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> commit 3335ddddf9e5ba7743dc8e3f767f4ef857ccd20c Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Wed Jul 1 15:28:06 2015 +0200 s390x/event-facility: fix receive mask check For selective read event, we need to check if any event is requested that is not active instead of whether none of the requested events is active. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Reviewed-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit fa4463e0432ab66432a28d6b975f8eed99b3f4fa Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jul 16 10:42:18 2015 +0200 s390x/css: ccw-0 enforces count > 0 Type-0 ccws need to have a count > 0 for any command other than TIC. Generate a channel-program check if this is not the case. Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit fde8206b8061f808c880709c2ac26a645b11c211 Author: Pierre Morel <pmorel@xxxxxxxxxxxxxxxxxx> Date: Wed Jul 15 16:16:20 2015 +0200 s390x/css: handle ccw-0 TIC correctly In CCW-0 format TIC command 4 highest bits are ignored in the subchannel. In CCW-1 format the TIC command 4 highest bits must be 0. To convert TIC from CCW-0 to CCW-1 we clear the 4 highest bits to guarantee compatibility. Signed-off-by: Pierre Morel <pmorel@xxxxxxxxxxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 8f1ed5f5081416d5d1cc9569aa826114c5b21213 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 13:33:12 2015 +0100 Make pow2ceil() and pow2floor() inline Since the pow2floor() function is now used in a hot code path, make it inline; for consistency, provide pow2ceil() as an inline function too. Because these functions use ctz64() we have to put the inline versions into host-utils.h, so they have access to ctz64(), and move the inline is_power_of_2() along with them. We then need to include host-utils.h from qemu-common.h so that the files which use these functions via qemu-common.h still have access to them. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1437741192-20955-7-git-send-email-peter.maydell@xxxxxxxxxx commit 10944a19209bb520054569e0f156f50338901264 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 13:33:11 2015 +0100 Remove unused qemu_fls function Nothing uses qemu_fls() any more, so delete it. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1437741192-20955-6-git-send-email-peter.maydell@xxxxxxxxxx commit 6554f5c03793bb8a3d5dedcebf758a1694fa186c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 13:33:10 2015 +0100 exec.c: Use pow2floor() rather than hand-calculation Use pow2floor() to round down to the nearest power of 2, rather than an inline calculation. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1437741192-20955-5-git-send-email-peter.maydell@xxxxxxxxxx commit 26efcec158a87133bb6255ae7d3127a5fa6e66fd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 13:33:09 2015 +0100 hw/block/nvme.c: Use pow2ceil() rather than hand-calculation Use pow2ceil() to round up to the next power of 2, rather than an inline calculation. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1437741192-20955-4-git-send-email-peter.maydell@xxxxxxxxxx commit 1d0148fe6c121b21476ac1ba5120f8990e7fe6cd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 13:33:08 2015 +0100 hw/virtio/virtio-pci: Use pow2ceil() rather than hand-calculation Use the utility function pow2ceil() for rounding up to the next largest power of 2, rather than inline calculation. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1437741192-20955-3-git-send-email-peter.maydell@xxxxxxxxxx commit 9bff5d8135fc3f37932d4177727d293aa93ce79b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 13:33:07 2015 +0100 hw/pci: Use pow2ceil() rather than hand-calculation A couple of places in hw/pci use an inline calculation to round a size up to the next largest power of 2. We have a utility routine for this, so use it. (The behaviour of the old code is different if the size value is 0 -- it would leave it as 0 rather than rounding up to 1, but in both cases we know the size can't be 0. In the case where the size value had bit 31 set, the old code would invoke undefined behaviour; the new code will give a result of 0. Presumably that could never happen either.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1437741192-20955-2-git-send-email-peter.maydell@xxxxxxxxxx commit 4169198617dc8d3e80697964b91eaea551e7f956 Merge: 298fae3 c804b57 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 11:23:08 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches # gpg: Signature made Fri 04 Sep 2015 20:45:33 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: quorum: validate vote threshold against num_children even if read-pattern is fifo qcow2: reorder fields in Qcow2CachedTable to reduce padding docs: document how to configure the qcow2 L2/refcount caches qcow2: add option to clean unused cache entries after some time qcow2: mark the memory as no longer needed after qcow2_cache_empty() iotests: Warn if python subprocess is killed iotests: Do not suppress segfaults in bash tests iotests: Respect -nodefaults in tests 41 and 55 iotests: More options for VM.add_drive() qemu-img: Fix crash in amend invocation block/raw-posix: Use raw_normalize_devicepath() qemu-iotests: s390x: fix test 130 qemu-iotests: s390x: fix test 049, reject negative sizes in QemuOpts qemu-iotests: s390x: fix test 041 and 055 qemu-iotests: disable default qemu devices for cross-platform compatibility qemu-iotests: qemu machine type support Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 298fae38972cc0165415ead04b64bfcae55640d9 Merge: b597aa0 8d45c54 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:43:18 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150907' into staging target-arm queue: * cleanup to use g_new() and friends * support semihosting in A64 * add SMBIOS support to mach-virt * remove hw_error() usages * fix bug in the AArch32:AArch64 register mapping * add a second PCI memory window in highmem on virt board * fix bug in arm_excp_unmasked() * add i.MX31 SoC * remove restriction on handling affinity values in virt board # gpg: Signature made Mon 07 Sep 2015 10:40:48 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150907: (27 commits) arm/virt: Add full-sized CPU affinity handling target-arm: Refactor CPU affinity handling i.MX: Add i2C devices to i.MX31 SOC i.MX: Add qtest support for I2C device emulator. i.MX: Add the i.MX25 PDK platform i.MX: Add SOC support for i.MX25 i.MX: Add FEC Ethernet Emulator i.MX: Add I2C controller emulator i.MX: KZM: use standalone i.MX31 SOC support i.MX: Add SOC support for i.MX31 target-arm: Fix arm_excp_unmasked() function hw/arm/virt: Add high MMIO PCI region, 512G in size target-arm: Fix AArch32:AArch64 general-purpose register mapping arm: Remove hw_error() usages. arm: cpu: assert() on no-EL2 virt IRQ error condition. smbios: implement smbios support for mach-virt smbios: add smbios 3.0 support target-arm: Wire up HLT 0xf000 as the A64 semihosting instruction target-arm/arm-semi.c: SYS_EXIT on A64 takes a parameter block target-arm/arm-semi.c: Implement A64 specific SyncCacheRange call ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8d45c54d4fd3612bd616afcc5c278394f312927b Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Mon Sep 7 10:39:31 2015 +0100 arm/virt: Add full-sized CPU affinity handling At least with KVM, currently there's no reason why QEMU would not be capable of handling Aff3 != 0. This commit fixes up FDT creation in such a case. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Message-id: eef5a86e6d9a313780dbc23b35fcb65df42a3e9e.1441366248.git.p.fedin@xxxxxxxxxxx [PMM: folded two overlong lines] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0f4a9e45ec35811ee250ac232d84d3c6d4fcd7fc Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Mon Sep 7 10:39:31 2015 +0100 target-arm: Refactor CPU affinity handling Introduces reusable definitions for CPU affinity masks/shifts and gets rid of hardcoded magic numbers. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Message-id: 7e6def4d0d91ae64615cdd2035b94d408d0a23c6.1441366248.git.p.fedin@xxxxxxxxxxx [PMM: folded overlong line] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d4e26d106a1ea35a81176cb5398406b08316adc7 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 7 10:39:31 2015 +0100 i.MX: Add i2C devices to i.MX31 SOC Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: fb20e6bf5cf946c4530b2cfb55c7e37f5a0fc051.1441057361.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7f3986278b0bc214e83111ea55c8d12bac79c4fa Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 7 10:39:31 2015 +0100 i.MX: Add qtest support for I2C device emulator. This is using a ds1338 RTC chip on the I2C bus. This RTC chip is not present on the real 3DS PDK board. Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Acked-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 05601683a2a95c881cbc9f22651a044d969bd0ae.1441057361.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 65f57c43632b102f8b1ef20baf1fc218c6b8d9cd Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 7 10:39:31 2015 +0100 i.MX: Add the i.MX25 PDK platform Tested by booting a minimal Linux system on the emulated platform Tested by booting the Xvisor hypervisor on the emulated platform Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: d27347300d253509d921bc27a6d0a14db877478b.1441057361.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ee708c999d45e3f742d2f1287694a1b9da87044b Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 7 10:39:30 2015 +0100 i.MX: Add SOC support for i.MX25 For now we support the following devices: * CPU: ARM926 * Interrupt Controller: AVIC * CCM * UART x 5 * EPIT x 2 * GPT x 4 * FEC * I2C x 3 Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 62218bfa90f9101f79098e768c3d58bd92dcb7f3.1441057361.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit fcbd8018e645f3ab1ef9af94dc88a0d3272926d3 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 7 10:39:30 2015 +0100 i.MX: Add FEC Ethernet Emulator This is based on mcf_fec.c FEC implementation for Coldfire * A generic PHY was added (borrowwed from LAN9118) * The buffer management is also modified as buffers are slightly different between Coldfire and i.MX Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: fb314f8a120aa49f8f6ad886f312c649b484fb5a.1441057361.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 20d0f9cf6a41bad52baba3ebc485849617cc42cf Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 7 10:39:30 2015 +0100 i.MX: Add I2C controller emulator The slave mode is not implemented. Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 508dbf2ebe26ec383d3a12a1db5a7890ac8acf20.1441057361.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f044ac4980922e23b608afc2f35648ebadb42950 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 7 10:39:30 2015 +0100 i.MX: KZM: use standalone i.MX31 SOC support Convert the KZM board to use the i.MX31 SoC defintition instead of redefining the entire SoC on the machine level. Major rewrite of the machine init code. While touching the memory map comment de-indent to the correct level of indentation. This obsoletes the legacy i.MX device device creation helpers which are removed. Tested by booting a minimal Linux system on the emulated platform Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 5e783561f092e1c939562fdff001f1ab1194b07f.1441057361.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 558df83db778dc2e839353357a508349b180d79b Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Mon Sep 7 10:39:30 2015 +0100 i.MX: Add SOC support for i.MX31 For now we support the following devices: * CPU: ARM1136 * Interrupt Controller: AVIC * CCM * UART x 2 * EPIT x 2 * GPT Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: f146d819594e41568daec42a1d0f440cdfe3df76.1441057361.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 771842585f3119f69641ed90a97d56eb9ed6f5ae Author: Sergey Sorokin <afarallax@xxxxxxxxx> Date: Mon Sep 7 10:39:30 2015 +0100 target-arm: Fix arm_excp_unmasked() function There is an error in arm_excp_unmasked() function: bitwise operator & is used with integer and bool operands causing an incorrect zeroed result. The patch fixes it. Signed-off-by: Sergey Sorokin <afarallax@xxxxxxxxx> Message-id: 1441209238-16881-1-git-send-email-afarallax@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5125f9cd2532f0aca25d966ecd27d0e30d4af7c9 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Mon Sep 7 10:39:29 2015 +0100 hw/arm/virt: Add high MMIO PCI region, 512G in size This large region is necessary for some devices like ivshmem and video cards 32-bit kernels can be built without LPAE support. In this case such a kernel will not be able to use PCI controller which has windows in high addresses. In order to work around the problem, "highmem" option is introduced. It defaults to on on, but can be manually set to off in order to be able to run those old 32-bit guests. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> [PMM: Added missing ULL suffixes and a comment to the a15memmap[] entry] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3a9148d0bdcee990fbe86759b9b1f5723c1d7fbc Author: Sergey Sorokin <afarallax@xxxxxxxxx> Date: Mon Sep 7 10:39:29 2015 +0100 target-arm: Fix AArch32:AArch64 general-purpose register mapping There is an error in functions aarch64_sync_32_to_64() and aarch64_sync_64_to_32() with mapping of registers between AArch32 and AArch64. This commit fixes the mapping to match the v8 ARM ARM section D1.20.1 (table D1-77). Signed-off-by: Sergey Sorokin <afarallax@xxxxxxxxx> Message-id: 1440796451-15276-1-git-send-email-afarallax@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> [PMM: tidied commit message a bit] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8f6fd322f6e25995629a1a07b56bc5b91fb947ca Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Mon Sep 7 10:39:29 2015 +0100 arm: Remove hw_error() usages. All of these hw_errors are fatal and indicate something wrong with QEMU implementation. Convert to g_assert_not_reached. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 169194d09017e5725535d31a1507d454c0043706.1440842587.git.crosthwaite.peter@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f128bf297ba100877313cb3e9c0da845da0bb58c Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Mon Sep 7 10:39:29 2015 +0100 arm: cpu: assert() on no-EL2 virt IRQ error condition. Replace the hw_error() for no-EL2 VIRQ with an assert. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 93b6acdee6cafe8ff0422a294a5640c3d35f0e17.1440842587.git.crosthwaite.peter@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c30e15658b1b3dc9c241a515322ca5dc6fa6b4fe Author: Wei Huang <wei@xxxxxxxxxx> Date: Mon Sep 7 10:39:29 2015 +0100 smbios: implement smbios support for mach-virt This patch generates smbios tables for ARM mach-virt. Also add CONFIG_SMBIOS=y for ARM default config. Acked-by: Gabriel Somlo <somlo@xxxxxxx> Tested-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Tested-by: Leif Lindholm <leif.lindholm@xxxxxxxxxx> Signed-off-by: Wei Huang <wei@xxxxxxxxxx> Message-id: 1440615870-9518-3-git-send-email-wei@xxxxxxxxxx [PMM: Added missing braces around an if().] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 86299120060f734a2f7c1137a46de0b8c78135b7 Author: Wei Huang <wei@xxxxxxxxxx> Date: Mon Sep 7 10:39:28 2015 +0100 smbios: add smbios 3.0 support This patch adds support for SMBIOS 3.0 entry point. When caller invokes smbios_set_defaults(), it can specify entry point as 2.1 or 3.0. Then smbios_get_tables() will return the entry point table in right format. Acked-by: Gabriel Somlo <somlo@xxxxxxx> Tested-by: Gabriel Somlo <somlo@xxxxxxx> Tested-by: Leif Lindholm <leif.lindholm@xxxxxxxxxx> Signed-off-by: Wei Huang <wei@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Message-id: 1440615870-9518-2-git-send-email-wei@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8012c84ff92a36d05dfe61af9b24dd01a7ea25e4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:39:28 2015 +0100 target-arm: Wire up HLT 0xf000 as the A64 semihosting instruction For the A64 instruction set, the semihosting call instruction is 'HLT 0xf000'. Wire this up to call do_arm_semihosting() if semihosting is enabled. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Christopher Covington <christopher.covington@xxxxxxxxxx> Tested-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Message-id: 1439483745-28752-10-git-send-email-peter.maydell@xxxxxxxxxx commit 7446d35e1dd69e1da8241277eae09e293741b362 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:39:28 2015 +0100 target-arm/arm-semi.c: SYS_EXIT on A64 takes a parameter block The A64 semihosting API changes the interface for SYS_EXIT so that instead of taking a single exception type in a register, it takes a parameter block containing the exception type and a sub-code. Implement this. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Message-id: 1439483745-28752-9-git-send-email-peter.maydell@xxxxxxxxxx commit e9ebfbfcf31c11fb3bd2fc436fa17ce45a4e7086 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:39:28 2015 +0100 target-arm/arm-semi.c: Implement A64 specific SyncCacheRange call The A64 semihosting ABI defines a new call SyncCacheRange for doing a 'clean D-cache and invalidate I-cache' sequence. Since QEMU doesn't implement caches, we can implement this as a nop. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Christopher Covington <christopher.covington@xxxxxxxxxx> Tested-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Message-id: 1439483745-28752-8-git-send-email-peter.maydell@xxxxxxxxxx commit faacc041619581c566c21ed87aa1933420731282 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:39:28 2015 +0100 target-arm/arm-semi.c: Support widening APIs to 64 bits The 64-bit A64 semihosting API has some pervasive changes from the 32-bit version: * all parameter blocks are arrays of 64-bit values, not 32-bit * the semihosting call number is passed in W0 * the return value is a 64-bit value in X0 Implement the necessary handling for this widening. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Christopher Covington <christopher.covington@xxxxxxxxxx> Tested-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Message-id: 1439483745-28752-7-git-send-email-peter.maydell@xxxxxxxxxx commit 44d4a499b79d12d5c29f32bf2070c89335573c03 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:39:27 2015 +0100 include/exec/softmmu-semi.h: Add support for 64-bit values Add support for getting and setting 64-bit values in the softmmu semihosting support functions. This will be needed for 64-bit ARM semihosting. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Message-id: 1439483745-28752-6-git-send-email-peter.maydell@xxxxxxxxxx commit bb19cbc95ada89ce5e02c132bc6f3268b1a1bfa3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:39:27 2015 +0100 target-arm/arm-semi.c: Factor out repeated 'return env->regs[0]' Factor out a repeated pattern in the semihosting code: gdb_do_syscall(arm_semi_cb, "system,%s", arg0, (int)arg1+1); /* arm_semi_cb sets env->regs[0] to the syscall return value */ return env->regs[0]; For A64 the return value will go in a different register; pull the sequence out into its own function that passes the return value in a static variable rather than overloading regs[0] for the purpose, so the code will work on both A32/T32 and A64. Note that the lack-of-synchronization bug noted in the FIXME comment is not introduced by this commit, but was already present. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Christopher Covington <christopher.covington@xxxxxxxxxx> Tested-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Message-id: 1439483745-28752-5-git-send-email-peter.maydell@xxxxxxxxxx commit 19239b39e7501dedec8d92f0eca79c187685bcce Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:39:27 2015 +0100 gdbstub: Implement gdb_do_syscallv() Implement a variant of the existing gdb_do_syscall() which takes a va_list. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Message-id: 1439483745-28752-4-git-send-email-peter.maydell@xxxxxxxxxx commit 205ace55ffff77964e50af08c99639ec47db53f6 Author: Christopher Covington <christopher.covington@xxxxxxxxxx> Date: Mon Sep 7 10:39:27 2015 +0100 target-arm: Improve semihosting debug prints Print semihosting debugging information before the do_arm_semihosting() call so that angel_SWIreason_ReportException, which causes the function to not return, gets the same debug prints as other semihosting calls. Also print out the semihosting call number. Signed-off-by: Christopher Covington <christopher.covington@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Christopher Covington <cov@xxxxxxxxxxxxxx> Message-id: 1439483745-28752-3-git-send-email-peter.maydell@xxxxxxxxxx commit 857b55adb77004d9ec9202078b7f1f3a1a076112 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Sep 7 10:39:27 2015 +0100 target-arm/arm-semi.c: Fix broken SYS_WRITE0 via gdb A spurious trailing "\n" in the gdb syscall format string used for SYS_WRITE0 meant that gdb would reject the remote syscall, with the effect that the output from the guest was silently dropped. Remove the newline so that gdb accepts the packet. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b45c03f585ea9bb1af76c73e82195418c294919d Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Sep 7 10:39:27 2015 +0100 arm: Use g_new() & friends where that makes obvious sense g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Coccinelle semantic patch: @@ type T; @@ -g_malloc(sizeof(T)) +g_new(T, 1) @@ type T; @@ -g_try_malloc(sizeof(T)) +g_try_new(T, 1) @@ type T; @@ -g_malloc0(sizeof(T)) +g_new0(T, 1) @@ type T; @@ -g_try_malloc0(sizeof(T)) +g_try_new0(T, 1) @@ type T; expression n; @@ -g_malloc(sizeof(T) * (n)) +g_new(T, n) @@ type T; expression n; @@ -g_try_malloc(sizeof(T) * (n)) +g_try_new(T, n) @@ type T; expression n; @@ -g_malloc0(sizeof(T) * (n)) +g_new0(T, n) @@ type T; expression n; @@ -g_try_malloc0(sizeof(T) * (n)) +g_try_new0(T, n) @@ type T; expression p, n; @@ -g_realloc(p, sizeof(T) * (n)) +g_renew(T, p, n) @@ type T; expression p, n; @@ -g_try_realloc(p, sizeof(T) * (n)) +g_try_renew(T, p, n) @@ type T; expression n; @@ -(T *)g_new(T, n) +g_new(T, n) @@ type T; expression n; @@ -(T *)g_new0(T, n) +g_new0(T, n) @@ type T; expression p, n; @@ -(T *)g_renew(T, p, n) +g_renew(T, p, n) Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1440524394-15640-1-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c804b5791d51608c0e12e4cc2b40b3d763ce796c Merge: 2ef6093 834cb2a Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Fri Sep 4 21:43:40 2015 +0200 Merge remote-tracking branch 'mreitz/tags/pull-block-for-kevin-2015-09-04' into queue-block Block patches from 2015-08-24 until 2015-09-04. # gpg: Signature made Fri Sep 4 21:02:10 2015 CEST using RSA key ID E838ACAD # gpg: Good signature from "Max Reitz <mreitz@xxxxxxxxxx>" * mreitz/tags/pull-block-for-kevin-2015-09-04: quorum: validate vote threshold against num_children even if read-pattern is fifo qcow2: reorder fields in Qcow2CachedTable to reduce padding docs: document how to configure the qcow2 L2/refcount caches qcow2: add option to clean unused cache entries after some time qcow2: mark the memory as no longer needed after qcow2_cache_empty() Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 834cb2ada5db197a11c99142d50222945d196fc0 Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Fri Jul 3 14:45:06 2015 +0800 quorum: validate vote threshold against num_children even if read-pattern is fifo We need to use threshold to check if too many write operation fails. If threshold is larger than num children, we always get write error event even if all write operations success. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Message-id: 55962F72.3060003@xxxxxxxxxxxxxx Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 909c260c71d1bee7018e17034580ffd0743508db Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Aug 4 15:14:42 2015 +0300 qcow2: reorder fields in Qcow2CachedTable to reduce padding Changing the current ordering saves 8 bytes per cache entry in x86_64. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 0bd55291211df3dfb514d0e7d2031dd5c4f9f807.1438690126.git.berto@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 7f65ce834accce0b7e4bc79313bacf229b957783 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Aug 4 15:14:41 2015 +0300 docs: document how to configure the qcow2 L2/refcount caches QEMU has options to configure the size of the L2 and refcount caches for the qcow2 format. However, choosing the right sizes for a particular disk image is not a straightforward operation since the ratio between the cache size and the allocated disk space is not obvious and depends on the size of the cluster and the refcount entries. This document attempts to give an overview of both caches and how to configure their sizes. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: 55de928e139b1ba3f3d40fe9c6c88f30b1f36410.1438690126.git.berto@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 279621c046ce57de0af9e3c00663b48d3a7835ae Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Aug 4 15:14:40 2015 +0300 qcow2: add option to clean unused cache entries after some time This adds a new 'cache-clean-interval' option that cleans all qcow2 cache entries that haven't been used in a certain interval, given in seconds. This allows setting a large L2 cache size so it can handle scenarios with lots of I/O and at the same time use little memory during periods of inactivity. This feature currently relies on MADV_DONTNEED to free that memory, so it is not useful in systems that don't follow that behavior. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: a70d12da60433df9360ada648b3f34b8f6f354ce.1438690126.git.berto@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 355ee2d0e8ca536a6278c9c763ddd2f136eace3f Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Tue Aug 4 15:14:39 2015 +0300 qcow2: mark the memory as no longer needed after qcow2_cache_empty() After having emptied the cache, the data in the cache tables is no longer useful, so we can tell the kernel that we are done with it. In Linux this frees the resources associated with it. The effect of this can be seen in the HMP commit operation: it moves data from the top to the base image (and fills both caches), then it empties the top image. At this point the data in that cache is no longer needed so it's just wasting memory. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: 08538b098e1faf6c92496477cf9b47a20e5aacea.1438690126.git.berto@xxxxxxxxxx Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> commit 2ef6093cd6990314304f2d3b18eb476ee418d73c Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Sep 2 20:52:28 2015 +0200 iotests: Warn if python subprocess is killed Currently, if a subprocess of a python test (i.e. qemu-io, qemu-img, or qemu) receives a signal and is subsequently aborted, this is not logged. This patch makes python tests always check the exit code of these subprocesses, and emit a message if they have been killed. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 934659c460d46c948cf348822fda1d38556ed9a4 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Sep 2 20:52:27 2015 +0200 iotests: Do not suppress segfaults in bash tests Currently, if a qemu/qemu-io/qemu-img/qemu-nbd invocation receives a segmentation fault, that message is invisible in most cases since the output is generally filtered and bash suppresses the segmentation fault notice for any but the last element of a pipe. Most of the time, the test will then fail anyway because of missing output, but not necessarily (as happened with test 82 recently). Fix this by making the corresponding environment variables point to wrapper functions which execute the respective command in a subshell. Giving options to qemu/qemu-io/qemu-img and path names with spaces were broken for the Python tests; this patch "accidentally" fixes that. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 0ed82f7a096537923ef3705946f254d2f61eaf93 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Sep 2 20:52:26 2015 +0200 iotests: Respect -nodefaults in tests 41 and 55 While -nodefaults is set in $QEMU_OPTIONS, this is currently (wrongly) ignored for Python iotests. In order to be prepared for when this is fixed, we should explicitly add an IDE CD-ROM drive instead of relying on it being created automatically. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8e4922535b6479c7a2fa6b14b0148c6ae4fcc003 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Sep 2 20:52:25 2015 +0200 iotests: More options for VM.add_drive() This patch allows specifying the interface to be used for the drive, and makes specifying a path optional (if the path is None, the "file" option will be omitted, thus creating an empty drive). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e814dffcc9810ed77fe99081be9751b620a894c4 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Thu Aug 20 16:00:38 2015 -0700 qemu-img: Fix crash in amend invocation Example: $ ./qemu-img create -f qcow2 /tmp/t.qcow2 64M $ ./qemu-img amend -f qcow2 -o backing_file=/tmp/t.qcow2, -o help \ /tmp/t.qcow2 This should not crash. This actually is tested by iotest 082, but not caught due to the segmentation fault being silent (which is something that needs to be fixed, too). Reported-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Cc: qemu-stable <qemu-stable@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit bdd03cdf5dc3176bc7169a1d5709303e9279fffb Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed Aug 12 17:33:31 2015 +0200 block/raw-posix: Use raw_normalize_devicepath() The filename given to qemu_open() in block/raw-posix.c should generally have been processed by raw_normalize_devicepath(); unless we are only probing (in which case the caller often checks whether the file is a block device or not, and this property will be changed by raw_normalize_devicepath() on NetBSD) or it is about a deprecated device (i.e. floppy). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 137a905fdf43880c077438d57ef2d319569da9eb Author: Bo Tu <tubo@xxxxxxxxxxxxxxxxxx> Date: Fri Jul 3 15:28:50 2015 +0800 qemu-iotests: s390x: fix test 130 The default device id of hard disk on the s390 platform is "virtio0" which differs to the "ide0-hd0" for the x86 platform. Setting id in the drive definition, ie:"qemu -drive id=testdisk", will be the same on all platforms. Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Bo Tu <tubo@xxxxxxxxxxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 212789925efffe1c552b114321ee74081a7efb03 Author: Bo Tu <tubo@xxxxxxxxxxxxxxxxxx> Date: Fri Jul 3 15:28:49 2015 +0800 qemu-iotests: s390x: fix test 049, reject negative sizes in QemuOpts when creating an image qemu-img enable us specifying the size of the image using -o size=xx options. But when we specify an invalid size such as a negtive size then different platform gives different result. parse_option_size() function in util/qemu-option.c will be called to parse the size, a cast was called in the function to cast the input (saved as a double in the function) size to an unsigned int64 value, when the input is a negtive value or exceeds the maximum of uint64, then the result is undefined. According to C99 6.3.1.4, the result of converting a floating point number to an integer that cannot represent the (integer part of) number is undefined. And sure enough the results are different on x86 and s390. C99 Language spec 6.3.1.4 Real floating and integers: the result of this assignment/cast is undefined if the float is not in the open interval (-1, U<type>_MAX+1). Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Sascha Silbe <silbe@xxxxxxxxxxxxxxxxxx> Signed-off-by: Bo Tu <tubo@xxxxxxxxxxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d8683155fa76cabff112271771e43e21034ff2ba Author: Bo Tu <tubo@xxxxxxxxxxxxxxxxxx> Date: Fri Jul 3 15:28:48 2015 +0800 qemu-iotests: s390x: fix test 041 and 055 There is no 'ide-cd' device defined on non-pc platform, so test_medium_not_found() test should be skipped. Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Michael Mueller <mimu@xxxxxxxxxxxxxxxxxx> Reviewed-by: Sascha Silbe <silbe@xxxxxxxxxxxxxxxxxx> Signed-off-by: Xiao Guang Chen <chenxg@xxxxxxxxxxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 2711fd33a4b18c5e35a6f7efe57b5d868def829e Author: Bo Tu <tubo@xxxxxxxxxxxxxxxxxx> Date: Fri Jul 3 15:28:47 2015 +0800 qemu-iotests: disable default qemu devices for cross-platform compatibility This patch fixes an io test suite issue that was introduced with the commit c88930a6866e74953e931ae749781e98e486e5c8 'qemu-char: Permit only a single "stdio" character device'. The option supresses the creation of default devices such as the floopy and cdrom. Output files for test case 067, 071, 081 and 087 need to be updated to accommodate this change. Use virtio-blk instead of virtio-blk-pci as the device driver for test case 067. For virtio-blk-pci is the same with virtio-blk as device driver but other platform such as s390 may not recognize the virtio-blk-pci. The default devices differ across machines. As the qemu output often contains these devices (or events for them, like opening a CD tray on reset), the reference output currently is rather machine-specific. All existing qemu tests explicitly configure the devices they're working with, so just pass -nodefaults to qemu by default to disable the default devices. Update the reference outputs accordingly. Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Michael Mueller <mimu@xxxxxxxxxxxxxxxxxx> Reviewed-by: Sascha Silbe <silbe@xxxxxxxxxxxxxxxxxx> Signed-off-by: Xiao Guang Chen <chenxg@xxxxxxxxxxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e166b4148208656635ea2fe39df8b1e875a34fb8 Author: Bo Tu <tubo@xxxxxxxxxxxxxxxxxx> Date: Fri Jul 3 15:28:46 2015 +0800 qemu-iotests: qemu machine type support This patch adds qemu machine type support to the io test suite. Based on the qemu default machine type and alias of the default machine type the reference output file can now vary from the default to a machine specific output file if necessary. When using a machine specific reference file if the default machine has an alias then use the alias as the output file name otherwise use the default machine name as the output file name. Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Michael Mueller <mimu@xxxxxxxxxxxxxxxxxx> Reviewed-by: Sascha Silbe <silbe@xxxxxxxxxxxxxxxxxx> Signed-off-by: Xiao Guang Chen <chenxg@xxxxxxxxxxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b597aa037dbd98014c8dec3d69a5e2240f432533 Merge: b5bff75 6231316 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 4 17:37:50 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-09-04' into staging Monitor patches # gpg: Signature made Fri 04 Sep 2015 12:40:11 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-monitor-2015-09-04: hmp: add info iothreads command qmp-shell: add documentation Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b5bff7518d8e4feda95f5c523cb24f72863c1df6 Merge: b041066 c4f498f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Sep 4 15:53:48 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-09-04' into staging qapi: Another round of fixes and cleanups # gpg: Signature made Fri 04 Sep 2015 14:48:54 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-09-04: (33 commits) qapi: Generators crash when --output-dir isn't given, fix docs/qapi-code-gen.txt: Fix QAPI schema examples qapi: Simplify error reporting for array types qapi: Fix errors for non-string, non-dictionary members tests/qapi-schema: Cover non-string, non-dictionary members tests/qapi-schema: Cover two more syntax errors qapi: Drop one of two "simple union must not have base" checks qapi: Generated code cleanup qapi-commands: Drop useless initialization qapi-commands: Don't feed output of mcgen() to mcgen() again qapi-commands: Inline gen_marshal_output_call() qapi-commands: Fix gen_err_check(e) for e and e != 'local_err' qapi: Command returning anonymous type doesn't work, outlaw qapi: Fix to reject union command and event arguments qapi-tests: New tests for union, alternate command arguments tests/qapi-schema: Rename tests from data- to args- tests/qapi-schema: Restore test case for flat union base bug qapi: Document flaws in checking of names qapi: Document shortcoming with union 'data' branch qapi: Document that input visitor semantics are prone to leaks ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c4f498fe8532cdacc609262b104322911108df54 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Sep 3 10:24:25 2015 +0200 qapi: Generators crash when --output-dir isn't given, fix Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 94a3f0af388820d74a9d89d1a856d2baa448c696 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Sep 3 10:18:06 2015 +0200 docs/qapi-code-gen.txt: Fix QAPI schema examples Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit eddf817bd823a90df209dfbdc2a0b2ec33b7cb77 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Aug 31 13:54:39 2015 +0200 qapi: Simplify error reporting for array types check_type() first checks and peels off the array type, then checks the element type. For two out of four error messages, it takes pains to report errors for "array of T" instead of just T. Odd. Let's examine the errors. * Unknown element type, e.g. tests/qapi-schema/args-array-unknown.json: Member 'array' of 'data' for command 'oops' uses unknown type 'array of NoSuchType' To make sense of this, you need to know that 'array of NoSuchType' refers to '[NoSuchType]'. Easy enough. However, simply reporting Member 'array' of 'data' for command 'oops' uses unknown type 'NoSuchType' is at least as easy to understand. * Element type's meta-type is inadmissible, e.g. tests/qapi-schema/returns-whitelist.json: 'returns' for command 'no-way-this-will-get-whitelisted' cannot use built-in type 'array of int' 'array of int' is technically not a built-in type, but that's pedantry. However, simply reporting 'returns' for command 'no-way-this-will-get-whitelisted' cannot use built-in type 'int' avoids the issue, and is at least as easy to understand. * The remaining two errors are unreachable, because the array checking ensures that value is a string. Thus, reporting some errors for "array of T" instead of just T works, but doesn't really improve things. Drop it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit c6b71e5ae73802057d700e2419b80aef1651f213 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Aug 31 17:28:52 2015 +0200 qapi: Fix errors for non-string, non-dictionary members Fixes the errors demonstrated by the previous commit. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 10689e36eb99e99751497ac8cef2a946e9a3a850 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Aug 31 17:17:42 2015 +0200 tests/qapi-schema: Cover non-string, non-dictionary members We always report "should be a dictionary" then. This is misleading: when allow_dict, it can be a dictionary or a type name string, else it can only be a type name. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 91f9816da4d505d379753896f3f7b6abb910324b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Aug 31 15:47:55 2015 +0200 tests/qapi-schema: Cover two more syntax errors Syntax error coverage should now be complete. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 65fbe125451da9421070ab03944c9600a264eefc Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Aug 31 15:37:42 2015 +0200 qapi: Drop one of two "simple union must not have base" checks The first check ensures the second one can't trigger. Drop the first one, because the second one is in a more logical place, and emits a nicer error message. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 3a864e7c52af15017d5082a9ee39a7919f46d2b5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jul 1 16:55:15 2015 +0200 qapi: Generated code cleanup Clean up white-space, brace placement, and superfluous #ifdef QAPI_TYPES_BUILTIN_CLEANUP_DEF. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 3f99144cd9afbf51a7fbddf20b921402c2d4f68c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jul 31 18:51:18 2015 +0200 qapi-commands: Drop useless initialization In generated command handlers, the assignment to retval dominates its only use. Therefore, its initialization is useless. Drop it. Suggested-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 1f9a7a1a5862ad224aa86f9b4c046248ffc27aa3 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Sat Jun 27 17:49:34 2015 +0200 qapi-commands: Don't feed output of mcgen() to mcgen() again Multiple passes through mcgen() is prone to produce unwanted blank lines, which we then combat by sprinkling .rstrip() on top. Just don't do it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit e02bca281c82f874d84578af4deea46142232115 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Sat Jun 27 17:21:12 2015 +0200 qapi-commands: Inline gen_marshal_output_call() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 8102307f51e68280ac965a140a87073d5c31e9a5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Sat Jun 27 16:48:14 2015 +0200 qapi-commands: Fix gen_err_check(e) for e and e != 'local_err' gen_err_check() hard-codes 'local_err' instead of substituting the argument. Currently harmless, since all callers pass either None or 'local_err'. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 9b090d42aea9a0abbf39a1d75561a186057b5fe6 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jul 31 17:59:38 2015 +0200 qapi: Command returning anonymous type doesn't work, outlaw Reproducer: with { 'command': 'user_def_cmd4', 'returns': { 'a': 'int' } } added to qapi-schema-test.json, qapi-commands.py dies when it tries to generate the command handler function Traceback (most recent call last): File "/work/armbru/qemu/scripts/qapi-commands.py", line 359, in <module> ret = generate_command_decl(cmd['command'], arglist, ret_type) + "\n" File "/work/armbru/qemu/scripts/qapi-commands.py", line 29, in generate_command_decl ret_type=c_type(ret_type), name=c_name(name), File "/work/armbru/qemu/scripts/qapi.py", line 927, in c_type assert isinstance(value, str) and value != "" AssertionError because the return type doesn't exist. Simply outlaw this usage, and drop or dumb down test cases accordingly. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 315932b5edb86597adafbd1faa2d29c46499d8c3 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jul 1 10:12:24 2015 +0200 qapi: Fix to reject union command and event arguments A command's or event's 'data' must be a struct type, given either as a dictionary, or as struct type name. Commit dd883c6 tightened the checking there, but not enough: we still accept 'union'. Fix to reject it. We may want to support union types there, but we'll have to extend qapi-commands.py and qapi-events.py for it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit d9658d58e33128df32093b7a84bed76b527fb884 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jul 1 09:54:11 2015 +0200 qapi-tests: New tests for union, alternate command arguments A command's 'data' must be a struct type, given either as a dictionary, or as struct type name. Existing test case data-int.json covers simple type 'int'. Add test cases for type names referring to union and alternate types. The latter is caught (good), but the former is not (bug). Events have the same problem, but since they get checked by the same code, we don't bother to duplicate the tests. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 6af9a8fc8ec83f823c079211bc7a2414b1d4e5fe Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jul 31 13:30:50 2015 +0200 tests/qapi-schema: Rename tests from data- to args- Since every schema entity has 'data', the data- prefix conveys no information. These tests actually exercise commands. Only commands have arguments, so change the prefix to to args-. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 80e60a19a82cf872652d1923e800fecef5cc7def Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 26 13:21:10 2015 +0200 tests/qapi-schema: Restore test case for flat union base bug Test case added in commit 2fc0043, and messed up in commit 5223070. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit d90675fa4bc256238b3dd3a7fdd5f9029eca00b8 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jul 31 11:33:52 2015 +0200 qapi: Document flaws in checking of names We don't actually enforce our "other than downstream extensions [...], all names should begin with a letter" rule. Add a FIXME. We should reject names that differ only in '_' vs. '.' vs. '-', because they're liable to clash in generated C. Add a FIXME. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit ca56a822dd538017715345cbbe1f8829e0cc2742 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Jul 30 17:07:17 2015 -0600 qapi: Document shortcoming with union 'data' branch Add a FIXME to remind us to fully audit whether removing the 'void *data' branch of each qapi union type can be done safely. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1438297637-26789-1-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 2f52e20597ebd55ede668b2b7d162a84f419b03e Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu Jul 30 16:33:07 2015 -0600 qapi: Document that input visitor semantics are prone to leaks Most functions that can return a pointer or set an Error ** value are decent enough to guarantee a NULL return when reporting an error. Not so with our generated qapi visitor functions. If the caller is not careful to clean up partially-allocated objects on error, then the caller suffers a memory leak. Properly fixing it is probably complex enough to save for a later day, so merely document it for now. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Message-Id: <1438295587-19069-1-git-send-email-eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 999387782f736d7ac0083f4f02e2bc4ce7a9a27b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 26 13:14:02 2015 +0200 tests/qapi-schema: Document events with base don't work When event FOO's 'data' is a struct with a base, we consider only the struct's direct members, and ignore its base. The generated qapi_event_send_foo() doesn't take arguments for base members. No such events currently exist in the QMP schema. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 422e16aac4bd4476f5b40bee3049089de34ef6b6 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 26 17:52:45 2015 +0200 tests/qapi-schema: Document alternate's enum lacks visit function We generate a declaration, but no definition. The QMP schema has two: Qcow2OverlapChecks and BlockdevRef. Neither visit_type_Qcow2OverlapChecksKind() nor visit_type_BlockdevRefKind() is actually used. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 40b3adec13a9e022ff5a2e2b81c243fc0a026746 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 26 17:21:42 2015 +0200 qapi-visit: Fix two name arguments passed to visitors The generated code passes mangled schema names to visit_type_enum() and union's visit_start_struct(). Fix it to pass the names unadulterated, like we do everywhere else. Only qapi-schema-test.json actually has names where this makes a difference: enum __org.qemu_x-Enum, flat union __org.qemu_x-Union2, simple union __org.qemu_x-Union1 and its implicit enum __org.qemu_x-Union1Kind. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 8c07eddc619d618965fdd7a96bfe3b5c59f42b52 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Jun 30 09:27:04 2015 +0200 qapi-visit: Replace list implicit_structs by set Use set because that's what it is. While there, rename to implicit_structs_seen. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 8c3f8e77215bfedb7854221868f655e148506936 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 26 10:19:11 2015 +0200 qapi-visit: Fix generated code when schema has forward refs The visit_type_implicit_FOO() are generated on demand, right before their first use. Used by visit_type_STRUCT_fields() when STRUCT has base FOO, and by visit_type_UNION() when flat UNION has member a FOO. If the schema defines FOO after its first use as struct base or flat union member, visit_type_implicit_FOO() calls visit_type_implicit_FOO() before its definition, which doesn't compile. Rearrange qapi-schema-test.json to demonstrate the bug. Fix by generating the necessary forward declaration. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 1e6c1616a91cdcbe9a8387541f7689b8c11632aa Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Sun Jun 28 20:05:53 2015 +0200 qapi: Generate a nicer struct for flat unions The struct generated for a flat union is weird: the members of its base are at the end, except for the union tag, which is at the beginning. Example: qapi-schema-test.json has { 'struct': 'UserDefUnionBase', 'data': { 'string': 'str', 'enum1': 'EnumOne' } } { 'union': 'UserDefFlatUnion', 'base': 'UserDefUnionBase', 'discriminator': 'enum1', 'data': { 'value1' : 'UserDefA', 'value2' : 'UserDefB', 'value3' : 'UserDefB' } } We generate: struct UserDefFlatUnion { EnumOne enum1; union { void *data; UserDefA *value1; UserDefB *value2; UserDefB *value3; }; char *string; }; Change to put all base members at the beginning, unadulterated. Not only is this easier to understand, it also permits casting the flat union to its base, if that should become useful. We now generate: struct UserDefFlatUnion { /* Members inherited from UserDefUnionBase: */ char *string; EnumOne enum1; /* Own members: */ union { /* union tag is @enum1 */ void *data; UserDefA *value1; UserDefB *value2; UserDefB *value3; }; }; Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 0f61af3eb396ae163cd1572ce12e05f5d08d7c15 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jul 31 10:30:04 2015 +0200 qapi: Fix generated code when flat union has member 'kind' A flat union's tag member gets renamed to 'kind' in the generated code. Breaks when another member named 'kind' exists. Example, adapted from qapi-schema-test.json: { 'struct': 'UserDefUnionBase', 'data': { 'kind': 'str', 'enum1': 'EnumOne' } } We generate: struct UserDefFlatUnion { EnumOne kind; union { void *data; UserDefA *value1; UserDefB *value2; UserDefB *value3; }; char *kind; }; Kill the silly rename. Reported-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 5aa05d3f72e556752167f7005d6a3dea0f4432c5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Sun Jun 28 21:36:26 2015 +0200 qapi: Drop unused and useless parameters and variables gen_sync_call()'s parameter indent is useless: gen_sync_call() uses it only as optional argument for push_indent() and pop_indent(), their default is four, and gen_sync_call()'s only caller passes four. Drop the parameter. gen_visitor_input_containers_decl()'s parameter obj is always "QOBJECT(args)". Use that, and drop the parameter. Drop unused parameters of gen_marshal_output(), gen_marshal_input_decl(), generate_visit_struct_body(), generate_visit_list(), generate_visit_enum(), generate_declaration(), generate_enum_declaration(), generate_decl_enum(). Drop unused variables in generate_event_enum_lookup(), generate_enum_lookup(), generate_visit_struct_fields(), check_event(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 1cf47a15f18312436c7fa2d97be5fbe6df0292f5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jul 1 13:13:54 2015 +0200 qapi: Reject -p arguments that break qapi-event.py qapi-event.py breaks when you ask for a funny prefix like '@'. Protect it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 016a335bd8ca624f43adbb08fa1698c29ec52a1a Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jul 1 12:59:40 2015 +0200 qapi-event: Clean up how name of enum QAPIEvent is made Use c_name() instead of ad hoc code. Doesn't upcase the -p prefix, which is an improvement in my book. Unbreaks prefix containing '.', but other funny characters remain broken. To be fixed next. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 00dfc3b2c272d98556ec6095d56bdd8b036babf9 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Sat Jun 27 07:27:21 2015 +0200 qapi: Simplify guardname() The guards around built-in declarations lose their _H. It never made much sense anyway. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 77e703b861d34bb2879f3e845482d5cf0a3a0ad1 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jun 24 19:27:32 2015 +0200 qapi: Clean up cgen() and mcgen() Commit 05dfb26 added eatspace stripping to mcgen(). Move it to cgen(), just in case somebody gets tempted to use cgen() directly instead of via mcgen(). cgen() indents blank lines. No such lines get generated right now, but fix it anyway. We use triple-quoted strings for program text, like this: ''' Program text any number of lines ''' Keeps the program text relatively readable, but puts an extra newline at either end. mcgen() "fixes" that by dropping the first and last line outright. Drop only the newlines. This unmasks a bug in qapi-commands.py: four quotes instead of three. Fix it up. Output doesn't change Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 4247f839009159cb2cbaddfbd41513e180c4fe52 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Jun 9 15:24:36 2015 +0200 qapi: Clarify docs on including the same file multiple times It's idempotent. While there, update examples to current code. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 62313160cb5b6bdfbd77a063e94a5a7d25e59f2b Author: Ting Wang <kathy.wangting@xxxxxxxxxx> Date: Fri Jun 26 16:07:13 2015 +0800 hmp: add info iothreads command Make "info iothreads" available on the HMP monitor. For example, the results are as follows when executing qemu command with "-object iothread,id=iothread-1 -object iothread,id=iothread-2". (qemu) info iothreads iothread-1: thread_id=123 iothread-2: thread_id=456 Signed-off-by: Ting Wang <kathy.wangting@xxxxxxxxxx> Message-Id: <1435306033-58372-1-git-send-email-kathy.wangting@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Reviewed-by: Amos Jianjun Kong <kongjianjun@xxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit e2f9a6572bb400e64e7a56526c5f7a4a9f8f6f90 Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Jul 1 14:25:49 2015 -0400 qmp-shell: add documentation I should probably document the changes that were made. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-Id: <1435775149-17285-1-git-send-email-jsnow@xxxxxxxxxx> Reviewed-By: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit b041066421e8dcc7d080dfcfd83551c9c9f24ade Merge: 550e66e 987bd27 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 3 16:17:28 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' into staging # gpg: Signature made Thu 03 Sep 2015 15:46:52 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/tracing-pull-request: trace-events: Add hmp completion Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 987bd27000b6e21df6c73f6badb945ab5e42996a Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Fri Aug 14 11:27:43 2015 +0100 trace-events: Add hmp completion Add completion for the trace event names in the hmp trace-event command. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-id: 1439548063-18410-1-git-send-email-dgilbert@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 550e66ea4cce7b6664d6caf7e651814cc2d30421 Merge: 561578c 9ef4017 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 3 14:33:03 2015 +0100 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20150903' into staging First batch of s390x patches for 2.5: - introduce 2.5 compat machine - support for migration of storage keys # gpg: Signature made Thu 03 Sep 2015 11:28:06 BST using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20150903: s390x: Disable storage key migration on old machine type s390x: Migrate guest storage keys (initial memory only) s390x: Info skeys sub-command s390x: Dump-skeys hmp support s390x: Dump storage keys qmp command s390x: Enable new s390-storage-keys device s390x: Create QOM device for s390 storage keys s390x: add 2.5 compat s390-ccw-virtio machine Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f4798320144245da66128edb840bd940fd287d28 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Apr 9 11:39:28 2015 +0200 ipxe: update binaries Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit cf2b4b5b77a7bfe9216efc76117447b88acd47a9 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Sep 3 14:40:29 2015 +0200 ipxe: use upstream configuration Upstream supports named configurations now and ships with settings for qemu. Use them, drop our config header copying. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f927f16213506a493ac416d9a9fa73c7460a766e Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Apr 9 11:37:15 2015 +0200 ipxe: don't override GITVERSION We had build problems due to the git version checking in the ipxe build system in the past. Don't remember the details, but the problem seems to be gone now, so lets remove the workaround. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> [ most likely ipxe commit 6153c09c41034250408f3596555fcaae715da46c: [build] Set GITVERSION only if there is a git repository ] Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit d4517d170c041ab654c9e65e5bbd3d79956af5b7 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Apr 9 10:52:19 2015 +0200 ipxe: update from 35c53797 to 4e03af8 git shortlog ============ Alex Williamson (1): [dhcp] Extract timing parameters out to config/dhcp.h Bernd Wiebelt (1): [tg3] Add support for BCM57766 Christian Hesse (3): [intel] Add PCI device IDs for Intel I218-LM and I218-V [build] Add missing "const" qualifiers [ath9k] Remove confusing logic inversion in an ANI variable Christian Nilsson (1): [bios] Add ANSI blink attribute Daniel Pieczko (1): [prefix] Use correct register for KEEP_IT_REAL physical address conversion Ed Swierk (1): [intel] Update PCI device IDs for Intel 82599 and X540 10G NICs Fabrice Bacchella (2): [efi] Improve NII driver logging [efi] Work around bugs in Emulex NII driver Laszlo Ersek (1): [virtio] Downgrade per-iobuf debug messages to DBGC2 Michael Brown (284): [device] Provide a driver-private data field for root devices [iobuf] Add iob_split() to split an I/O buffer into portions [rndis] Add generic RNDIS device abstraction [hyperv] Add support for Hyper-V hypervisor [hyperv] Add support for VMBus devices [hyperv] Add support for NetVSC paravirtual network devices [rndis] Send RNDIS_INITIALISE_MSG [rndis] Send RNDIS_HALT_MSG [hyperv] Tear down NetVSC RX buffer GPADL after closing VMBus device [rndis] Clear receive filter when closing the device [hyperv] Receive all VMBus messages in a poll [hyperv] Increase TX ring size [hyperv] Assume that VMBus xfer page ranges correspond to RNDIS messages [rndis] Ignore start-of-day RNDIS_INDICATE_STATUS_MSG with status 0x40020006 [hyperv] Tidy up debug output [hyperv] Require support for VMBus version 3.0 or newer [build] Include Hyper-V driver in the all-drivers build [pci] Allow drivers to specify a PCI class [romprefix] Ensure UNDI loader can be included by all ROM types [usb] Add basic support for USB devices [usb] Add basic support for USB hubs [usb] Add support for xHCI host controllers [ncm] Add support for CDC-NCM USB Ethernet devices [usb] Report xHCI host controller events [ncm] Use large multi-packet buffers by default [tftp] Explicitly abort connection whenever parent interface is closed [uri] Allow tftp_uri() to construct a URI with a custom port [pxe] Use tftp_uri() to construct PXE TFTP URIs [pxe] Maintain a queue for received PXE UDP packets [ncm] Reserve headroom in received packets [usb] Try multiple USB device configurations [usb] Handle CDC union functional descriptors [usb] Parse endpoint descriptor bInterval field [usb] Allow usb_stream() to enforce a terminating short packet [ecm] Add support for CDC-ECM USB Ethernet devices [xhci] Delay after (possibly) forcing port link state to RxDetect [build] Move branding information to config/branding.h [build] Use PRODUCT_SHORT_NAME for end-user visible strings [build] Allow product URI to be customised via config/branding.h [build] Allow error message URI to be customised via config/branding.h [build] Allow command help text URI to be customised via config/branding.h [build] Allow setting help text URI to be customised via config/branding.h [build] Allow product tag line to be customised via config/branding.h [rndis] Add rndis_rx_err() [usb] Handle port status changes received after failing to find a driver [efi] Disallow R_X86_64_32 relocations [build] Apply the "-fno-PIE -nopie" workaround only to i386 builds [usb] Provide generic framework for refilling receive endpoints [usb] Use generic refill framework for USB hub interrupt endpoints [ecm] Use generic refill framework for bulk IN and interrupt endpoints [ncm] Use generic refill framework for bulk IN and interrupt endpoints [libc] Remove unused string functions [libc] Rewrite string functions [test] Add self-tests for more string functions [test] Add constant-length memset() self-tests [libc] Reduce size of memset() [usb] Add generic USB network device framework [ecm] Use generic USB network device framework [ncm] Use generic USB network device framework [timer] Rewrite the 8254 Programmable Interval Timer support [xhci] Leak memory if controller fails to disable slot [xhci] Abort commands on timeout [test] Add IPv4 self-tests [legal] Add missing copyright header to net/ipv4.c [ipv4] Rewrite inet_aton() [libc] Rewrite strtoul() [hyperv] Check for required features [prefix] Use .bss16 as temporary stack space for calls to install_block [zbin] Use LZMA compression [zbin] Perform extra normalisation after completing decompression [prefix] Call decompressor in flat real mode when DEBUG=libprefix is enabled [zbin] Allow decompressor to generate debug output via BIOS console [zbin] Fix check for existence of most recent output byte [zbin] Remove now-unused unnrv2b.S decompressor [legal] Update GPLv2 licence text [legal] Include full licence text for all GPL2_OR_LATER files [mucurses] Add missing FILE_LICENCE declarations [legal] Add support for the Unmodified Binary Distribution Licence [legal] Add UBDL relicensing tool [legal] Relicense files under GPL2_OR_LATER_OR_UBDL [legal] Relicense files under GPL2_OR_LATER_OR_UBDL [legal] Relicense files under GPL2_OR_LATER_OR_UBDL [legal] Relicense files under GPL2_OR_LATER_OR_UBDL [libc] Rewrite unrelicensable portions of stddef.h [libc] Rewrite unrelicensable portions of ctype.h [libc] Rewrite setjmp() and longjmp() [libc] Rewrite byte-swapping code [elf] Rewrite ELF header [list] Relicense list.h [iscsi] Rewrite unrelicensable portions of iscsi.c [pci] Remove outdated and mostly-unused pci_ids.h file [pci] Rewrite unrelicensable portions of pci.h [settings] Use list_first_entry() when unregistering child settings [settings] Rewrite unrelicensable portions of settings.c [menu] Abstract out the generic concept of a jump scroller [settings] Use generic jump scrolling abstraction [malloc] Move valgrind headers out of arch/x86 [malloc] Rewrite unrelicensable portions of malloc.c [build] Remove unused IMPORT_SYMBOL() and EXPORT_SYMBOL() macros [build] Remove unused __keepme macro [pxe] Remove obsolete references to pxeparent_dhcp [build] Remove obsolete and unused portions of config.c [build] Use REQUIRE_OBJECT() to drag in per-object configuration [build] Fix the REQUIRE_SYMBOL mechanism [i386] Move real_to_user() to realmode.h [linux] Rewrite headers included in all builds [retry] Rewrite unrelicensable portions of retry.c [retry] Colourise debug output [legal] Relicense files under GPL2_OR_LATER_OR_UBDL [xhci] Enable USB3 ports on Intel PCH8/PCH9 controllers [xhci] Undo PCH-specific quirk fixes when removing device [xen] Set the "feature-rx-notify" flag for netfront devices [http] Abstract out HTTP Digest hash algorithm operations [http] Support MD5-sess Digest authentication [dm96xx] Add driver for Davicom DM96xx USB Ethernet NICs [legal] Relicense Davicom DM96xx drivers [mii] Add generic mii_check_link() function [smsc75xx] Add driver for SMSC/Microchip LAN75xx USB Ethernet NICs [legal] Relicense files under GPL2_OR_LATER_OR_UBDL [tcp] Implement support for TCP Selective Acknowledgements (SACK) [smsc75xx] Move RX FIFO overflow message to DBGLVL_EXTRA [tcpip] Fix dubious calculation of min_port [libc] Add ffs(), ffsl(), and ffsll() [usb] Add the concept of a USB bus maximum transfer size [ncm] Respect maximum transfer size of the bus [usb] Add functions for manual device address assignment [xhci] Forcibly disable SMIs if BIOS fails to release ownership [autoboot] Match against parent devices when matching by bus type and location [usb] Add config/usb.h for USB configuration options [xhci] Do not release ownership back to BIOS when booting an OS [ehci] Add support for EHCI host controllers [netdevice] Add missing bus types to netdev_fetch_bustype() [usb] Fix USB timeouts to match specification [libprefix] Fix building on 64-bit FreeBSD 8.4 [xhci] Ring doorbell as part of endpoint reset [usb] Reset endpoints without waiting for a new transfer to be enqueued [usb] Add clear_tt() hub method to clear transaction translator buffer [usb] Clear transaction translator buffers when applicable [ehci] Support USB1 devices attached via transaction translators [usb] Improve debug messages for failed control transactions [xhci] Support USB1 devices attached via transaction translators [libc] Fix typo in longjmp() [libc] Add x86_64 versions of setjmp() and longjmp() [test] Add setjmp()/longjmp() self-tests [test] Simplify digest algorithm self-tests [crypto] Add SHA-224 algorithm [crypto] Add SHA-512 algorithm [crypto] Add SHA-384 algorithm [crypto] Add SHA-512/256 algorithm [crypto] Add SHA-512/224 algorithm [efi] Ensure drivers are disconnected when ExitBootServices() is called [peerdist] Add support for decoding PeerDist Content Information [xhci] Always reset root hub ports [romprefix] Allow autoboot device filter to be disabled [util] Add ability to dump PCI device ID list [efi] Add EFI entropy source [efi] Add EFI time source [efi] Provide a dummy data block in nii_initialise() [efi] Poll media status only if advertised as supported [efi] Poll for TX completions only when there is an outstanding TX buffer [efi] Use the EFI_RNG_PROTOCOL as an entropy source if available [eepro100] Remove duplicate PCI_ROM() line [prism2] Remove duplicate PCI_ROM() lines [build] Allow building PCI ROMs with device ID lists [build] Fix compiler warning on OpenBSD 5.7 [build] Work around binutils quirk on OpenBSD 5.7 [build] Use a single call to parserom.pl to speed up building [intel] Report any unexpected interrupt causes [intel] Force RX polling on VMware emulated 82545em [realtek] Do not attempt to access EEPROM on RTL8169 chips [rtl818x] Obviate RTL_ROM() hack [build] Construct all-drivers list based on driver class [test] Include IPv6 support when performing settings self-tests [base16] Add buffer size parameter to base16_encode() and base16_decode() [base64] Add buffer size parameter to base64_encode() and base64_decode() [settings] Add "base64" setting type [vram] Add "vram" built-in setting to dump video RAM [usb] Include setup packet within I/O buffer for message transfers [pci] Provide PCI_CLASS() to calculate a scalar PCI class value [usb] Detect missed disconnections [usb] Maintain a list of all USB buses [usb] Maintain single lists of halted endpoints and changed ports [ehci] Poll child companion controllers after disowning port [usb] Add find_usb_bus_by_location() helper function [ehci] Allow UHCI/OHCI controllers to locate the EHCI companion controller [uhci] Add support for UHCI host controllers [usb] Provide usb_endpoint_name() for use by host controller drivers [xhci] Use meaningful device names in debug messages [ehci] Use meaningful device names in debug messages [uhci] Use meaningful device names in debug messages [ipv6] Disambiguate received ICMPv6 errors [usb] Add USB_INTERRUPT_OUT internal type [usb] Add generic USB human interface device (HID) framework [usb] Add basic support for USB keyboards [usb] Do not call usb_hotplug() when registering a new hub [usb] Always clear recorded disconnections after performing hotplug actions [intel] Expose intel_diag() for use by other Intel NIC drivers [intel] Allow for the use of advanced TX descriptors [intel] Add support for mailbox used by virtual functions [intel] Add intelxvf driver for Intel 10 GigE virtual function NICs [int13con] Add basic ability to log to a local disk via INT 13 [intel] Add intelxvf_stats() to dump packet statistics registers [intel] Fix operation when physical function has jumbo frames enabled [neighbour] Return success when deferring a packet [xhci] Fix length of allocated slot array [build] Fix .ids.o creation for drivers not in the all-drivers build [xhci] Fix comparison of signed and unsigned integers [ipoib] Fix REMAC cache discarder [xhci] Record device-specific quirks in xHCI device structure [xhci] Ignore invalid protocol speed ID values on Intel Skylake platforms [pci] Use flat real mode to call INT 1a,b101 [tcp] Do not shrink window when discarding received packets [mromprefix] Report a dummy size at offset 0x02 of .mrom payload [ethernet] Add minimal support for receiving LLC frames [netdevice] Add a generic concept of a "blocked link" [stp] Add support for detecting Spanning Tree Protocol non-forwarding ports [stp] Fix interpretaton of hello time [dhcp] Defer discovery if link is blocked [pxe] Always reconstruct packet for PXENV_GET_CACHED_INFO [serial] Add general abstraction of a 16550-compatible UART [gdb] Use new UART abstraction in GDB serial transport [serial] Use new UART abstraction in serial console driver [ipoib] Mark REMAC cache as expensive [ipoib] Attempt to generate ARPs as needed to repopulate REMAC cache [gdb] Allow gdbstub to be started on an arbitrary serial port [xen] Wait for and clear XenStore event before receiving data [tcp] Gracefully close connections during shutdown [ipoib] Transmit multicast packets as broadcasts [efi] Fix receive and transmit completion reporting [efi] Allow user experience to be downgraded [build] Add named configuration for qemu [tcp] Ensure FIN is actually sent if connection is closed while idle [fault] Generalise NETDEV_DISCARD_RATE fault injection mechanism [fault] Add inject_corruption() to randomly corrupt data [profile] Add profile_custom() for profiling with arbitrary time units [interface] Add intf_poke() helper [xfer] Use intf_poke() to implement xfer_window_changed() [xfer] Add xfer_check_order() utility function [xferbuf] Generalise to handle umalloc()-based buffers [xferbuf] Add xfer_buffer() to provide direct access to underlying buffer [downloader] Use generic data-transfer buffer mechanism [downloader] Provide direct access to the underlying data transfer buffer [build] Fix compiler warnings on some gcc versions [crypto] Add bit-rotation functions for 8-bit and 16-bit values [802.11] Use correct SHA1_DIGEST_SIZE constant name [crypto] Add ECB block cipher mode (for debug and self-tests only) [test] Generalise cipher tests and use okx() [test] Define shortcuts for frequently-used NIST AES test vectors [test] Add NIST self-tests for AES128 and AES256 in ECB mode [crypto] Replace AES implementation [test] Add NIST self-tests for AES192 in ECB and CBC modes [crypto] Remove AXTLS headers [build] Fix strict-aliasing warning on older gcc versions [ipv6] Treat a missing network device name as "netX" [netdevice] Avoid using zero as a network device index [ipv4] Redefine IP address constants to avoid unnecessary byte swapping [ipv4] Allow IPv4 socket addresses to include a scope ID [iscsi] Add missing "break" statements [netdevice] Allow network devices to disclaim IRQ support at runtime [peerdist] Include trimmed range within content information block [peerdist] Add support for constructing and decoding discovery messages [peerdist] Add support for constructing and decoding retrieval messages [pool] Add a generic concept of a pooled connection [linebuf] Support buffering of multiple lines [elf] Reject ELFBoot images requiring virtual addressing [comboot] Avoid dragging in serial console support unconditionally [serial] Check for UART existence in uart_select() [tls] Do not access beyond the end of a 24-bit integer [tls] Report supported signature algorithms in ClientHello [crypto] Support SHA-{224,384,512} in X.509 certificates [efi] Hold off watchdog timer while running [efi] Add missing "ULL" suffix on 64-bit constant [block] Add generic block device translator [http] Rewrite HTTP core to support content encodings [peerdist] Add segment discovery mechanism [peerdist] Add individual block download mechanism [peerdist] Add block download multiplexer [peerdist] Add support for PeerDist (aka BranchCache) HTTP content encoding [dhcp] Allow pseudo-DHCP servers to use pseudo-identifiers [dhcp] Ignore ProxyDHCPACKs without PXE options [pxe] Warn about PXE NBPs that may be EFI executables [test] Allow self-tests to report exit status when running under Linux [image] Detect image type when image is first registered [autoboot] Display image information as part of the default control flow Olaf Hering (1): [build] Sort objects in blib.a Robin Smidsrød (2): [vbox] Enable some more features now that we have LZMA compression [build] Rewrite parserom.pl to support multiple source files Thomas Miletich (1): [intel] Add PCI ID for I218-LM Tufan Karadere (1): [crypto] Add ASN.1 OIDs for sha{224,384,512}WithRsaEncryption Wissam Shoukair (2): [comboot] Implement INT22,0x000c [ipoib] Fix a race when chain-loading undionly.kpxe in IPoIB Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 561578c2a82292ddf55737791d2838b797f49f35 Merge: fc8135a 08b0b23 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 3 13:05:45 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150902' into staging queued tcg patches # gpg: Signature made Wed 02 Sep 2015 22:35:37 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20150902: tcg/i386: omit a few REXW prefixes in softmmu code tcg/aarch64: Fix tcg_out_qemu_{ld, st} for guest_base == 0 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit fc8135a46d095f865d285e697a874f617bfeeb90 Merge: 654cd2c 112e451 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 3 12:09:41 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-axp-20150902' into staging cmpbge emulation improvements # gpg: Signature made Wed 02 Sep 2015 20:25:10 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-axp-20150902: target-alpha: Special case cmpbge with zero target-alpha: Rewrite helper_cmpbge using bit tests Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9ef40173fbe99c0562d227980779a73613788782 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 9 13:56:44 2015 -0400 s390x: Disable storage key migration on old machine type This code disables storage key migration when an older machine type is specified. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 186208fa1fa1b4fa1fe0b77c0fa61b9c0de6d66d Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Fri Jun 26 14:11:23 2015 -0400 s390x: Migrate guest storage keys (initial memory only) Routines to save/load guest storage keys are provided. register_savevm is called to register them as migration handlers. We prepare the protocol to support more complex parameters. So we will later be able to support standby memory (having empty holes), compression and "state live migration" like done for ram. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit a08f0081c9886c1914d7bc2e6a29636a769fec84 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Fri Jun 26 14:10:16 2015 -0400 s390x: Info skeys sub-command Provide an info skeys hmp sub-command to allow the end user to dump a storage key for a given address. This is useful for guest operating system developers. Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit a4538a5cc57dd493ed1545be98fa0ead0d391b8a Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Fri Jun 26 14:07:21 2015 -0400 s390x: Dump-skeys hmp support Add dump-skeys command to the human monitor. Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 7ee0c3e33a0f8664c529ce621ea83326817fc14a Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Fri Jun 26 14:03:16 2015 -0400 s390x: Dump storage keys qmp command Provide a dump-skeys qmp command to allow the end user to dump storage keys. This is useful for debugging problems with guest storage key support within Qemu and for guest operating system developers. Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 0f5f669147b52f89928bdf180165f74c4219210e Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Fri Jun 26 14:01:00 2015 -0400 s390x: Enable new s390-storage-keys device s390 guest initialization is modified to make use of new s390-storage-keys device. Old code that globally allocated storage key array is removed. The new device enables storage key access for kvm guests. Cache storage key QOM objects in frequently used helper functions to avoid a performance hit every time we use one of these functions. Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 0efe406cac8a4d9f0b52eada4c6c2a768fe4b7d2 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Fri Jun 26 11:54:51 2015 -0400 s390x: Create QOM device for s390 storage keys A new QOM style device is provided to back guest storage keys. A special version for KVM is created, which handles the storage key access via KVM_S390_GET_SKEYS and KVM_S390_SET_SKEYS ioctl. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 84b48ad63ba1da6345c3f22da7cdefc93fbc07f0 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Jul 17 13:16:52 2015 +0200 s390x: add 2.5 compat s390-ccw-virtio machine Reviewed-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 654cd2c5841d70e8053b39fb1a9162d5c113326b Merge: 0eac598 c5a9378 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 3 11:15:01 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Wed 02 Sep 2015 17:14:40 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: ne2000: Drop ne2000_can_receive vmxnet3: Drop net_vmxnet3_info.can_receive rtl8139: Do not consume the packet during overflow in standard mode. rtl8139: Fix receive buffer overflow check rtl8139: use ldl/stl wrapper for unaligned 32-bit access rtl8139: use net/eth.h macros instead of custom macros rtl8139: remove duplicate net/eth.h definitions Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0eac5986fc4cfe845d6d656c3a4dc29e004b3a3e Merge: f8b8091 e12f378 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Sep 3 09:50:37 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Wed 02 Sep 2015 17:01:33 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: block: more check for replaced node MAINTAINERS: add responsible person for Parallels format driver Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 08b0b23be639b955e5e3d84dc42fa4e5ce6a8728 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Jul 19 13:50:32 2015 +0200 tcg/i386: omit a few REXW prefixes in softmmu code When computing the TLB address we are likely to mask out the high 32-bits by using shr + and. We can use 32-bit instructions in that case. This saves 2 bytes per TLB access. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1437306632-20655-1-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 352bcb0a2b816ff9ab9d75d0f2384650d9e9ab19 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 1 15:58:02 2015 -0400 tcg/aarch64: Fix tcg_out_qemu_{ld, st} for guest_base == 0 In ffc6372851d8631a9f9fa56ec613b3244dc635b9, we swapped the guest base to the address base register from the address index register. Except that 31 in the base slot is SP not XZR, so we need to be more intelligent about which reg gets placed in which slot. Cc: qemu-stable@xxxxxxxxxx (v2.4.0) Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reported-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 16ef9d0252318d7e32e445fd7474af55dbaab7db Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Sun Aug 23 20:23:40 2015 -0400 qemu-thread: handle spurious futex_wait wakeups Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Message-Id: <1440375847-17603-12-git-send-email-cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e12f3784097a26a1ba51be420f41038b4c0ae5d1 Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Fri Jul 17 10:12:22 2015 +0800 block: more check for replaced node We use mirror+replace to fix quorum's broken child. bs/s->common.bs is quorum, and to_replace is the broken child. The new child is target_bs. Without this patch, the replace node can be any node, and it can be top BDS with BB, or another quorum's child. We just check if the broken child is part of the quorum BDS in this patch. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Message-id: 55A86486.1000404@xxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit f307371217c42d62015b8d83300a11cd9d3966f3 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Fri Aug 21 20:44:16 2015 +0300 MAINTAINERS: add responsible person for Parallels format driver Denis has spent 6 years working with this format in Parallels and QEMU code was rewritten almost completely by his. Thus it would be quite natural to add him as a maintainer and point of contact. Patches are going to flow though Stefan's tree. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Message-id: 1440179056-12934-1-git-send-email-den@xxxxxxxxxx CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c5a93780453e6da919287c17e873c843544ef2a3 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 1 13:25:05 2015 +0800 ne2000: Drop ne2000_can_receive ne2000_receive already checks the same conditions and drops the packet if it's not ready, removing the .can_receive callback avoids the necessity to add explicit flushes when the conditions turn true (which is required by the new semantics of .can_receive since 6e99c63 "net/socket: Drop net_socket_can_send"). Plus the "return 1" if E8390_STOP is also suspicious. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 2734a20b8161831ba68c9166014e00522599d1e2 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 1 10:26:27 2015 +0800 vmxnet3: Drop net_vmxnet3_info.can_receive Commit 6e99c63 ("net/socket: Drop net_socket_can_send") changed the semantics around .can_receive for sockets to now require the device to flush queued pkts when transitioning to a .can_receive=true state. But it's OK to drop incoming packets when the link is not active. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 26c4e7ca72d970d120f0f51244bc8d37458512a0 Author: Vladislav Yasevich <vyasevic@xxxxxxxxxx> Date: Tue Sep 1 11:26:46 2015 -0400 rtl8139: Do not consume the packet during overflow in standard mode. When operation in standard mode, we currently return the size of packet during buffer overflow. This consumes the overflow packet. Return 0 instead so we can re-process the overflow packet when we have room. This fixes issues with lost/dropped fragments of large messages. Signed-off-by: Vladislav Yasevich <vyasevic@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1441121206-6997-3-git-send-email-vyasevic@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit fabdcd3392f16fc666b1d04fc1bbe5f1dbbf10a4 Author: Vladislav Yasevich <vyasevic@xxxxxxxxxx> Date: Tue Sep 1 11:26:45 2015 -0400 rtl8139: Fix receive buffer overflow check rtl8139_do_receive() tries to check for the overflow condition by making sure that packet_size + 8 does not exceed the available buffer space. The issue here is that RxBuffAddr, used to calculate available buffer space, is aligned to a a 4 byte boundry after every update. So it is possible that every packet ends up being slightly padded when written to the receive buffer. This padding is not taken into account when checking for overflow and we may end up missing the overflow condition can causing buffer overwrite. This patch takes alignment into consideration when checking for overflow condition. Signed-off-by: Vladislav Yasevich <vyasevic@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1441121206-6997-2-git-send-email-vyasevic@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 26c0114d3f69c3accaf83d56ff1d850bd0213b58 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Aug 3 13:15:57 2015 +0100 rtl8139: use ldl/stl wrapper for unaligned 32-bit access The tx offload feature accesses a 16-bit aligned TCP header struct. The 32-bit fields must be accessed using ldl/stl wrappers since some host architectures fault on unaligned access. Suggested-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1438604157-29664-4-git-send-email-stefanha@xxxxxxxxxx commit 1bf11332c4770e2750247733c713a4e771047282 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Aug 3 13:15:56 2015 +0100 rtl8139: use net/eth.h macros instead of custom macros Eliminate the following "custom" macros since they are just duplicates of net/eth.h macros under a different name: ETHER_ADDR_LEN -> ETH_ALEN ETH_P_8021Q -> ETH_P_VLAN IP_HEADER_LENGTH -> IP_HDR_GET_LEN TCP_FLAG_FIN -> TH_FIN TCP_FLAG_PUSH -> TH_PUSH Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1438604157-29664-3-git-send-email-stefanha@xxxxxxxxxx commit 5d61721a621ef28d2f43fb5008afd38376be552b Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Aug 3 13:15:55 2015 +0100 rtl8139: remove duplicate net/eth.h definitions The transmit offload features inspect Ethernet, IP, TCP, and UDP headers. Avoid redefining these net/eth.h structs. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1438604157-29664-2-git-send-email-stefanha@xxxxxxxxxx commit f8b8091d2779d956011a3fb83ff60dbf7465c71d Merge: 090d0bf 15b19ed Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Sep 1 19:42:43 2015 +0100 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-09-01-v2-tag' into staging qemu-ga patch queue * add config file dump/load support for qemu-ga * various w32 build fixes, particularly WRT to msi package creation * fixes for msi installer * w32 support for guest-set-user-password v2: * replaced g_list_free_full with g_list_foreach to maintain glib 2.22 compatibility # gpg: Signature made Tue 01 Sep 2015 19:34:15 BST using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" * remotes/mdroth/tags/qga-pull-2015-09-01-v2-tag: (26 commits) Makefile: qemu-ga: fix msi target error message build: qemu-ga: fix VSS dependencies configure: qemu-ga: explicitly enable qemu-ga MSI support when probed configure: qemu-ga: move MSI installer probe after qga probe qemu-ga: implement win32 guest-set-user-password qga: start a man page qga: add --dump-conf option qga: add an optional qemu-ga.conf system configuration qga: free a bit more qga: move agent run in a separate function qga: fill default options in main() qga: move option parsing to separate function qga: copy argument strings qga: rename 'path' to 'channel_path' qga: make split_list() return allocated strings qga: move string split in separate function qga: use exit() when parsing options qga: misc spelling configure: qemu-ga: report MSI install support in summary qemu-ga: Fixed paths issue with MSI build ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 15b19ed85fb5464b736ef0ece1edce194de2194a Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Wed Aug 26 17:05:01 2015 -0500 Makefile: qemu-ga: fix msi target error message 'msi' target reports error if we attempt to use it when QEMU hasn't been ./configure'd to enable it. The parenthesis cause an interpreter error if we don't enclose the error in quotes. Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit f33ca81f134a4f528117aafe11bfbd09f8c7fcfc Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Wed Aug 26 16:19:41 2015 -0500 build: qemu-ga: fix VSS dependencies Currently VSS dll/tlb files for use in w32 builds are only built as a result of having been added to the general 'tools' target alongside qemu-ga. This is fine for default make target, but if we build qemu-ga directly via `make qemu-ga.exe`, the VSS files are not created. Fix this by moving the VSS dependencies to qemu-ga.exe directly. With this move we can move the VSS files back out of 'tools', and drop the extra handling from MSI target in Makefile. Now we can build qemu-ga MSI package with: ./configure ... make qemu-ga.exe make msi or simply: ./configure ... make msi and no longer need to do a full build beforehand. Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 1a34904e5b59fd42f238dc50992af1c3a11a458b Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Wed Aug 26 11:14:31 2015 -0500 configure: qemu-ga: explicitly enable qemu-ga MSI support when probed Currently, if we don't explicitly disable support for MSI installer via --disable-guest-agent-msi, the configure variable that tracks the flag, 'guest_agent_msi', never gets set unless one of the probes fails. Subsequent code then treats this unset value the same as if it were a "yes" value (via != "no" style checks). Instead, set the default "yes" value explicitly after the probes, then make subsequent code expect the values to be set. This makes it easier to report on whether or not MSI support was enabled via probe by looking at the ./configure summary. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 9d6bc27b7e0e8520f1f91721d9c738e027eeb6c4 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Wed Aug 26 10:49:13 2015 -0500 configure: qemu-ga: move MSI installer probe after qga probe MSI probe assumes that qemu-ga support has been probed already, but in cases where --enable-guest-agent/--disable-guest-agent have not been passed to configure, qemu-ga support may end up getting enabled later, as is the case with w32 builds. This leads to MSI probe prematurely reporting error due to lack of qemu-ga support. Fix this by moving MSI installer probe after the final qga probes. Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 259434b8067e1c61017e9a5b8667b6526b474ff2 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Date: Tue Jun 30 16:37:13 2015 +0200 qemu-ga: implement win32 guest-set-user-password Use NetUserSetInfo() to set the user password. This function is notoriously known to be problematic for users with EFS encrypted files. But the alternative, NetUserChangePassword() requires the old password. Nevertheless, The EFS file should be recovered by changing back to the old password. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 665b5d0dff3b1cc9e9dd6ca84e8fa4070e46ee9f Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:59 2015 +0200 qga: start a man page Add a simple man page for the qemu agent. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> *squashed in review comments from Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit aeadcbb6338ddd8aedbc1473ba7e254623951248 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:58 2015 +0200 qga: add --dump-conf option This new option allows to review the agent configuration, and ease the task of writing a configuration file. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> * removed unecessary keyfile != NULL prior to free * documented --dump-conf is qemu-ga --help output Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit e236d060cba8d2d6d26a7e076c895d2a6812dafb Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:57 2015 +0200 qga: add an optional qemu-ga.conf system configuration Learn to configure the agent with a system configuration. This may simplify command-line handling, especially when the blacklist is long. Among the other benefits, this may standardize the configuration of an init service (instead of distro-specific init keys/files) Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> * removed unecessary keyfile != NULL prior to free Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit d4c8a5d49e514bfeac2040ee5371b4e6a7d8d561 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:56 2015 +0200 qga: free a bit more Now that main() has a single exit point, we can free a few more allocations. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit e3d3103975112a1ab8a0129a4be1cfe3314bce8b Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:55 2015 +0200 qga: move agent run in a separate function Once the options are populated, move the running state to a run_agent() function. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> * fixed up an s/ga_state/s/ artifact causing segfault * replaced g_list_free_full with g_list_foreach to maintain glib 2.22 compatibility Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit ef8be55429b9a6718c7e07ede20391c09be65974 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:54 2015 +0200 qga: fill default options in main() Fill all default options during main(). This is a preparation patch to allow to dump the configuration. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 7a40669491b344a4fe66a0957fe47d594b808f08 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:53 2015 +0200 qga: move option parsing to separate function Move option parsing out of giant main(). Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 2e38d9903be28493ccd6de4a55e5226e9f07dea9 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:52 2015 +0200 qga: copy argument strings Following patch will return allocated strings, so we must correctly initialize alloc & free them. The nice side effect is that we no longer have to check for "fixed_state_dir" to call ga_install_service() with a NULL state dir. The default values are set after parsing the command line options. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 44de156ca7bfaf899745291a0d603d4f7550f5ea Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:51 2015 +0200 qga: rename 'path' to 'channel_path' 'path' is already a global function, rename the variable since it's going to be in global scope in a later patch. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 4bca81ceedb59397f6082777f6ed4b39d456be85 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:50 2015 +0200 qga: make split_list() return allocated strings In order to avoid any confusion, let's allocate new strings when splitting. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 23b42894b389eccb45ab66da3a3e77d3a8cfc2b6 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:49 2015 +0200 qga: move string split in separate function The function is going to be reused in a later patch. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit c6c84523cd890e95b946c6a8f264ff54a7d5b930 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:48 2015 +0200 qga: use exit() when parsing options The option parsing is going to be moved to a separate function, use exit() consistently. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 2e2a58e0e49ddb3561b541dc01c3206543b3a1a3 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Thu Aug 27 01:34:47 2015 +0200 qga: misc spelling Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 4c875d89cb11f4033012eebd63963ab725f8108e Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Tue Aug 25 15:46:18 2015 -0500 configure: qemu-ga: report MSI install support in summary Currently we need to examine config-host.mak to determine whether options/probes for MSI package generation had desired result. Report this more prominently in ./configure summary as we do with other guest agent configure options. Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit decdfbd28d754f6ff596c0201ab55e9ff4df5b4e Author: Leonid Bloch <leonid@xxxxxxxxxx> Date: Wed Aug 26 15:07:16 2015 +0300 qemu-ga: Fixed paths issue with MSI build Previously, if building out-of-tree, the MSI build would fail since it wasn't able to find the needed files. Signed-off-by: Leonid Bloch <leonid@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> * fixed up commit msg formating Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 848849dddf68630021351f5068de12f5c54ae2f8 Author: Leonid Bloch <leonid@xxxxxxxxxx> Date: Mon Aug 3 20:54:24 2015 +0300 qemu-ga: Prevent QEMU-GA VSS provider from being unregistered on MSI reinstall Previously, running the .msi would unregister the QEMU GA VSS service if QEMU GA was already installed on the machine, and then register it only if QEMU GA was NOT previously installed. This behavior caused the service to be registered only after the INITIAL installation, and any subsequent run of the .msi (to redo, repair, or upgrade the installation) ended in the service being unregistered. Now, the VSS service is still unregistered if QEMU GA is already installed (so that a fix or an update could be performed) but then it is registered again (if the GA is not being uninstalled) thus finishing the repair/upgrade correctly. Additionally, downgrading is now prevented. If a user would like to downgrade a version, he/she must uninstall the newer version first. Signed-off-by: Leonid Bloch <leonid@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 5e994f94121cdb9c48939cb489e2da646c229a48 Author: Leonid Bloch <leonid@xxxxxxxxxx> Date: Mon Aug 3 20:54:23 2015 +0300 qemu-ga: Created a separate component for each installed file in the MSI This is done to follow the recommendations given here: https://msdn.microsoft.com/en-us/library/aa368269%28VS.85%29.aspx Signed-off-by: Leonid Bloch <leonid@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 8b17ccccb23bcd7554d327f46bf4e07ae6da60c0 Author: Leonid Bloch <leonid@xxxxxxxxxx> Date: Mon Aug 3 20:54:22 2015 +0300 qemu-ga: Minor cosmetic changes to the WXS file Signed-off-by: Leonid Bloch <leonid@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 1d394fb78771f4ca307c6020ff3b041905350f70 Author: Leonid Bloch <leonid@xxxxxxxxxx> Date: Mon Aug 3 20:54:21 2015 +0300 qemu-ga: Fixed GUID capitalization For compatibility, all the letters in GUID should be capital. Signed-off-by: Leonid Bloch <leonid@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 0a18750f296c85a5a446dc04e1c49cd35ad9e7d5 Author: Leonid Bloch <leonid@xxxxxxxxxx> Date: Wed Jul 29 20:10:51 2015 +0300 qemu-ga: Two MSI related cosmetic changes Signed-off-by: Leonid Bloch <leonid@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 9f3917804dfda737650a22c745469809725b3c6e Author: Leonid Bloch <leonid@xxxxxxxxxx> Date: Wed Jul 29 20:10:50 2015 +0300 qemu-ga: Add .msi files to .gitignore Signed-off-by: Leonid Bloch <leonid@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 090d0bfd948343d522cd20bc634105b5cfe2483b Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Fri Aug 28 12:23:41 2015 +0200 s390: fix softmmu compilation guest_base must be used only in linux-user mode. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Message-id: 1440757421-9674-1-git-send-email-laurent@xxxxxxxxx Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6c76ec68f68494d4a31b5d82073ed4d2798b8e13 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 28 11:42:53 2015 +0100 qemu-doc.texi: Fix capitalization error in OS X build instructions Fix a capitalization error in the OS X build instructions; this was picked up in review of commit b352153f5f and intended to be corrected before I applied it, but I accidentally didn't include it. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b352153f5f7eb12b56602fc03ae4361e01201f90 Author: G 3 <programmingkidx@xxxxxxxxx> Date: Fri Aug 14 13:54:25 2015 -0400 From: John Arbuckle <programmingkidx@xxxxxxxxx> qemu-doc.texi: Add information on compiling source code on Mac OS X Add information to the documentation on how to build QEMU on Mac OS X. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> [PMM: fixed a minor capitalization error] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 351053e76d21d0eaa2e0f27c9b69c8ebf65f3650 Merge: 47c9dfe a17d448 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 27 13:31:55 2015 +0100 Merge remote-tracking branch 'remotes/weil/tags/pull-tci-20150826' into staging tci patch queue # gpg: Signature made Wed 26 Aug 2015 19:51:07 BST using RSA key ID 677450AD # gpg: Good signature from "Stefan Weil <sw@xxxxxxxxxxx>" # gpg: aka "Stefan Weil <stefan.weil@xxxxxxxxxxx>" # gpg: aka "Stefan Weil <stefan.weil@xxxxxxxxxxxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 4923 6FEA 75C9 5D69 8EC2 B78A E08C 21D5 6774 50AD * remotes/weil/tags/pull-tci-20150826: exec-all: Translate TCI return addresses backwards too Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a17d448274575efbfcc1c04ec2641a0afeb74e17 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Mon Aug 17 20:28:18 2015 -0700 exec-all: Translate TCI return addresses backwards too This subtraction of return addresses applies directly to TCI as well as host-TCG. This fixes Linux boots for at least Microblaze, CRIS, ARM and SH4 when using TCI. [sw: Removed indentation for preprocessor statement] [sw: The patch also fixes Linux boot for x86_64] Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> commit 47c9dfee808f9455d732aea7c4390ad0972bbd84 Merge: 7df9671 eb8934b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 26 17:45:09 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-cve-2015-5225-20150826-1' into staging vnc: fix memory corruption (CVE-2015-5225) # gpg: Signature made Wed 26 Aug 2015 17:37:21 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-cve-2015-5225-20150826-1: vnc: fix memory corruption (CVE-2015-5225) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit eb8934b0418b3b1d125edddc4fc334a54334a49b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Mon Aug 17 19:56:53 2015 +0200 vnc: fix memory corruption (CVE-2015-5225) The _cmp_bytes variable added by commit "bea60dd ui/vnc: fix potential memory corruption issues" can become negative. Result is (possibly exploitable) memory corruption. Reason for that is it uses the stride instead of bytes per scanline to apply limits. For the server surface is is actually fine. vnc creates that itself, there is never any padding and thus scanline length always equals stride. For the guest surface scanline length and stride are typically identical too, but it doesn't has to be that way. So add and use a new variable (guest_ll) for the guest scanline length. Also rename min_stride to line_bytes to make more clear what it actually is. Finally sprinkle in an assert() to make sure we never use a negative _cmp_bytes again. Reported-by: è??ç¥?è?³(åº?ç?¹) <zuozhi.fzz@xxxxxxxxxxxxxxx> Reviewed-by: P J P <ppandit@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 7df9671989c1cfa693764f9ae6349324b2ada02a Merge: 34a4450 cea66e9 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 16:24:06 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150825-1' into staging target-arm queue: * add missing EL2/EL3 TLBI operations * add missing EL2/EL3 ATS operations * add missing EL2/EL3 registers * update Xilinx MAINTAINERS info * Xilinx: connect the four OCM banks # gpg: Signature made Tue 25 Aug 2015 16:22:43 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxx>" # gpg: aka "Peter Maydell <pmaydell@xxxxxxxxxxxxxxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150825-1: target-arm: Implement AArch64 TLBI operations on IPAs target-arm: Implement missing EL3 TLB invalidate operations target-arm: Implement missing EL2 TLBI operations target-arm: Restrict AArch64 TLB flushes to the MMU indexes they must touch target-arm: Move TLBI ALLE1/ALLE1IS definitions into numeric order cputlb: Add functions for flushing TLB for a single MMU index target-arm: Implement AArch32 ATS1H* operations target-arm: Enable the AArch32 ATS12NSO ops target-arm: Add CP_ACCESS_TRAP_UNCATEGORIZED_EL2, 3 target-arm: Wire up AArch64 EL2 and EL3 address translation ops target-arm: there is no TTBR1 for 32-bit EL2 stage 1 translations target-arm: Implement missing ACTLR registers target-arm: Implement missing AFSR registers target-arm: Implement missing AMAIR registers target-arm: Add missing MAIR_EL3 and TPIDR_EL3 registers MAINTAINERS: Add ZynqMP to MAINTAINERS file MAINTAINERS: Update Xilinx Maintainership xlnx-zynqmp: Connect the four OCM banks Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cea66e91212164e02ad1d245c2371f7e8eb59e7f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:10 2015 +0100 target-arm: Implement AArch64 TLBI operations on IPAs Implement the AArch64 TLBI operations which take an intermediate physical address and invalidate stage 2 translations. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1439548879-1972-7-git-send-email-peter.maydell@xxxxxxxxxx commit 43efaa33faa2bdaed789b9ddaa76b30880e57554 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:10 2015 +0100 target-arm: Implement missing EL3 TLB invalidate operations Implement the remaining stage 1 TLB invalidate operations visible from EL3. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1439548879-1972-6-git-send-email-peter.maydell@xxxxxxxxxx commit 2bfb9d75d37ceab6ef1674f54fca06c74f6978e7 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:09 2015 +0100 target-arm: Implement missing EL2 TLBI operations Implement the missing TLBI operations that exist only if EL2 is implemented. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1439548879-1972-5-git-send-email-peter.maydell@xxxxxxxxxx commit fd3ed969227f54f08f87d9eb6de2d4e48e99279b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:09 2015 +0100 target-arm: Restrict AArch64 TLB flushes to the MMU indexes they must touch Now we have the ability to flush the TLB only for specific MMU indexes, update the AArch64 TLB maintenance instruction implementations to only flush the parts of the TLB they need to, rather than doing full flushes. We take the opportunity to remove some duplicate functions (the per-asid tlb ops work like the non-per-asid ones because we don't support flushing a TLB only by ASID) and to bring the function names in line with the architectural TLBI operation names. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1439548879-1972-4-git-send-email-peter.maydell@xxxxxxxxxx commit 83ddf975777cc23337b7ef92e83b1b9c949396f3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:09 2015 +0100 target-arm: Move TLBI ALLE1/ALLE1IS definitions into numeric order Move the two regdefs for TLBI ALLE1 and TLBI ALLE1IS down so that the whole set of AArch64 TLBI regdefs is arranged in numeric order. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1439548879-1972-3-git-send-email-peter.maydell@xxxxxxxxxx commit d7a74a9d4a68e27b3a8ceda17bb95cb0a23d8e4d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:09 2015 +0100 cputlb: Add functions for flushing TLB for a single MMU index Guest CPU TLB maintenance operations may be sufficiently specialized to only need to flush TLB entries corresponding to a particular MMU index. Implement cputlb functions for this, to avoid the inefficiency of flushing TLB entries which we don't need to. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1439548879-1972-2-git-send-email-peter.maydell@xxxxxxxxxx commit 14db7fe09a2c8d561ff37f98b328409906a560d7 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:08 2015 +0100 target-arm: Implement AArch32 ATS1H* operations Implement the AArch32 ATS1H* operations which perform Hyp mode stage 1 translations. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1437751263-21913-6-git-send-email-peter.maydell@xxxxxxxxxx commit 87562e4f4a2bdd028eef3549ce9cb4e7c83cb0bf Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:08 2015 +0100 target-arm: Enable the AArch32 ATS12NSO ops Apply the correct conditions in the ats_access() function for the ATS12NSO* address translation operations: * succeed at EL2 or EL3 * normal UNDEF trap from NS EL1 * trap to EL3 from S EL1 (only possible if EL3 is AArch64) (This change means they're now available in our EL3-supporting CPUs when they would previously always UNDEF.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1437751263-21913-5-git-send-email-peter.maydell@xxxxxxxxxx commit e76157264da20b85698b09fa5eb8e02e515e232c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:08 2015 +0100 target-arm: Add CP_ACCESS_TRAP_UNCATEGORIZED_EL2, 3 Some coprocessor register access functions need to be able to report "trap to EL3 with an 'uncategorized' syndrome"; add the necessary CPAccessResult enum and handling for it. I don't currently know of any registers that need to trap to EL2 with the 'uncategorized' syndrome, but adding the _EL2 enum as well is trivial and fills in what would otherwise be an odd gap in the handling. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1437751263-21913-4-git-send-email-peter.maydell@xxxxxxxxxx commit 2a47df953202e1f226aa045ea974427c4540a167 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:08 2015 +0100 target-arm: Wire up AArch64 EL2 and EL3 address translation ops Wire up the AArch64 EL2 and EL3 address translation operations (AT S12E1*, AT S12E0*, AT S1E2*, AT S1E3*), and correct some errors in the ats_write64() function in previously unused code that would have done the wrong kind of lookup for accesses from EL3 when SCR.NS==0. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1437751263-21913-3-git-send-email-peter.maydell@xxxxxxxxxx commit d0a2cbceb2aa20d64d53e1c20c7d26a78ade8382 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:08 2015 +0100 target-arm: there is no TTBR1 for 32-bit EL2 stage 1 translations For EL2 stage 1 translations, there is no TTBR1. We were already handling this for 64-bit EL2; add the code to take the 'no TTBR1' code path for 64-bit EL2 as well. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1437751263-21913-2-git-send-email-peter.maydell@xxxxxxxxxx commit 834a6c6920316d39aaf0e68ac936c0a3ad164815 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:07 2015 +0100 target-arm: Implement missing ACTLR registers We already implemented ACTLR_EL1; add the missing ACTLR_EL2 and ACTLR_EL3, for consistency. Since we don't currently have any CPUs that need the EL2/EL3 versions to reset to non-zero values, implement as RAZ/WI. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1438281398-18746-5-git-send-email-peter.maydell@xxxxxxxxxx commit 37cd6c2478196623ca28526627ca8c69afe0d654 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:07 2015 +0100 target-arm: Implement missing AFSR registers The AFSR registers are implementation dependent auxiliary fault status registers. We already implemented a RAZ/WI AFSR0_EL1 and AFSR_EL1; add the missing AFSR{0,1}_EL{2,3} for consistency. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1438281398-18746-4-git-send-email-peter.maydell@xxxxxxxxxx commit 2179ef958c81480b841ffa0aab5e265688ffd2b0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:07 2015 +0100 target-arm: Implement missing AMAIR registers The AMAIR registers are for providing auxiliary implementation defined memory attributes. We already implemented a RAZ/WI AMAIR_EL1; add the EL2 and EL3 versions for consistency. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1438281398-18746-3-git-send-email-peter.maydell@xxxxxxxxxx commit 4cfb8ad896a6f85953038bd913ce3d82d347013d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 15:45:07 2015 +0100 target-arm: Add missing MAIR_EL3 and TPIDR_EL3 registers Add the AArch64 registers MAIR_EL3 and TPIDR_EL3, which are the only two which we had implemented the 32-bit Secure equivalents of but not the 64-bit Secure versions. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1438281398-18746-2-git-send-email-peter.maydell@xxxxxxxxxx commit 137805f5d8504933faa4fe129cdab88f2695a8c2 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Aug 25 15:45:07 2015 +0100 MAINTAINERS: Add ZynqMP to MAINTAINERS file Add the Xilinx ZynqMP SoC and EP108 machine to the maintainers file. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: fed078103a0b02cfb3adadbe8e80e4420d554505.1436486024.git.alistair.francis@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4b46ba6145c4c9b79641efdcc9f1aa92fdbf779c Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Aug 25 15:45:06 2015 +0100 MAINTAINERS: Update Xilinx Maintainership Peter C is leaving Xilinx, so update the maintainer list to point to Alistair and Edgar from Xilinx and Peter's personal email address. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 54b4c070452bac05aa3a9c1d75899bc097fef831.1436486024.git.alistair.francis@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6675d719154969456e841a7e1729c0dc14113a44 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Tue Aug 25 15:45:06 2015 +0100 xlnx-zynqmp: Connect the four OCM banks The Xilinx EP108 has four separate OCM banks which are located adjacent to each other. This patch adds the four banks to the ZynqMP SoC. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: afa6ba31163a5d541a0bef4b0dc11f2597e0c495.1436813543.git.alistair.francis@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 34a4450434f1a5daee06fca223afcbb9c8f1ee24 Merge: a30878e b76f21a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 25 13:34:57 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150824' into staging queued tcg patches # gpg: Signature made Mon 24 Aug 2015 19:37:15 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20150824: linux-user: remove useless macros GUEST_BASE and RESERVED_VA linux-user: remove --enable-guest-base/--disable-guest-base tcg/aarch64: Use softmmu fast path for unaligned accesses tcg/s390: Use softmmu fast path for unaligned accesses tcg/ppc: Improve unaligned load/store handling on 64-bit backend tcg/i386: use softmmu fast path for unaligned accesses tcg: Remove tcg_gen_trunc_i64_i32 tcg: Split trunc_shr_i32 opcode into extr[lh]_i64_i32 tcg: update README about size changing ops tcg/optimize: add optimizations for ext_i32_i64 and extu_i32_i64 ops tcg: implement real ext_i32_i64 and extu_i32_i64 ops tcg: don't abuse TCG type in tcg_gen_trunc_shr_i64_i32 tcg: rename trunc_shr_i32 into trunc_shr_i64_i32 tcg/optimize: allow constant to have copies tcg/optimize: track const/copy status separately tcg/optimize: add temp_is_const and temp_is_copy functions tcg/optimize: optimize temps tracking tcg/optimize: fix constant signedness Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b76f21a70748b735d6ac84fec4bb9bdaafa339b1 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Mon Aug 24 14:53:54 2015 +0200 linux-user: remove useless macros GUEST_BASE and RESERVED_VA As we have removed CONFIG_USE_GUEST_BASE, we always use a guest base and the macros GUEST_BASE and RESERVED_VA become useless: replace them by their values. Reviewed-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Message-Id: <1440420834-8388-1-git-send-email-laurent@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 4cbea5986981998cda07b13794c7e3ff7bc42e80 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Mon Aug 24 01:42:07 2015 +0200 linux-user: remove --enable-guest-base/--disable-guest-base All tcg host architectures now support the guest base and as there is no real performance lost, it can be always enabled. Anyway, guest base use can be disabled lively by setting guest base to 0. CONFIG_USE_GUEST_BASE is defined as (USE_GUEST_BASE && USER_ONLY), it should have to be replaced by CONFIG_USER_ONLY in non CONFIG_USER_ONLY parts, but as some other parts are using !CONFIG_SOFTMMU I have chosen to use !CONFIG_SOFTMMU instead. Reviewed-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Message-Id: <1440373328-9788-2-git-send-email-laurent@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9ee14902bf107e37fb2c8119fa7bca424396237c Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 17 12:18:05 2015 -0700 tcg/aarch64: Use softmmu fast path for unaligned accesses Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit a5e39810b9088b5d20fac8e0293f281e1c8b608f Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Jul 23 13:32:35 2015 -0700 tcg/s390: Use softmmu fast path for unaligned accesses Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 68d45bb61c5bbfb3999486f78cf026c1e79eb301 Author: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Date: Tue Jul 21 15:19:38 2015 +1000 tcg/ppc: Improve unaligned load/store handling on 64-bit backend Currently, we get to the slow path for any unaligned access in the backend, because we effectively preserve the bottom address bits below the alignment requirement when comparing with the TLB entry, so any non-0 bit there will cause the compare to fail. For the same number of instructions, we can instead add the access size - 1 to the address and stick to clearing all the bottom bits. That means that normal unaligned accesses will not fallback (the HW will handle them fine). Only when crossing a page boundary well we end up having a mismatch because we'll end up pointing to the next page which cannot possibly be in that same TLB entry. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Message-Id: <1437455978.5809.2.camel@xxxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 8cc580f6a0d8c0e2f590c1472cf5cd8e51761760 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jul 9 20:39:57 2015 +0200 tcg/i386: use softmmu fast path for unaligned accesses Softmmu unaligned load/stores currently goes through through the slow path for two reasons: - to support unaligned access on host with strict alignement - to correctly handle accesses crossing pages x86 is only concerned by the second reason. Unaligned accesses are avoided by compilers, but are not uncommon. We therefore would like to see them going through the fast path, if they don't cross pages. For that we can use the fact that two adjacent TLB entries can't contain the same page. Therefore accessing the TLB entry corresponding to the first byte, but comparing its content to page address of the last byte ensures that we don't cross pages. We can do this check without adding more instructions in the TLB code (but increasing its length by one byte) by using the LEA instruction to combine the existing move with the size addition. On an x86-64 host, this gives a 3% boot time improvement for a powerpc guest and 4% for an x86-64 guest. [rth: Tidied calculation of the offset mask] Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1436467197-2183-1-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit ecc7b3aa71f5fdcf9ee87e74ca811d988282641d Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Jul 24 11:49:53 2015 -0700 tcg: Remove tcg_gen_trunc_i64_i32 Replacing it with tcg_gen_extrl_i64_i32. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 609ad70562793937257c89d07bf7c1370b9fc9aa Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Jul 24 07:16:00 2015 -0700 tcg: Split trunc_shr_i32 opcode into extr[lh]_i64_i32 Rather than allow arbitrary shift+trunc, only concern ourselves with low and high parts. This is all that was being used anyway. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 870ad1547ac53bc79c21d86cf453b3b20cc660a2 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:45 2015 +0200 tcg: update README about size changing ops Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 8bcb5c8f34f9215d4f88f388c7ff14c9bd5cecd3 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:45 2015 +0200 tcg/optimize: add optimizations for ext_i32_i64 and extu_i32_i64 ops They behave the same as ext32s_i64 and ext32u_i64 from the constant folding and zero propagation point of view, except that they can't be replaced by a mov, so we don't compute the affected value. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 4f2331e5b67af8172419eb1c8db510b497b30a7b Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:45 2015 +0200 tcg: implement real ext_i32_i64 and extu_i32_i64 ops Implement real ext_i32_i64 and extu_i32_i64 ops. They ensure that a 32-bit value is always converted to a 64-bit value and not propagated through the register allocator or the optimizer. Cc: Andrzej Zaborowski <balrogg@xxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Cc: Blue Swirl <blauwirbel@xxxxxxxxx> Cc: Stefan Weil <sw@xxxxxxxxxxx> Acked-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 6acd2558fdb7dd9de6b10697914bdc1d75d624e5 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:45 2015 +0200 tcg: don't abuse TCG type in tcg_gen_trunc_shr_i64_i32 The tcg_gen_trunc_shr_i64_i32 function takes a 64-bit argument and returns a 32-bit value. Directly call tcg_gen_op3 with the correct types instead of calling tcg_gen_op3i_i32 and abusing the TCG types. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 0632e555fc4d281d69cb08d98d500d96185b041f Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:45 2015 +0200 tcg: rename trunc_shr_i32 into trunc_shr_i64_i32 The op is sometimes named trunc_shr_i32 and sometimes trunc_shr_i64_i32, and the name in the README doesn't match the name offered to the frontends. Always use the long name to make it clear it is a size changing op. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 299f80130401153af1a6ddb3cc011781bcd47600 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:44 2015 +0200 tcg/optimize: allow constant to have copies Now that copies and constants are tracked separately, we can allow constant to have copies, deferring the choice to use a register or a constant to the register allocation pass. This prevent this kind of regular constant reloading: -OUT: [size=338] +OUT: [size=298] mov -0x4(%r14),%ebp test %ebp,%ebp jne 0x7ffbe9cb0ed6 mov $0x40002219f8,%rbp mov %rbp,(%r14) - mov $0x40002219f8,%rbp mov $0x4000221a20,%rbx mov %rbp,(%rbx) mov $0x4000000000,%rbp mov %rbp,(%r14) - mov $0x4000000000,%rbp mov $0x4000221d38,%rbx mov %rbp,(%rbx) mov $0x40002221a8,%rbp mov %rbp,(%r14) - mov $0x40002221a8,%rbp mov $0x4000221d40,%rbx mov %rbp,(%rbx) mov $0x4000019170,%rbp mov %rbp,(%r14) - mov $0x4000019170,%rbp mov $0x4000221d48,%rbx mov %rbp,(%rbx) mov $0x40000049ee,%rbp mov %rbp,0x80(%r14) mov %r14,%rdi callq 0x7ffbe99924d0 mov $0x4000001680,%rbp mov %rbp,0x30(%r14) mov 0x10(%r14),%rbp mov $0x4000001680,%rbp mov %rbp,0x30(%r14) mov 0x10(%r14),%rbp shl $0x20,%rbp mov (%r14),%rbx mov %ebx,%ebx mov %rbx,(%r14) or %rbx,%rbp mov %rbp,0x10(%r14) mov %rbp,0x90(%r14) mov 0x60(%r14),%rbx mov %rbx,0x38(%r14) mov 0x28(%r14),%rbx mov $0x4000220e60,%r12 mov %rbx,(%r12) mov $0x40002219c8,%rbx mov %rbp,(%rbx) mov 0x20(%r14),%rbp sub $0x8,%rbp mov $0x4000004a16,%rbx mov %rbx,0x0(%rbp) mov %rbp,0x20(%r14) mov $0x19,%ebp mov %ebp,0xa8(%r14) mov $0x4000015110,%rbp mov %rbp,0x80(%r14) xor %eax,%eax jmpq 0x7ffbebcae426 lea -0x5f6d72a(%rip),%rax # 0x7ffbe3d437b3 jmpq 0x7ffbebcae426 Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit b41059dd9deec367a4ccd296659f0bc5de2dc705 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:44 2015 +0200 tcg/optimize: track const/copy status separately Instead of using an enum which could be either a copy or a const, track them separately. This will be used in the next patch. Constants are tracked through a bool. Copies are tracked by initializing temp's next_copy and prev_copy to itself, allowing to simplify the code a bit. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit d9c769c60948815ee03b2684b1c1c68ee4375149 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:44 2015 +0200 tcg/optimize: add temp_is_const and temp_is_copy functions Add two accessor functions temp_is_const and temp_is_copy, to make the code more readable and make code change easier. Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 1208d7dd5fddc1fbd98de800d17429b4e5578848 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:41:44 2015 +0200 tcg/optimize: optimize temps tracking The tcg_temp_info structure uses 24 bytes per temp. Now that we emulate vector registers on most guests, it's not uncommon to have more than 100 used temps. This means we have initialize more than 2kB at least twice per TB, often more when there is a few goto_tb. Instead used a TCGTempSet bit array to track which temps are in used in the current basic block. This means there are only around 16 bytes to initialize. This improves the boot time of a MIPS guest on an x86-64 host by around 7% and moves out tcg_optimize from the the top of the profiler list. [rth: Handle TCG_CALL_DUMMY_ARG] Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 29f3ff8d6cbc28f79933aeaa25805408d0984a8f Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Fri Jul 10 18:03:31 2015 +0200 tcg/optimize: fix constant signedness By convention, on a 64-bit host TCG internally stores 32-bit constants as sign-extended. This is not the case in the optimizer when a 32-bit constant is folded. This doesn't seem to have more consequences than suboptimal code generation. For instance the x86 backend assumes sign-extended constants, and in some rare cases uses a 32-bit unsigned immediate 0xffffffff instead of a 8-bit signed immediate 0xff for the constant -1. This is with a ppc guest: before ------ ---- 0x9f29cc movi_i32 tmp1,$0xffffffff movi_i32 tmp2,$0x0 add2_i32 tmp0,CA,CA,tmp2,r6,tmp2 add2_i32 tmp0,CA,tmp0,CA,tmp1,tmp2 mov_i32 r10,tmp0 0x7fd8c7dfe90c: xor %ebp,%ebp 0x7fd8c7dfe90e: mov %ebp,%r11d 0x7fd8c7dfe911: mov 0x18(%r14),%r9d 0x7fd8c7dfe915: add %r9d,%r10d 0x7fd8c7dfe918: adc %ebp,%r11d 0x7fd8c7dfe91b: add $0xffffffff,%r10d 0x7fd8c7dfe922: adc %ebp,%r11d 0x7fd8c7dfe925: mov %r11d,0x134(%r14) 0x7fd8c7dfe92c: mov %r10d,0x28(%r14) after ----- ---- 0x9f29cc movi_i32 tmp1,$0xffffffffffffffff movi_i32 tmp2,$0x0 add2_i32 tmp0,CA,CA,tmp2,r6,tmp2 add2_i32 tmp0,CA,tmp0,CA,tmp1,tmp2 mov_i32 r10,tmp0 0x7f37010d490c: xor %ebp,%ebp 0x7f37010d490e: mov %ebp,%r11d 0x7f37010d4911: mov 0x18(%r14),%r9d 0x7f37010d4915: add %r9d,%r10d 0x7f37010d4918: adc %ebp,%r11d 0x7f37010d491b: add $0xffffffffffffffff,%r10d 0x7f37010d491f: adc %ebp,%r11d 0x7f37010d4922: mov %r11d,0x134(%r14) 0x7f37010d4929: mov %r10d,0x28(%r14) Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1436544211-2769-2-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit a30878e708c2149ce07d709a8b62edd944628449 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 14 16:10:52 2015 +0100 configure: Don't permit SDL or GTK on OSX The cocoa GUI frontend assumes it is the only GUI (it redefines main() so it always gets control before the rest of QEMU), so it does not play well with other UIs like SDL or GTK. (Mostly people building QEMU on OSX don't have the necessary dependencies available for configure to build those other front ends, so mostly this problem goes unnoticed.) Make configure automatically disable the SDL and GTK front ends if the cocoa front end is enabled. (We were sort of attempting to do this for SDL before, but not in a way that worked very well.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: John Arbuckle <programmingkidx@xxxxxxxxx> Message-id: 1439565052-3457-1-git-send-email-peter.maydell@xxxxxxxxxx commit 20fbcfdd58ea47607a5755979d43f8c48ac93f08 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:20 2015 +0100 apic_internal.h: Include cpu.h directly apic_internal.h relies on cpu.h having been included (for the X86CPU type); include it directly rather than relying on it being pulled in via one of the other includes like timer.h. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 49caffe0cc95a9d0dc344e3328be8197f3536cf8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:20 2015 +0100 qemu-common.h: Move muldiv64() to host-utils.h Move the muldiv64() function from qemu-common.h to host-utils.h. This puts it together with all the other arithmetic functions where we provide a version with __int128_t and a fallback without, and allows headers which need muldiv64() to avoid including qemu-common.h. We don't include host-utils from qemu-common.h, to avoid dragging more things into qemu-common.h than it already has; in practice everywhere that needs muldiv64() can get it via qemu/timer.h. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 03557b9abaee78e9d1ef5cd236d32a7b3e75e6f8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:20 2015 +0100 osdep.h: Add header comment Add a header comment to osdep.h, explaining what the header is for and some rules to avoid circular-include difficulties. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit bfe7e449f14313f646da621288ca2fd12223414f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:19 2015 +0100 osdep.h: Move some OS header includes and fixups from qemu-common.h qemu-common.h has some system header includes and fixups for things that might be missing. This is really an OS dependency and belongs in osdep.h, so move it across. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 1aad8104f3b69206da1f868639e1f69c26f6d482 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:19 2015 +0100 qemu-common.h: Move Win32 fixups into os-win32.h qemu-common.h includes some fixups for things the Win32 headers don't define or define weirdly. These really belong in os-win32.h, so move them there. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 24134c4e9126bf505b612e901c63a102fc471083 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:19 2015 +0100 compiler.h: Use glue() in QEMU_BUILD_BUG_ON define Rather than rolling custom concatenate-strings macros for the QEMU_BUILD_BUG_ON macro to use, use the glue() macro we already have (since it's now available to us in this header). Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 4912086865083a008f4fb73173fd0ddf2206c4d9 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:19 2015 +0100 osdep.h: Move some compiler-specific things to compiler.h osdep.h has a few things which are really compiler specific; move them to compiler.h, and include compiler.h from osdep.h. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 71baf787d8fa2a5d186f22d8154069fd212be37f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:19 2015 +0100 osdep.h: Remove qemu_printf qemu_printf is an ancient remnant which has been a simple #define to printf for over a decade, and is used in only a few places. Expand it out in those places and remove the #define. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 38e20cac669083e2e10a2a9a9602cb99ec19299e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 16:20:19 2015 +0100 qapi/qmp-event.c: Don't manually include os-win32.h/os-posix.h qmp-event.c already includes qemu-common.h, so manually including os-win32.h/os-posix.h is unnecessary (and potentially fragile, since it's duplicating the #ifdef logic that chooses which of the two we need). Remove the unnecessary include logic. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit 4c4a29cb681ec0374616e07c69714b909641e929 Merge: 5452b6f 6c05d3d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 19 00:25:52 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-axp-201508018' into staging Alpha shadow register optimization # gpg: Signature made Tue 18 Aug 2015 19:09:41 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-axp-201508018: target-alpha: Inline hw_ret target-alpha: Inline call_pal target-alpha: Use separate TCGv temporaries for the shadow registers Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6c05d3ded7b51154e67c35e270c48784b7046883 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 16 12:55:12 2014 -0700 target-alpha: Inline hw_ret Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2f458b7c311f8d79028b04930f8c820b326fbcdd Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 16 12:35:59 2014 -0700 target-alpha: Inline call_pal Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 591243846f7d0dc59f482a89e241a6ce02d25fae Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Sep 16 12:16:38 2014 -0700 target-alpha: Use separate TCGv temporaries for the shadow registers This avoids having to manually swap them around when swapping to and from PALmode. We simply encode the shadow registers into the translation. The VMStateDescription version changes, because the meaning of "shadow" changes in the save file when in PALmode. It would be possible to fix this, but I don't think it's worth the effort. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 112e4518f0d38fc3c52e55c7d7e77b66a295ec2b Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Aug 5 11:04:11 2015 -0700 target-alpha: Special case cmpbge with zero Knowing the comparator is zero leads to a simpler operation. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 5452b6f61ae943aff5c13cdd65fb476efff636d3 Merge: 6b324b3 9504c54 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 18 17:06:41 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * SCSI fixes from Stefan and Fam * vhost-scsi fix from Igor and Lu Lina * a build system fix from Daniel * two more multi-arch-related patches from Peter C. * TCG patches from myself and Sergey Fedorov * RCU improvement from Wen Congyang * a few more simple cleanups # gpg: Signature made Fri 14 Aug 2015 22:41:52 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: disas: Defeature print_target_address hw: fix mask for ColdFire UART command register scsi-generic: identify AIO callbacks more clearly scsi-disk: identify AIO callbacks more clearly scsi: create restart bottom half in the right AioContext configure: only add CONFIG_RDMA to config-host.h once qemu-nbd: remove unnecessary qemu_notify_event() vhost-scsi: Clarify vhost_virtqueue_mask argument exec: use macro ROUND_UP for alignment rcu: Allow calling rcu_(un)register_thread() during synchronize_rcu() exec: drop cpu_can_do_io, just read cpu->can_do_io cpu_defs: Simplify CPUTLB padding logic cpu-exec: Do not invalidate original TB in cpu_exec_nocache() vhost/scsi: call vhost_dev_cleanup() at unrealize() time virtio-scsi-test: Add test case for tail unaligned WRITE SAME scsi-disk: Fix assertion failure on WRITE SAME tests: virtio-scsi: clear unit attention after reset scsi-disk: fix cmd.mode field typo virtio-scsi: use virtqueue_map_sg() when loading requests Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5f2a80adc6fd2b2e4e0579a6613a9913e3cc9a05 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Aug 5 10:33:12 2015 -0700 target-alpha: Rewrite helper_cmpbge using bit tests Not quite as good as using a proper host vector compare, but certainly better than a loop. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9504c5445cb709415aea509954a922983925c2d3 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Jul 5 13:50:32 2015 -0700 disas: Defeature print_target_address It does not work in multi-arch as it requires the CPU specific TARGET_VIRT_ADDR_SPACE_BITS global define. Just use the generic version that does no masking. Targets should be responsible for passing in a sane virtual address. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <1436129432-16617-1-git-send-email-crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 491ffc1f7ce857b88e9d310ce901ce033e45b75d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jun 24 13:55:51 2015 +0200 hw: fix mask for ColdFire UART command register The "miscellaneous commands" part of the register is 3 bits wide. Spotted by Coverity and confirmed in the datasheet, downloadable from http://cache.freescale.com/files/32bit/doc/ref_manual/MCF5307BUM.pdf (figure 14-6). Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fa0d653b06cec7b3188a733dc7394e030948018e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Sun Jul 19 19:15:26 2015 +0200 scsi-generic: identify AIO callbacks more clearly Functions that are not callbacks should assert that aiocb is NULL and have a SCSIGenericReq argument. AIO callbacks should assert that aiocb is not NULL. They also have an opaque argument. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5fd2b563a7624959ae7f000202785a30279021f8 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Sun Jul 19 19:15:26 2015 +0200 scsi-disk: identify AIO callbacks more clearly Functions that are not callbacks should assert that aiocb is NULL and have a non-opaque argument (usually a pointer to SCSIDiskReq). AIO callbacks should assert that aiocb is not NULL and take care of calling block_acct done. They also have an opaque argument. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d223c10453f1a7909349fd3e52a6047295d0e94f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jul 22 16:38:17 2015 +0200 scsi: create restart bottom half in the right AioContext This matches commit 4407c1c (virtio-blk: Schedule BH in the right context, 2014-06-17), which did the same thing for virtio-blk. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 416471916542f30c49f2ed2187d634e9ad26d57d Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Jul 31 13:23:23 2015 +0100 configure: only add CONFIG_RDMA to config-host.h once For unknown reasons (probably a git rebase merge mistake) commit 2da776db4846eadcb808598a5d3484d149773c05 Author: Michael R. Hines <mrhines@xxxxxxxxxx> Date: Mon Jul 22 10:01:54 2013 -0400 rdma: core logic Adds CONFIG_RDMA to config-host.h twice, as can be seen in the generated file: $ grep CONFIG_RDMA config-host.h #define CONFIG_RDMA 1 #define CONFIG_RDMA 1 Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1438345403-32467-1-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 06832648e1dbd268d7b719b9a49df476af689c6d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Jul 27 13:52:55 2015 +0200 qemu-nbd: remove unnecessary qemu_notify_event() This was needed when qemu-nbd was using qemu_set_fd_handler2. It is not needed anymore now that nbd_update_server_fd_handler is called whenever nbd_can_accept() can change from false to true. nbd_update_server_fd_handler will call qemu_set_fd_handler(), which will call qemu_notify_event(). Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fe2d1a81d96e8ffe74974bd4b3ebc608f1f6a25d Author: Lu Lina <lina.lulina@xxxxxxxxxx> Date: Mon Jul 27 14:25:59 2015 +0800 vhost-scsi: Clarify vhost_virtqueue_mask argument vhost_virtqueue_mask takes an "absolute" virtqueue index, while the code looks like it's passing an index that is relative to s->dev.vq_index. In reality, s->dev.vq_index is always zero, so this patch does not make any difference, but the code is clearer. Signed-off-by: Lu Lina <lina.lulina@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Message-Id: <1437978359-17960-1-git-send-email-arei.gonglei@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9284f31994919c001b54af57fc7d1bbb0d19b6fd Author: Chen Hanxiao <chenhanxiao@xxxxxxxxxxxxxx> Date: Fri Jul 24 11:12:03 2015 +0800 exec: use macro ROUND_UP for alignment Use ROUND_UP instead. Signed-off-by: Chen Hanxiao <chenhanxiao@xxxxxxxxxxxxxx> Message-Id: <1437707523-4910-1-git-send-email-chenhanxiao@xxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c097a60b100c10d79d8bd5c91ce804e865d7e70b Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Mon Jul 27 10:24:18 2015 +0800 rcu: Allow calling rcu_(un)register_thread() during synchronize_rcu() If rcu_(un)register_thread() is called together with synchronize_rcu(), it will wait for the synchronize_rcu() to finish. But when synchronize_rcu() waits for some events, we can modify the list registry. We also use the lock rcu_gp_lock to assume that synchronize_rcu() isn't executed in more than one thread at the same time. Add a new mutex lock rcu_sync_lock to assume it and rename rcu_gp_lock to rcu_registry_lock. Release rcu_registry_lock when synchronize_rcu() waits for some events. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Message-Id: <55B59652.4090503@xxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 414b15c909c88e4cf5f10e80d033b3aa90bcc9e1 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jun 24 14:16:26 2015 +0200 exec: drop cpu_can_do_io, just read cpu->can_do_io After commit 626cf8f (icount: set can_do_io outside TB execution, 2014-12-08), can_do_io is set to 1 if not executing code. It is no longer necessary to make this assumption in cpu_can_do_io. It is also possible to remove the use_icount test, simply by never setting cpu->can_do_io to 0 unless use_icount is true. With these changes cpu_can_do_io boils down to a read of cpu->can_do_io. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6b324b3e5906fd9a9ce7f4f24decd1f1c7afde97 Merge: 074a992 8887f84 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 14 18:06:44 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Fri 14 Aug 2015 16:01:19 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: tests: test rx recovery from cont tests: introduce basic pci test for virtio-net net/vmxnet3: Fix incorrect debug message Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 074a9925e1cfd659d5376dcaccd1436d3840e611 Merge: 8e0adf6 e424aff Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 14 16:52:34 2015 +0100 Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging # gpg: Signature made Fri 14 Aug 2015 14:54:27 BST using RSA key ID C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@xxxxxxxxxx>" # gpg: aka "Jeffrey Cody <jeff@xxxxxxxxxxxxx>" # gpg: aka "Jeffrey Cody <codyprime@xxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 9957 4B4D 3474 90E7 9D98 D624 BDBE 7B27 C0DE 3057 * remotes/cody/tags/block-pull-request: mirror: Fix coroutine reentrance block/mirror: limit qiov to IOV_MAX elements Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8e0adf64140ab93aba79be2f0227a47eda78e464 Merge: be1f13a 92e11a1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Aug 14 15:51:24 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Fri 14 Aug 2015 15:41:14 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: throttle: add throttle_max_is_missing_limit() test throttle: refuse bps_max/iops_max without bps/iops Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e424aff5f307227b1c2512bbb8ece891bb895cef Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Aug 13 10:41:50 2015 +0200 mirror: Fix coroutine reentrance This fixes a regression introduced by commit dcfb3beb ("mirror: Do zero write on target if sectors not allocated"), which was reported to cause aborts with the message "Co-routine re-entered recursively". The cause for this bug is the following code in mirror_iteration_done(): if (s->common.busy) { qemu_coroutine_enter(s->common.co, NULL); } This has always been ugly because - unlike most places that reenter - it doesn't have a specific yield that it pairs with, but is more uncontrolled. What we really mean here is "reenter the coroutine if it's in one of the four explicit yields in mirror.c". This used to be equivalent with s->common.busy because neither mirror_run() nor mirror_iteration() call any function that could yield. However since commit dcfb3beb this doesn't hold true any more: bdrv_get_block_status_above() can yield. So what happens is that bdrv_get_block_status_above() wants to take a lock that is already held, so it adds itself to the queue of waiting coroutines and yields. Instead of being woken up by the unlock function, however, it gets woken up by mirror_iteration_done(), which is obviously wrong. In most cases the code actually happens to cope fairly well with such cases, but in this specific case, the unlock must already have scheduled the coroutine for wakeup when mirror_iteration_done() reentered it. And then the coroutine happened to process the scheduled restarts and tried to reenter itself recursively. This patch fixes the problem by pairing the reenter in mirror_iteration_done() with specific yields instead of abusing s->common.busy. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Message-id: 1439455310-11263-1-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit d90dedfcd5b9faad105bf28b718c9477d8467e77 Merge: be1f13a cae98cb Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Fri Aug 14 09:41:30 2015 -0400 Merge branch 'block-next' into HEAD commit be1f13ac9d9fc21908975460652a72f5f0c018c5 Merge: 5c314a2 c855701 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 13 17:47:44 2015 +0100 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150813' into staging MIPS patches 2015-08-13 Changes: * mips32r5-generic CPU updated and renamed to P5600 * improvements in LWL/LDL, logging and fulong2e # gpg: Signature made Thu 13 Aug 2015 17:10:59 BST using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 8DD3 2F98 5495 9D66 35D4 4FC0 5211 8E3C 0B29 DA6B * remotes/lalrae/tags/mips-20150813: target-mips: Use CPU_LOG_INT for logging related to interrupts hw/pci-host/bonito: Avoid buffer overrun for bad LDMA/COP accesses target-mips: simplify LWL/LDL mask generation target-mips: update mips32r5-generic into P5600 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c85570163bdf1ba29cb52a63f22ff1c48f1b9398 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 3 11:49:12 2015 -0700 target-mips: Use CPU_LOG_INT for logging related to interrupts There are now no unconditional uses of qemu_log in the subdirectory. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 58d479786b11a7e982419c1e0905b8490ef9a787 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 30 16:33:42 2015 +0100 hw/pci-host/bonito: Avoid buffer overrun for bad LDMA/COP accesses The LDMA and COP memory regions represent four 32 bit registers each, but the memory regions themselves are 0x100 bytes large. Add guards to the read and write accessors so that bogus accesses beyond the four defined registers don't just run off the end of the bonldma and boncop structs and into whatever lies beyond. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Acked-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit eb02cc3f89013612cb05df23b5441741e902bbd2 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jul 15 17:05:09 2015 +0200 target-mips: simplify LWL/LDL mask generation The LWL/LDL instructions mask the GPR with a mask depending on the address alignement. It is currently computed by doing: mask = 0x7fffffffffffffffull >> (t1 ^ 63) It's simpler to generate it by doing: mask = ~(-1 << t1) It uses one TCG instruction less, and it avoids a 32/64-bit constant loading which can take a few instructions on RISC hosts. Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit aff2bc6dc6d839caf6df0900437cc2cc9e180605 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Fri Jul 10 12:10:52 2015 +0100 target-mips: update mips32r5-generic into P5600 As full specification of P5600 is available, mips32r5-generic should be renamed to P5600 and corrected as its intention. Correct PRid and detail of configuration. Features which are not currently supported are described as FIXME. Fix Config.MM bit location Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> [leon.alrae@xxxxxxxxxx: correct cache line sizes and LLAddr shift] Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 5c314a2eb713f560d753cb194d194fd462cff719 Merge: 425591e d31e5ae Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 13 15:07:34 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio,pc,acpi fixes, cleanups Mostly cleanups, notably Eduardo's compat code rework, and smbios rearrangement for use by ARM. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu 13 Aug 2015 12:59:16 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: (24 commits) MAINTAINERS: list smbios maintainers smbios: move smbios code into a common folder smbios: remove dependency on x86 e820 tables smbios: extract x86 smbios building code into a function acpi: avoid potential uninitialized access to cpu_hp_io_base virtio-net: remove useless codes pci: allow 0 address for PCI IO/MEM regions pc: Remove redundant arguments from pc_memory_init() pc: Remove redundant arguments from pc_cmos_init() pc: Remove redundant arguments from *load_linux() pc: Use PCMachineState as pc_guest_info_init() argument pc: Move {above,below}_4g_mem_size variables to PCMachineState pc: Use PCMachineState for pc_memory_init() argument pc: Use PCMachineState for pc_cmos_init() argument pc: Eliminate pc_default_machine_options() pc: Eliminate pc_common_machine_options() pc: Move PCMachineClass, PCMachineState to qemu/typedefs.h pc: Rename pc_machine variables to pcms pc: Use error_abort when registering properties target-i386: Remove x86_cpu_compat_set_features() ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d31e5ae7f2c16de2caf752b7f7f903569fea894d Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Aug 12 12:17:36 2015 +0300 MAINTAINERS: list smbios maintainers Now that smbios has its own directory, list its maintainers. Same people as ACPI so just reuse that entry. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 60d8f328b878ead45a5e5e347935097e3426bbd9 Author: Wei Huang <wei@xxxxxxxxxx> Date: Tue Aug 11 22:08:20 2015 -0400 smbios: move smbios code into a common folder To share smbios among different architectures, this patch moves SMBIOS code (smbios.c and smbios.h) from x86 specific folders into new hw/smbios directories. As a result, CONFIG_SMBIOS=y is defined in x86 default config files. Acked-by: Gabriel Somlo <somlo@xxxxxxx> Tested-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Tested-by: Leif Lindholm <leif.lindholm@xxxxxxxxxx> Signed-off-by: Wei Huang <wei@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 89cc4a2760be800b5924dd705b1369bc29783c9f Author: Wei Huang <wei@xxxxxxxxxx> Date: Tue Aug 11 22:08:19 2015 -0400 smbios: remove dependency on x86 e820 tables Current smbios builds type 19 table from e820, which is x86 specific. This patch removes smbios' dependency on e820 by passing an array of memory area to smbios_get_tables(). Acked-by: Gabriel Somlo <somlo@xxxxxxx> Tested-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Tested-by: Leif Lindholm <leif.lindholm@xxxxxxxxxx> Signed-off-by: Wei Huang <wei@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 5fd0a9d410dc876ce134359c489d1d639ea32889 Author: Wei Huang <wei@xxxxxxxxxx> Date: Tue Aug 11 22:08:18 2015 -0400 smbios: extract x86 smbios building code into a function This patch extracts out the procedure of buidling x86 SMBIOS tables into a dedicated function. Acked-by: Gabriel Somlo <somlo@xxxxxxx> Tested-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Tested-by: Leif Lindholm <leif.lindholm@xxxxxxxxxx> Signed-off-by: Wei Huang <wei@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 94aaca6457e52bb9c8a53af3c89bfeec40afadfc Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Jul 31 11:14:35 2015 +0100 acpi: avoid potential uninitialized access to cpu_hp_io_base When building QEMU with Mingw64 toolchain I see a warning CC x86_64-softmmu/hw/i386/acpi-build.o hw/i386/acpi-build.c: In function 'acpi_build': hw/i386/acpi-build.c:1138:9: warning: 'pm.cpu_hp_io_base' may be used uninitialized in this function [-Wmaybe-uninitialized] aml_append(crs, ^ hw/i386/acpi-build.c:1666:16: note: 'pm.cpu_hp_io_base' was declared here AcpiPmInfo pm; ^ In acpi_get_pm_info() some of the fields are pre-initialized to 0, but this one was missed. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit bd89dd98b2b835bbff43f02f2e7c823eb0c61331 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Mon Aug 3 13:20:38 2015 +0800 virtio-net: remove useless codes After commit 40bad8f3deba15e2074ff34cfe923c12916b1cc5("virtio-net: fix used len for tx"), async_tx.len was no longer used afterwards. So remove useless codes with it. Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit e402463073ae51d00dc6cf98556e2f5c4b008a31 Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Fri Jul 24 10:35:13 2015 +0200 pci: allow 0 address for PCI IO/MEM regions Some kernels program a 0 address for io regions. PCI 3.0 spec section 6.2.5.1 doesn't seem to disallow this. based on patch by Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Add pci_allow_0_addr in MachineClass to conditionally allow addr 0 for pseries, as this can break other architectures. This patch allows to hotplug PCI card in pseries machine, as the first added card BAR0 is always set to 0 address. This as a temporary hack, waiting to fix PCI memory priorities for more machine types... Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c8d163bc9e037ec32b2250b2d7950b1d1bc3fd61 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:55 2015 -0300 pc: Remove redundant arguments from pc_memory_init() Remove arguments that can be found in PCMachineState. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 880768546eabea369068f30f22e5d26aa4c6970b Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:54 2015 -0300 pc: Remove redundant arguments from pc_cmos_init() Remove arguments that can be found in PCMachineState. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit df1f79fdbb98f948f0f9d77a5a48a643026ef31d Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:53 2015 -0300 pc: Remove redundant arguments from *load_linux() Remove arguments that can be found in PCMachineState. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b9cfc918ddcbbb5d3b8c1a47675b927cc25eb632 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:52 2015 -0300 pc: Use PCMachineState as pc_guest_info_init() argument Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c0aa4e1ecbcad29bb9f1d654f930300b975c3ba8 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:51 2015 -0300 pc: Move {above,below}_4g_mem_size variables to PCMachineState This will make the info readily available for the other initialization functions, and will allow us to simplify their argument list. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 62b160c02ca46f0b5a06cc4416c47708c7ffd76b Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:50 2015 -0300 pc: Use PCMachineState for pc_memory_init() argument pc_memory_init() already expects a PCMachineState object, there's no point in upcasting it to MachineState before calling the function. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 23d3040704e8e2a10f3e21e2c6594b3a8c7b20db Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:49 2015 -0300 pc: Use PCMachineState for pc_cmos_init() argument pc_cmos_init() already expects a PCMachineState object, there's no point in upcasting it to MachineState before calling the function. While doing it, reorder the arguments so PCMachineState is the first function argument. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4458fb3a7993249f466662b18ccae75f1a313200 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:48 2015 -0300 pc: Eliminate pc_default_machine_options() The only PC machines that didn't call pc_default_machine_options() were isaps and xenfv. Both were already overwriting max_cpus, and only isapc was not overwriting hot_add_cpu. After making isapc set hot_add_cpu to NULL, we can move the pc_default_machine_options() code the PC common class_init. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 41742767bfa8127954b6f57b39b590adcde3ac6c Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:47 2015 -0300 pc: Eliminate pc_common_machine_options() All TYPE_PC_MACHINE subclasses call pc_common_machine_options(). TYPE_PC_MACHINE can simply initialize the common options on class_init directly. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8170dfa077761ed979b45f608cf706253a764f0d Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:46 2015 -0300 pc: Move PCMachineClass, PCMachineState to qemu/typedefs.h They will be used inside hw/xen/xen.h, which doesn't include hw/i386/pc.h. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ec68007a29bff36dab96ae3ea731c85b4b66fdca Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:45 2015 -0300 pc: Rename pc_machine variables to pcms Make the code use the same variable name everywhere. "pcms" is already being used in existing code and it's shorter. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit dda65c7c4b9b4925bdd056c66d4e1ef5cf4a8fb8 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:44 2015 -0300 pc: Use error_abort when registering properties No errors should happen when registering the properties, but we shouldn't silently ignore them if they happen. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit e8963e5cecd4bb47ec3a7221ae591f278de6b5d0 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:43 2015 -0300 target-i386: Remove x86_cpu_compat_set_features() The function is not used by PC code anymore and can be removed. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 27add3814157f5506672e85ff918d1b379ae8ac0 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:55:42 2015 -0300 pc: Use PC_COMPAT_* for CPUID feature compatibility Now we can use compat_props to keep CPUID feature compatibility, using the boolean QOM properties for CPUID feature flags. This simplifies the compatibility code, and reduces duplication between pc_piix.c and pc_q35.c. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit e33d22fab3ad64bedc1c9addb0a0fa437995c12a Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Aug 7 16:15:31 2015 -0300 piix: Document coreboot-specific RAM size config register The existing i440fx initialization code sets a PCI config register that isn't documented anywhere in the Intel 440FX datasheet. Register 0x57 is DRAMC (DRAM Control) and has nothing to do with the RAM size. This was implemented in commit ec5f92ce6ac8ec09056be77e03c941be188648fa because old coreboot code tried to read registers 0x5a-0x5f,0x56,0x57 to get the RAM size from QEMU, but I couldn't find out why coreboot did that. I assume it was a mistake, and the original code was supposed to be reading the DRB[0-7] registers (offsets 0x60-0x67). Document that coreboot-specific register offset in a macro and a comment, for future reference. Cc: Ed Swierk <eswierk@xxxxxxxxxxxxxxxxxx> Cc: Richard Smith <smithbone@xxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 27fa7479801ac23609110535a997b2e3ed6eb867 Author: Victor Kaplansky <victork@xxxxxxxxxx> Date: Sun Aug 9 12:39:59 2015 +0300 make: load only required dependency files. The old rules.mak loads dependency .d files using include directive with file glob pattern "*.d". This breaks the build when build tree has left-over *.d files from another build. This patch fixes this by - loading precise list of .d files made from *.o and *.mo. - specifying explicit list of required dependency info files for *.hex autogenerated sources. Note that Makefile still includes some .d in root directory by including "*.d". Signed-off-by: Victor Kaplansky <victork@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 998b7b1db4f61ee2784d8e9050c3dda15abd4425 Author: Victor Kaplansky <victork@xxxxxxxxxx> Date: Sun Aug 9 12:39:53 2015 +0300 make: fix where dependency *.d are stored. In rules like "bar/%.o: %.c" there is a difference between $(*D) and $(@D). $(*D) expands to '.', while $(@D) expands to 'bar'. It is cleaner to generate *.d in the same directory where appropriate *.o resides. This allows precise including of dependency info from .d files. As a hack, we also touch two sources for generated *.hex files. Without this hack, anyone doing "git pull; make" will not get *.hex rebuilt correctly since the dependency file would be missing. Signed-off-by: Victor Kaplansky <victork@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 425591e3effb0bdd4dec2a5b0d092009ee1a8f32 Merge: ca0e5d8 f7a6785 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 13 12:04:24 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150813' into staging target-arm queue: * i.MX code cleanup/refactorings * i.MX UART fix to work with uninitialized chardev * minor GIC code refactorings * implement the ARM Secure physical timer * implement the ARM Hypervisor timer # gpg: Signature made Thu 13 Aug 2015 11:40:56 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150813: (27 commits) i.MX: Fix UART driver to work with unitialized "chardev" device hw/cpu/a15mpcore: Wire up hyp and secure physical timer interrupts hw/arm/virt: Wire up secure timer interrupt target-arm: Add AArch32 banked register access to secure physical timer target-arm: Add the AArch64 view of the Secure physical timer target-arm: Add debug check for mismatched cpreg resets Introduce gic_class_name() instead of repeating condition hw/arm/gic: Kill code duplication Merge memory_region_init_reservation() into memory_region_init_io() i.MX: Fix Coding style for GPT emulator i.MX: Split GPT emulator in a header file and a source file i.MX: Fix Coding style for EPIT emulator i.MX: Split EPIT emulator in a header file and a source file i.MX: Fix Coding style for CCM emulator i.MX: Split CCM emulator in a header file and a source file i.MX: Fix Coding style for AVIC emulator. i.MX: Split AVIC emulator in a header file and a source file i.MX:Fix Coding style for UART emulator. i.MX: Move serial initialization to init/realize of DeviceClass. i.MX: Split UART emulator in a header file and a source file ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f7a6785e12d834d05200b0595070db453344b25d Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:22 2015 +0100 i.MX: Fix UART driver to work with unitialized "chardev" device The "chardev" property initialization might have failed (for example because there are not enough chardevs provided by QEMU). The serial device emulator needs to be able to work with an uninitialized (NULL) chardev device pointer. This patch adds some missing tests on the chr pointer value before using it. Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1438342461-18967-1-git-send-email-jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5dfaa75b4d96fe88858a98d947b97e697e2811e6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 13 11:26:22 2015 +0100 hw/cpu/a15mpcore: Wire up hyp and secure physical timer interrupts Since we now support both the hypervisor and the secure physical timer, wire their interrupt lines up in the a15mpcore wrapper object. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1437047249-2357-5-git-send-email-peter.maydell@xxxxxxxxxx Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit a007b1f85813ef6450ad3e761e46c189e3f40e04 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 13 11:26:22 2015 +0100 hw/arm/virt: Wire up secure timer interrupt Wire up the secure timer interrupt. Since we've defined that the plain old physical timer is the NS timer, we can drop the now-out-of-date comment about QEMU not having TZ. Use a data-driven loop to wire up the timer interrupts, since we now have four of them and the code is the same for each. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1437047249-2357-4-git-send-email-peter.maydell@xxxxxxxxxx Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 9ff9dd3c875956523bb4c19ca712e5d05aab3c65 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 13 11:26:22 2015 +0100 target-arm: Add AArch32 banked register access to secure physical timer If EL3 is AArch32, then the secure physical timer is accessed via banking of the registers used for the non-secure physical timer. Implement this banking. Note that the access controls for the AArch32 banked registers remain the same as the physical-timer checks; they are not the same as the controls on the AArch64 secure timer registers. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1437047249-2357-3-git-send-email-peter.maydell@xxxxxxxxxx Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit b4d3978c2fdf944e428a46d2850dbd950b6fbe78 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 13 11:26:22 2015 +0100 target-arm: Add the AArch64 view of the Secure physical timer On CPUs with EL3, there are two physical timers, one for Secure and one for Non-secure. Implement this extra timer and the AArch64 registers which access it. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1437047249-2357-2-git-send-email-peter.maydell@xxxxxxxxxx commit 49a661910c1374858602a3002b67115893673c25 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Aug 13 11:26:21 2015 +0100 target-arm: Add debug check for mismatched cpreg resets It's easy to accidentally define two cpregs which both try to reset the same underlying state field (for instance a clash between an AArch64 EL3 definition and an AArch32 banked register definition). if the two definitions disagree about the reset value then the result is dependent on which one happened to be reached last in the hashtable enumeration. Add a consistency check to detect and assert in these cases: after reset, we run a second pass where we check that the reset operation doesn't change the value of the register. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1436797559-20835-1-git-send-email-peter.maydell@xxxxxxxxxx commit e6fbcbc4e57322a8de1307556e68a4cd6d0d8c8b Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Aug 13 11:26:21 2015 +0100 Introduce gic_class_name() instead of repeating condition This small inline returns correct GIC class name depending on whether we use KVM acceleration or not. Avoids duplicating the condition everywhere. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 4f26901be9b844b563673ce3ad08eeedbb7a7132.1438758065.git.p.fedin@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7926c210ab0c44fc3612461a50f487d16be98dca Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Aug 13 11:26:21 2015 +0100 hw/arm/gic: Kill code duplication Extracted duplicated initialization code from SW-emulated and KVM GIC implementations and put into gic_init_irqs_and_mmio() Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Message-id: 8ea5b2781ef39cb5989420987fc73c70e377687d.1438758065.git.p.fedin@xxxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6d6d2abf2c2e52c0f404d0a31a963e945b0cc7ad Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Thu Aug 13 11:26:21 2015 +0100 Merge memory_region_init_reservation() into memory_region_init_io() Just specifying ops = NULL in some cases can be more convenient than having two functions. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 78a379ab1b6b30ab497db7971ad336dad1dbee76.1438758065.git.p.fedin@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 68b85290c7e23cfa159e1a5058d959814c6fa289 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:21 2015 +0100 i.MX: Fix Coding style for GPT emulator Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: cc7d1589e774e87c346b75a6c25e07957f436ced.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d647b26dc68a71db89a0c431841f1532ef7502e9 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:20 2015 +0100 i.MX: Split GPT emulator in a header file and a source file Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: e32fba56b9dae3cc7c83726550514b2d0c890ae0.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 565328fcc35f34242b29182313e4d7cf525d9b1c Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:20 2015 +0100 i.MX: Fix Coding style for EPIT emulator Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: d8d70683c6a48ac318c1635595619cfb0eb31681.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 951cd00e924ed06a72f4c2831f4cf7be9e6b90ef Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:20 2015 +0100 i.MX: Split EPIT emulator in a header file and a source file Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 948927cab0c85da9a753c5f6d5501323d5604c8e.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c14875b2e1b70b470492a000e0bc0b19978d34a2 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:20 2015 +0100 i.MX: Fix Coding style for CCM emulator Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: ff0b6720b1c55204e663f07be47c0203f6871084.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 282e74c83fd8af08d14fb1220a960e34b60e505f Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:20 2015 +0100 i.MX: Split CCM emulator in a header file and a source file Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: b1d6f990229b2608bbaba24f4ff359571c0b07da.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dbeedce78eea56ac4d482722291d6a7ebfd414d2 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:20 2015 +0100 i.MX: Fix Coding style for AVIC emulator. Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 01e1d9026220992405819f25640ebd5bb843fc93.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f250c6a7510e0069fdc7fd1fb76700db4daa9ddd Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:19 2015 +0100 i.MX: Split AVIC emulator in a header file and a source file Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 06829257e845d693be05c7d491134313c1615d1a.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit fa2650a37e58877d889a726a47aadbf4578ef87e Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:19 2015 +0100 i.MX:Fix Coding style for UART emulator. Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 23ab872b7cd30b1399384fb26a2ebb75e9761d7b.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f6c64000f966d17ef1bead1e066f039d0be64d74 Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:19 2015 +0100 i.MX: Move serial initialization to init/realize of DeviceClass. Move constructor to DeviceClass methods * imx_serial_init * imx_serial_realize imx32_serial_properties is renamed to imx_serial_properties. Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-id: 6854bd75e2b5af312e04e760587e249dbaff807f.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cd0bda20874d65b5ac4ab6e69d3eec4f095a924b Author: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Date: Thu Aug 13 11:26:19 2015 +0100 i.MX: Split UART emulator in a header file and a source file Signed-off-by: Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: a51ef50fa222a614169056d5389a6d3ed6a63b04.1437080501.git.jcd@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a5c6a584a74c9c66a07a2ce019bbdd3bcf4e4909 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Thu Aug 13 11:26:19 2015 +0100 hw/arm/virt: Connect the Hypervisor timer Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1436791864-4582-8-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0e3e858f6a88b3c3befe9c98227aec846c01d9a1 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Thu Aug 13 11:26:18 2015 +0100 hw/arm/virt: Replace magic IRQ constants with macros Replace magic constants with macros from hw/arm/virt.h and hw/intc/arm_gic_common.h. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1436791864-4582-7-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b0e66d95e4f587b5818d2760668301ee0871ba5e Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Thu Aug 13 11:26:18 2015 +0100 target-arm: Add the Hypervisor timer Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1436791864-4582-6-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0e3eca4c26d6aa4f082db8e63fd81a16df061f3c Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Thu Aug 13 11:26:18 2015 +0100 target-arm: Pass timeridx as argument to various timer functions Prepare for adding the Hypervisor timer, no functional change. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1436791864-4582-5-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d57b9ee84f6b2786f025712609edb259d0de086d Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxx> Date: Thu Aug 13 11:26:18 2015 +0100 target-arm: Rename and move gt_cnt_reset Rename gt_cnt_reset to gt_timer_reset as the function really resets the timers and not the counters. Move the registration from counter regs to timer regs. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1436791864-4582-4-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0b6440afb807a80c6d64dcc987bcfed87e1ace17 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Thu Aug 13 11:26:18 2015 +0100 target-arm: Add CNTHCTL_EL2 Adds control for trapping selected timer and counter accesses to EL2. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1436791864-4582-3-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit edac4d8a168b9c0c4a765bbc5507e46fa5557b78 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Thu Aug 13 11:26:17 2015 +0100 target-arm: Add CNTVOFF_EL2 Adds support for the virtual timer offset controlled by EL2. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1436791864-4582-2-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ca0e5d8b0d065a95d0f9042f71b2ace45b015596 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 11 23:15:55 2015 +0100 Open 2.5 development tree Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5c79ae3615d5dafdf1bb09b7a356a3a005714e3d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 11 15:30:34 2015 +0100 Update version for v2.4.0 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b4a4b8d0e0767c85946fd8fc404643bf5766351a Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Jul 5 14:08:53 2015 -0700 cpu_defs: Simplify CPUTLB padding logic There was a complicated subtractive arithmetic for determining the padding on the CPUTLBEntry structure. Simplify this with a union. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <1436130533-18565-1-git-send-email-crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 02d57ea115b7669f588371c86484a2e8ebc369be Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Tue Jun 30 12:35:09 2015 +0300 cpu-exec: Do not invalidate original TB in cpu_exec_nocache() Instead of invalidating an original TB in cpu_exec_nocache() prematurely, just save a link to it in the temporary generated TB. If cpu_io_recompile() is raised subsequently from the temporary TB, invalidate the original one as well. That allows reusing the original TB each time cpu_exec_nocache() is called to handle expired instruction counter in icount mode. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-Id: <1435656909-29116-1-git-send-email-serge.fdrv@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit cae98cb87d269c33d23b2bccd79bb8d99a60d811 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 1 15:45:50 2015 +0100 block/mirror: limit qiov to IOV_MAX elements If mirror has more free buffers than IOV_MAX, preadv(2)/pwritev(2) EINVAL failures may be encountered. It is possible to trigger this by setting granularity to a low value like 8192. This patch stops appending chunks once IOV_MAX is reached. The spurious EINVAL failure can be reproduced with a qcow2 image file and the following QMP invocation: qmp.command('drive-mirror', device='virtio0', target='/tmp/r7.s1', granularity=8192, sync='full', mode='absolute-paths', format='raw') While the guest is running dd if=/dev/zero of=/var/tmp/foo oflag=direct bs=4k. Cc: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1435761950-26714-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 2d697366a14ce95da2e9a59ea9872d3034eb49e4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 5 17:02:58 2015 +0100 Update version for v2.4.0-rc4 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0175409df42c20257171df87657dd705558aa94d Merge: e94867e 74aae7b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Aug 5 16:02:00 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio fix for 2.4 Fixes migration in virtio 1 mode. We still have a known bug with memory hotplug, it doesn't look like we can fix that in time for 2.4. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Wed 05 Aug 2015 15:57:39 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: virtio: fix 1.0 virtqueue migration Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e94867ed5f241008d0f53142b2704a075f9ed505 Author: Sascha Silbe <silbe@xxxxxxxxxxxxxxxxxx> Date: Tue Aug 4 16:48:25 2015 +0200 block: don't register quorum driver if SHA256 support is unavailable Commit 488981a4 [block: convert quorum blockdrv to use crypto APIs] broke qemu-iotest 041 on hosts with GnuTLS < 2.10.0. It converted a compile-time check to a run-time check at device open time. The result is that we now advertise a feature (the quorum block driver) that will never work (on those hosts). There's no way (short of parsing human-readable error messages) for qemu-iotests or any other API consumer to recognise that the quorum block driver isn't _actually_ available and shouldn't be used or tested. Move the run-time check to bdrv_quorum_init() to avoid registering the quorum block driver if we know it cannot work. This way API consumers can recognise it's unavailable. Fixes: 488981a4af396551a3178d032cc2b41d9553ada2 Signed-off-by: Sascha Silbe <silbe@xxxxxxxxxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1438699705-21761-1-git-send-email-silbe@xxxxxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 74aae7b22b8a67cf31937b2f4bdefe2881e799e9 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Wed Aug 5 17:50:07 2015 +0800 virtio: fix 1.0 virtqueue migration 1.0 does not requires physically-contiguous pages layout for a virtqueue. So we could not infer avail and used from desc. This means we need to migrate vring.avail and vring.used when host support virtio 1.0. This fixes malfunction of virtio 1.0 device after migration. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 92e11a17612108b1729bde4ce61aad0cc1ce5889 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Aug 4 11:22:13 2015 +0100 throttle: add throttle_max_is_missing_limit() test Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1438683733-21111-3-git-send-email-stefanha@xxxxxxxxxx commit ee2bdc33c913b7d765baa5aa338c29fb30a05c9a Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Aug 4 11:22:12 2015 +0100 throttle: refuse bps_max/iops_max without bps/iops The bps_max/iops_max values are meaningless without corresponding bps/iops values. Reported an error if bps_max/iops_max is given without bps/iops. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1438683733-21111-2-git-send-email-stefanha@xxxxxxxxxx commit 2be4f242b50a84bf360df02480b173bfed161107 Merge: 426d0e7 27751aa Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 4 16:51:24 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 queue, 2015-08-04 # gpg: Signature made Tue 04 Aug 2015 16:49:42 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-pull-request: target-i386: fix IvyBridge xlevel in PC_COMPAT_2_3 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 27751aabd1e0359d84314bc230beccdef2168d1f Author: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Date: Tue Aug 4 16:17:21 2015 +0200 target-i386: fix IvyBridge xlevel in PC_COMPAT_2_3 Previous patch changed xlevel and missed the compatibility code. Fixes: 3046bb5debc8 ("target-i386: emulate CPUID level of real hardware") Signed-off-by: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 426d0e7b7e031a1592292b3eb275483b341a2f28 Merge: 260425a b7f26e5 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Aug 4 12:57:06 2015 +0100 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150804' into staging MIPS patches 2015-08-04 Changes: * fix semihosting for microMIPS R6 * fix an abort when booting mips64 kernel with --enable-tcg-debug # gpg: Signature made Tue 04 Aug 2015 12:32:17 BST using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 8DD3 2F98 5495 9D66 35D4 4FC0 5211 8E3C 0B29 DA6B * remotes/lalrae/tags/mips-20150804: target-mips: Copy restrictions from ext/ins to dext/dins target-mips: fix semihosting for microMIPS R6 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b7f26e523914b982a1c1bfa8295f77ff9787c33c Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 3 12:35:53 2015 -0700 target-mips: Copy restrictions from ext/ins to dext/dins The checks in dins is required to avoid triggering an assertion in tcg_gen_deposit_tl. The check in dext is just for completeness. Fold the other D cases in via fallthru. In this case the errant dins appears to be data, not code, as translation failed to stop after a break insn. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 060ebfef1a09b58fb219b3769b72efb407515bf1 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Mon Aug 3 13:01:19 2015 +0100 target-mips: fix semihosting for microMIPS R6 In semihosting mode the SDBBP 1 instructions should trigger UHI syscall, but in QEMU this does not happen for recently added microMIPS R6. Consequently bare metal microMIPS R6 programs supporting UHI will not run. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 8887f84c54f6e74124544d1700a205e5b6821b3d Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Jul 17 15:25:54 2015 +0800 tests: test rx recovery from cont Rx should be recovered after cont. Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1437117954-16342-2-git-send-email-jasowang@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 2af40254bf0cb49c50656eb8be172e111c9c70c6 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Jul 17 15:25:53 2015 +0800 tests: introduce basic pci test for virtio-net Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1437117954-16342-1-git-send-email-jasowang@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b9f7c377df4f04e9119cb0e917438dd37ef34029 Author: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 28 21:44:50 2015 +0300 net/vmxnet3: Fix incorrect debug message From: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> In commit 80da311d81, "net/vmxnet3: Fix RX TCP/UDP checksum on partially summed packets" a debug message was introduced in vmxnet3_rx_need_csum_calculate() for an unlikely input condition. The message accidentally printed 'len' variable instead of 'pkt_len'. Fix, providing the correct argument. Signed-off-by: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> Signed-off-by: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Message-id: 1438109090-18957-1-git-send-email-shmulik.ladkani@xxxxxxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 260425ab405ea76c44dd59744d05176d4f579a52 Merge: e95edef 6cd3878 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Aug 3 18:52:55 2015 +0100 Merge remote-tracking branch 'remotes/sstabellini/tags/cve-2015-5166-tag' into staging cve-2015-5166 # gpg: Signature made Mon 03 Aug 2015 15:27:44 BST using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>" * remotes/sstabellini/tags/cve-2015-5166-tag: Fix release_drive on unplugged devices (pci_piix3_xen_ide_unplug) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e95edefbd0559e1d0aa09549641b5d9af1f96fac Merge: f60c871 8c6dc68 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Aug 3 17:33:35 2015 +0100 Merge remote-tracking branch 'remotes/sstabellini/tags/xen-migration-2.4-tag' into staging xen-migration-2.4 # gpg: Signature made Mon 03 Aug 2015 17:18:36 BST using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>" * remotes/sstabellini/tags/xen-migration-2.4-tag: migration: Fix regression for xenfv and pc,accel=xen machine. migration: Fix global state with Xen. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8c6dc68f4cff9eef870497a19a5373dde9dbdcc2 Author: Anthony PERARD <anthony.perard@xxxxxxxxxx> Date: Mon Aug 3 15:29:21 2015 +0100 migration: Fix regression for xenfv and pc,accel=xen machine. This fix migration from the same QEMU version and from previous QEMU version. >From the global state section, we don't need runstate with Xen. Right now, the way the Xen toolstack knows when QEMU is ready is when QEMU reach "running" runstate. The configuration section and the section footers are not going to be present in previous version of QEMU with xenfv machine, so we skip them. The Xen toolstack libxenlight does not specify a particular version of the 'pc' machine, so migration from older version of QEMU used by Xen to newer one would break due to missing "configuration" section and section footers. Signed-off-by: Anthony PERARD <anthony.perard@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit c69adea462a97c02001b2dd1edd2a0692d27f5a2 Author: Anthony PERARD <anthony.perard@xxxxxxxxxx> Date: Mon Aug 3 15:29:19 2015 +0100 migration: Fix global state with Xen. When doing migration via the QMP command xen_save_devices_state, the current runstate is not store into the global state section. Also the current runstate is not the one we want on the receiver side. During migration, the Xen toolstack paused QEMU before save the devices state. Also, the toolstack expect QEMU to autostart when the migration is finished. So this patch store "running" as it's current runstate. Signed-off-by: Anthony PERARD <anthony.perard@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit f60c87154ac722c528fd5582f7137914a93c5eec Author: Andreas Färber <afaerber@xxxxxxx> Date: Fri Jul 24 16:47:37 2015 +0200 configure: Drop vnc-ws feature from help text Commit 8e9b0d2 (ui: convert VNC websockets to use crypto APIs) dropped the --enable-vnc-ws option but forgot to update the help text. Fix this. Cc: Daniel P. Berrange <berrange@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1437749257-3313-1-git-send-email-afaerber@xxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6cd387833d05e8ad31829d97e474dc420625aed9 Author: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Date: Mon Aug 3 13:56:57 2015 +0000 Fix release_drive on unplugged devices (pci_piix3_xen_ide_unplug) pci_piix3_xen_ide_unplug should completely unhook the unplugged IDEDevice from the corresponding BlockBackend, otherwise the next call to release_drive will try to detach the drive again. Suggested-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 2a3612ccc1fa9cea77bd193afbfe21c77e7e91ef Merge: bd80b59 8357946 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Aug 3 13:09:10 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/rtl8139-cplus-tx-input-validation-pull-request' into staging Pull request # gpg: Signature made Mon Aug 3 13:08:25 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/rtl8139-cplus-tx-input-validation-pull-request: rtl8139: check TCP Data Offset field (CVE-2015-5165) rtl8139: skip offload on short TCP header (CVE-2015-5165) rtl8139: check IP Total Length field (CVE-2015-5165) rtl8139: check IP Header Length field (CVE-2015-5165) rtl8139: skip offload on short Ethernet/IP header (CVE-2015-5165) rtl8139: drop tautologous if (ip) {...} statement (CVE-2015-5165) rtl8139: avoid nested ifs in IP header parsing (CVE-2015-5165) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8357946b15f0a31f73dd691b7da95f29318ed310 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 15 17:39:29 2015 +0100 rtl8139: check TCP Data Offset field (CVE-2015-5165) The TCP Data Offset field contains the length of the header. Make sure it is valid and does not exceed the IP data length. Reported-by: æ?±ä¸?æµ·(å?¯è·¯) <donghai.zdh@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 4240be45632db7831129f124bcf53c1223825b0f Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 15 17:36:15 2015 +0100 rtl8139: skip offload on short TCP header (CVE-2015-5165) TCP Large Segment Offload accesses the TCP header in the packet. If the packet is too short we must not attempt to access header fields: tcp_header *p_tcp_hdr = (tcp_header*)(eth_payload_data + hlen); int tcp_hlen = TCP_HEADER_DATA_OFFSET(p_tcp_hdr); Reported-by: æ?±ä¸?æµ·(å?¯è·¯) <donghai.zdh@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c6296ea88df040054ccd781f3945fe103f8c7c17 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 15 17:34:40 2015 +0100 rtl8139: check IP Total Length field (CVE-2015-5165) The IP Total Length field includes the IP header and data. Make sure it is valid and does not exceed the Ethernet payload size. Reported-by: æ?±ä¸?æµ·(å?¯è·¯) <donghai.zdh@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 03247d43c577dfea8181cd40177ad5ba77c8db76 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 15 17:32:32 2015 +0100 rtl8139: check IP Header Length field (CVE-2015-5165) The IP Header Length field was only checked in the IP checksum case, but is used in other cases too. Reported-by: æ?±ä¸?æµ·(å?¯è·¯) <donghai.zdh@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e1c120a9c54872f8a538ff9129d928de4e865cbd Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 15 14:30:37 2015 +0100 rtl8139: skip offload on short Ethernet/IP header (CVE-2015-5165) Transmit offload features access Ethernet and IP headers the packet. If the packet is too short we must not attempt to access header fields: int proto = be16_to_cpu(*(uint16_t *)(saved_buffer + 12)); ... eth_payload_data = saved_buffer + ETH_HLEN; ... ip = (ip_header*)eth_payload_data; if (IP_HEADER_VERSION(ip) != IP_HEADER_VERSION_4) { Reported-by: æ?±ä¸?æµ·(å?¯è·¯) <donghai.zdh@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d6812d60e7932de3cd0f602c0ee63dd3d09f1847 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 15 17:17:28 2015 +0100 rtl8139: drop tautologous if (ip) {...} statement (CVE-2015-5165) The previous patch stopped using the ip pointer as an indicator that the IP header is present. When we reach the if (ip) {...} statement we know ip is always non-NULL. Remove the if statement to reduce nesting. Reported-by: æ?±ä¸?æµ·(å?¯è·¯) <donghai.zdh@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 39b8e7dcaf04cbdb926b478f825b160d852752b5 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 15 17:13:32 2015 +0100 rtl8139: avoid nested ifs in IP header parsing (CVE-2015-5165) Transmit offload needs to parse packet headers. If header fields have unexpected values the offload processing is skipped. The code currently uses nested ifs because there is relatively little input validation. The next patches will add missing input validation and a goto label is more appropriate to avoid deep if statement nesting. Reported-by: æ?±ä¸?æµ·(å?¯è·¯) <donghai.zdh@xxxxxxxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit bd80b5963f58c601f31d3186b89887bf8e182fb5 Merge: ff90f84 c99d696 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Aug 3 11:44:07 2015 +0100 Merge remote-tracking branch 'remotes/aurel/tags/pull-tcg-mips-s390-20150803' into staging TCG MIPS and S390 fixes for 2.4. # gpg: Signature made Mon Aug 3 09:09:59 2015 BST using RSA key ID 1DDD8C9B # gpg: Good signature from "Aurelien Jarno <aurelien@xxxxxxxxxxx>" # gpg: aka "Aurelien Jarno <aurelien@xxxxxxxx>" # gpg: aka "Aurelien Jarno <aurel32@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 7746 2642 A9EF 94FD 0F77 196D BA9C 7806 1DDD 8C9B * remotes/aurel/tags/pull-tcg-mips-s390-20150803: tcg/mips: fix add2 tcg/s390x: Mask TCGMemOp appropriately for indexing tcg/mips: Mask TCGMemOp appropriately for indexing tcg/mips: fix TLB loading for BE host with 32-bit guests Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ff90f84e74d7c8641a493585ba9ea8d6e0d19855 Merge: cb48f67 91ced51 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Aug 3 10:44:23 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Fri Jul 31 23:24:06 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/ide-pull-request: ahci: fix ICC mask definition macio: re-add TRIM support Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c99d69694af4ed15b33e3f7c2e3ef6972c14358d Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Fri Jul 31 16:38:25 2015 +0200 tcg/mips: fix add2 The add2 code in the tcg_out_addsub2 function doesn't take into account the case where rl == al == bl. In that case we can't compute the carry after the addition. As it corresponds to a multiplication by 2, the carry bit is the bit 31. While this is a corner case, this prevents x86-64 guests to boot on a MIPS host. Cc: qemu-stable@xxxxxxxxxx Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 3c8691f568f49bf623dcb2850464d4156d95e61b Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jul 30 22:13:26 2015 +0200 tcg/s390x: Mask TCGMemOp appropriately for indexing Commit 2b7ec66f fixed TCGMemOp masking following the MO_AMASK addition, but two cases were forgotten in the TCG S390 backend. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 4214a8cb7c15ec43d4b2a43ebf248b273a0f4d45 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jul 30 22:11:51 2015 +0200 tcg/mips: Mask TCGMemOp appropriately for indexing Commit 2b7ec66f fixed TCGMemOp masking following the MO_AMASK addition, but two cases were forgotten in the TCG MIPS backend. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit e72c4fb81db52be881c9356f1c60e0a7817d2d32 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jul 30 23:39:34 2015 +0200 tcg/mips: fix TLB loading for BE host with 32-bit guests For 32-bit guest, we load a 32-bit address from the TLB, so there is no need to compensate for the low or high part. This fixes 32-bit guests on big-endian hosts. Cc: qemu-stable@xxxxxxxxxx Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 91ced514461e1a533bfb9e2eea32bd7df678b1cd Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Jul 21 14:02:01 2015 -0400 ahci: fix ICC mask definition There are likely others that could be updated, but we'll go with a light touch for 2.4 for now. Without the Unsigned specifier, this shifts bits into the signed bit, which makes clang unhappy and could cause unwanted behavior. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1437501721-24495-1-git-send-email-jsnow@xxxxxxxxxx commit 0e826a061a3e8e8485488a7da02cc139fc07d620 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jul 29 21:27:48 2015 +0200 macio: re-add TRIM support Commit bd4214fc dropped TRIM support by mistake. Given it is still advertised to the host when using a drive with discard=on, this cause the IDE bus to hang when the host issues a TRIM command. This patch fixes that by re-adding the TRIM code, ported to the new new DMA implementation. Cc: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-id: 1438198068-32428-1-git-send-email-aurelien@xxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit af103c9310b7ab56a2552965d9d1274b0024f27b Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Thu Jul 30 15:29:59 2015 +0200 vhost/scsi: call vhost_dev_cleanup() at unrealize() time vhost-scsi calls vhost_dev_init() at realize() time but forgets to call it's counterpart vhost_dev_cleanup() at unrealize() time. Calling it should fix leaking of memory table and mem_sections table in vhost device. And also unregister vhost's memory listerner to prevent access from memory core to freed memory. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Message-Id: <1438262999-287627-1-git-send-email-imammedo@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 975b66555cb56af453c6852e7e821e2451700527 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 29 16:45:12 2015 +0800 virtio-scsi-test: Add test case for tail unaligned WRITE SAME Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1438159512-3871-3-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit a56537a12757a8cdee24ad8c83e5af7a9833ea70 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 29 16:45:11 2015 +0800 scsi-disk: Fix assertion failure on WRITE SAME The last portion of an unaligned WRITE SAME command could fail the assertion in bdrv_aligned_pwritev: assert(!qiov || bytes == qiov->size); Because we updated data->iov.iov_len right above this if block, but data->qiov still has the old size. Reinitialize the qiov to make them equal and keep block layer happy. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1438159512-3871-2-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 4bb7b0daf8ea34bcc582642d35a2e4902f7841db Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Jul 30 14:16:13 2015 +0100 tests: virtio-scsi: clear unit attention after reset The unit attention after reset (power on) prevents normal commands from running. The unaligned WRITE SAME test never executed its command! Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1438262173-11546-4-git-send-email-stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c85a7a0057ca454607a40cde991d495e0deec34d Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Jul 30 14:16:12 2015 +0100 scsi-disk: fix cmd.mode field typo The cmd.xfer field is the data length. The cmd.mode field is the data transfer direction. scsi_handle_rw_error() was using the wrong error policy for read requests. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1438262173-11546-3-git-send-email-stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 1cc933453bf2baae1feb7c8e757bdfd0ef639002 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Jul 30 14:16:11 2015 +0100 virtio-scsi: use virtqueue_map_sg() when loading requests The VirtQueueElement struct is serialized during migration but the in_sg[]/out_sg[] iovec arrays are not usable on the destination host because the pointers are meaningless. Use virtqueue_map_sg() to refresh in_sg[]/out_sg[] to valid pointers based on in_addr[]/out_addr[] hwaddrs. Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1438262173-11546-2-git-send-email-stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit cb48f67ad8c7b33c617d4f8144a27706e69fd688 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed Jul 29 11:40:52 2015 -0700 bsd-user: Fix operand to cpu_x86_exec Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1438195252-21968-1-git-send-email-rth@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7008d580acad326148a725bd20695882ba10247a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 29 18:50:11 2015 +0100 Update version for v2.4.0-rc3 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 46739a2d7ace71b43cacf73ea71c10429db0d5e8 Merge: b83d017 ca96ac4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 29 17:08:38 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging Pull request These fixes make dataplane work again after the notify_me optimization was added. They also solve QEMUBH memory leaks and fix a bug in dataplane's cleanup code. # gpg: Signature made Wed Jul 29 14:50:26 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: AioContext: force event loop iteration using BH AioContext: avoid leaking BHs on cleanup virtio-blk-dataplane: delete bottom half before the AioContext is freed Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ca96ac44dcd290566090b2435bc828fded356ad9 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Jul 28 18:34:09 2015 +0200 AioContext: force event loop iteration using BH The notify_me optimization introduced in commit eabc97797310 ("AioContext: fix broken ctx->dispatching optimization") skips event_notifier_set() calls when the event loop thread is not blocked in ppoll(2). This optimization causes a deadlock if two aio_context_acquire() calls race. notify_me = 0 during the race so the winning thread can enter ppoll(2) unaware that the other thread is waiting its turn to acquire the AioContext. This patch forces ppoll(2) to return by scheduling a BH instead of calling aio_notify(). The following deadlock with virtio-blk dataplane is fixed: qemu ... -object iothread,id=iothread0 \ -drive if=none,id=drive0,file=test.img,... \ -device virtio-blk-pci,iothread=iothread0,drive=drive0 This command-line results in a hang early on without this patch. Thanks to Paolo Bonzini <pbonzini@xxxxxxxxxx> for investigating this bug with me. Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1438101249-25166-4-git-send-email-pbonzini@xxxxxxxxxx Message-Id: <1438014819-18125-3-git-send-email-stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a076972a4d36381d610a854f0c336507650a1d34 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Jul 28 18:34:08 2015 +0200 AioContext: avoid leaking BHs on cleanup BHs are freed during aio_bh_poll(). This leads to memory leaks if there is no aio_bh_poll() between qemu_bh_delete() and aio_ctx_finalize(). Suggested-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1438101249-25166-3-git-send-email-pbonzini@xxxxxxxxxx Message-Id: <1438014819-18125-2-git-send-email-stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit fed105e2756dde98efa5e80baca02ae516dd1e51 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 28 18:34:07 2015 +0200 virtio-blk-dataplane: delete bottom half before the AioContext is freed Other uses of aio_bh_new are safe as long as all scheduled bottom halves are run before an iothread is destroyed, which bdrv_drain will ensure: - archipelago_finish_aiocb: BH deletes itself - inject_error: BH deletes itself - blkverify_aio_bh: BH deletes itself - abort_aio_request: BH deletes itself - curl_aio_readv: BH deletes itself - gluster_finish_aiocb: BH deletes itself - bdrv_aio_rw_vector: BH deletes itself - bdrv_co_maybe_schedule_bh: BH deletes itself - iscsi_schedule_bh, iscsi_co_generic_cb: BH deletes itself - laio_attach_aio_context: deleted in laio_detach_aio_context, called through bdrv_detach_aio_context before deleting the iothread - nfs_co_generic_cb: BH deletes itself - null_aio_common: BH deletes itself - qed_aio_complete: BH deletes itself - rbd_finish_aiocb: BH deletes itself - dma_blk_cb: BH deletes itself - virtio_blk_dma_restart_cb: BH deletes itself - qemu_bh_new: main loop AioContext is never destroyed - test-aio.c: bh_delete_cb deletes itself, otherwise deleted in the same function that calls aio_bh_new Reported-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1438101249-25166-2-git-send-email-pbonzini@xxxxxxxxxx Message-Id: <1438086628-13000-1-git-send-email-pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b83d017d88b2c4710c7a4614ecf9f845e4db80ba Merge: 170f209 7bba83b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 28 19:02:04 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging Pull request These two .can_receive() are now reviewed. The net subsystem queue for 2.4 is now empty. # gpg: Signature made Tue Jul 28 13:26:03 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: xen: Drop net_rx_ok hw/net: handle flow control in mcf_fec driver receiver Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 170f209d7848dc2f14b3f3dccc34a49558680d4d Merge: 8b89b3a c147b51 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 28 17:09:56 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio fixes for 2.4 Mostly virtio 1 spec compliance fixes. We are unlikely to make it perfectly compliant in the first release, but it seems worth it to try. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Mon Jul 27 21:55:48 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: virtio: minor cleanup acpi: fix pvpanic device is not shown in ui virtio-blk: only clear VIRTIO_F_ANY_LAYOUT for legacy device virtio-blk: fail get_features when both scsi and 1.0 were set virtio: get_features() can fail virtio-pci: fix memory MR cleanup for modern virtio: set any_layout in virtio core virtio-9p: fix any_layout virtio-serial: fix ANY_LAYOUT virtio: hide legacy features from modern guests Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8b89b3a8df0a7d1ddbc9744f66a495986af667ca Merge: 5e868d2 52579c6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 28 15:25:24 2015 +0100 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150728' into staging MIPS patches 2015-07-28 Changes: * net/dp8393x fixes * Vectored Interrupts bug fix * fix for a bug in machine.c which was provoking a warning on FreeBSD # gpg: Signature made Tue Jul 28 10:47:19 2015 BST using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 8DD3 2F98 5495 9D66 35D4 4FC0 5211 8E3C 0B29 DA6B * remotes/lalrae/tags/mips-20150728: net/dp8393x: do not use memory_region_init_rom_device with NULL net/dp8393x: remove check of runt packets net/dp8393x: disable user creation target-mips: fix offset calculation for Interrupts target-mips: fix passing incompatible pointer type in machine.c Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5e868d2e5e4aff76bdef787e44bc2d1eca18901f Merge: 9f8c5b6 52c91da Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 28 14:19:16 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * crypto fixes * megasas SIGSEGV fix * memory refcount change to fix virtio hot-unplug # gpg: Signature made Tue Jul 28 08:29:07 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: memory: do not add a reference to the owner of aliased regions megasas: Add write function to handle write access to PCI BAR 3 crypto: extend unit tests to cover decryption too crypto: fix built-in AES decrypt function Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9f8c5b69c2b9ca8b9c3e569b0f41bd60a0b9e9fe Merge: 776f878 325e390 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 28 13:22:57 2015 +0100 Merge remote-tracking branch 'remotes/cody/tags/jtc-for-upstream-pull-request' into staging # gpg: Signature made Tue Jul 28 05:22:29 2015 BST using RSA key ID C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@xxxxxxxxxx>" # gpg: aka "Jeffrey Cody <jeff@xxxxxxxxxxxxx>" # gpg: aka "Jeffrey Cody <codyprime@xxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 9957 4B4D 3474 90E7 9D98 D624 BDBE 7B27 C0DE 3057 * remotes/cody/tags/jtc-for-upstream-pull-request: block/ssh: Avoid segfault if inet_connect doesn't set errno. sheepdog: serialize requests to overwrapping area Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7bba83bf80eae9c9e323319ff40d0ca477b0a77a Author: Fam Zheng <famz@xxxxxxxxxx> Date: Tue Jul 28 17:52:56 2015 +0800 xen: Drop net_rx_ok Let net_rx_packet() (which checks the same conditions) drops the packet if the device is not ready. Drop net_xen_info.can_receive and update the return value for the buffer full case. We rely on the qemu_flush_queued_packets() in net_event() to wake up the peer when the buffer becomes available again. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1438077176-378-1-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 776f87845137a9b300a4815ba6bf6879310795aa Merge: 84a29c7 226d007 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 28 11:28:44 2015 +0100 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-07-27' into staging trivial patches for 2015-07-27 # gpg: Signature made Mon Jul 27 20:50:14 2015 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-07-27: gdbstub: Set current CPU on interruptions qapi: add missing @ Fix Cortex-A9 global timer gitignore: Ignore shader generated files vmstate: remove unused declaration make: Clean build messages qemu-common.h: Document cutils.c string functions device_tree: Fix a typo hw/acpi/ich9: clean up stale comment about KVM not supporting SMM hw/acpi/ich9: clear smi_en on reset Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ff1d2ac949dc94d8a0e71fd46939fb69c2ef075b Author: Greg Ungerer <gerg@xxxxxxxxxxx> Date: Tue Jul 28 11:02:54 2015 +1000 hw/net: handle flow control in mcf_fec driver receiver The network mcf_fec driver emulated receive side method is not dealing with network queue flow control properly. Modify the receive side to check if we have enough space in the descriptors to store the current packet. If not we process none of it and return 0. When the guest frees up some buffers through its descriptors we signal the qemu net layer to send more packets. [Fixed coding style: 4-space indent and curly braces on if statement. --Stefan] Signed-off-by: Greg Ungerer <gerg@xxxxxxxxxxx> Message-id: 1438045374-10358-1-git-send-email-gerg@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 52579c681cb12bf64de793e85edc50d990f4d42f Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Sun Jul 26 22:32:55 2015 +0200 net/dp8393x: do not use memory_region_init_rom_device with NULL Replace memory_region_init_rom_device() with memory_region_init_ram() and memory_region_set_readonly(). This fixes a guest-triggerable QEMU crash when guest tries to write to PROM. Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> [leon.alrae@xxxxxxxxxx: shorten subject length] Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 30dfa9a46cd845db3f43f5c11b129f4a50941b02 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Fri Jul 24 20:42:23 2015 +0200 net/dp8393x: remove check of runt packets Ethernet requires that messages are at least 64 bytes on the wire. This limitation does not exist on emulation (no wire message), so remove the check. Netcard is now able to receive small network packets. Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit f6351288b65130deb8102b17143f5d84f817a02a Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Fri Jul 24 20:42:21 2015 +0200 net/dp8393x: disable user creation Netcard needs an address space to write data to, which can't be specified on command line. This fixes a crash when user starts QEMU with "-device dp8393x" Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 84a29c7efd02baa97b0d60d1e59e8357f7a5e0f1 Merge: f8787f8 77c102c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 28 09:11:48 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches for 2.4.0-rc3 # gpg: Signature made Mon Jul 27 16:19:17 2015 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: block: qemu-iotests - add check for multiplication overflow in vpc block: vpc - prevent overflow if max_table_entries >= 0x40000000 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit da52a4dfcc4864fd2260ec4eab331f75b1f0240b Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Fri Jul 10 12:10:02 2015 +0100 target-mips: fix offset calculation for Interrupts Correct computation of vector offsets for EXCP_EXT_INTERRUPT. For instance, if Cause.IV is 0 the vector offset should be 0x180. Simplify the finding vector number logic for the Vectored Interrupts. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> [leon.alrae@xxxxxxxxxx: cosmetic changes] Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 8bcbb834a015432bfb4d09a883c21f017eadd978 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Wed Jul 22 14:59:23 2015 +0100 target-mips: fix passing incompatible pointer type in machine.c Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 325e3904210c779a13fbbc9ee156056d045d7eee Author: Richard W.M. Jones <rjones@xxxxxxxxxx> Date: Wed Jul 22 14:27:47 2015 +0100 block/ssh: Avoid segfault if inet_connect doesn't set errno. On some (but not all) systems: $ qemu-img create -f qcow2 overlay -b ssh://xen/ Segmentation fault It turns out this happens when inet_connect returns -1 in the following code, but errno == 0. s->sock = inet_connect(s->hostport, errp); if (s->sock < 0) { ret = -errno; goto err; } In the test case above, no host called "xen" exists, so getaddrinfo fails. On Fedora 22, getaddrinfo happens to set errno = ENOENT (although it is *not* documented to do that), so it doesn't segfault. On RHEL 7, errno is not set by the failing getaddrinfo, so ret = -errno = 0, so the caller doesn't know there was an error and continues with a half-initialized BDRVSSHState struct, and everything goes south from there, eventually resulting in a segfault. Fix this by setting ret to -EIO (same as block/nbd.c and block/sheepdog.c). The real error is saved in the Error** errp struct, so it is printed correctly: $ ./qemu-img create -f qcow2 overlay -b ssh://xen/ qemu-img: overlay: address resolution failed for xen:22: No address associated with hostname Signed-off-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Reported-by: Jun Li BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1147343 Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 6a55c82cece217ab99ed95a412fa7ddf5d5f257b Author: Hitoshi Mitake <mitake.hitoshi@xxxxxxxxxxxxx> Date: Sat Jul 18 01:44:24 2015 +0900 sheepdog: serialize requests to overwrapping area Current sheepdog driver only serializes create requests in oid unit. This mechanism isn't enough for handling requests to overwrapping area spanning multiple oids, so it can result bugs like below: https://bugs.launchpad.net/sheepdog-project/+bug/1456421 This patch adds a new serialization mechanism for the problem. The difference from the old one is: 1. serialize entire aiocb if their targetting areas overwrap 2. serialize all requests (read, write, and discard), not only creates This patch also removes the old mechanism because the new one can be an alternative. Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Cc: Teruaki Ishizaki <ishizaki.teruaki@xxxxxxxxxxxxx> Cc: Vasiliy Tolstov <v.tolstov@xxxxxxxxx> Signed-off-by: Hitoshi Mitake <mitake.hitoshi@xxxxxxxxxxxxx> Tested-by: Vasiliy Tolstov <v.tolstov@xxxxxxxxx> Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 52c91dac6bd891656f297dab76da51fc8bc61309 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Jul 27 16:29:56 2015 +0200 memory: do not add a reference to the owner of aliased regions Very often the owner of the aliased region is the same as the owner of the alias region itself. When this happens, the reference count can never go back to 0 and the owner is leaked. This is for example breaking hot-unplug of virtio-pci devices (the device cannot be plugged back again with the same id). Another common use for alias is to transform the system I/O address space into an MMIO regions; in this case the aliased region never dies, so there is no problem. Otherwise the owner is always the same for aliasing and aliased region. I checked all calls to memory_region_init_alias introduced after commit dfde4e6 (memory: add ref/unref calls, 2013-05-06) and they do not need the reference in order to keep the owner of the aliased region alive. Reported-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 55875fc4ca45a35e36134663ade946d86fe7bfcd Author: Salva Peiró <speirofr@xxxxxxxxx> Date: Mon Jul 27 10:51:52 2015 +0200 megasas: Add write function to handle write access to PCI BAR 3 This patch fixes a QEMU SEGFAULT when a write operation is performed on the memory region of the PCI BAR 3 (base address space). When a writeb(0xe0000000) is performed the .write function is invoked to handle the write access, however, since the .write is not initialised, the call to 0, causes QEMU to SEGFAULT. Signed-off-by: Salva Peiró <speirofr@xxxxxxxxx> Acked-by: Hannes Reinecke <hare@xxxxxxxx> Message-Id: <1437987112-24744-1-git-send-email-speirofr@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c147b5153e733a14fc65d2098e7036754c185ad1 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Jul 27 18:39:37 2015 +0300 virtio: minor cleanup There's no need for blk to set ANY_LAYOUT, it's done by virtio core as necessary. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8ef3ea253b5aaaa00f3b9999f3ff19e74cfa26f8 Author: Gal Hammer <ghammer@xxxxxxxxxx> Date: Sun Jul 26 11:00:51 2015 +0300 acpi: fix pvpanic device is not shown in ui Commit 2332333c added a _STA method that hides the device. The fact that the device is not shown in the gui make it harder to install its Windows' device. https://bugzilla.redhat.com/show_bug.cgi?id=1238141 Signed-off-by: Gal Hammer <ghammer@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit 226d007dbd75ec8d0f12d0f9e1ce66caf55d49e4 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Fri Jul 24 18:52:31 2015 +0200 gdbstub: Set current CPU on interruptions gdb expects that the thread ID for c and g-class operations is set to the CPU we provide when reporting VM stop conditions. If the stub is still tuned to a different CPU, the wrong information is delivered to the gdb frontend. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 801db5ecdac7575a1b0250243eea1767da553e50 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Fri Jul 3 11:51:01 2015 +0200 qapi: add missing @ Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 786f9ce20382704249883d7052f6869011d44281 Author: Johannes Schlatow <schlatow@xxxxxxxxxxxxxxxx> Date: Mon Jun 29 17:45:41 2015 +0200 Fix Cortex-A9 global timer The auto increment bit of the timer control register was wrongly defined. See Cortex-A9 MPcore Technical Reference Manual, Section 4.4.2. Signed-off-by: Johannes Schlatow <schlatow@xxxxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 7e71e111e0544ec35af40c3dc29f21697c8f17bf Author: Michal Privoznik <mprivozn@xxxxxxxxxx> Date: Tue Jun 23 14:30:20 2015 +0200 gitignore: Ignore shader generated files As of d98bc0b65 there are two files that are automatically generated: ui/shader/texture-blit-frag.h and /ui/shader/texture-blit-vert.h. None of them is wanted to be tracked by git. Put them into the ignore file then. Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 7155f2ca9d66f5598fd8d071e71d6758019a6e48 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Date: Tue Jun 23 18:41:27 2015 +0200 vmstate: remove unused declaration Since 38e0735e, register_device_unmigratable() has been removed Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f6288b9c88bae7d76d8bfe17e672976d79079296 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Sat Jul 18 16:54:32 2015 +0200 make: Clean build messages We want to have uniform build messages, so fix some messages which did not follow the standard pattern. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ab6036630865eff8bb12dd51dfa6921b4607fc81 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Jul 19 21:34:22 2015 +0100 qemu-common.h: Document cutils.c string functions Add documentation comments for various utility string functions which we have implemented in util/cutils.c: pstrcpy() strpadcpy() pstrcat() strstart() stristart() qemu_strnlen() qemu_strsep() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit cc47a16bcbbc2d1f79511799ca3625c6522f5838 Author: Kamalesh Babulal <kamalesh@xxxxxxxxxxxxxxxxxx> Date: Fri Jul 24 13:48:13 2015 +0530 device_tree: Fix a typo Fix spelling of 'allocting' -> 'allocating'. Signed-off-by: Kamalesh Babulal <kamalesh@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f3c30aeaa7888aee96a1fa28f259fb8312d47ab2 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jul 24 20:16:01 2015 +0200 hw/acpi/ich9: clean up stale comment about KVM not supporting SMM Commit fba72476c6 ("ich9: add smm_enabled field and arguments") detached SMM availability from kvm_enabled(). However, the comment in pm_reset() was not updated; let's do it now. Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Igor Mammedov <imammedo@xxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: qemu-trivial@xxxxxxxxxx Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit be66680e8320d612f1c96096a217e642e458f47b Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jul 24 20:16:00 2015 +0200 hw/acpi/ich9: clear smi_en on reset Otherwise on reboot firmware might think (due to APMC_EN remaining set from the previous boot) that SMI support is absent. Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Igor Mammedov <imammedo@xxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: qemu-trivial@xxxxxxxxxx Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f8787f8723eaca1be99e3b1873e54de163fffa93 Merge: edec47c bbeb823 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 27 19:37:09 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150727' into staging Fix buglets for 2.4 # gpg: Signature made Mon Jul 27 15:26:48 2015 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20150727: tcg: mark temps as mem_coherent = 0 for mov with a constant tcg: correctly mark dead inputs for mov with a constant Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit edec47cfef96209987cb7922286cb384916aae02 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Jul 24 13:42:55 2015 +0200 main-loop: fix qemu_notify_event for aio_notify optimization aio_notify can be optimized away, and in fact almost always will. However, qemu_notify_event is used in places where this is incorrect---most notably, when handling SIGTERM. When aio_notify is optimized away, it is possible that QEMU enters a blocking ppoll immediately afterwards and stays there, without reaching main_loop_should_exit(). Fix this by using a bottom half. The bottom half can be optimized too, but scheduling it is enough for the ppoll not to block. The hang is thus avoided. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1437738175-23624-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 77c102c26ead946fe7589d4bddcdfa5cb431ebfe Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Fri Jul 24 10:26:52 2015 -0400 block: qemu-iotests - add check for multiplication overflow in vpc This checks that VPC is able to successfully fail (without segfault) on an image file with a max_table_entries that exceeds 0x40000000. This table entry is within the valid range for VPC (although too large for this sample image). Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b15deac79530d818092cb49a8021bcce83d71b5b Author: Jeff Cody <jcody@xxxxxxxxxx> Date: Fri Jul 24 10:26:51 2015 -0400 block: vpc - prevent overflow if max_table_entries >= 0x40000000 When we allocate the pagetable based on max_table_entries, we multiply the max table entry value by 4 to accomodate a table of 32-bit integers. However, max_table_entries is a uint32_t, and the VPC driver accepts ranges for that entry over 0x40000000. So during this allocation: s->pagetable = qemu_try_blockalign(bs->file, s->max_table_entries * 4); The size arg overflows, allocating significantly less memory than expected. Since qemu_try_blockalign() size argument is size_t, cast the multiplication correctly to prevent overflow. The value of "max_table_entries * 4" is used elsewhere in the code as well, so store the correct value for use in all those cases. We also check the Max Tables Entries value, to make sure that it is < SIZE_MAX / 4, so we know the pagetable size will fit in size_t. Cc: qemu-stable@xxxxxxxxxx Reported-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 3737129917c918767cdb8acd8ca6b342c45fa154 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 18:28:08 2015 +0100 configure: Work around broken static pkg-config info for Ubuntu gnutls Unfortunately Ubuntu's pkg-config information for gnutls is broken for the static linking case, and outputs --libs options which the compiler does not recognize. Work around this problem by testing that the --cflags/--libs output will at least allow compilation before enabling gnutls support. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-id: 1437758888-22486-1-git-send-email-peter.maydell@xxxxxxxxxx commit c9b11f971cfa1fd3eed716f62f4b835553b75490 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Mon Jul 27 17:49:21 2015 +0800 virtio-blk: only clear VIRTIO_F_ANY_LAYOUT for legacy device Chapter 6.3 of spec said " Transitional devices MUST offer, and if offered by the device transitional drivers MUST accept the following: VIRTIO_F_ANY_LAYOUT (27) " So this patch only clear VIRTIO_F_LAYOUT for legacy device. Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: qemu-block@xxxxxxxxxx Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit efb8206ca7f19f5a6ece1f2851a73a29de309b1e Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Mon Jul 27 17:49:20 2015 +0800 virtio-blk: fail get_features when both scsi and 1.0 were set SCSI passthrough was no longer supported in virtio 1.0, so this patch fail the get_features() when both 1.0 and scsi is set. And also only advertise VIRTIO_BLK_F_SCSI for legacy virtio-blk device. Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9d5b731dd2d64deb3bc798ef4e3c08603d54ae02 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Mon Jul 27 17:49:19 2015 +0800 virtio: get_features() can fail Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 27462695cde2a2208b1ff8074c2e917b8203590b Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Jul 27 11:06:17 2015 +0300 virtio-pci: fix memory MR cleanup for modern Each memory_region_add_subregion must be paired with memory_region_del_subregion. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bbeb82395eaca0e3c38b433b2d2a5bad4a5fbd81 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:55:58 2015 +0200 tcg: mark temps as mem_coherent = 0 for mov with a constant When a constant has to be loaded in a mov op, we fail to set mem_coherent = 0. This patch fixes that. Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1437994568-7825-3-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 7df69deadf2f25c19b3ac121404ee31f71dce845 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jul 27 12:55:57 2015 +0200 tcg: correctly mark dead inputs for mov with a constant When tcg_reg_alloc_mov propagate a constant, we failed to correctly mark a temp as dead if the liveness analysis hints so. This fixes the following assert when configure with --enable-debug-tcg: qemu-x86_64: tcg/tcg.c:1827: tcg_reg_alloc_bb_end: Assertion `ts->val_type == TEMP_VAL_DEAD' failed. Cc: Richard Henderson <rth@xxxxxxxxxxx> Reported-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1437994568-7825-2-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 122e7dab8ac549c8c5a9e1e13aa2464190e888de Merge: e40db4c f9f7492 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 27 14:53:42 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging Pull request Here are NIC fixes from Fam Zheng that prevent rx hangs (caused by NIC models where .can_receive() stops rx but qemu_flush_queued_packets() isn't called). # gpg: Signature made Mon Jul 27 14:51:48 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: axienet: Flush queued packets when rx is done dp8393x: Flush packets when link comes up stellaris_enet: Flush queued packets when read done mipsnet: Flush queued packets when receiving is enabled milkymist-minimac2: Flush queued packets when link comes up mcf_fec: Drop mcf_fec_can_receive etsec: Flush queue when rx buffer is consumed etsec: Move etsec_can_receive into etsec_receive usbnet: Drop usbnet_can_receive eepro100: Drop nic_can_receive pcnet: Drop pcnet_can_receive xgmac: Drop packets with eth_can_rx is false. hw/net: fix mcf_fec driver receiver hw/net: add simple phy support to mcf_fec driver hw/net: add ANLPAR bit definitions to generic mii hw/net: create common collection of MII definitions Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f9f7492ea4a9dda538fedeec31399fb940533a16 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:13 2015 +0800 axienet: Flush queued packets when rx is done eth_can_rx checks s->rxsize and returns false if it is non-zero. Because of the .can_receive semantics change, this will make the incoming queue disabled by peer, until it is explicitly flushed. So we should flush it when s->rxsize is becoming zero. Squash eth_can_rx semantics into etx_rx and drop .can_receive() callback, also add flush when rx buffer becomes available again after a packet gets queued. The other conditions, "!axienet_rx_resetting(s) && axienet_rx_enabled(s)" are OK because enet_write already calls qemu_flush_queued_packets when the register bits are changed. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1436955553-22791-13-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 4594f93a732f1f5936c3a5225481586e24bffa9e Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:12 2015 +0800 dp8393x: Flush packets when link comes up .can_receive callback changes semantics that once return 0, backend will try sending again until explicitly flushed, change the device to meet that. dp8393x_can_receive checks SONIC_CR_RXEN bit in SONIC_CR register and SONIC_ISR_RBE bit in SONIC_ISR register, try flushing the queue when either bit is being updated. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-12-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1ef4a6069f8b4c09c3383cd4b8e27b6ff25b2d41 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:11 2015 +0800 stellaris_enet: Flush queued packets when read done If s->np reaches 31, the queue will be disabled by peer when it sees stellaris_enet_can_receive() returns false, until we explicitly flushes it which notifies the peer. Do this when guest is done reading all existing data. Move the semantics to stellaris_enet_receive, by returning 0 when the buffer is full, so that new packets will be queued. In stellaris_enet_read, flush and restart the queue when guest has done reading. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-11-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1dd58ae0583c3d3fb15fa1d563d6b497558d3ad0 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:10 2015 +0800 mipsnet: Flush queued packets when receiving is enabled Drop .can_receive and move the semantics to mipsnet_receive, by returning 0. After 0 is returned, we must flush the queue explicitly to restart it: Call qemu_flush_queued_packets when s->busy or s->rx_count is being updated. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-10-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 3b7031e9609baf710823aa7880fd9802b39c4563 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:09 2015 +0800 milkymist-minimac2: Flush queued packets when link comes up Drop .can_receive and move the semantics into minimac2_rx, by returning 0. That is once minimac2_rx returns 0, incoming packets will be queued until the queue is explicitly flushed. We do this when s->regs[R_STATE0] or s->regs[R_STATE1] is changed in minimac2_write. Also drop the unused trace point. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1436955553-22791-9-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e813f0d8813944061fa9bde861cf6899379843e6 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:08 2015 +0800 mcf_fec: Drop mcf_fec_can_receive The semantics of .can_receive requires us to flush the queue explicitly when s->rx_enabled becomes true after it returns 0, but the packet being queued is not meaningful since the guest hasn't activated the card. Let's just drop the packet in this case. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-8-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 575bafd1f387c5f06b59cf2515f6bb1eff9d119d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:07 2015 +0800 etsec: Flush queue when rx buffer is consumed The BH will be scheduled when etsec->rx_buffer_len is becoming 0, which is the condition of queuing. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1436955553-22791-7-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b6cb6610c27c5b0773a340499f19c3477bf45aeb Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:06 2015 +0800 etsec: Move etsec_can_receive into etsec_receive When etsec_reset returns 0, peer would queue the packet as if .can_receive returns false. Drop etsec_can_receive and let etsec_receive carry the semantics. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-6-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 913440249ea2e697177e9d43167ac325a8dfe907 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:05 2015 +0800 usbnet: Drop usbnet_can_receive usbnet_receive already drops packet if rndis_state is not RNDIS_DATA_INITIALIZED, and queues packet if in buffer is not available. The only difference is s->dev.config but that is similar to rndis_state. Drop usbnet_can_receive and move these checks to usbnet_receive, so that we don't need to explicitly flush the queue when s->dev.config changes value. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-5-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 363db4b249244f31d3c47fbd5a8b128c95ba8fe7 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:04 2015 +0800 eepro100: Drop nic_can_receive nic_receive already checks the conditions and drop packets if false. Due to the new semantics since 6e99c63 ("net/socket: Drop net_socket_can_send"), having .can_receive returning 0 requires us to explicitly flush the queued packets when the conditions are becoming true, but queuing the packets when guest driver is not ready doesn't make much sense. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-4-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b0ba0b9b6b402d738f11f27eea6c94d97bf84cbf Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:03 2015 +0800 pcnet: Drop pcnet_can_receive pcnet_receive already checks the conditions and drop packets if false. Due to the new semantics since 6e99c63 ("net/socket: Drop net_socket_can_send"), having .can_receive returning 0 requires us to explicitly flush the queued packets when the conditions are becoming true, but queuing the packets when guest driver is not ready doesn't make much sense. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-3-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 8c8c460c5f38f878675631a66286a6e87bb4d111 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 18:19:02 2015 +0800 xgmac: Drop packets with eth_can_rx is false. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1436955553-22791-2-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 491a1f494ed4c0d1a8593dd04b645f8e63c4cfae Author: Greg Ungerer <gerg@xxxxxxxxxxx> Date: Fri Jun 26 15:27:16 2015 +1000 hw/net: fix mcf_fec driver receiver The network mcf_fec driver emulated receive side method is returning a result of 0 causing the network layer to disable receive for this emulated device. This results in the guest only ever receiving one packet. Fix the recieve side processing to return the number of bytes that we passed back through to the guest. Signed-off-by: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435296436-12152-5-git-send-email-gerg@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 299f7bec5a109db7563e1286cedf1f4d84e69e6d Author: Greg Ungerer <gerg@xxxxxxxxxxx> Date: Fri Jun 26 15:27:15 2015 +1000 hw/net: add simple phy support to mcf_fec driver The Linux fec driver needs at least basic phy support to probe and work. The current qemu mcf_fec emulation has no support for the reading or writing of the MDIO lines to access an attached phy. This code adds a very simple set of register results for a fixed phy setup - very similar to that used on an m5208evb board. This is enough to probe and identify an emulated attached phy. Signed-off-by: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435296436-12152-4-git-send-email-gerg@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 3634869b27b6b2ff538bcc5bf8dfd1235ede7034 Author: Greg Ungerer <gerg@xxxxxxxxxxx> Date: Fri Jun 26 15:27:14 2015 +1000 hw/net: add ANLPAR bit definitions to generic mii Add a base set of bit definitions for the standard MII phy "Auto-Negotiation Link Partner Ability Register" (ANLPAR). The original definitions moved into mii.h from the allwinner_emac driver did not define these. Signed-off-by: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435296436-12152-3-git-send-email-gerg@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 3e230569bf16aa36562967cd76b742c6824481b1 Author: Greg Ungerer <gerg@xxxxxxxxxxx> Date: Fri Jun 26 15:27:13 2015 +1000 hw/net: create common collection of MII definitions Create a common set of definitions of address and register values for ethernet MII phys. A few of the current ethernet drivers have at least a partial set of these definitions. Others just use hard coded raw constant numbers. This initial set is copied directly from the allwinner_emac code. Signed-off-by: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435296436-12152-2-git-send-email-gerg@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e40db4c6d391419c0039fe274c74df32a6ca1a28 Merge: f793d97 cb72cba Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 27 13:10:00 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/cve-2015-5154-pull-request' into staging # gpg: Signature made Mon Jul 27 13:01:10 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/cve-2015-5154-pull-request: ide: Clear DRQ after handling all expected accesses ide/atapi: Fix START STOP UNIT command completion ide: Check array bounds before writing to io_buffer (CVE-2015-5154) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 019c2ab8623daee210df8b1085a33b1e83c9ee11 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue Jul 21 09:55:02 2015 +0100 crypto: extend unit tests to cover decryption too The current unit test only verifies the encryption API, resulting in us missing a recently introduced bug in the decryption API from commit d3462e3. It was fortunately later discovered & fixed by commit bd09594, thanks to the QEMU I/O tests for qcow2 encryption, but we should really detect this directly in the crypto unit tests. Also remove an accidental debug message and simplify some asserts. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1437468902-23230-1-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6775e2c4298618828de9bb3c5584d4de20120e46 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri Jul 24 13:23:54 2015 +0100 crypto: fix built-in AES decrypt function The qcrypto_cipher_decrypt_aes method was using the wrong key material, and passing the wrong mode. This caused it to incorrectly decrypt ciphertext. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1437740634-6261-1-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 09999a5f7fc8e3636feda4358a79a25a09467594 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Jul 22 12:32:25 2015 +0300 virtio: set any_layout in virtio core Exceptions: - virtio-blk - compat machine types Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit cd4bfbb20d957a480032e2626ef1188b62c74d00 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jul 23 20:57:53 2015 +0300 virtio-9p: fix any_layout virtio pci allows any device to have a modern interface, this in turn requires ANY_LAYOUT support. Fix up ANY_LAYOUT for virtio-9p. Reported-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> commit 7882080388be5088e72c425b02223c02e6cb4295 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jul 23 17:52:02 2015 +0300 virtio-serial: fix ANY_LAYOUT Don't assume a specific layout for control messages. Required by virtio 1. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> commit 5f456073aa9ba54e421aa82dd38e4d40d0a0af85 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Jul 22 13:09:25 2015 +0300 virtio: hide legacy features from modern guests NOTIFY_ON_EMPTY, ANY_LAYOUT and BAD are only valid on the legacy interface. Hide them from modern guests. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit cb72cba83021fa42719e73a5249c12096a4d1cfc Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Sun Jul 26 23:42:53 2015 -0400 ide: Clear DRQ after handling all expected accesses This is additional hardening against an end_transfer_func that fails to clear the DRQ status bit. The bit must be unset as soon as the PIO transfer has completed, so it's better to do this in a central place instead of duplicating the code in all commands (and forgetting it in some). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> commit 03441c3a4a42beb25460dd11592539030337d0f8 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Sun Jul 26 23:42:53 2015 -0400 ide/atapi: Fix START STOP UNIT command completion The command must be completed on all code paths. START STOP UNIT with pwrcnd set should succeed without doing anything. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> commit d2ff85854512574e7209f295e87b0835d5b032c6 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Sun Jul 26 23:42:53 2015 -0400 ide: Check array bounds before writing to io_buffer (CVE-2015-5154) If the end_transfer_func of a command is called because enough data has been read or written for the current PIO transfer, and it fails to correctly call the command completion functions, the DRQ bit in the status register and s->end_transfer_func may remain set. This allows the guest to access further bytes in s->io_buffer beyond s->data_end, and eventually overflowing the io_buffer. One case where this currently happens is emulation of the ATAPI command START STOP UNIT. This patch fixes the problem by adding explicit array bounds checks before accessing the buffer instead of relying on end_transfer_func to function correctly. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> commit f793d97e454a56d17e404004867985622ca1a63b Merge: 30fdfae 178846b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 13:07:10 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * qemu-char fixes * SCSI fixes (including CVE-2015-5158) * RCU fixes * Framebuffer logic to set DIRTY_MEMORY_VGA * Fix compiler warning for --disable-vnc * qemu-doc fixes * x86 TCG pasto fix # gpg: Signature made Fri Jul 24 12:57:52 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: target-i386/FPU: a misprint in helper_fistll_ST0 qemu-doc: fix typos framebuffer: set DIRTY_MEMORY_VGA on RAM that is used for the framebuffer memory: count number of active VGA logging clients vl: Fix compiler warning for builds without VNC scsi: Handle no media case for scsi_get_configuration rcu: actually register threads that have RCU read-side critical sections scsi: fix buffer overflow in scsi_req_parse_cdb (CVE-2015-5158) vnc: fix memory leak qemu-char: Fix missed data on unix socket qemu-char: handle EINTR for TCP character devices exec.c: Use atomic_rcu_read() to access dispatch in memory_region_section_get_iotlb() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 178846bdd93994c1acafe4423f99ead8bb24cf38 Author: Dmitry Poletaev <poletaev-qemu@xxxxxxxxx> Date: Wed Jul 8 12:48:40 2015 +0300 target-i386/FPU: a misprint in helper_fistll_ST0 There is a cut-and-paste mistake in the patch https://lists.gnu.org/archive/html/qemu-devel/2014-11/msg01657.html . It cause errors in guest work. Here is the bugfix. Signed-off-by: Dmitry Poletaev <poletaev-qemu@xxxxxxxxx> Reported-by: Kirill Batuzov <batuzovk@xxxxxxxxx> Message-Id: <2692911436348920@xxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d274e07c6df4cc8207b01892ff6f81118ea6083c Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Fri Jul 3 17:50:57 2015 +0800 qemu-doc: fix typos Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Message-Id: <1435917057-9396-1-git-send-email-arei.gonglei@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c1076c3e13a86140cc2ba29866512df8460cc7c2 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Jul 13 12:00:29 2015 +0200 framebuffer: set DIRTY_MEMORY_VGA on RAM that is used for the framebuffer The MemoryRegionSection contains enough information to access the RAM region underlying the framebuffer, and can be cached inside the display device. By doing this, the new framebuffer_update_memory_section function can enable dirty memory logging on the relevant RAM region. The function must be called whenever the stride or base of the framebuffer changes; a simple way to cover these cases is to call it on every full frame invalidation, which is a rare case. framebuffer_update_display now works entirely on a MemoryRegionSection, without going through cpu_physical_memory_map/unmap. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit deb809edb85334c8e90530e1071b98f4da25ebaa Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 14 13:56:53 2015 +0200 memory: count number of active VGA logging clients For a board that has multiple framebuffer devices, both of them might want to use DIRTY_MEMORY_VGA on the same memory region. The lack of reference counting in memory_region_set_log makes this very awkward to implement. Suggested-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fb4309695905de889d318caec8eb13d3b2c118d5 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Wed Jul 22 19:53:30 2015 +0200 vl: Fix compiler warning for builds without VNC This regression was caused by commit 70b94331. CC vl.o vl.c: In function â??select_displayâ??: vl.c:2064:12: error: unused variable â??errâ?? [-Werror=unused-variable] Error *err = NULL; ^ Reported-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Message-Id: <1437587610-26433-1-git-send-email-sw@xxxxxxxxxxx> Reviewed-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7d99f4c1b5d12de7644a5bd8c3d46bff05c9ca7c Author: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Date: Wed Jul 15 14:52:32 2015 -0400 scsi: Handle no media case for scsi_get_configuration Currently, scsi_get_configuration always returns a current profile (DVD or CD), even when there is actually no media present. By comparison, ide/atapi uses a default profile of 0 (MMC_PROFILE_NONE) for this case and checks for tray_open, so let's do the same for scsi. This fixes a problem I'm seeing with Fedora 22 guests where systemd cdrom_id fails to unmount after a QEMU-initiated eject against a scsi cdrom device because it believes the media is still present (but unreadable). Signed-off-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxxxxxxx> Message-Id: <1436986352-10695-1-git-send-email-mjrosato@xxxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ab28bd23125fb4a0411c3a3f01c4edacbc261486 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jul 9 08:55:38 2015 +0200 rcu: actually register threads that have RCU read-side critical sections Otherwise, grace periods are detected too early! Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c170aad8b057223b1139d72e5ce7acceafab4fa9 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 21 08:59:39 2015 +0200 scsi: fix buffer overflow in scsi_req_parse_cdb (CVE-2015-5158) This is a guest-triggerable buffer overflow present in QEMU 2.2.0 and newer. scsi_cdb_length returns -1 as an error value, but the caller does not check it. Luckily, the massive overflow means that QEMU will just SIGSEGV, making the impact much smaller. Reported-by: Zhu Donghai (æ?±ä¸?æµ·) <donghai.zdh@xxxxxxxxxxxxxxx> Fixes: 1894df02811f6b79ea3ffbf1084599d96f316173 Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 60928458e5eea3c77a7eb0a4194927872f463947 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed Jul 22 17:08:53 2015 +0800 vnc: fix memory leak If vnc's password is configured, it will leak memory which cipher variable pointed on every vnc connection. Cc: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Message-Id: <1437556133-11268-1-git-send-email-arei.gonglei@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 30fdfae49d53cfc678859095e49ac60b79562d6f Merge: f75b709 9615212 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 11:11:30 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150723' into staging Last minute fixes for 2.4. # gpg: Signature made Fri Jul 24 04:42:31 2015 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20150723: tcg/optimize: fix tcg_opt_gen_movi tcg/aarch64: use 32-bit offset for 32-bit softmmu emulation tcg/aarch64: use 32-bit offset for 32-bit user-mode emulation tcg/aarch64: add ext argument to tcg_out_insn_3310 tcg/i386: Extend addresses for 32-bit guests Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f75b709853d2b2b0f2a8e149229aa1c7c1ee1c60 Merge: 12e21eb 759b484 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 24 09:17:44 2015 +0100 Merge remote-tracking branch 'remotes/awilliam/tags/vfio-fixes-20150723.0' into staging VFIO fixes for v2.4.0-rc3 - Fix Realtek NIC quirk (Alex Williamson) - Restore bootindex functionality (Alex Williamson) # gpg: Signature made Thu Jul 23 19:51:23 2015 BST using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex@xxxxxxxxxxx>" # gpg: aka "Alex Williamson <alwillia@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex.l.williamson@xxxxxxxxx>" * remotes/awilliam/tags/vfio-fixes-20150723.0: vfio/pci: Fix bootindex vfio/pci: Fix RTL8168 NIC quirks Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 961521261a3d600b0695b2e6d2b0f490076f7e90 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Fri Jul 10 18:03:30 2015 +0200 tcg/optimize: fix tcg_opt_gen_movi Due to a copy&paste, the new op value is tested against mov_i32 instead of movi_i32. The test is therefore always false. Fix that. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1436544211-2769-1-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 80adb8fcad4778376a11d394a9e01516819e2327 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Jul 23 18:04:52 2015 -0400 tcg/aarch64: use 32-bit offset for 32-bit softmmu emulation Similar to the same fix for user-mode, except this instance occurs on the softmmu path. Again, the tlb addend must be the base register, while the guest address is the index. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit ffc6372851d8631a9f9fa56ec613b3244dc635b9 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jul 15 17:27:01 2015 +0200 tcg/aarch64: use 32-bit offset for 32-bit user-mode emulation Thanks to the previous patch, it is now easy for tcg_out_qemu_ld and tcg_out_qemu_st to use a 32-bit zero extended offset. However, the guest base register x28 must be the base and addr_reg must be the index. Reported-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1436974021-28978-3-git-send-email-pbonzini@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 6c0f0c0f124718650a8d682ba275044fc02f6fe2 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jul 15 17:27:00 2015 +0200 tcg/aarch64: add ext argument to tcg_out_insn_3310 The new argument lets you pick uxtw or uxtx mode for the offset register. For now, all callers pass TCG_TYPE_I64 so that uxtx is generated. The bits for uxtx are removed from I3312_TO_I3310. Reported-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1436974021-28978-2-git-send-email-pbonzini@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit ee8ba9e4d8458b8bba5455a7ae704620c4f2ef4b Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Jul 16 22:25:49 2015 +0100 tcg/i386: Extend addresses for 32-bit guests Removing the ??? comment explaining why it (mostly) worked. Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Message-Id: <1437081950-7206-2-git-send-email-rth@xxxxxxxxxxx> commit 12e21eb088a51161c78ee39ed54ac56ebcff4243 Merge: b69b305 6b26996 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 23 12:54:53 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging NUMA queue, 2015-07-22 # gpg: Signature made Wed Jul 22 19:11:04 2015 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/numa-pull-request: hostmem: Fix qemu_opt_get_bool() crash in host_memory_backend_init() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4bf1cb03fbc43b0055af60d4ff093d6894aa4338 Author: Nils Carlson <pyssling@xxxxxxxxxxx> Date: Sun Jul 19 20:39:56 2015 +0000 qemu-char: Fix missed data on unix socket Commit 812c1057 introduced HUP detection on unix and tcp sockets prior to a read in tcp_chr_read. This unfortunately broke CloudStack 4.2 which relied on the old behaviour where data on a socket was readable even if a HUP was present. A working solution is to properly check the return values from recv, handling a closed socket once there is no more data to read. Also enable polling for G_IO_NVAL to ensure the callback is called for all possible events as these should now be possible to handle with the improved error detection. Signed-off-by: Nils Carlson <pyssling@xxxxxxxxxxx> Message-Id: <1437338396-22336-1-git-send-email-pyssling@xxxxxxxxxxx> [Do not handle EINTR; use socket_error(). - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9172f428afc1461b1d9b33ebca3a679b9adf7c3a Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 21 09:25:54 2015 +0200 qemu-char: handle EINTR for TCP character devices Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0b8e2c1002afddc8ef3d52fa6fc29e4768429f98 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 20 12:27:16 2015 +0100 exec.c: Use atomic_rcu_read() to access dispatch in memory_region_section_get_iotlb() When accessing the dispatch pointer in an AddressSpace within an RCU critical section we should always use atomic_rcu_read(). Fix an access within memory_region_section_get_iotlb() which was incorrectly doing a direct pointer access. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1437391637-31576-1-git-send-email-peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 759b484c5d7f92bd01f98797c07e8543ee187888 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Jul 22 14:56:01 2015 -0600 vfio/pci: Fix bootindex bootindex was incorrectly changed to a device Property during the platform code split, resulting in it no longer working. Remove it. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx # v2.3+ commit 69970fcef937bddd7f745efe39501c7716fdfe56 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Wed Jul 22 14:56:01 2015 -0600 vfio/pci: Fix RTL8168 NIC quirks The RTL8168 quirk correctly describes using bit 31 as a signal to mark a latch/completion, but the code mistakenly uses bit 28. This causes the Realtek driver to spin on this register for quite a while, 20k cycles on Windows 7 v7.092 driver. Then it gets frustrated and tries to set the bit itself and spins for another 20k cycles. For some this still results in a working driver, for others not. About the only thing the code really does in its current form is protect the guest from sneaking in writes to the real hardware MSI-X table. The fix is obviously to use bit 31 as we document that we should. The other problem doesn't seem to affect current drivers as nobody seems to use these window registers for writes to the MSI-X table, but we need to use the stored data when a write is triggered, not the value of the current write, which only provides the offset. Note that only the Windows drivers from Realtek seem to use these registers, the Microsoft drivers provided with Windows 8.1 do not access them, nor do Linux in-kernel drivers. Link: https://bugs.launchpad.net/qemu/+bug/1384892 Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx # v2.1+ commit 6b2699672d5b56f8c2902fb9db9879e8cafb2afe Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Jul 16 17:29:12 2015 -0300 hostmem: Fix qemu_opt_get_bool() crash in host_memory_backend_init() This fixes the following crash, introduced by commit 49d2e648e8087d154d8bf8b91f27c8e05e79d5a6: $ gdb --args qemu-system-x86_64 -machine pc,mem-merge=off -object memory-backend-ram,id=ram-node0,size=1024 [...] Program received signal SIGABRT, Aborted. (gdb) bt #0 0x00007ffff253b8c7 in raise () at /lib64/libc.so.6 #1 0x00007ffff253d52a in abort () at /lib64/libc.so.6 #2 0x00007ffff253446d in __assert_fail_base () at /lib64/libc.so.6 #3 0x00007ffff2534522 in () at /lib64/libc.so.6 #4 0x00005555558bb80a in qemu_opt_get_bool_helper (opts=0x55555621b650, name=name@entry=0x5555558ec922 "mem-merge", defval=defval@entry=true, del=del@entry=false) at qemu/util/qemu-option.c:388 #5 0x00005555558bbb5a in qemu_opt_get_bool (opts=<optimized out>, name=name@entry=0x5555558ec922 "mem-merge", defval=defval@entry=true) at qemu/util/qemu-option.c:398 #6 0x0000555555720a24 in host_memory_backend_init (obj=0x5555562ac970) at qemu/backends/hostmem.c:226 Instead of using qemu_opt_get_bool(), that didn't work with qemu_machine_opts for a long time, we can use the corresponding MachineState fields. Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit b69b30532e0a80e25449244c01b0cbed000c99a3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 22 18:17:19 2015 +0100 Update version for v2.4.0-rc2 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3edf6b3f1e68104dba692337fdcecdba39e73c59 Merge: dc94bd9 a52b2cb Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 22 16:22:49 2015 +0100 Merge remote-tracking branch 'remotes/elmarco/tags/for-upstream' into staging qxl: build fix for 2.4 # gpg: Signature made Wed Jul 22 15:55:00 2015 BST using DSA key ID F43F0992 # gpg: Good signature from "Marc-André Lureau <marcandre.lureau@xxxxxxxxxx>" # gpg: aka "Marc-Andre Lureau <marcandre.lureau@xxxxxxxxx>" # gpg: aka "Marc-Andre Lureau <marc-andre.lureau@xxxxxxxxx>" # gpg: aka "Marc-André Lureau <marc-andre.lureau@xxxxxxxxx>" # gpg: aka "Marc-André Lureau (elmarco) <marcandre.lureau@xxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 7346 2483 9404 4E20 ABFF 7D48 D864 9487 F43F 0992 * remotes/elmarco/tags/for-upstream: qxl: Fix new function name for spice-server library Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a52b2cbf218d52f9e357961acb271a98a2bdff71 Author: Frediano Ziglio <fziglio@xxxxxxxxxx> Date: Mon Jul 20 09:43:23 2015 +0100 qxl: Fix new function name for spice-server library The new spice-server function to limit the number of monitors (0.12.6) changed while development from spice_qxl_set_monitors_config_limit to spice_qxl_max_monitors (accepted upstream). By mistake I post patch with former name. This patch fix the function name. Signed-off-by: Frediano Ziglio <fziglio@xxxxxxxxxx> Acked-by: Christophe Fergeau <cfergeau@xxxxxxxxxx> Acked-by: Martin Kletzander <mkletzan@xxxxxxxxxx> Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> commit dc94bd9166af5236a56bd5bb06845911915a925c Merge: b9c4630 05e514b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 22 12:52:34 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Wed Jul 22 12:43:35 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: AioContext: optimize clearing the EventNotifier AioContext: fix broken placement of event_notifier_test_and_clear AioContext: fix broken ctx->dispatching optimization aio-win32: reorganize polling loop tests: remove irrelevant assertions from test-aio qemu-timer: initialize "timers_done_ev" to set mirror: Speed up bitmap initial scanning Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 05e514b1d4d5bd4209e2c8bbc76ff05c85a235f3 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 21 16:07:53 2015 +0200 AioContext: optimize clearing the EventNotifier It is pretty rare for aio_notify to actually set the EventNotifier. It can happen with worker threads such as thread-pool.c's, but otherwise it should never be set thanks to the ctx->notify_me optimization. The previous patch, unfortunately, added an unconditional call to event_notifier_test_and_clear; now add a userspace fast path that avoids the call. Note that it is not possible to do the same with event_notifier_set; it would break, as proved (again) by the included formal model. This patch survived over 3000 reboots on aarch64 KVM. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Message-id: 1437487673-23740-7-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 21a03d17f2edb1e63f7137d97ba355cc6f19d79f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 21 16:07:52 2015 +0200 AioContext: fix broken placement of event_notifier_test_and_clear event_notifier_test_and_clear must be called before processing events. Otherwise, an aio_poll could "eat" the notification before the main I/O thread invokes ppoll(). The main I/O thread then never wakes up. This is an example of what could happen: i/o thread vcpu thread worker thread --------------------------------------------------------------------- lock_iothread notify_me = 1 ... unlock_iothread bh->scheduled = 1 event_notifier_set lock_iothread notify_me = 3 ppoll notify_me = 1 aio_dispatch aio_bh_poll thread_pool_completion_bh bh->scheduled = 1 event_notifier_set node->io_read(node->opaque) event_notifier_test_and_clear ppoll *** hang *** "Tracing" with qemu_clock_get_ns shows pretty much the same behavior as in the previous bug, so there are no new tricks here---just stare more at the code until it is apparent. One could also use a formal model, of course. The included one shows this with three processes: notifier corresponds to a QEMU thread pool worker, temporary_waiter to a VCPU thread that invokes aio_poll(), waiter to the main I/O thread. I would be happy to say that the formal model found the bug for me, but actually I wrote it after the fact. This patch is a bit of a big hammer. The next one optimizes it, with help (this time for real rather than a posteriori :)) from another, similar formal model. Reported-by: Richard W. M. Jones <rjones@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Message-id: 1437487673-23740-6-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit eabc977973103527bbb8fed69c91cfaa6691f8ab Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 21 16:07:51 2015 +0200 AioContext: fix broken ctx->dispatching optimization This patch rewrites the ctx->dispatching optimization, which was the cause of some mysterious hangs that could be reproduced on aarch64 KVM only. The hangs were indirectly caused by aio_poll() and in particular by flash memory updates's call to blk_write(), which invokes aio_poll(). Fun stuff: they had an extremely short race window, so much that adding all kind of tracing to either the kernel or QEMU made it go away (a single printf made it half as reproducible). On the plus side, the failure mode (a hang until the next keypress) made it very easy to examine the state of the process with a debugger. And there was a very nice reproducer from Laszlo, which failed pretty often (more than half of the time) on any version of QEMU with a non-debug kernel; it also failed fast, while still in the firmware. So, it could have been worse. For some unknown reason they happened only with virtio-scsi, but that's not important. It's more interesting that they disappeared with io=native, making thread-pool.c a likely suspect for where the bug arose. thread-pool.c is also one of the few places which use bottom halves across threads, by the way. I hope that no other similar bugs exist, but just in case :) I am going to describe how the successful debugging went... Since the likely culprit was the ctx->dispatching optimization, which mostly affects bottom halves, the first observation was that there are two qemu_bh_schedule() invocations in the thread pool: the one in the aio worker and the one in thread_pool_completion_bh. The latter always causes the optimization to trigger, the former may or may not. In order to restrict the possibilities, I introduced new functions qemu_bh_schedule_slow() and qemu_bh_schedule_fast(): /* qemu_bh_schedule_slow: */ ctx = bh->ctx; bh->idle = 0; if (atomic_xchg(&bh->scheduled, 1) == 0) { event_notifier_set(&ctx->notifier); } /* qemu_bh_schedule_fast: */ ctx = bh->ctx; bh->idle = 0; assert(ctx->dispatching); atomic_xchg(&bh->scheduled, 1); Notice how the atomic_xchg is still in qemu_bh_schedule_slow(). This was already debated a few months ago, so I assumed it to be correct. In retrospect this was a very good idea, as you'll see later. Changing thread_pool_completion_bh() to qemu_bh_schedule_fast() didn't trigger the assertion (as expected). Changing the worker's invocation to qemu_bh_schedule_slow() didn't hide the bug (another assumption which luckily held). This already limited heavily the amount of interaction between the threads, hinting that the problematic events must have triggered around thread_pool_completion_bh(). As mentioned early, invoking a debugger to examine the state of a hung process was pretty easy; the iothread was always waiting on a poll(..., -1) system call. Infinite timeouts are much rarer on x86, and this could be the reason why the bug was never observed there. With the buggy sequence more or less resolved to an interaction between thread_pool_completion_bh() and poll(..., -1), my "tracing" strategy was to just add a few qemu_clock_get_ns(QEMU_CLOCK_REALTIME) calls, hoping that the ordering of aio_ctx_prepare(), aio_ctx_dispatch, poll() and qemu_bh_schedule_fast() would provide some hint. The output was: (gdb) p last_prepare $3 = 103885451 (gdb) p last_dispatch $4 = 103876492 (gdb) p last_poll $5 = 115909333 (gdb) p last_schedule $6 = 115925212 Notice how the last call to qemu_poll_ns() came after aio_ctx_dispatch(). This makes little sense unless there is an aio_poll() call involved, and indeed with a slightly different instrumentation you can see that there is one: (gdb) p last_prepare $3 = 107569679 (gdb) p last_dispatch $4 = 107561600 (gdb) p last_aio_poll $5 = 110671400 (gdb) p last_schedule $6 = 110698917 So the scenario becomes clearer: iothread VCPU thread -------------------------------------------------------------------------- aio_ctx_prepare aio_ctx_check qemu_poll_ns(timeout=-1) aio_poll aio_dispatch thread_pool_completion_bh qemu_bh_schedule() At this point bh->scheduled = 1 and the iothread has not been woken up. The solution must be close, but this alone should not be a problem, because the bottom half is only rescheduled to account for rare situations (see commit 3c80ca1, thread-pool: avoid deadlock in nested aio_poll() calls, 2014-07-15). Introducing a third thread---a thread pool worker thread, which also does qemu_bh_schedule()---does bring out the problematic case. The third thread must be awakened *after* the callback is complete and thread_pool_completion_bh has redone the whole loop, explaining the short race window. And then this is what happens: thread pool worker -------------------------------------------------------------------------- <I/O completes> qemu_bh_schedule() Tada, bh->scheduled is already 1, so qemu_bh_schedule() does nothing and the iothread is never woken up. This is where the bh->scheduled optimization comes into play---it is correct, but removing it would have masked the bug. So, what is the bug? Well, the question asked by the ctx->dispatching optimization ("is any active aio_poll dispatching?") was wrong. The right question to ask instead is "is any active aio_poll *not* dispatching", i.e. in the prepare or poll phases? In that case, the aio_poll is sleeping or might go to sleep anytime soon, and the EventNotifier must be invoked to wake it up. In any other case (including if there is *no* active aio_poll at all!) we can just wait for the next prepare phase to pick up the event (e.g. a bottom half); the prepare phase will avoid the blocking and service the bottom half. Expressing the invariant with a logic formula, the broken one looked like: !(exists(thread): in_dispatching(thread)) => !optimize or equivalently: !(exists(thread): in_aio_poll(thread) && in_dispatching(thread)) => !optimize In the correct one, the negation is in a slightly different place: (exists(thread): in_aio_poll(thread) && !in_dispatching(thread)) => !optimize or equivalently: (exists(thread): in_prepare_or_poll(thread)) => !optimize Even if the difference boils down to moving an exclamation mark :) the implementation is quite different. However, I think the new one is simpler to understand. In the old implementation, the "exists" was implemented with a boolean value. This didn't really support well the case of multiple concurrent event loops, but I thought that this was okay: aio_poll holds the AioContext lock so there cannot be concurrent aio_poll invocations, and I was just considering nested event loops. However, aio_poll _could_ indeed be concurrent with the GSource. This is why I came up with the wrong invariant. In the new implementation, "exists" is computed simply by counting how many threads are in the prepare or poll phases. There are some interesting points to consider, but the gist of the idea remains: 1) AioContext can be used through GSource as well; as mentioned in the patch, bit 0 of the counter is reserved for the GSource. 2) the counter need not be updated for a non-blocking aio_poll, because it won't sleep forever anyway. This is just a matter of checking the "blocking" variable. This requires some changes to the win32 implementation, but is otherwise not too complicated. 3) as mentioned above, the new implementation will not call aio_notify when there is *no* active aio_poll at all. The tests have to be adjusted for this change. The calls to aio_notify in async.c are fine; they only want to kick aio_poll out of a blocking wait, but need not do anything if aio_poll is not running. 4) nested aio_poll: these just work with the new implementation; when a nested event loop is invoked, the outer event loop is never in the prepare or poll phases. The outer event loop thus has already decremented the counter. Reported-by: Richard W. M. Jones <rjones@xxxxxxxxxx> Reported-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Message-id: 1437487673-23740-5-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6493c975af75be5b8d9ade954239bdf5492b7911 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 21 16:07:50 2015 +0200 aio-win32: reorganize polling loop Preparatory bugfixes and tweaks to the loop before the next patch: - disable dispatch optimization during aio_prepare. This fixes a bug. - do not modify "blocking" until after the first WaitForMultipleObjects call. This is needed in the next patch. - change the loop to do...while. This makes it obvious that the loop is always entered at least once. In the next patch this is important because the first iteration undoes the ctx->notify_me increment that happened before entering the loop. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Message-id: 1437487673-23740-4-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 12d69ac03b45156356b240424623719f15d8143e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 21 16:07:49 2015 +0200 tests: remove irrelevant assertions from test-aio In these tests, the purpose of the initial calls to aio_poll and g_main_context_iteration is simply to put the AioContext in a known state; the return value of the function does not really matter. The next patch will change those return values; change the assertions to a while loop which expresses the intention better. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Message-id: 1437487673-23740-3-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e4efd8a488d0a68b0af34d8ee245463df7c8bdf4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 21 16:07:48 2015 +0200 qemu-timer: initialize "timers_done_ev" to set The normal value for the event is to be set. If we do not do this, pause_all_vcpus (through qemu_clock_enable) hangs unless timerlist_run_timers has been run at least once for the timerlist. This can happen with the following patches, that make aio_notify do nothing most of the time. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Message-id: 1437487673-23740-2-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 999006975840f8cdf2038a587d852a6cbfe58e3b Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jul 9 11:47:58 2015 +0800 mirror: Speed up bitmap initial scanning Limiting to sectors_per_chunk for each bdrv_is_allocated_above is slow, because the underlying protocol driver would issue much more queries than necessary. We should coalesce the query. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: <1436413678-7114-4-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b9c46307996856d03ddc1527468ff5401ac03a79 Merge: 774ee47 5f8343d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 21 20:56:20 2015 +0100 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-07-21-tag' into staging tag for qga-pull-2015-07-21 Small fix to correct schema versioning annotations for recently-added GuestDiskBusType enum values. Not the end of the world, but ideally this inconsistency would be corrected prior to 2.4 release. # gpg: Signature made Tue Jul 21 20:43:24 2015 BST using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: CEAC C9E1 5534 EBAB B82D 3FA0 3353 C9CE F108 B584 * remotes/mdroth/tags/qga-pull-2015-07-21-tag: qga: fixed versions for guest bus types in qapi-schema Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5f8343d0670e91adadb7898304c8ed4355af05a2 Author: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Date: Tue Jul 21 15:25:08 2015 +0300 qga: fixed versions for guest bus types in qapi-schema Signed-off-by: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Eric Blake <eblake@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> *added semi-colon to better delineate 2.2 vs. 2.4 versioning Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 774ee4772b6838b78741ea52d4bf26b8922244c5 Merge: a1bc040 57b7309 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 21 12:21:08 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150721' into staging target-arm queue: * don't sync CNTVCT with kernel all the time (fixes VM time weirdnesses) * fix a warning compiling disas/arm-a64 with -Wextra # gpg: Signature made Tue Jul 21 12:15:33 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150721: disas/arm-a64: Add missing compiler attribute GCC_FMT_ATTR target-arm: kvm: Differentiate registers based on write-back levels Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 57b73090e041ece40cc619a3c43a6fafcb3dd647 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Tue Jul 21 11:18:45 2015 +0100 disas/arm-a64: Add missing compiler attribute GCC_FMT_ATTR Type fprintf_function which fits here was defined with this attribute. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1437208027-14584-1-git-send-email-sw@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4b7a6bf402bd064605c287eecadc493ccf2d4897 Author: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Date: Tue Jul 21 11:18:45 2015 +0100 target-arm: kvm: Differentiate registers based on write-back levels Some registers like the CNTVCT register should only be written to the kernel as part of machine initialization or on vmload operations, but never during runtime, as this can potentially make time go backwards or create inconsistent time observations between VCPUs. Introduce a list of registers that should not be written back at runtime and check this list on syncing the register state to the KVM state. Signed-off-by: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Message-id: 1437046488-10773-1-git-send-email-christoffer.dall@xxxxxxxxxx [PMM: tweaked a few comments, added the new argument to the stub write_list_to_kvmstate() in target-arm/kvm-stub.c] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a1bc040dabc12039944e22d9529f20d6132400dd Merge: bd03a38 47c7199 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 21 10:04:32 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Mon Jul 20 19:27:04 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/ide-pull-request: tests: Fix broken targets check-report-qtest-* ahci: Force ICC bits in PxCMD to zero qtest/ide: add another short PRDT test flavor Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 47c719964a8240c99d4b7a2b4695ae026c619b83 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Mon Jul 20 12:21:18 2015 -0400 tests: Fix broken targets check-report-qtest-* They need QTEST_QEMU_IMG. Without it, the tests raise an assertion: $ make -C bin check-report-qtest-i386.xml make: Entering directory 'bin' GTESTER check-report-qtest-i386.xml blkdebug: Suspended request 'A' blkdebug: Resuming request 'A' ahci-test: tests/libqos/libqos.c:162: mkimg: Assertion `qemu_img_path' failed. main-loop: WARNING: I/O thread spun for 1000 iterations Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1437231284-17455-1-git-send-email-sw@xxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit bd03a38fdf85fb1d4f0c9f59bbc154b516f66360 Merge: 13566fe 625de44 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 20 18:26:53 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Mon Jul 20 18:25:14 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: net: Flush queued packets when guest resumes lan9118: Drop lan9118_can_receive etraxfs_eth: Drop eth_can_receive musicpal: Drop eth_can_receive net/vmxnet3: Fix RX TCP/UDP checksum on partially summed packets net/vmxnet3: Refactor 'vmxnet_rx_pkt_attach_data' socket: pass correct size in net_socket_send() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 625de449fc5597f2e1aff9cb586e249e198f03c9 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Tue Jul 7 09:21:07 2015 +0800 net: Flush queued packets when guest resumes Since commit 6e99c63 "net/socket: Drop net_socket_can_send" and friends, net queues need to be explicitly flushed after qemu_can_send_packet() returns false, because the netdev side will disable the polling of fd. This fixes the case of "cont" after "stop" (or migration). Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1436232067-29144-1-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b49b8c572f885ea2b16fc744e8837e974df34401 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 1 15:10:47 2015 +0800 lan9118: Drop lan9118_can_receive True is the default. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1435734647-8371-4-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit da69028261abd12dbf974754e69d017f6e8710b5 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 1 15:10:46 2015 +0800 etraxfs_eth: Drop eth_can_receive True is the default. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1435734647-8371-3-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit f63eab8becf92b18c18b6c31950f99f764848902 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 1 15:10:45 2015 +0800 musicpal: Drop eth_can_receive True is the default. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Message-id: 1435734647-8371-2-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 80da311d81c389860bc387fbe6677c71f7a3c596 Author: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 14 11:55:16 2015 +0300 net/vmxnet3: Fix RX TCP/UDP checksum on partially summed packets Convert partially summed packets to be fully checksummed. In case csum offloaded packet, vmxnet3 implementation always passes an RxCompDesc with the "Checksum calculated and found correct" notification to the OS. This emulates the observed ESXi behavior. Therefore, if packet has the NEEDS_CSUM bit set, we must calculate and place a fully computed checksum into the tcp/udp header. Otherwise, the OS driver will receive a checksum-correct indication but with the actual tcp/udp checksum field having just the pseudo header csum value. If host OS performs forwarding, it will forward an incorrectly checksummed packet. Signed-off-by: Dana Rubin <dana.rubin@xxxxxxxxxxxxxxxxxx> Signed-off-by: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Message-id: 1436864116-19154-3-git-send-email-shmulik.ladkani@xxxxxxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit fcf0cdc362dd96cb8d2935b892d3dd9ab73ad393 Author: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 14 11:55:15 2015 +0300 net/vmxnet3: Refactor 'vmxnet_rx_pkt_attach_data' Separate RX packet protocol parsing out of 'vmxnet_rx_pkt_attach_data'. Signed-off-by: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Message-id: 1436864116-19154-2-git-send-email-shmulik.ladkani@xxxxxxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 091f1f52963d7093ea578e4a05e67bc015b21192 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Tue Jul 7 17:00:56 2015 +0800 socket: pass correct size in net_socket_send() We should pass the size of packet instead of the remaining to qemu_send_packet_async(). Fixes: 6e99c631f116221d169ea53953d91b8aa74d297a ("net/socket: Drop net_socket_can_send") Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1436259656-24263-1-git-send-email-jasowang@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 09b61db7c140c5a71bfde36614c5a1f4f0d382a6 Author: Stefan Fritsch <sf@xxxxxxxxxxx> Date: Mon Jul 20 12:21:18 2015 -0400 ahci: Force ICC bits in PxCMD to zero The AHCI spec requires that the HBA sets the ICC bits to zero after the ICC change is done. Since we don't do any ICC change, force the bits to zero all the time. This fixes delays with some OSs (e.g. OpenBSD) waiting for the ICC bits to change to 0. Signed-off-by: Stefan Fritsch <sf@xxxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: E1ZFpg7-00027N-HW@xxxxxxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 58732810230719765a6618004be8f0070c9f3d31 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Jul 20 12:21:18 2015 -0400 qtest/ide: add another short PRDT test flavor The existing short PRDT test case does not transfer any data because the first PRD is less than 1 sector. This patch adds another short PRDT test case where the first sector can be read but the PRDT is still smaller than the requested number of sectors. This exercises a different code path in ide_dma_cb(). Cc: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1435770571-9906-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 13566fe3e584e7b14a6f45246976b91677dc2a77 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jul 8 15:10:09 2015 +0100 timer: rename NSEC_PER_SEC due to Mac OS X header clash Commit e0cf11f31c24cfb17f44ed46c254d84c78e7f6e9 ("timer: Use a single definition of NSEC_PER_SEC for the whole codebase") renamed NANOSECONDS_PER_SECOND to NSEC_PER_SEC. On Mac OS X there is a <dispatch/time.h> system header which also defines NSEC_PER_SEC. This causes compiler warnings. Let's use the old name instead. It's longer but it doesn't clash. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1436364609-7929-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dcc8a3ab632d0f11a1bf3b08381cf0f93e616b9f Merge: f73ca73 bd09594 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 20 16:01:31 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches for 2.4.0-rc2 # gpg: Signature made Mon Jul 20 15:48:56 2015 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: crypto: Fix aes_decrypt_wrapper() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f73ca7363440240b7ee5ee7f7ddb1c64751efb54 Merge: 7135847 f9d6dbf Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 20 13:25:28 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio, vhost, pc fixes for 2.4 The only notable thing here is vhost-user multiqueue revert. We'll work on making it stable in 2.5, reverting now means we won't have to maintain bug for bug compability forever. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Mon Jul 20 12:24:00 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: virtio-net: remove virtio queues if the guest doesn't support multiqueue virtio-net: Flush incoming queues when DRIVER_OK is being set pci_add_capability: remove duplicate comments virtio-net: unbreak any layout Revert "vhost-user: add multi queue support" ich9: fix skipped vmstate_memhp_state subsection Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bd09594603f1498e7623f0030988b62e2052f7da Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Fri Jul 17 19:44:10 2015 +0200 crypto: Fix aes_decrypt_wrapper() Commit d3462e3 broke qcow2's encryption functionality by using encrypt instead of decrypt in the wrapper function it introduces. This was found by qemu-iotests case 134. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit f9d6dbf0bf6e91b8ed896369ab1b7e91e5a1a4df Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Wed Jul 15 17:20:59 2015 +0800 virtio-net: remove virtio queues if the guest doesn't support multiqueue commit da51a335 adds all queues in .realize(). But if the guest doesn't support multiqueue, we forget to remove them. And we cannot handle the ctrl vq corretly. The guest will hang. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Jason Wang <jasowang@xxxxxxxxxx> commit 38705bb57bf1cd9e3f837cf11bcdee3876786c07 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Jul 15 11:02:27 2015 +0800 virtio-net: Flush incoming queues when DRIVER_OK is being set This patch fixes network hang after "stop" then "cont", while network packets keep arriving. Tested both manually (tap, host pinging guest) and with Jason's qtest series (plus his "[PATCH 2.4] socket: pass correct size in net_socket_send()" fix). As virtio_net_set_status is called when guest driver is setting status byte and when vm state is changing, it is a good opportunity to flush queued packets. This is necessary because during vm stop the backend (e.g. tap) would stop rx processing after .can_receive returns false, until the queue is explicitly flushed or purged. The other interesting condition in .can_receive, virtio_queue_ready(), is handled by virtio_net_handle_rx() when guest kicks; the 3rd condition is invalid queue index which doesn't need flushing. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 9a2a66238e3bf2b681d6321c4667a2d589c8ebed Author: Chen Hanxiao <chenhanxiao@xxxxxxxxxxxxxx> Date: Tue Jul 14 16:16:11 2015 +0800 pci_add_capability: remove duplicate comments Signed-off-by: Chen Hanxiao <chenhanxiao@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit feb93f361739071778ca2d23df3876db399548f7 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri Jul 17 15:19:18 2015 +0800 virtio-net: unbreak any layout Commit 032a74a1c0fcdd5fd1c69e56126b4c857ee36611 ("virtio-net: byteswap virtio-net header") breaks any layout by requiring out_sg[0].iov_len >= n->guest_hdr_len. Fixing this by copying header to temporary buffer if swap is needed, and then use this buffer as part of out_sg. Fixes 032a74a1c0fcdd5fd1c69e56126b4c857ee36611 ("virtio-net: byteswap virtio-net header") Cc: qemu-stable@xxxxxxxxxx Cc: clg@xxxxxxxxxx Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit d345ed2da3279b015605823397235b8c5ca5251f Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Jul 15 13:47:31 2015 +0300 Revert "vhost-user: add multi queue support" This reverts commit 830d70db692e374b55555f4407f96a1ceefdcc97. The interface isn't fully backwards-compatible, which is bad. Let's redo this properly after 2.4. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 75d663611e81c748522d9cdcb5230bd02db86d05 Author: Paulo Alcantara <pcacjr@xxxxxxxxx> Date: Mon Jul 13 17:45:42 2015 -0300 ich9: fix skipped vmstate_memhp_state subsection By declaring another .subsections array for vmstate_tco_io_state made vmstate_memhp_state not registered anymore. There must be only one .subsections array for all subsections. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Amit Shah <amit.shah@xxxxxxxxxx> Reported-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Paulo Alcantara <pcacjr@xxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> commit 71358470eec668f5dc53def25e585ce250cea9bf Merge: 5b5e8cd 621a20e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 17 15:22:45 2015 +0100 Merge remote-tracking branch 'remotes/amit-virtio-rng/tags/vrng-2.4' into staging Fire timer only when required. Brings down wakeups by a big number. # gpg: Signature made Fri Jul 17 14:41:40 2015 BST using RSA key ID 854083B6 # gpg: Good signature from "Amit Shah <amit@xxxxxxxxxxxx>" # gpg: aka "Amit Shah <amit@xxxxxxxxxx>" # gpg: aka "Amit Shah <amitshah@xxxxxxx>" * remotes/amit-virtio-rng/tags/vrng-2.4: virtio-rng: trigger timer only when guest requests for entropy Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 621a20e08155179b1902c428361e80f41429f50d Author: Pankaj Gupta <pagupta@xxxxxxxxxx> Date: Wed Jul 15 17:46:47 2015 +0530 virtio-rng: trigger timer only when guest requests for entropy This patch triggers timer only when guest requests for entropy. As soon as first request from guest for entropy comes we set the timer. Timer bumps up the quota value when it gets triggered. Signed-off-by: Pankaj Gupta <pagupta@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Message-Id: <1436962608-9961-2-git-send-email-pagupta@xxxxxxxxxx> [Re-worded patch subject, removed extra whitespace -- Amit] Signed-off-by: Amit Shah <amit.shah@xxxxxxxxxx> commit 5b5e8cdd7da7a2214dd062afff5b866234aab228 Merge: fd1a9ef 92fdfa4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 17 12:39:12 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20150717-1' into staging usb: fixes for 2.4 (ccid, xhci and usb-host) # gpg: Signature made Fri Jul 17 12:21:42 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-usb-20150717-1: Revert "xhci: set timer to retry xfers" usb-ccid: add missing wakeup calls usb-ccid: fix 61b4887b41b270bc837ead57bc502d904af023bb Re-attach usb device to kernel while usb_host_open fails Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 92fdfa4bef9c92addcc009dd3e0131172b4fdc78 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jul 17 10:12:55 2015 +0200 Revert "xhci: set timer to retry xfers" This reverts commit 4e8cfbe1143d8384387595b500212d7a7f11aeae. We should not poll via timer, and with ccid being fixed to properly notify us about pending transfers we don't have to. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 86d7e214c224f939c897cfa3b6d597f7af4b5bba Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jul 16 16:33:07 2015 +0200 usb-ccid: add missing wakeup calls Properly notify the host adapter that we have data pending, so it doesn't has to poll us. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit cfda2cef3d0320d7a133600ffdb6e33547aaba8f Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jul 17 11:34:11 2015 +0200 usb-ccid: fix 61b4887b41b270bc837ead57bc502d904af023bb QOMification dropped the parent device lookup, fix it. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit fd1a9ef9c2493b5bc98e8e041333a57b635c5d71 Merge: b4329bf 562f937 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 17 10:52:12 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20150717-1' into staging input: fixes for 2.4 # gpg: Signature made Fri Jul 17 07:45:17 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-input-20150717-1: hid: clarify hid_keyboard_process_keycode virtio-input: move sys/ioctl.h include virtio-input: fix segfault in virtio_input_hid_properties Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 562f93754b95fd6dc65ad9a2aa15a90b2da7e8a4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 14 11:18:06 2015 +0200 hid: clarify hid_keyboard_process_keycode Coverity thinks the fallthroughs are smelly. They are correct, but everything else in this function is like "wut?". Refer explicitly to bits 8 and 9 of hs->kbd.modifiers instead of shifting right first and using (1 << 7). Document what the scancode is when hid_code is 0xe0. And add plenty of comments. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit b4329bf41c86bac8b56cadb097081960cc4839a0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 16 20:32:20 2015 +0100 Update version for v2.4.0-rc1 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b92304ee814f0fe8109c8946dfb4dd4b63e89871 Merge: 67ff64e d3462e3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 16 19:18:15 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * MIPS-KVM fixes. * Coverity fixes. * Nettle function prototype fixes. * Memory API refcount fix. # gpg: Signature made Thu Jul 16 19:01:27 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: crypto: avoid undefined behavior in nettle calls crypto: fix build with nettle >= 3.0.0 memory: fix refcount leak in memory_region_present RDMA: Fix error exits arm/xlnx-zynqmp: fix memory leak ppc/spapr_drc: fix memory leak mips/kvm: Sign extend registers written to KVM mips/kvm: Fix Big endian 32-bit register access Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d3462e378f40ba6838b6c42584c30769ca633e6f Author: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Date: Fri Jul 10 19:18:01 2015 +0200 crypto: avoid undefined behavior in nettle calls Calling a function pointer that was cast from an incompatible function results in undefined behavior. 'void *' isn't compatible with 'struct XXX *', so we can't cast to nettle_cipher_func, but have to provide a wrapper. (Conversion from 'void *' to 'struct XXX *' might require computation, which won't be done if we drop argument's true type, and pointers can have different sizes so passing arguments on stack would bug.) Having two different prototypes based on nettle version doesn't make this solution any nicer. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Message-Id: <1437062641-12684-3-git-send-email-rkrcmar@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit becaeb726ae7da4212a788773ebdfe87b4833f5c Author: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Date: Fri Jul 10 19:18:00 2015 +0200 crypto: fix build with nettle >= 3.0.0 In nettle 3, cbc_encrypt() accepts 'nettle_cipher_func' instead of 'nettle_crypt_func' and these two differ in 'const' qualifier of the first argument. The build fails with: In file included from crypto/cipher.c:71:0: ./crypto/cipher-nettle.c: In function â??qcrypto_cipher_encryptâ??: ./crypto/cipher-nettle.c:154:38: error: passing argument 2 of â??nettle_cbc_encryptâ?? from incompatible pointer type cbc_encrypt(ctx->ctx_encrypt, ctx->alg_encrypt, ^ In file included from ./crypto/cipher-nettle.c:24:0, from crypto/cipher.c:71: /usr/include/nettle/cbc.h:48:1: note: expected â??void (*)(const void *, size_t, uint8_t *, const uint8_t *) but argument is of type â??void (*)( void *, size_t, uint8_t *, const uint8_t *) To allow both versions, we switch to the new definition and #if typedef it for old versions. Signed-off-by: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Message-Id: <1436548682-9315-2-git-send-email-rkrcmar@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c6742b14fe7352059cd4954a356a8105757af31b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Jul 14 13:45:34 2015 +0200 memory: fix refcount leak in memory_region_present memory_region_present() leaks a reference to a MemoryRegion in the case "mr == container". While fixing it, avoid reference counting altogether for memory_region_present(), by using RCU only. The return value could in principle be already invalid immediately after memory_region_present returns, but presumably the caller knows that and it's using memory_region_present to probe for devices that are unpluggable, or something like that. The RCU critical section is needed anyway, because it protects as->current_map. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 24b41d66c8ad8f77839fca777b92e365dad0cf5c Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Fri Jul 10 20:08:52 2015 +0100 RDMA: Fix error exits The error checks I added used 'break' after the error, but I'm in a switch inside the while loop, so they need to be 'goto out'. Spotted by coverity; entries 1311368 and 1311369 Fixes: afcddefd Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Message-Id: <1436555332-19076-1-git-send-email-dgilbert@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5348c62cab309b68ecd13a33c9f21e8d6071af72 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Fri Jul 10 08:51:29 2015 +0800 arm/xlnx-zynqmp: fix memory leak fix CID 1311372. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Message-Id: <1436489490-236-4-git-send-email-arei.gonglei@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 586d2142a9f1aa5a1dceb0941e7b3f0953974a8b Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Fri Jul 10 08:51:28 2015 +0800 ppc/spapr_drc: fix memory leak fix CID 1311373. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Message-Id: <1436489490-236-3-git-send-email-arei.gonglei@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 02dae26ac4ceb1e82c432cfca4d9b65ae82343c6 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Fri Apr 24 11:26:53 2015 +0100 mips/kvm: Sign extend registers written to KVM In case we're running on a 64-bit host, be sure to sign extend the general purpose registers and hi/lo/pc before writing them to KVM, so as to take advantage of MIPS32/MIPS64 compatibility. Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: kvm@xxxxxxxxxxxxxxx Cc: qemu-stable@xxxxxxxxxx Message-Id: <1429871214-23514-3-git-send-email-james.hogan@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f8b3e48b2d269551cd40f94770dc20da2f402325 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Fri Apr 24 11:26:52 2015 +0100 mips/kvm: Fix Big endian 32-bit register access Fix access to 32-bit registers on big endian targets. The pointer passed to the kernel must be for the actual 32-bit value, not a temporary 64-bit value, otherwise on big endian systems the kernel will only interpret the upper half. Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: kvm@xxxxxxxxxxxxxxx Cc: qemu-stable@xxxxxxxxxx Message-Id: <1429871214-23514-2-git-send-email-james.hogan@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 67ff64e08245a5b8de98d9b2acefb840a1fae340 Merge: 2d5ee9e 567161f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 16 16:55:00 2015 +0100 Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20150716-1' into staging qxl: allow to specify head limit to qxl driver # gpg: Signature made Thu Jul 16 16:31:40 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/spice/tags/pull-spice-20150716-1: qxl: allow to specify head limit to qxl driver Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6110ce59af199194ef63cb31ec722487df3f42fe Author: Lin Ma <lma@xxxxxxxx> Date: Wed Jun 24 13:40:11 2015 +0800 Re-attach usb device to kernel while usb_host_open fails Signed-off-by: Lin Ma <lma@xxxxxxxx> Reviewed-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e2f6bac3010419426b636d2b307f66deecd60813 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Jul 14 13:44:12 2015 +0200 virtio-input: move sys/ioctl.h include Drop from include/standard-headers/linux/input.h Add to hw/input/virtio-input-host.c instead. That allows to build virtio-input (except pass-through) on windows. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2a19b229f6c2f7288bb8c2498bffb01d67810dee Author: Lin Ma <lma@xxxxxxxx> Date: Tue Jul 14 19:27:30 2015 +0800 virtio-input: fix segfault in virtio_input_hid_properties commit 5cce173 introduced virtio-input segfault, This patch fixes it. Signed-off-by: Lin Ma <lma@xxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 567161fdd47aeb6987e700702f6bbfef04ae0236 Author: Frediano Ziglio <fziglio@xxxxxxxxxx> Date: Mon Jul 6 07:56:38 2015 +0100 qxl: allow to specify head limit to qxl driver This patch allow to limit number of heads using qxl driver. By default qxl driver is not limited on any kind on head use so can decide to use as much heads. libvirt has this as a video card parameter (actually set to 1 but not used). This parameter will allow to limit setting a use can do (which could be confusing). Signed-off-by: Frediano Ziglio <fziglio@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2d5ee9e7a7dd495d233cf9613a865f63f88e3375 Merge: 3749c11 908680c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 16 10:40:22 2015 +0100 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150716' into staging MIPS patches 2015-07-16 Changes: * bug fixes # gpg: Signature made Thu Jul 16 09:04:56 2015 BST using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 8DD3 2F98 5495 9D66 35D4 4FC0 5211 8E3C 0B29 DA6B * remotes/lalrae/tags/mips-20150716: target-mips: fix page fault address for LWL/LWR/LDL/LDR linux-user: Fix MIPS N64 trap and break instruction bug target-mips: fix resource leak reported by Coverity target-mips: fix logically dead code reported by Coverity target-mips: correct DERET instruction target-mips: fix ASID synchronisation for MIPS MT disas/mips: fix disassembling R6 instructions target-mips: fix to clear MSACSR.Cause target-mips: fix MIPS64R6-generic configuration Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3749c11a720689694101dcf2ebc43217a02f960f Merge: be0df8c 3046bb5 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 15 22:05:13 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 queue, 2015-07-15 Two bug fixes: * Memory leak due to extra g_strdup() when registering X86CPU alias properties * Fix CPUID levels so that W10 insider can run as guest OS # gpg: Signature made Wed Jul 15 21:26:59 2015 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-pull-request: target-i386: emulate CPUID level of real hardware target-i386: Don't strdup() alias property name Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit be0df8cd1eb8e182a9b61a2b4d1c57824cffadc4 Merge: 7692401 672558d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 15 21:06:54 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging NUMA queue, 2015-07-15 # gpg: Signature made Wed Jul 15 21:01:37 2015 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/numa-pull-request: numa: Fix memory leak in numa_set_mem_node_id() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3046bb5debc8153a542acb1df93b2a1a85527a15 Author: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Date: Thu Jul 9 21:07:39 2015 +0200 target-i386: emulate CPUID level of real hardware W10 insider has a bug where it ignores CPUID level and interprets CPUID.(EAX=07H, ECX=0H) incorrectly, because CPUID in fact returned CPUID.(EAX=04H, ECX=0H); this resulted in execution of unsupported instructions. While it's a Windows bug, there is no reason to emulate incorrect level. I used http://instlatx64.atw.hu/ as a source of CPUID and checked that it matches Penryn Xeon X5472, Westmere Xeon W3520, SandyBridge i5-2540M, and Haswell i5-4670T. kvm64 and qemu64 were bumped to 0xD to allow all available features for them (and to avoid the same Windows bug). Signed-off-by: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit d461a44ca4b164549fe19b14d2cdf0524f778ce1 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Jul 9 12:24:43 2015 -0300 target-i386: Don't strdup() alias property name Now object_property_add_alias() calls g_strdup() on the target property name, so we don't need to call g_strdup() ourselves. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 672558d2ea8dd782d1d2adc6e16af3bc34029a36 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 9 20:57:36 2015 +0530 numa: Fix memory leak in numa_set_mem_node_id() Fix a memory leak in numa_set_mem_node_id(). Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxx> Reported-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 7692401a0826803522cfde533bdcc149932ddc6a Merge: 711dc6f 76e2aef Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 15 17:28:59 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150715' into staging target arm queue: * handle broken AArch64 kernels which assume DTB won't cross a 2MB boundary * correct broken SCTLR_EL3 reset value # gpg: Signature made Wed Jul 15 17:24:24 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150715: hw/arm/boot: Increase fdt alignment target-arm: Fix broken SCTLR_EL3 reset Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 76e2aef392629f2b2a468f5158d5c397cc5beed2 Author: Alexander Graf <agraf@xxxxxxx> Date: Wed Jul 15 17:16:26 2015 +0100 hw/arm/boot: Increase fdt alignment The Linux kernel on aarch64 creates a page table entry at early bootup that spans the 2MB range on memory spanning the fdt start address: [ ALIGN_DOWN(fdt, 2MB) ... ALIGN_DOWN(fdt, 2MB) + 2MB ] This means that when our current 4k alignment happens to fall at the end of the aligned region, Linux tries to access memory that is not mapped. The easy fix is to instead increase the alignment to 2MB, making Linux's logic always succeed. We leave the existing 4k alignment for 32bit kernels to not cause any regressions due to space constraints. Reported-by: Andreas Schwab <schwab@xxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e46e1a74ef482f1ef773e750df9654ef4442ca29 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 15 17:16:26 2015 +0100 target-arm: Fix broken SCTLR_EL3 reset The SCTLR_EL3 cpreg definition was implicitly resetting the register state to 0, which is both wrong and clashes with the reset done via the SCTLR definition (since sctlr[3] is unioned with sctlr_s). This went unnoticed until recently, when an unrelated change (commit a903c449b41f105aa) happened to perturb the order of enumeration through the cpregs hashtable for reset such that the erroneous reset happened after the correct one rather than before it. Fix this by marking SCTLR_EL3 as an alias, so its reset is left up to the AArch32 view. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 711dc6f36b74fe65a6e5a1847f1152717d887f8a Merge: f5dec79 796a060 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 15 14:23:58 2015 +0100 Merge remote-tracking branch 'remotes/cody/tags/jtc-for-upstream-pull-request' into staging # gpg: Signature made Wed Jul 15 03:25:16 2015 BST using RSA key ID C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@xxxxxxxxxx>" # gpg: aka "Jeffrey Cody <jeff@xxxxxxxxxxxxx>" # gpg: aka "Jeffrey Cody <codyprime@xxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 9957 4B4D 3474 90E7 9D98 D624 BDBE 7B27 C0DE 3057 * remotes/cody/tags/jtc-for-upstream-pull-request: block/curl: Don't lose original error when a connection fails. mirror: correct buf_size block: keep bitmap if incremental backup job is cancelled blockdev: no need to drain in qmp_block_commit block/mirror: Sleep periodically during bitmap scanning Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 908680c6441ac468f4871d513f42be396ea0d264 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Tue Jul 14 17:45:16 2015 +0200 target-mips: fix page fault address for LWL/LWR/LDL/LDR When a LWL, LWR, LDL or LDR instruction triggers a page fault, QEMU currently reports the aligned address in CP0 BadVAddr, while the Windows NT kernel expects the unaligned address. This patch adds a byte access with the unaligned address at the beginning of the LWL/LWR/LDL/LDR instructions to possibly trigger a page fault and fill the QEMU TLB. Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Reported-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Tested-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit f01a361bfcce4bd0c439b0e051ef2a1e56727a44 Author: Andrew Bennett <andrew.bennett@xxxxxxxxxx> Date: Mon Jun 29 10:20:07 2015 +0000 linux-user: Fix MIPS N64 trap and break instruction bug For the MIPS N64 ABI when QEMU reads the break/trap instruction so that it can inspect the break/trap code it reads 8 rather than 4 bytes which means it finds the code field from the instruction after the break/trap instruction. This then causes the break/trap handling code to fail because it does not understand the code number. The fix forces QEMU to always read 4 bytes of instruction data rather than deciding how much to read based on the ABI. Signed-off-by: Andrew Bennett <andrew.bennett@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 26e7e982b267e71d40cd20e9e234fedef6770a90 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Jul 14 11:08:15 2015 +0100 target-mips: fix resource leak reported by Coverity UHI assert and link operations call lock_user_string() twice to obtain two strings pointed by gpr[4] and gpr[5]. If the second lock_user_string() fails, then the first one won't get freed. Fix this by introducing another macro responsible for obtaining two strings and handling allocation failure. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 47ada0ad3431b39863918dc80386634693d317b5 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Jul 14 11:08:14 2015 +0100 target-mips: fix logically dead code reported by Coverity Make use of CMPOP in floating-point compare instructions. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit fe87c2b36ae9c1c9a5279f3891f3bce1b573baa0 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Jul 14 11:08:13 2015 +0100 target-mips: correct DERET instruction Fix Debug Mode flag clearing, and when DERET is placed between LL and SC do not make SC fail. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 6a973e6b6584221bed89a01e755b88e58b496652 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jul 1 15:59:13 2015 +0200 target-mips: fix ASID synchronisation for MIPS MT When syncing the task ASID with EntryHi, correctly or the value instead of assigning it. Reported-by: "Dr. David Alan Gilbert" <dgilbert@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 6b9c26fb5eed2345398daca4eef601da2f3d7867 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Tue Jun 30 16:33:15 2015 +0100 disas/mips: fix disassembling R6 instructions In the Release 6 of the MIPS Architecture, LL, SC, LLD, SCD, PREF and CACHE instructions have 9 bits offsets. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit d4f4f0d5d9e74c19614479592c8bc865d92773d0 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Tue Jun 30 15:44:28 2015 +0100 target-mips: fix to clear MSACSR.Cause MSACSR.Cause bits are needed to be cleared before a vector floating-point instructions. FEXDO.df, FEXUPL.df and FEXUPR.df were missed out. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 4dc89b782095d7a0b919fafd7b1322b3cb1279f1 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Mon Jun 29 10:11:23 2015 +0100 target-mips: fix MIPS64R6-generic configuration Fix core configuration for MIPS64R6-generic to make it as close as I6400. I6400 core has 48-bit of Virtual Address available (SEGBITS). MIPS SIMD Architecture is available. Rearrange order of bits to match the specification. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit f5dec79ee88034b2da52463145a2056500db9ff2 Merge: 661725d 560d027 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 15 12:22:31 2015 +0100 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20150715-1' into staging migration/next for 20150715 # gpg: Signature made Wed Jul 15 11:23:33 2015 BST using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20150715-1: migration: We also want to store the global state for savevm migration: reduce the count of strlen call migration: Register global state section before loadvm migration: Write documetation for events capabilites migration: Trace event and migration event are different things migration: Only change state after migration has finished Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 560d027b54067ffa4e79c6f7c0a499abb0d749a3 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Jul 15 09:53:46 2015 +0200 migration: We also want to store the global state for savevm Commit df4b1024526cae3479da3492d6371fd4a7324a03 introduced global_state section. But it only filled the state while doing migration. While doing a savevm, we stored an empty string as state. So when we did a loadvm, it complained that state was invalid. Fedora 21, 4.1.1, qemu 2.4.0-rc0 > ../../configure --target-list="x86_64-softmmu" 068 2s ... - output mismatch (see 068.out.bad) --- /home/bos/jhuston/src/qemu/tests/qemu-iotests/068.out 2015-07-08 17:56:18.588164979 -0400 +++ 068.out.bad 2015-07-09 17:39:58.636651317 -0400 @@ -6,6 +6,8 @@ QEMU X.Y.Z monitor - type 'help' for more information (qemu) savevm 0 (qemu) quit +qemu-system-x86_64: Unknown savevm section or instance 'globalstate' 0 +qemu-system-x86_64: Error -22 while loading VM state QEMU X.Y.Z monitor - type 'help' for more information (qemu) quit *** done Failures: 068 Failed 1 of 1 tests Actually, there were two problems here: - we registered global_state too late for load_vm (fixed on another patch on the list) - we didn't store a valid state for savevm (fixed by this patch). Reported-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Tested-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 9f5f380b54d6ad80cf35d93c8cd71c8d7a1b52b7 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Jul 13 17:34:10 2015 +0800 migration: reduce the count of strlen call 'strlen' is called three times in 'save_page_header', it's inefficient. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 48212d87d6655b029231d830a77983c21552fe49 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Fri Jul 10 14:51:58 2015 +0200 migration: Register global state section before loadvm Otherwise, it is not found Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 72e72e1a71e5e67a11204606a5c09f6cc3089a53 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Jul 8 14:13:10 2015 +0200 migration: Write documetation for events capabilites Reported-by: Jiri Denemark <jdenemar@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 4ba4bc5e9bfab457a96ac56dc470730a330aded8 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Jul 8 13:58:27 2015 +0200 migration: Trace event and migration event are different things We can want the trace event even without migration events enabled. Reported-by: Wen Congyang <ghostwcy@xxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit 172c4356f38fbf91675256447a3bedd08220214f Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Jul 8 13:56:26 2015 +0200 migration: Only change state after migration has finished On previous change, we changed state at post load time if it was not running, special casing the "running" change. Now, we change any states at the end of the migration. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Tested-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 796a060bc0fab40953997976a2e30d9d6235bc7b Author: Richard W.M. Jones <rjones@xxxxxxxxxx> Date: Wed Jul 8 14:37:48 2015 +0100 block/curl: Don't lose original error when a connection fails. Currently if qemu is connected to a curl source (eg. web server), and the web server fails / times out / dies, you always see a bogus EIO "Input/output error". For example, choose a large file located on any local webserver which you control: $ qemu-img convert -p http://example.com/large.iso /tmp/test Once it starts copying the file, stop the webserver and you will see qemu-img fail with: qemu-img: error while reading sector 61440: Input/output error This patch does two things: Firstly print the actual error from curl so it doesn't get lost. Secondly, change EIO to EPROTO. EPROTO is a POSIX.1 compatible errno which more accurately reflects that there was a protocol error, rather than some kind of hardware failure. After this patch is applied, the error changes to: $ qemu-img convert -p http://example.com/large.iso /tmp/test qemu-img: curl: transfer closed with 469989 bytes remaining to read qemu-img: error while reading sector 16384: Protocol error Signed-off-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 48ac0a4df84662f23da25262443e1810b70c2228 Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Fri May 15 15:51:36 2015 +0800 mirror: correct buf_size If bus_size is less than 0, the command fails. If buf_size is 0, use DEFAULT_MIRROR_BUF_SIZE. If buf_size % granularity is not 0, mirror_free_init() will do dangerous things. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 5555A588.3080907@xxxxxxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 17d9716d7b5381c4b6566bb1a06267d2bfcd1821 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Jun 15 16:02:14 2015 +0100 block: keep bitmap if incremental backup job is cancelled Reclaim the dirty bitmap if an incremental backup block job is cancelled. The ret variable may be 0 when the job is cancelled so it's not enough to check ret < 0. Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1434380534-7680-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 299bf097375f9d148cda579ad85477304e38856b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu May 28 16:21:43 2015 +0200 blockdev: no need to drain in qmp_block_commit Draining is not necessary, I/O can happen as soon as the commit coroutine yields. Draining can be necessary before reopening the file for read/write, or while modifying the backing file chain, but that is done separately in bdrv_reopen_multiple or bdrv_close; this particular bdrv_drain_all does nothing for that. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1432822903-25821-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 4c0cbd6fec7db182a6deb52d5a8a8e7b0c5cbe64 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed May 13 11:11:13 2015 +0800 block/mirror: Sleep periodically during bitmap scanning Before, we only yield after initializing dirty bitmap, where the QMP command would return. That may take very long, and guest IO will be blocked. Add sleep points like the later mirror iterations. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1431486673-19280-1-git-send-email-famz@xxxxxxxxxx Signed-off-by: Jeff Cody <jcody@xxxxxxxxxx> commit 661725da09f47eb92d356fac10a4cf3b7ad1f61d Merge: f394798 2af9170 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 14 18:50:16 2015 +0100 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20150714' into staging s390x fixes for 2.4: - virtio migration regression - missing diag288 watchdog resets # gpg: Signature made Tue Jul 14 18:17:54 2015 BST using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20150714: s390/virtio-ccw: Fix migration watchdog/diag288: correctly register for system reset requests Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2af9170c8c269c4fba73e5271453ca15a57f5844 Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Tue Jul 7 13:47:23 2015 +0200 s390/virtio-ccw: Fix migration commit 213941d73b ("virtio-ccw: migrate ->revision") broke migration: 2015-07-07T11:22:55.570968Z qemu-system-s390x: VQ 39 address 0x0 inconsistent with Host index 0x100 2015-07-07T11:22:55.571008Z qemu-system-s390x: error while loading state for instance 0x0 of If thinint support is active, the config_load function returns early. Make sure to load the revision all the time. Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Fixes: 213941d73b ("virtio-ccw: migrate ->revision") Message-Id: <1436269643-66303-1-git-send-email-borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 0c7322cfd3fd382c0096c2a9f00775818a878e13 Author: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 08:21:10 2015 +0200 watchdog/diag288: correctly register for system reset requests The diag288 watchdog is no sysbus device, therefore it doesn't get triggered on resets automatically using dc->reset. Let's register the reset handler manually, so we get correctly notified again when a system reset was requested. Also reset the watchdog on subsystem resets that don't trigger a full system reset. Signed-off-by: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Tested-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> commit f3947986d9bbbae1087c4c33880d3f8dbf1f1384 Merge: 0030ff4 e34d8f2 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 14 16:51:44 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches for 2.4.0-rc1 # gpg: Signature made Tue Jul 14 16:15:35 2015 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: rbd: fix ceph settings precedence rbd: make qemu's cache setting override any ceph setting MAINTAINERS: update email address rbd: remove unused constants and fields block: Fix backing file child when modifying graph block: Reorder cleanups in bdrv_close() block: Introduce bdrv_unref_child() block: Introduce bdrv_open_child() block: Move bdrv_attach_child() calls up the call chain nvme: properly report volatile write caches nvme: implement the Flush command Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e34d8f297d51b7ffa5dce72df1e45fa94cff989c Author: Josh Durgin <jdurgin@xxxxxxxxxx> Date: Wed Jun 10 20:28:46 2015 -0700 rbd: fix ceph settings precedence Apply the ceph settings from a config file before any ceph settings from the command line. Since the ceph config file location may be specified on the command line, parse it once to read the config file, and do a second pass to apply the rest of the command line ceph options. Signed-off-by: Josh Durgin <jdurgin@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 99a3c89d5d538dc6c360e35dffb797cfe06e9cda Author: Josh Durgin <jdurgin@xxxxxxxxxx> Date: Wed Jun 10 20:28:45 2015 -0700 rbd: make qemu's cache setting override any ceph setting To be safe, when cache=none is used ceph settings should not be able to override it to turn on caching. This was previously possible with rbd_cache=true in the rbd device configuration or a ceph configuration file. Similarly, rbd settings could have turned off caching when qemu requested it, although this would just be a performance problem. Fix this by changing rbd's cache setting to match qemu after all other ceph settings have been applied. Signed-off-by: Josh Durgin <jdurgin@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5a8ac6d9d70e1a078d04ad75a5c055b00a041d70 Author: Josh Durgin <jdurgin@xxxxxxxxxx> Date: Wed Jun 10 20:28:44 2015 -0700 MAINTAINERS: update email address The old one still works for now, but will not work indefinitely. Signed-off-by: Josh Durgin <jdurgin@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 3dbf00e058e450173c6f892bb572df871eb4ea58 Author: Josh Durgin <jdurgin@xxxxxxxxxx> Date: Wed Jun 10 20:28:43 2015 -0700 rbd: remove unused constants and fields RBDAIOCB.status was only used for cancel, which was removed in 7691e24dbebb46658e89b3f950fda6ec78bbb823. RBDAIOCB.sector_num was never used. RADOSCB.done and rcbid were never used. RBD_FD* are obsolete since the pipe was removed in e04fb07fd1676e9facd7f3f878c1bbe03bccd26b. Signed-off-by: Josh Durgin <jdurgin@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 80a1e130917e0745625129553c943743eb663727 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Jun 17 15:52:09 2015 +0200 block: Fix backing file child when modifying graph This patch moves bdrv_attach_child() from the individual places that add a backing file to a BDS to bdrv_set_backing_hd(), which is called by all of them. It also adds bdrv_detach_child() there. For normal operation (starting with one backing file chain and not changing it until the topmost image is closed) and live snapshots, this constitutes no change in behaviour. For all other cases, this is a fix for the bug that the old backing file was still referenced as a child, and the new one wasn't referenced. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 9a7dedbc43c7c400663d2876a8ccb6d942a1429a Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Jun 16 10:58:20 2015 +0200 block: Reorder cleanups in bdrv_close() Block drivers may still want to access their child nodes in their .bdrv_close handler. If they unref and/or detach a child by themselves, this should not result in a double free. There is additional code for backing files, which are just a special case of child nodes. The same applies for them. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 33a604075c51e5528eed970eeaeefe609ea2337d Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Jun 15 13:51:04 2015 +0200 block: Introduce bdrv_unref_child() This is the counterpart for bdrv_open_child(). It decreases the reference count of the child BDS and removes it from the list of children of the given parent BDS. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit b4b059f628173dd1d722ee8a9c592a80aec1fc2f Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Jun 15 13:24:19 2015 +0200 block: Introduce bdrv_open_child() It is the same as bdrv_open_image(), except that it doesn't only return success or failure, but the newly created BdrvChild object for the new child node. As the BdrvChild object already contains a BlockDriverState pointer (and this is supposed to become the only pointer so that bdrv_append() and friends can just change a single pointer in BdrvChild), the pbs parameter is removed for bdrv_open_child(). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit df5817926790f6e84d1936eab523556f96fa577a Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Jun 15 11:53:47 2015 +0200 block: Move bdrv_attach_child() calls up the call chain Let the callers of bdrv_open_inherit() call bdrv_attach_child(). It needs to be called in all cases where bdrv_open_inherit() succeeds (i.e. returns 0) and a child_role is given. bdrv_attach_child() is moved upwards to avoid a forward declaration. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 30349fd038ffb26528fad21abe1e264031364449 Author: Christoph Hellwig <hch@xxxxxx> Date: Thu Jun 11 12:01:39 2015 +0200 nvme: properly report volatile write caches Implement support in Identify and Get/Set Features to properly report and allow to change the Volatile Write Cache status reported by the virtual NVMe device. Signed-off-by: Christoph Hellwig <hch@xxxxxx> Acked-by: Keith Busch <keith.busch@xxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8b9d74e0eebb2106b767d66355d38086be72ad2b Author: Christoph Hellwig <hch@xxxxxx> Date: Thu Jun 11 12:01:38 2015 +0200 nvme: implement the Flush command Implement a real flush instead of faking it. This is especially important as Qemu assume Write back cashing by default and thus requires a working cache flush operation for data integrity. Signed-off-by: Christoph Hellwig <hch@xxxxxx> Acked-by: Keith Busch <keith.busch@xxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 0030ff40472b9ebf0e0595afbc8d7e428218c5d7 Merge: f3a1b50 a169513 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 14 14:52:45 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-20150714-1' into staging vnc: fix vnc client authentication # gpg: Signature made Tue Jul 14 14:38:48 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vnc-20150714-1: vnc: fix vnc client authentication Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a16951375f7669b7faf27f72ca753e25325c5179 Author: Wolfgang Bumiller <w.bumiller@xxxxxxxxxxx> Date: Tue Jul 14 14:51:40 2015 +0200 vnc: fix vnc client authentication Commit 800567a61 updated the code to the generic crypto API and mixed up encrypt and decrypt functions in procotol_client_auth_vnc. (Used to be: deskey(key, EN0) which encrypts, and was changed to qcrypto_cipher_decrypt in 800567a61.) Changed it to qcrypto_cipher_encrypt now. Signed-off-by: Wolfgang Bumiller <w.bumiller@xxxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f3a1b5068cea303a55e2a21a97e66d057eaae638 Merge: 6e3c0c6 4421c6a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 13 13:35:51 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging pc,virtio: fixes for 2.4 pc and virtio changes, bugfixes only. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Mon Jul 13 13:03:38 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: pc: fix reuse of pc-i440fx-2.4 in pc-i440fx-2.3 Revert "virtio-net: enable virtio 1.0" virtio-pci: don't crash on illegal length qdev: fix 64 bit properties Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4421c6a38a37d558b8e6f82d2d54aee30350f57f Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Tue Jun 23 14:00:51 2015 -0300 pc: fix reuse of pc-i440fx-2.4 in pc-i440fx-2.3 commit fddd179ab962f6f78a8493742e1068d6a620e059, "pc: Convert *_MACHINE_OPTIONS macros into functions" broke the chaining of *_machine_options() functions on pc-i440fx-2.3, at: -#define PC_I440FX_2_3_MACHINE_OPTIONS \ - PC_I440FX_2_4_MACHINE_OPTIONS, \ - .alias = NULL, \ - .is_default = 0 +static void pc_i440fx_2_3_machine_options(QEMUMachine *m) +{ + pc_i440fx_machine_options(m); + m->alias = NULL; + m->is_default = 0; +} I have replaced PC_I440FX_2_4_MACHINE_OPTIONS with a pc_i440fx_machine_options() call, instead of calling pc_i440fx_2_4_machine_options(). This broke the setting of default_machine_opts and default_display on pc-i440fx-{2.0,2,1,2.2,2.3}. Fix this by making pc_i440fx_2_3_machine_options() reuse pc_i440fx_2_4_machine_options(). Reported-by: "Dr. David Alan Gilbert" <dgilbert@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 06c4670ff6d4acdc5a24e3d25748ee4a489d5869 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Mon Jul 13 13:46:50 2015 +0800 Revert "virtio-net: enable virtio 1.0" This reverts commit df91055db5c9cee93d70ca8c08d72119a240b987. This is because: - vhost support virtio 1.0 now - transport code (e.g virtio-pci) set this feature when modern is enabled, setting this unconditionally will break disable-modern=on. Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 2a6391232fa58f32469fb61d55343eff32a91083 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Jul 13 10:32:50 2015 +0300 virtio-pci: don't crash on illegal length Some guests seem to access cfg with an illegal length value. It's worth fixing them but debugging is easier if qemu does not crash. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8aedc369c6ae4fb4c4c6920f703b000015df3d8d Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jul 9 13:01:14 2015 +0200 qdev: fix 64 bit properties 64 bit props used 32 bit callbacks in two places, leading to broken feature bits on virtio (example: got 0x31000000000006d4 which is obviously bogus). Fix this. Fixes: fdba6d96 ("qdev: add 64bit properties") Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Tested-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6e3c0c6edbdddb8dd676bec1ac51b5faffc19a77 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Fri Jul 10 21:22:39 2015 +0200 tci: Fix regression with INDEX_op_qemu_st_i32, INDEX_op_qemu_st_i64 Commit 59227d5d45bb3c31dc2118011691c35b3c00879c did not update the code in tcg/tci/tcg-target.c for those two cases. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Message-id: 1436556159-3002-1-git-send-email-sw@xxxxxxxxxxx Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6169b60285fe1ff730d840a49527e721bfb30899 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 9 17:56:56 2015 +0100 Update version for v2.4.0-rc0 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 16c1321bd78ad79a7252b714184ee2a0b5944c56 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 9 17:46:24 2015 +0100 tci: Fix compile failure by including qemu-common.h Compilation of TCI was accidentally broken by the recent disassembler changes: CC x86_64-softmmu/arch_init.o In file included from target-i386/cpu-qom.h:23:0, from target-i386/cpu.h:986, from include/qemu-common.h:122, from include/disas/bfd.h:12, from disas/tci.c:20: include/qom/cpu.h:178:43: error: unknown type name â??disassemble_infoâ?? void (*disas_set_info)(CPUState *cpu, disassemble_info *info); ^ include/qom/cpu.h:179:1: error: no semicolon at end of struct or union [-Werror] } CPUClass; ^ cc1: all warnings being treated as errors The underlying cause of this is an include loop: bfd.h -> qemu-common.h -> target-arm/cpu.h -> target-arm/cpu-qom.h -> qom/cpu.h -> bfd.h which means that if bfd.h is included first then qom/cpu.h doesn't get the definition of the disassemble_info type that it wanted. The easiest fix for this is to include qemu-common.h from tci.c before including disas/bfd.h. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a9dc4cf94c182f03c0061483891f53d1d21e5e68 Merge: 0326248 4f4f697 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 9 16:22:37 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging Fixes for two bad bugs. For 2.4-rc0. # gpg: Signature made Thu Jul 9 15:54:19 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: crypto: fix builtin qcrypto_cipher_free migration: fix RCU deadlock Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4f4f6976d80614e2d81cea4385885876f24bb257 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jul 9 16:52:48 2015 +0200 crypto: fix builtin qcrypto_cipher_free This was dereferencing a pointer before checking if it was NULL. Reported-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reported-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 032624868df264d395ee9900331f08bad1431022 Merge: 5a2db89 6b625fd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 9 15:00:37 2015 +0100 Merge remote-tracking branch 'remotes/afaerber/tags/qom-cpu-for-peter' into staging QOM CPUState and X86CPU * Further QOM'ification of CPU initialization * Propagation of CPUState arguments and elimination of ENV_GET_CPU() usage * cpu_set_pc() abstraction * CPUClass::disas_set_info() hook # gpg: Signature made Thu Jul 9 14:23:12 2015 BST using RSA key ID 3E7E013F # gpg: Good signature from "Andreas Färber <afaerber@xxxxxxx>" # gpg: aka "Andreas Färber <afaerber@xxxxxxxx>" * remotes/afaerber/tags/qom-cpu-for-peter: (22 commits) disas: cris: QOMify target specific disas setup disas: cris: Fix 0 buffer length case disas: microblaze: QOMify target specific disas setup disas: arm: QOMify target specific disas setup disas: arm-a64: Make printfer and stream variable disas: QOMify target specific setup disas: Add print_insn to disassemble info microblaze: boot: Use cpu_set_pc() hw/arm/boot: Use cpu_set_pc() gdbstub: Use cpu_set_pc() helper cpu: Add wrapper for the set_pc() hook cpu-exec: Purge all uses of ENV_GET_CPU() cpu: Change cpu_exec_init() arg to cpu, not env cpu: Change tcg_cpu_exec() arg to cpu, not env gdbstub: Change gdbserver_fork() to accept cpu instead of env translate-all: Change tb_flush() env argument to cpu target-ppc: Move cpu_exec_init() call to realize function cpu: Convert cpu_index into a bitmap cpu: Add Error argument to cpu_exec_init() cpu: Reorder cpu->as, cpu->thread_id, cpu->memory_dispatch init ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6b625fde5eb8d1c969969392f1c92b58beed2183 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:57:38 2015 -0700 disas: cris: QOMify target specific disas setup Move the target_disas() cris specifics to the QOM disas_set_info() hook and delete the cris specific code in disas.c. This also now adds support for monitor_disas() to cris. E.g. (qemu) xp 0x40004000 0000000040004000: 0x1e6f25f0 And before this patch: (qemu) xp/i 0x40004000 0x40004000: Asm output not supported on this arch After: (qemu) xp/i 0x40004000 0x40004000: di (qemu) xp/i 0x40004002 0x40004002: move.d 0xb003c004,$r1 Note: second example is 6-byte misaligned instruction! Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 51d373cf5f5a39fa315342d12ec910fe59d87090 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:57:37 2015 -0700 disas: cris: Fix 0 buffer length case Cris has the complication of variable length instructions and has a check in place to clamp memory reads in case the disas request doesn't have enough bytes for the instruction being disas'd. This breaks down in the case where disassembling for the monitor where the buffer length is defaulted to 0. The buffer length should never be zero for a regular target_disas, so we can safely assume the 0 case is for the monitor in which case consider the buffer length to be the max for cris instructions. Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit efc6674be845e40d443b62e80eb9ea9a9adfee3c Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:57:36 2015 -0700 disas: microblaze: QOMify target specific disas setup Move the target_disas() MB specifics to the QOM disas_set_info hook and delete the MB specific code in disas.c. This also now adds support for monitor_disas() to Microblaze. E.g. (qemu) xp 0x90000000 0000000090000000: 0x94208001 And before this patch: (qemu) xp/i 0x90000000 0x90000000: Asm output not supported on this arch After: (qemu) xp/i 0x90000000 0x90000000: mfs r1, rmsr Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 484406200e51eac023b346fdf987f86af1f6fe75 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:57:35 2015 -0700 disas: arm: QOMify target specific disas setup Move the target_disas() ARM specifics to the QOM disas_set_info hook and delete the ARM specific code in disas.c. This has the extra advantage of the more fully featured target_disas() implementation now applying to monitor_disas(). Currently, target_disas() has multi-endian, thumb and AArch64 support whereas the existing monitor_disas() support only has vanilla AA32 support. E.G. Running an AA64 linux kernel the following -d in_asm disas happens (taget_disas()): IN: 0x0000000040000000: 580000c0 ldr x0, pc+24 (addr 0x40000018) 0x0000000040000004: aa1f03e1 mov x1, xzr However before this patch, disasing the same from the monitor: (qemu) xp/i 0x40000000 0x0000000040000000: 580000c0 stmdapl r0, {r6, r7} After this patch: (qemu) xp/i 0x40000000 0x0000000040000000: 580000c0 ldr x0, pc+24 (addr 0x40000018) Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit fb200d5f003118f63205f34bbe553efcf3a66a81 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:57:34 2015 -0700 disas: arm-a64: Make printfer and stream variable In a normal disassembly flow, the printf() and stream being used varies from disas job to job. In particular it varies if mixing monitor_disas and target_disas. Make both the printf() function and target stream settable in the QEMUDisassmbler class. Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> Tested-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 37b9de463bff4fc786bb5f0778829e68d2c97bd0 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:57:33 2015 -0700 disas: QOMify target specific setup Add a QOM function hook for target-specific disassembly setup. This allows removal of the #ifdeffery currently implementing target specific disas setup from disas.c. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 2de295c544dda8680a82fe465c92d236d49c4d4f Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:57:32 2015 -0700 disas: Add print_insn to disassemble info Add the print_insn pointer to the disassemble info structure. This is to prepare for QOMification support, where a QOM CPU hook function will be responsible for setting the print_insn() function. Add this function to the existing struct to consolidate such that only the one struct needs to be passed to the new QOM API. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 691b9572e337f2d74b4b527c3dc76f542c6a5734 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:19:23 2015 -0700 microblaze: boot: Use cpu_set_pc() Use cpu_set_pc() for setting program counters when bootloading. This removes an instance of system level code having to reach into the CPU env. Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> [AF: Avoid duplicated CPU() casts through local variable] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 4df81c6ed1eddcbbb920a977e76f599e05b39b77 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:19:22 2015 -0700 hw/arm/boot: Use cpu_set_pc() Use cpu_set_pc() across the board for setting program counters. This removes instances of system level code having to reach into the CPU env. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> [AF: Avoid repeated casts with local variables] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 4a2b24edb73f98fa58fd8965db5b312617de7a02 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:19:21 2015 -0700 gdbstub: Use cpu_set_pc() helper Use the cpu_set_pc() helper which will take care of CPUClass retrieval for us. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 2991b8904730d663f12ad42e35798ecc22fe151c Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 20:19:20 2015 -0700 cpu: Add wrapper for the set_pc() hook Add a wrapper around the CPUClass::set_pc() hook. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit ea3e9847408131abc840240bd61e892d28459452 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Jun 18 10:24:55 2015 -0700 cpu-exec: Purge all uses of ENV_GET_CPU() Remove un-needed usages of ENV_GET_CPU() by converting the APIs to use CPUState pointers and retrieving the env_ptr as minimally needed. Scripted conversion for target-* change: for I in target-*/cpu.h; do sed -i \ 's/\(^int cpu_[^_]*_exec(\)[^ ][^ ]* \*s);$/\1CPUState *cpu);/' \ $I; done Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 4bad9e392e788a218967167a38ce2ae7a32a6231 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 19:31:18 2015 -0700 cpu: Change cpu_exec_init() arg to cpu, not env The callers (most of them in target-foo/cpu.c) to this function all have the cpu pointer handy. Just pass it to avoid an ENV_GET_CPU() from core code (in exec.c). Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Cc: "Edgar E. Iglesias" <edgar.iglesias@xxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Cc: Michael Walle <michael@xxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Anthony Green <green@xxxxxxxxxxxxxx> Cc: Jia Liu <proljc@xxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Cc: Blue Swirl <blauwirbel@xxxxxxxxx> Cc: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Cc: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Cc: Guan Xuetao <gxt@xxxxxxxxxxxxxxx> Cc: Max Filippov <jcmvbkbc@xxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 3d57f7893c90d911d786cb2c622b0926fc808b57 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 19:31:17 2015 -0700 cpu: Change tcg_cpu_exec() arg to cpu, not env The sole caller of this function navigates the cpu->env_ptr only for this function to take it back the cpu pointer straight away. Pass in cpu pointer instead and grab the env pointer locally in the function. Removes a core code usage of ENV_GET_CPU(). Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit f7ec7f7b269813603b1d64bb9833f9e711f0115c Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 19:31:16 2015 -0700 gdbstub: Change gdbserver_fork() to accept cpu instead of env All callsites to this function navigate the cpu->env_ptr only for the function to take the env ptr back to the original cpu ptr. Change the function to just pass in the CPU pointer instead. Removes a core code usage of ENV_GET_CPU() (in gdbstub.c). Cc: Riku Voipio <riku.voipio@xxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit bbd77c180d7ff1b04a7661bb878939b2e1d23798 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Tue Jun 23 19:31:15 2015 -0700 translate-all: Change tb_flush() env argument to cpu All of the core-code usages of this API have the cpu pointer handy so pass it in. There are only 3 architecture specific usages (2 of which are commented out) which can just use ENV_GET_CPU() locally to get the cpu pointer. The reduces core code usage of the CPU env, which brings us closer to common-obj'ing these core files. Cc: Riku Voipio <riku.voipio@xxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Acked-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 6dd0f8342ddfbd8db3e3de1a17686cedbc14e9f1 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Tue Jun 23 19:31:14 2015 -0700 target-ppc: Move cpu_exec_init() call to realize function Move cpu_exec_init() call from instance_init to realize. This allows any failures from cpu_exec_init() to be handled appropriately. Also add corresponding cpu_exec_exit() call from unrealize. cpu_dt_id assignment from instance_init is no longer needed since correct assignment for cpu_dt_id is already present in realizefn. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> [AF: Keep calling cpu_exec_init() for CONFIG_USER_ONLY] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit b7bca7333411bd19c449147e8202ae6b0e4a8e09 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Tue Jun 23 19:31:13 2015 -0700 cpu: Convert cpu_index into a bitmap Currently CPUState::cpu_index is monotonically increasing and a newly created CPU always gets the next higher index. The next available index is calculated by counting the existing number of CPUs. This is fine as long as we only add CPUs, but there are architectures which are starting to support CPU removal, too. For an architecture like PowerPC which derives its CPU identifier (device tree ID) from cpu_index, the existing logic of generating cpu_index values causes problems. With the currently proposed method of handling vCPU removal by parking the vCPU fd in QEMU (Ref: http://lists.gnu.org/archive/html/qemu-devel/2015-02/msg02604.html), generating cpu_index this way will not work for PowerPC. This patch changes the way cpu_index is handed out by maintaining a bit map of the CPUs that tracks both addition and removal of CPUs. The CPU bitmap allocation logic is part of cpu_exec_init(), which is called by instance_init routines of various CPU targets. Newly added cpu_exec_exit() API handles the deallocation part and this routine is called from generic CPU instance_finalize. Note: This new CPU enumeration is for !CONFIG_USER_ONLY only. CONFIG_USER_ONLY continues to have the old enumeration logic. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> [AF: max_cpus -> MAX_CPUMASK_BITS] Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 5a790cc4b942e651fec7edc597c19b637fad5a76 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Tue Jun 23 19:31:12 2015 -0700 cpu: Add Error argument to cpu_exec_init() Add an Error argument to cpu_exec_init() to let users collect the error. This is in preparation to change the CPU enumeration logic in cpu_exec_init(). With the new enumeration logic, cpu_exec_init() can fail if cpu_index values corresponding to max_cpus have already been handed out. Since all current callers of cpu_exec_init() are from instance_init, use error_abort Error argument to abort in case of an error. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 291135b5da228e58900c120e12354cc0a23608e3 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Apr 27 17:00:33 2015 -0300 cpu: Reorder cpu->as, cpu->thread_id, cpu->memory_dispatch init Instead of initializing cpu->as, cpu->thread_id, and reloading memory map while holding cpu_list_lock(), do it earlier, before locking the CPU list and initializing cpu_index. This allows the code handling cpu_index and global CPU list to be isolated from the rest. Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 7c39163e389e6e6e16965606fb5a26abcdb6ad73 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Apr 27 17:00:32 2015 -0300 cpu: Initialize breakpoint/watchpoint lists in cpu_common_initfn() One small step in the simplification of cpu_exec_init(). Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 199fc85acd0571902eeefef6ea861b8ba4c8201f Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Apr 27 17:00:31 2015 -0300 cpu: No need to zero-initialize CPUState::numa_node QOM objects are already zero-filled when instantiated, there's no need to explicitly set numa_node to 0. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 5a2db89615c8efabbeca74fe5e0f14f312d3bbe3 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Thu Jul 9 10:17:15 2015 +0100 mips/kvm: Sync with newer MIPS KVM headers The KVM_REG_MIPS_COUNT_* definitions are now included in linux-headers/asm-mips/kvm.h since commit b061808d39fa ("linux-headers: update linux headers to kvm/next"), therefore the duplicate definitions in target-mips/kvm.c can now be dropped (the definitions were tweaked slightly in commit 7a52ce8a1607 ("linux-headers: update") which triggered the following build warnings turned errors): target-mips/kvm.c:232:0: error: "KVM_REG_MIPS_COUNT_CTL" redefined [-Werror] linux-headers/asm/kvm.h:129:0: note: this is the location of the previous definition target-mips/kvm.c:236:0: error: "KVM_REG_MIPS_COUNT_RESUME" redefined [-Werror] linux-headers/asm/kvm.h:141:0: note: this is the location of the previous definition target-mips/kvm.c:239:0: error: "KVM_REG_MIPS_COUNT_HZ" redefined [-Werror] linux-headers/asm/kvm.h:147:0: note: this is the location of the previous definition Also update the MIPS_C0_{32,64} macros to utilise definitions more recently added to the asm-mips/kvm.h header. Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Message-id: 1436433435-24898-3-git-send-email-james.hogan@xxxxxxxxxx Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: kvm@xxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a8f13961fdcff3a5969b9884368e875aa068f1c9 Author: James Hogan <james.hogan@xxxxxxxxxx> Date: Thu Jul 9 10:17:14 2015 +0100 tcg/mips: Fix build error from merged memop+mmu_idx parameter Commit 3972ef6f830d ("tcg: Push merged memop+mmu_idx parameter to softmmu routines") caused the following build errors when building TCG for MIPS: In file included from tcg/tcg.c:258:0: tcg/mips/tcg-target.c In function â??tcg_out_qemu_ld_slow_pathâ??: tcg/mips/tcg-target.c:1015:22: error: â??lbâ?? undeclared (first use in this function) tcg/mips/tcg-target.c In function â??tcg_out_qemu_st_slow_pathâ??: tcg/mips/tcg-target.c:1058:22: error: â??lbâ?? undeclared (first use in this function) It looks like lb was meant to refer to the TCGLabelQemuLdst *l parameter, so fix both references to lb to refer to just l. Fixes: 3972ef6f830d ("tcg: Push merged memop+mmu_idx parameter to softmmu routines") Signed-off-by: James Hogan <james.hogan@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Message-id: 1436433435-24898-2-git-send-email-james.hogan@xxxxxxxxxx Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d09a6fde1590ca3a45b608b6873a680f208dfeb5 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jul 9 08:47:58 2015 +0200 migration: fix RCU deadlock migration_end calls synchronize_rcu() within a critical section. That causes a deadlock; move the call after rcu_read_unlock(). Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit acf7b7fdf31fa76b53803790917c8acf23a2badb Merge: c8e8428 2828a30 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 8 20:46:35 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging Bugfixes and Daniel Berrange's crypto library. # gpg: Signature made Wed Jul 8 12:12:29 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: ossaudio: fix memory leak ui: convert VNC to use generic cipher API block: convert qcow/qcow2 to use generic cipher API ui: convert VNC websockets to use crypto APIs block: convert quorum blockdrv to use crypto APIs crypto: add a nettle cipher implementation crypto: add a gcrypt cipher implementation crypto: introduce generic cipher API & built-in implementation crypto: move built-in D3DES implementation into crypto/ crypto: move built-in AES implementation into crypto/ crypto: introduce new module for computing hash digests vl: move rom_load_all after machine init done Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c8e84287da7dd6a46c0bb0e53190e79ba4eedf24 Merge: d09952e 702c8c8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 8 19:44:28 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Wed Jul 8 19:08:28 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/ide-pull-request: ahci: Fix CD-ROM signature libqos/ahci: fix ahci_write_fis for ncq on ppc64 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 702c8c8be2f3317c81fff83f82d8a5f1d50d41b8 Author: Hannes Reinecke <hare@xxxxxxx> Date: Mon Jul 6 17:49:51 2015 -0400 ahci: Fix CD-ROM signature The CD-ROM signature is 0xeb140101, not 0xeb140000. Without this change OVMF/Duet runs into a timeout trying to detect a SATA cdrom. Signed-off-by: Hannes Reinecke <hare@xxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1436219392-31915-2-git-send-email-jsnow@xxxxxxxxxx commit 9ab9993f71b7eac6788deae2fbb7ec659ceb4a1e Author: John Snow <jsnow@xxxxxxxxxx> Date: Mon Jul 6 15:17:09 2015 -0400 libqos/ahci: fix ahci_write_fis for ncq on ppc64 Don't try to correct the endianness of NCQ commands, which do not use any fields wider than a single byte. This corrects the /x86_64/ahci/io/ncq/simple test (and others) for ppc64 BE hosts. Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Tested-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1436210229-4118-2-git-send-email-jsnow@xxxxxxxxxx commit d09952ee8caeea928695d5a3dc3ec50d8afb98c6 Author: Paul Durrant <paul.durrant@xxxxxxxxxx> Date: Tue Jul 7 14:32:38 2015 +0100 Fix the compatibility typedef of ioservid_t to match the Xen headers There is a mismatch between the definition of ioservid_t in xen_common.h and the definition in the Xen public headers. This patch corrects the definition in xen_common.h. Signed-off-by: Paul Durrant <paul.durrant@xxxxxxxxxx> Tested-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1436275958-25174-1-git-send-email-paul.durrant@xxxxxxxxxx Cc: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c8232b39bb18a91cde39b8e0b60e731a4ce782b1 Merge: 62a3864 c4fc82b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 8 13:36:19 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging pc,virtio,pci: fixes and updates Most notably, this includes the TCO support for ICH: the last feature for 2.4 as we are entering the hard freeze. Bugfixes only from now on. virtio pci also gained cfg access capability - arguably a bugfix since virtio spec makes it mandatory, but it's a big patch. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Wed Jul 8 10:40:07 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: tco-test: fix up config accesses and re-enable virtio fix cfg endian-ness for BE targets virtio-pci: implement cfg capability virtio: define virtio_pci_cfg_cap in header. pcie: Set the "link active" in the link status register pci_regs.h: import from linux virtio_net: reuse constants from linux hw/i386/pc: don't carry FDC from pc_basic_device_init() to pc_cmos_init() hw/i386/pc: reflect any FDC @ ioport 0x3f0 in the CMOS hw/i386/pc: factor out pc_cmos_init_floppy() ich9: implement strap SPKR pin logic tests: add testcase for TCO watchdog emulation ich9: add TCO interface emulation acpi: split out ICH ACPI support Revert "dataplane: allow virtio-1 devices" dataplane: fix cross-endian issues Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 62a3864eb09414d3cee94a2a592ecd414200912f Merge: 59dc0a1 c54e1eb Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jul 8 12:35:14 2015 +0100 Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2015-07-06-v3-tag' into staging tag for qga-pull-2015-07-06-v3 v3: - fix missing <windows.h> in configure test program. v2: - added configure check for guest-get-fs-info to avoid breakage on older MinGWs - removed extraneous include of ws2ipdef.h in w32 guest-network-get-interfaces. ws2tcpip.h already provides those definitions, and older MinGWs don't have it. - rebased on latest master # gpg: Signature made Wed Jul 8 03:01:18 2015 BST using RSA key ID F108B584 # gpg: Good signature from "Michael Roth <flukshun@xxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxx>" # gpg: aka "Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: CEAC C9E1 5534 EBAB B82D 3FA0 3353 C9CE F108 B584 * remotes/mdroth/tags/qga-pull-2015-07-06-v3-tag: qga: added GuestPCIAddress information qga: added bus type and disk location path configure: add configure check for ntdddisk.h qga: added mountpoint and filesystem type for single volume qga: added empty qmp_quest_get_fsinfo functionality. qga: fail early for invalid time qga: win32 qmp_guest_network_get_interfaces implementation qga: add win32 library iphlpapi Revert "guest agent: remove g_strcmp0 usage" qga/qmp_guest_fstrim: Return per path fstrim result qga/commands-posix: Fix bug in guest-fstrim Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2828a307232ffceeddec9feb6a87ac660b68b693 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue Jun 23 09:01:10 2015 +0800 ossaudio: fix memory leak Variable "conf" going out of scope leaks the storage it points to in line 856. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Message-Id: <1435021270-7768-1-git-send-email-arei.gonglei@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 800567a613510c77a55decac4d25fea154d1ee22 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:38 2015 +0100 ui: convert VNC to use generic cipher API Switch the VNC server over to use the generic cipher API, this allows it to use the pluggable DES implementations, instead of being hardcoded to use QEMU's built-in impl. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-11-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f6fa64f6d22b0ed53fb3be5883cd9719d17cb4f0 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:37 2015 +0100 block: convert qcow/qcow2 to use generic cipher API Switch the qcow/qcow2 block driver over to use the generic cipher API, this allows it to use the pluggable AES implementations, instead of being hardcoded to use QEMU's built-in impl. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-10-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8e9b0d24fb986d4241ae3b77752eca5dab4cb486 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:36 2015 +0100 ui: convert VNC websockets to use crypto APIs Remove the direct use of gnutls for hash processing in the websockets code, in favour of using the crypto APIs. This allows the websockets code to be built unconditionally removing countless conditional checks from the VNC code. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-9-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 488981a4af396551a3178d032cc2b41d9553ada2 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:35 2015 +0100 block: convert quorum blockdrv to use crypto APIs Get rid of direct use of gnutls APIs in quorum blockdrv in favour of using the crypto APIs. This avoids the need to do conditional compilation of the quorum driver. It can simply report an error at file open file instead if the required hash algorithm isn't supported by QEMU. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-8-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ed754746fea55df726f4de3dadb5bea0b6aa7409 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:34 2015 +0100 crypto: add a nettle cipher implementation If we are linking to gnutls already and gnutls is built against nettle, then we should use nettle as a cipher backend in preference to our built-in backend. This will be used when linking against some GNUTLS 2.x versions and all GNUTLS 3.x versions. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-7-git-send-email-berrange@xxxxxxxxxx> [Change "#elif" to "#elif defined". - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 62893b67cd82bbd48b013c1cec25f0d863612c80 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:33 2015 +0100 crypto: add a gcrypt cipher implementation If we are linking to gnutls already and gnutls is built against gcrypt, then we should use gcrypt as a cipher backend in preference to our built-in backend. This will be used when linking against GNUTLS 1.x and many GNUTLS 2.x versions. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-6-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ca38a4cc9e36647437b837b346a41981fb8880cd Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:32 2015 +0100 crypto: introduce generic cipher API & built-in implementation Introduce a generic cipher API and an implementation of it that supports only the built-in AES and DES-RFB algorithms. The test suite checks the supported algorithms + modes to validate that every backend implementation is actually correctly complying with the specs. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-5-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c4fc82bf1ad088a84ccedf779f6aa928e4fadb5f Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Jul 8 10:06:15 2015 +0300 tco-test: fix up config accesses and re-enable The mistake that made the test fail was that it tried to use a BAR address as an offset for config accesses to LPC. Config accesses don't need a BAR, and LPC does not have one. Don't attempt to map it. With this change applied, TCO test passes, so re-enable it. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1e40356ce5f6ccfa0bb57104a533c62952c560ce Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Sun Jul 5 15:08:09 2015 +0200 virtio fix cfg endian-ness for BE targets address_space_rw assumes data is in target format and byte-swaps it if target is BE and device is LE. Use fixed-endian LE APIs instead. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ada434cd0b44ce984318621e4bb79e067360d737 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jul 2 14:59:49 2015 +0200 virtio-pci: implement cfg capability spec says we must, so let's do it! Note: the implementation is incorrect for BE targets. Will fix with a patch on top, not a big deal now as the only user is seabios, used on x86 only. Tested-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c36f24a2045d7a002b767ce023acfd9be63df692 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jul 2 12:52:44 2015 +0200 virtio: define virtio_pci_cfg_cap in header. Update virtio pci header from linux-next virtio maintainer tree. We already have VIRTIO_PCI_CAP_PCI_CFG, let's define the structure that goes with it. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b2101eae63ea57b571cee4a9075a4287d24ba4a4 Author: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Date: Sun Jul 5 09:26:03 2015 +1000 pcie: Set the "link active" in the link status register Some firmwares can test that and assume the device hasn't come up if that bit isn't set Signed-off-by: Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 412a82457ef54821362ba27804e24a92fce09761 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Jul 1 11:42:18 2015 +0200 pci_regs.h: import from linux It seems to make sense to import pci_regs.h from linux: why maintain our own? As a first step, move the header to standard-headers, and add it to the update script. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit f56fc2d319b18d5e510988374929188867a5f930 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Jul 1 11:36:57 2015 +0200 virtio_net: reuse constants from linux VIRTIO_NET_F_CTRL_GUEST_OFFLOADS now appears in the linux header, let's reuse it. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 220a8846429ac954932e16010efb07af0aba4529 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu Jun 25 15:35:07 2015 +0200 hw/i386/pc: don't carry FDC from pc_basic_device_init() to pc_cmos_init() Thanks to the last patch, pc_cmos_init() doesn't need the (optional) board-default FDC any longer as an input parameter. Update pc_basic_device_init() not to hand it back to pc_init1() / pc_q35_init(), and update the latter not to carry the FDC to pc_cmos_init(). This simplifies the code. pc_init1() | pc_q35_init() pc_basic_device_init() pc_cmos_init() Cc: Jan Tomko <jtomko@xxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b86f46132cd86b03f9e4a1cf6295f8b416e16afa Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu Jun 25 15:35:06 2015 +0200 hw/i386/pc: reflect any FDC @ ioport 0x3f0 in the CMOS With the pc-q35-2.4 machine type, if the user creates an ISA FDC manually: -device isa-fdc,driveA=drive-fdc0-0-0 \ -drive file=...,if=none,id=drive-fdc0-0-0,format=raw then the board-default FDC will be skipped, and only the explicitly requested FDC will exist. qtree-wise, this is correct; however such an FDC is currently not registered in the CMOS, because that code is only reached for the board-default FDC. The pc_cmos_init_late() one-shot reset handler -- one-shot because the CMOS is not reprogrammed during warm reset -- should search for any ISA FDC devices, created implicitly (by board code) or explicitly, and set the CMOS accordingly to the ISA FDC(s) with iobase=0x3f0: - if there is no such FDC, report both drives absent, - if there is exactly one such FDC, report its drives in the CMOS, - if there are more than one such FDCs, then pick one (it is not specified which one), and print a warning about the ambiguity. Cc: Jan Tomko <jtomko@xxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reported-by: Jan Tomko <jtomko@xxxxxxxxxx> Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 7444ca4ee2382170774ae201c473270d65620d75 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu Jun 25 15:35:05 2015 +0200 hw/i386/pc: factor out pc_cmos_init_floppy() Extract the pc_cmos_init_floppy() function from pc_cmos_init(). The function sets two RTC registers: floppy drive types (0x10), overwriting the earlier value in there), and REG_EQUIPMENT_BYTE (0x14), setting bits in the prior value. Cc: Jan Tomko <jtomko@xxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 5add35bec1e249bb5345a47008c8f298d4760be4 Author: Paulo Alcantara <pcacjr@xxxxxxxxx> Date: Sun Jun 28 14:58:58 2015 -0300 ich9: implement strap SPKR pin logic If the signal is sampled high, this indicates that the system is strapped to the "No Reboot" mode (ICH9 will disable the TCO Timer system reboot feature). The status of this strap is readable via the NO_REBOOT bit (CC: offset 0x3410:bit 5). The NO_REBOOT bit is set when SPKR pin on ICH9 is sampled high. This bit may be set or cleared by software if the strap is sampled low but may not override the strap when it indicates "No Reboot". This patch implements the logic where hardware has ability to set SPKR pin through a property named "noreboot" and it's sampled high by default. Signed-off-by: Paulo Alcantara <pcacjr@xxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 45dcdb9da632b5a5e7639707e12b1b17029c5a1e Author: Paulo Alcantara <pcacjr@xxxxxxxxx> Date: Sun Jun 28 14:58:57 2015 -0300 tests: add testcase for TCO watchdog emulation This patch adds a testcase that covers the following: 1) TCO default values 2) first and second TCO timeout 3) watch and validate ticks counter through TCO_RLD register 4) maximum supported TCO timeout (0x3ff) 5) watchdog actions (pause/reset/shutdown/none) upon second TCO timeout 6) set and get of TCO control and status bits MST: The test does not pass yet, so it's disabled by default. Signed-off-by: Paulo Alcantara <pcacjr@xxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c54e1eb4928d4e6762c7100d1d1ef5f08ddf922b Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 7 19:12:18 2015 -0500 qga: added GuestPCIAddress information PCIAddress inforfation is obtained via SetupApi, which provides the information about address, bus, etc. We look throught entire device tree in the system and try to find device object for given volume. For this PDO SetupDiGetDeviceRegistryProperty is called, which reads PCI configuration for a given devicei if it is possible. This is the most convinient way for a userspace service. The lookup is performed for every volume available. However, this information is not mandatory for vss-provider. In order to use SetupApi we need to notify linker about it. We do not need to install additional libs, so we do not make separate configuration option to use libsetupapi.su SetupApi gives as the same information as kernel driver with IRP_MN_QUERY_INTERFACE. https://support.microsoft.com/en-us/kb/253232 Signed-off-by: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Eric Blake <eblake@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> * stub out get_pci_info if !CONFIG_QGA_NTDDSCSI Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit a3ef3b2272d8349c932f8c440bcaa31d8518b1c0 Author: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Date: Tue Jun 30 13:25:22 2015 +0300 qga: added bus type and disk location path According to Microsoft disk location path can be obtained via IOCTL_SCSI_GET_ADDRESS. Unfortunately this ioctl can not be used for all devices. There are certain bus types which could be obtained with this API. Please, refer to the following link for more details https://technet.microsoft.com/en-us/library/ee851589(v=ws.10).aspx Bus type could be obtained using IOCTL_STORAGE_QUERY_PROPERTY. Enum STORAGE_BUS_TYPE describes all buses supported by OS. Windows defines more bus types than Linux. Thus some values have been added to GuestDiskBusType. Signed-off-by: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Eric Blake <eblake@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> * fixed warning in CreateFile due to use of NULL instead of 0 * only provide disk info when CONFIG_QGA_NTDDSCSI=y Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 50cbebb9a339f43cda2005785010361497151882 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Tue Jul 7 18:10:09 2015 -0500 configure: add configure check for ntdddisk.h This header file provides w32 ioctl definitions for working with disk devices. Older versions of mingw do not expose this in a useable way, so add a configure check and report it via CONFIG_QGA_NTDDSCSI. Subsequent patches will use this macro to stub out functionality that relies on this in cases where it's not available. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit d2b3f390d4e4b5d9dd74ae703d365a7b75a234ea Author: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Date: Tue Jun 30 13:25:21 2015 +0300 qga: added mountpoint and filesystem type for single volume We should use GetVolumeXXX api to work with volumes. This will help us to resolve the situation with volumes without drive letter, i.e. when the volume is mounted as a folder. Such volume is called mounted folder. This volume is a regular mounted volume from all other points of view. The information about non mounted volume is reported as System Reserved. This volume is not mounted and thus it is not writable. GuestDiskAddressList API is not used because operations are performed with volumes but no with disks. This means that spanned disk will be counted and handled as a single volume. It is worth mentioning that the information about every disk in the volume can be queried via IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS. Signed-off-by: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Eric Blake <eblake@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit ef0a03f23061b9994fe5b2c3a208bc9fcba0099d Author: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Date: Tue Jun 30 13:25:20 2015 +0300 qga: added empty qmp_quest_get_fsinfo functionality. We need qmp_quest_get_fsinfo togather with vss-provider, which works with volumes. The call to this function is implemented via FindFirst/NextVolumes. Moreover, volumes in Windows OS are filesystem unit, so it will be more effective to work with them rather with devices. Signed-off-by: Olga Krishtal <okrishtal@xxxxxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Eric Blake <eblake@xxxxxxxxxx> CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 00d2f3707a63881a0cec8d00cbd467f9b2d8af41 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Date: Sun Jul 5 16:28:58 2015 +0200 qga: fail early for invalid time It's possible to set system time with dates after 2070, however, it's not possible to set the RTC. It has limitation to up to year 2070 (1970+100). In order to keep both clock in sync and before the kernel complains on invalid values, bail out early. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit d6c5528b0ce91667714b8c7dabaf4fbf8a898a9c Author: Kirk Allan <kallan@xxxxxxxx> Date: Tue Jun 2 11:41:07 2015 -0600 qga: win32 qmp_guest_network_get_interfaces implementation By default, IPv4 prefixes will be derived by matching the address to those returned by GetAdaptersInfo. IPv6 prefixes can not be matched this way due to the unpredictable order of entries. In Windows Vista/2008 guests and newer, both IPv4 and IPv6 prefixes can be retrieved from OnLinkPrefixLength. Setting --extra-cflags in the build configuration to "-D_WIN32_WINNT=0x600" or greater makes OnLinkPrefixLength available. Setting --extra-cflags is not required and if not set, the default approach to get the prefix will be taken. Signed-off-by: Kirk Allan <kallan@xxxxxxxx> * drop ws2ipdef.h, it's missing on old mingw, and ws2tcpip.h already includes it automatically on new builds Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 601e5a0618ef3238e18fc38ece55ea4260910d5f Author: Kirk Allan <kallan@xxxxxxxx> Date: Tue Jun 2 11:41:06 2015 -0600 qga: add win32 library iphlpapi Add the iphlpapi library to use APIs such as GetAdaptersInfo and GetAdaptersAddresses. Signed-off-by: Kirk Allan <kallan@xxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit f300414cfe9bb9e7b86411a670b68c1aa8edbd35 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed May 27 19:53:49 2015 +0200 Revert "guest agent: remove g_strcmp0 usage" Since we now require GLib 2.22+ (commit f40685c), we don't have to work around lack of g_strcmp0() anymore. This reverts commit 8f4774789947bc4bc4c8d026a289fe980d3d2ee1. Conflicts: qemu-ga.c Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit e82855d9aa4580620773b1b145ecab6ca1f2578c Author: Justin Ossevoort <justin@xxxxxxxxxxxxxxxxx> Date: Mon May 11 08:58:45 2015 +0200 qga/qmp_guest_fstrim: Return per path fstrim result The current guest-fstrim support only returns an error if some mountpoint was unable to be trimmed, skipping any possible additional mountpoints. The result of the TRIM operation itself is also discarded. This change returns a per mountpoint result of the TRIM operation. If an error occurs on some mountpoints that error is returned and the guest-fstrim continue with any additional mountpoints. The returned values for errors, minimum and trimmed are dependant on the filesystem, storage stacks and kernel version. Signed-off-by: Justin Ossevoort <justin@xxxxxxxxxxxxxxxxx> * s/type/struct/ in schema type definitions * moved version annotation for new guest-fstrim return field to the field itself rather than applying to the entire command Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 73a652a1b08445e8d91e50cdbb2da50e571c61b3 Author: Justin Ossevoort <justin@xxxxxxxxxxxxxxxxx> Date: Mon May 11 08:58:44 2015 +0200 qga/commands-posix: Fix bug in guest-fstrim The FITRIM ioctl updates the fstrim_range structure it receives. This way the caller can determine how many bytes were trimmed. The guest-fstrim logic reuses the same fstrim_range for each filesystem, effectively limiting each filesystem to trim at most as much as the previous was able to trim. If a previous filesystem would have trimmed 0 bytes, than the next filesystem would report an error 'Invalid argument' because a FITRIM request with length 0 is not valid. This change resets the fstrim_range structure for each filesystem. Signed-off-by: Justin Ossevoort <justin@xxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> commit 59dc0a1e9b4ccd9d8d7366fdc31acd5c1fbb240a Merge: 7ce0f7d cd3b29b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 7 23:16:42 2015 +0100 Merge remote-tracking branch 'remotes/agraf/tags/signed-s390-for-upstream' into staging Patch queue for s390 - 2015-07-07 A few last minute fixes for 2.4. All of them are s390 TCG bug fixes. # gpg: Signature made Tue Jul 7 16:52:22 2015 BST using RSA key ID 03FEDC60 # gpg: Good signature from "Alexander Graf <agraf@xxxxxxx>" # gpg: aka "Alexander Graf <alex@xxxxxxxxx>" * remotes/agraf/tags/signed-s390-for-upstream: tcg/s390: fix branch target change during code retranslation target-s390x: fix CONVERT TO BINARY (CVD, CVDY) target-s390x: fix EXECUTE instruction executing TRT target-s390x: fix MOVE LONG instruction Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7ce0f7dc87e50ebf58ac756ff6be17ec97d3ba4e Merge: 1a63203 6319b1d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 7 21:16:06 2015 +0100 Merge remote-tracking branch 'remotes/agraf/tags/signed-ppc-for-upstream' into staging Patch queue for ppc - 2015-07-07 A few last minute PPC changes for 2.4: - spapr: Update SLOF - spapr: Fix a few bugs - spapr: Preparation for hotplug - spapr: Minor code cleanups - linux-user: Add mftb handling - kvm: Enable hugepage support with memory-backend-file - mac99: Remove nonexistent interrupt pin (Mac OS 9 fix) # gpg: Signature made Tue Jul 7 16:48:41 2015 BST using RSA key ID 03FEDC60 # gpg: Good signature from "Alexander Graf <agraf@xxxxxxx>" # gpg: aka "Alexander Graf <alex@xxxxxxxxx>" * remotes/agraf/tags/signed-ppc-for-upstream: (30 commits) sPAPR: Clear stale MSIx table during EEH reset sPAPR: Reenable EEH functionality on reboot sPAPR: Don't enable EEH on emulated PCI devices spapr-vty: Use TYPE_ definition instead of hardcoding spapr_vty: lookup should only return valid VTY objects spapr_pci: drop redundant args in spapr_[populate, create]_pci_child_dt spapr_pci: populate ibm,loc-code spapr_pci: enumerate and add PCI device tree xics_kvm: Don't enable KVM_CAP_IRQ_XICS if already enabled ppc: Update cpu_model in MachineState spapr: Consolidate cpu init code into a routine spapr: Reorganize CPU dt generation code cpus: Add a macro to walk CPUs in reverse spapr: Support ibm, lrdr-capacity device tree property spapr: Consider max_cpus during xics initialization Revert "hw/ppc/spapr_pci.c: Avoid functions not in glib 2.12 (g_hash_table_iter_*)" spapr_iommu: translate sPAPRTCEAccess to IOMMUAccessFlags spapr_iommu: drop erroneous check in h_put_tce_indirect() spapr_pci: set device node unit address as hex spapr_pci: encode class code including Prog IF register ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1a632032d1ea09a09dc424ac2b10a4a11cd52ab9 Merge: 30c6672 06ef227 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 7 20:12:55 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 queue, 2015-07-07 Patch "target-i386: emulate CPUID level of real hardware" was removed after the 2015-07-03 pull request. # gpg: Signature made Tue Jul 7 15:46:23 2015 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-pull-request: target-i386: avoid overflow in the tsc-frequency property i386: Introduce ARAT CPU feature Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 30c6672aa4b4bc9bdba3a7e46c49bba191660143 Merge: 9861b71 9703116 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 7 19:12:45 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging Pull request v2: * Drop block/nfs patch since it exposes an unfinished QAPI interface [kwolf] # gpg: Signature made Tue Jul 7 14:29:47 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: blockjob: add block_job_release function block/raw-posix: Don't think /dev/fd/<NN> is a floppy drive. block: Use bdrv_drain to replace uncessary bdrv_drain_all block: Initialize local_err in bdrv_append_temp_snapshot block: update bdrv_drain_all()/bdrv_drain() comments qcow2: remove unnecessary check Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9861b71fd63f04175fddd1e93a417bae4a7808d7 Merge: f2562fb dd63169 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 7 17:19:59 2015 +0100 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20150707' into staging migration/next for 20150707 # gpg: Signature made Tue Jul 7 13:56:30 2015 BST using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20150707: (28 commits) migration: extend migration_bitmap migration: protect migration_bitmap check_section_footers: Check the correct section_id migration: Add migration events on target side migration: Make events a capability migration: create migration event migration: No need to call trace_migrate_set_state() migration: Use always helper to set state migration: ensure we start in NONE state migration: Use cmpxchg correctly migration: Add configuration section vmstate: Create optional sections global_state: Make section optional migration: create new section to store global state runstate: migration allows more transitions now runstate: Add runstate store Fix older machine type compatibility on power with section footers Fail more cleanly in mismatched RAM cases Sanity check RDMA remote data Sort destination RAMBlocks to be the same as the source ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cd3b29b745b0ff393b2d37317837bc726b8dacc8 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Tue Jun 16 07:11:41 2015 +0200 tcg/s390: fix branch target change during code retranslation Make sure to not modify the branch target. This ensure that the branch target is not corrupted during partial retranslation. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Tested-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 92f2b4e71e988ad2751c71717e9fe3387753442a Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jun 25 21:16:58 2015 +0200 target-s390x: fix CONVERT TO BINARY (CVD, CVDY) current_number being shift left by more than 32 bits, we can't use a simple int. Similarly use an int64_t type for the input binary value, to not get the -2^31 case wrong. Finally don't initialize shift to 4, it's already done in the for loop. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit c9c19b493286db7358f9ee26401b927bbbd21604 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun Jun 21 18:51:08 2015 +0200 target-s390x: fix EXECUTE instruction executing TRT A break is missing in the EXECUTE instruction, when executing the TRANSLATE AND TEST instruction. Reported-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-By: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit b5edcddda31b464e73cc0a79e88457e603c3b247 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Tue Jun 16 22:57:47 2015 +0200 target-s390x: fix MOVE LONG instruction The MOVE LONG instruction should pad the destination operand with the byte from bit positions 32-39 of the source length (r2 + 1), not with the same byte in the source address. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 6319b1dad04e66f450fb3ac6c31d2bf3940068b8 Author: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:28 2015 +1000 sPAPR: Clear stale MSIx table during EEH reset The PCI device MSIx table is cleaned out in hardware after EEH PE reset. However, we still hold the stale MSIx entries in QEMU, which should be cleared accordingly. Otherwise, we will run into another (recursive) EEH error and the PCI devices contained in the PE have to be offlined exceptionally. The patch introduces function spapr_phb_vfio_eeh_pre_reset(), which is called by sPAPR when asserting hot or fundamental reset, to clear stale MSIx table for VFIO PCI devices before EEH PE reset so that MSIx table could be restored properly after EEH PE reset. Signed-off-by: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit aef87d1b879416909a4ac73e6fe2cea4a5630f40 Author: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:27 2015 +1000 sPAPR: Reenable EEH functionality on reboot When rebooting the guest, some PEs might be in frozen state. The contained PCI devices won't work properly if their frozen states aren't cleared in time. One case running into this situation would be maximal EEH error times encountered in the guest. The patch reenables the EEH functinality on PEs on PHB's reset callback, which will clear their frozen states if needed. Signed-off-by: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 7cb180079e245024cf92ca218ca58858b679a7d6 Author: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:26 2015 +1000 sPAPR: Don't enable EEH on emulated PCI devices There might have emulated PCI devices, together with VFIO PCI devices under one PHB. The EEH capability shouldn't enabled on emulated PCI devices. The patch returns error when enabling EEH capability on emulated PCI devices by RTAS call "ibm,set-eeh-option". Signed-off-by: Gavin Shan <gwshan@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit e275934d2dd44e38e0c6d53f9c22383d2ba57c17 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:25 2015 +1000 spapr-vty: Use TYPE_ definition instead of hardcoding There's a call to object_dynamic_cast() in spapr_vty which uses the type name "spapr-vty" directly, instead of the usual idiom of using the #defined TYPE_VIO_SPAPR_VTY_DEVICE. Fix it. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 0f888bfaddfc5f55b0d82cde2e1164658a672375 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:24 2015 +1000 spapr_vty: lookup should only return valid VTY objects If a guest passes the reg property of a valid VIO object that is not a VTY to either H_GET_TERM_CHAR or H_PUT_TERM_CHAR, QEMU hits a dynamic cast assertion and aborts. PAPR+ says "Hypervisor checks the termno parameter for validity against the Vterm IOA unit addresses assigned to the partition, else return H_Parameter." This patch adds a type check to ensure vty_lookup() either returns a pointer to a valid VTY object or NULL. H_GET_TERM_CHAR and H_PUT_TERM_CHAR will now return H_PARAMETER to the guest instead of crashing. The patch has no effect on the reg == 0 hack used to implement the RTAS call display-character. Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit e634b89c6ed2309814de7a89bd7c5ced96f59291 Author: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:23 2015 +1000 spapr_pci: drop redundant args in spapr_[populate, create]_pci_child_dt * phb_index is not being used and if required can be obtained from sphb * use helper to get drc_index in spapr_populate_pci_child_dt() * Check if drc_index is zero Suggested-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 16b0ea1d852873cf17630133d86df6a68e23f38c Author: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:22 2015 +1000 spapr_pci: populate ibm,loc-code Each hardware instance has a platform unique location code. The OF device tree that describes a part of a hardware entity must include the â??ibm,loc-codeâ?? property with a value that represents the location code for that hardware entity. Populate ibm,loc-code. 1) PCI passthru devices need to identify with its own ibm,loc-code available on the host. In failure cases use: vfio_<name>:<phb-index>:<bus>:<slot>.<fn> 2) Emulated devices encode as following: qemu_<name>:<phb-index>:<bus>:<slot>.<fn> Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 1d2d974244c6f1629ca83f1de293eaa557634627 Author: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:21 2015 +1000 spapr_pci: enumerate and add PCI device tree All the PCI enumeration and device node creation was off-loaded to SLOF. With PCI hotplug support, code needed to be added to add device node. This creates multiple copy of the code one in SLOF and other in hotplug code. To unify this, the patch adds the pci device node creation in Qemu. For backward compatibility, a flag "qemu,phb-enumerated" is added to the phb, suggesting to SLOF to not do device node creation. Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> [ Squashed Michael's drc_index changes ] Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a45863bda90daa8ec39e5a312b9734fd4665b016 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:20 2015 +1000 xics_kvm: Don't enable KVM_CAP_IRQ_XICS if already enabled When supporting CPU hot removal by parking the vCPU fd and reusing it during hotplug again, there can be cases where we try to reenable KVM_CAP_IRQ_XICS CAP for the vCPU for which it was already enabled. Introduce a boolean member in ICPState to track this and don't reenable the CAP if it was already enabled earlier. Re-enabling this CAP should ideally work, but currently it results in kernel trying to create and associate ICP with this vCPU and that fails since there is already an ICP associated with it. Hence this patch is needed to work around this problem in the kernel. This change allows CPU hot removal to work for sPAPR. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 19fb2c36e2475a2c68e7287e0e089d858dd7cc50 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:19 2015 +1000 ppc: Update cpu_model in MachineState Keep cpu_model field in MachineState uptodate so that it can be used from the CPU hotplug path. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit bab99ea09897fb65255cc4e147d87c077fafcfe6 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:18 2015 +1000 spapr: Consolidate cpu init code into a routine Factor out bits of sPAPR specific CPU initialization code into a separate routine so that it can be called from CPU hotplug path too. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 0da6f3fef9ae52127c14dfad1fdf1781e33ec5ec Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:17 2015 +1000 spapr: Reorganize CPU dt generation code Reorganize CPU device tree generation code so that it be reused from hotplug path. CPU dt entries are now generated from spapr_finalize_fdt() instead of spapr_create_fdt_skel(). Note: This is how the split-up looks like now: Boot path --------- spapr_finalize_fdt spapr_populate_cpus_dt_node spapr_populate_cpu_dt spapr_fixup_cpu_numa_dt spapr_fixup_cpu_smt_dt ibm,cas path ------------ spapr_h_cas_compose_response spapr_fixup_cpu_dt spapr_fixup_cpu_numa_dt spapr_fixup_cpu_smt_dt Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 8487d1231830917099c801e4f2f0e698e8535063 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:16 2015 +1000 cpus: Add a macro to walk CPUs in reverse Add CPU_FOREACH_REVERSE that walks CPUs in reverse. Needed for PowerPC CPU device tree reorganization. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit db4ef288f4a6d285b39dc8ac477092d76971a300 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:15 2015 +1000 spapr: Support ibm, lrdr-capacity device tree property Add support for ibm,lrdr-capacity since this is needed by the guest kernel to know about the possible hot-pluggable CPUs and Memory. With this, pseries kernels will start reporting correct maxcpus in /sys/devices/system/cpu/possible. Also define the minimum hotpluggable memory size as 256MB. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> [agraf: Fix compile error on 32bit hosts] Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 9e734e3deefd460188ea9bd107b65a528ccb7255 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:14 2015 +1000 spapr: Consider max_cpus during xics initialization Use max_cpus instead of smp_cpus when intializating xics system. Also report max_cpus in ibm,interrupt-server-ranges device tree property of interrupt controller node. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 708414f03c3bebbd7ba8e4e98fb92602d2af8d0c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Jul 2 16:23:13 2015 +1000 Revert "hw/ppc/spapr_pci.c: Avoid functions not in glib 2.12 (g_hash_table_iter_*)" Since we now require GLib 2.22+ (commit f40685c), we don't have to work around lack of g_hash_table_iter_init() & friends anymore. This reverts commit f8833a37c0c6b22ddd57b45e48cfb0f97dbd5af4. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 5709af3b9520c6912fc909128ae284512b127600 Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:12 2015 +1000 spapr_iommu: translate sPAPRTCEAccess to IOMMUAccessFlags The fact that these enums have matching values is pure coincidence. We actually need to translate from the PAPR definition to the QEMU one. This patch doesn't fix any bug, it is only code cleanup. Suggested-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 4d9ab7d4ed46c63d047862d11946996005742a09 Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:11 2015 +1000 spapr_iommu: drop erroneous check in h_put_tce_indirect() The tce_list variable is not a TCE but the address to a TCE: we shouldn't clear permission bits as we do now. And this is dead code anyway since we check tce_list is 4K aligned a few lines above. This patch doesn't fix any bug, it is only code cleanup. Suggested-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 9b7d9284c3b114112a7759ce0a885df0767fe8d9 Author: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:10 2015 +1000 spapr_pci: set device node unit address as hex Device node names should encode the unit address as hex, while the code was encodind it as integers. Also, use FDT_NAME_MAX macro for allocating and composing the name. Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 4a7c34741584e91aa838a9e45b8ec5cdc65a343b Author: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:09 2015 +1000 spapr_pci: encode class code including Prog IF register Current code missed the Prog IF register. All Class Code, Subclass, and Prog IF registers are needed to identify the accurate device type. For example: USB controllers use the PROG IF for denoting: USB FullSpeed, HighSpeed or SuperSpeed. Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 72187935b475454792512d44782a33f112b120e6 Author: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:08 2015 +1000 spapr_pci: encode missing 64-bit memory address space The properties reg/assigned-resources need to encode 64-bit memory address space as part of phys.hi dword. 00 if configuration space 01 if IO region, 10 if 32-bit MEM region 11 if 64-bit MEM region Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 183930c0d753e53d22c27d573b1803b04f8d68ac Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:07 2015 +1000 spapr: Add sPAPRMachineClass Currently although we have an sPAPRMachineState descended from MachineState we don't have an sPAPRMAchineClass descended from MachineClass. So far it hasn't been needed, but several upcoming features are going to want it, so this patch creates a stub implementation. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 1b71890729953825c57d52ace48a7671c295e899 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:06 2015 +1000 spapr: Remove obsolete entry_point field from sPAPRMachineState The sPAPRMachineState structure includes an entry_point field containing the initial PC value for starting the machine, even though this always has the value 0x100. I think this is a hangover from very early versions which bypassed the firmware when using -kernel. In any case it has no function now, so remove it. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit fb16499418aa7d71d2a4f2e3d79de444c4d054c0 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:05 2015 +1000 spapr: Remove obsolete ram_limit field from sPAPRMachineState The ram_limit field was imported from sPAPREnvironment where it predates the machine's ram size being available generically from machine->ram_size. Worse, the existing code was inconsistent about where it got the ram size from. Sometimes it used spapr->ram_limit, sometimes the global 'ram_size' and sometimes a local 'ram_size' masking the global. This cleans up the code to consistently use machine->ram_size, eliminating spapr->ram_limit in the process. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 28e0204254c3f03e77106056a3a5730c4b8a2ac6 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:04 2015 +1000 spapr: Merge sPAPREnvironment into sPAPRMachineState The code for -machine pseries maintains a global sPAPREnvironment structure which keeps track of general state information about the guest platform. This predates the existence of the MachineState structure, but performs basically the same function. Now that we have the generic MachineState, fold sPAPREnvironment into sPAPRMachineState, the pseries specific subclass of MachineState. This is mostly a matter of search and replace, although a few places which relied on the global spapr variable are changed to find the structure via qdev_get_machine(). Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 780184aae65d72378737e9cdb8fb61b0121e1e21 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu Jul 2 16:23:03 2015 +1000 pseries: Update SLOF firmware image to qemu-slof-20150429 The changelog is: > version: update to 20150429 > pci: Use QEMU created PCI device nodes > usb: support 64-bit pci bars > pci: Support 64-bit address translation > pci: program correct bridge limit registers during probe > scsi: handle report-luns failure > Fix "key?" Forth word when using USB keyboards > Remove bulk.fs package > Include make.rules in the library Makefiles Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit f303f117fec32c0705f88860e3eadf94135211c9 Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 16:23:02 2015 +1000 spapr: ensure we have at least one XICS server XICS needs to know the upper value for cpu_index as it is used to compute the number of servers: smp_cpus * kvmppc_smt_threads() / smp_threads When passing -smp cpus=1,threads=9 on a POWER8 host, we end up with: 1 * 8 / 9 = 0 ... which leads to an assertion in both emulated: Number of servers needs to be greater 0 Aborted (core dumped) ... and in-kernel XICS: xics_kvm_realize: Assertion `icp->nr_servers' failed. Aborted (core dumped) With this patch, we are sure that nr_servers > 0. Passing the same bogus -smp option then leads to: qemu-system-ppc64: Cannot support more than 8 threads on PPC with KVM ... which is a lot more explicit than the XICS errors. Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 2d103aae876518a91636ad6f4a4d866269c0d953 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu Jul 2 15:46:14 2015 -0500 target-ppc: fix hugepage support when using memory-backend-file Current PPC code relies on -mem-path being used in order for hugepage support to be detected. With the introduction of MemoryBackendFile we can now handle this via: -object memory-file-backend,mem-path=...,id=hugemem0 \ -numa node,id=mem0,memdev=hugemem0 Management tools like libvirt treat the 2 approaches as interchangeable in some cases, which can lead to user-visible regressions even for previously supported guest configurations. Fix these by also iterating through any configured memory backends that may be backed by hugepages. Since the old code assumed hugepages always backed the entirety of guest memory, play it safe an pick the minimum across the max pages sizes for all backends, even ones that aren't backed by hugepages. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 5c464f66f5696724c892339de242fac41f4d57a6 Author: Cormac O'Brien <i.am.cormac.obrien@xxxxxxxxx> Date: Wed Jun 17 17:04:11 2015 -0500 macio: remove nonexistent interrupt on pin 1 The current macio implementation declares an interrupt that doesn't appear to exist in the hardware or any other emulator implementation. OpenBIOS detects this interrupt and generates an 'interrupts' property in the macio device tree entry. Mac OS 9 halts boot when it detects this interrupt, so it has been removed to permit further progress in the boot process. Signed-off-by: Cormac O'Brien <i.am.cormac.obrien@xxxxxxxxx> Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 7d6b1daedd00b35e50ce87ea835f662b36a23160 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Tue Jun 30 11:49:54 2015 +0200 linux-user, ppc: mftbl can be used by user application In qemu-linux-user, when calling gethostbyname2(), it was hanging in .__res_nmkquery. (gdb) bt 0 in .__res_nmkquery () from /lib64/libresolv.so.2 1 in .__libc_res_nquery () from /lib64/libresolv.so.2 2 in .__libc_res_nsearch () from /lib64/libresolv.so.2 3 in ._nss_dns_gethostbyname3_r () from /lib64/libnss_dns.so.2 4 in ._nss_dns_gethostbyname2_r () from /lib64/libnss_dns.so.2 5 in .gethostbyname2_r () from /lib64/libc.so.6 6 in .gethostbyname2 () from /lib64/libc.so.6 .__res_nmkquery() is: ... do { RANDOM_BITS (randombits); } while ((randombits & 0xffff) == 0); ... <.__res_nmkquery+112>: mftbl r11 <.__res_nmkquery+116>: clrlwi r10,r11,16 <.__res_nmkquery+120>: cmpwi cr7,r10,0 <.__res_nmkquery+124>: beq cr7,<.__res_nmkquery+112> but as mftbl (Move From Time Base Lower) is not implemented, r11 is always 0, so we have an infinite loop. This patch fills the Time Base register with cpu_get_real_ticks(). Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit f2562fbb7ac54d597cfe05f613d30296d1850d1b Merge: aeb7218 849729b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 7 15:48:49 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Tue Jul 7 13:38:13 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: rocker: tests: don't need to specify master/self when setting vlans rocker: mark copy-to-cpu pkts as forwarding offloaded rocker: return -1 when dropping packet on ingress rocker: fix missing break statements rocker: fix misplaced break statement rocker: don't queue receive pkts when port is disabled vmxnet3: Fix incorrect small packet padding e1000: flush packets when link comes up rocker: fix memory leak Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 06ef227e5158cca6710e6c268d6a7f65a5e2811b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jun 24 14:11:27 2015 +0200 target-i386: avoid overflow in the tsc-frequency property The TSC frequency fits comfortably in an int when expressed in kHz, but it may overflow when converted to Hz. In this case, tsc-frequency returns a negative value because x86_cpuid_get_tsc_freq does a 32-bit multiplication before assigning to int64_t. For simplicity just make tsc_khz a 64-bit value. Spotted by Coverity. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 28b8e4d0bf93ba176b4b7be819d537383c5a9060 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Sun Jun 7 11:15:08 2015 +0200 i386: Introduce ARAT CPU feature ARAT signals that the APIC timer does not stop in power saving states. As our APICs are emulated, it's fine to expose this feature to guests, at least when asking for KVM host features or with CPU types that include the flag. The exact model number that introduced the feature is not known, but reports can be found that it's at least available since Sandy Bridge. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit aeb72188e073d515e1f5a80f6b603692a396477b Merge: 1452673 501eea4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 7 14:44:19 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20150707-1' into staging virtio-gpu property fixes, add testcase # gpg: Signature made Tue Jul 7 10:24:16 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vga-20150707-1: virtio-gpu: add to display-vga test virtio-gpu: use virtio_instance_init_common, fixup properties virtio-gpu: update console device property. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 970311646a701eecb103eb28093e8924d2fa6861 Author: Ting Wang <kathy.wangting@xxxxxxxxxx> Date: Fri Jun 26 17:37:35 2015 +0800 blockjob: add block_job_release function There is job resource leak in function mirror_start_job, although bdrv_create_dirty_bitmap is unlikely failed. Add block_job_release for each release when needed. Signed-off-by: Ting Wang <kathy.wangting@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1435311455-56048-1-git-send-email-kathy.wangting@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 25d9747b6427de8253221d544b45e50888d4cef7 Author: Richard W.M. Jones <rjones@xxxxxxxxxx> Date: Wed Jul 1 15:40:14 2015 +0100 block/raw-posix: Don't think /dev/fd/<NN> is a floppy drive. In libguestfs we use /dev/fd/<NN> to pass pre-opened file descriptors to qemu-img. Lately I've discovered that although this works, qemu believes that these are floppy disk images. That in itself isn't much of a problem, but now qemu prints a warning about host floppy pass-thru being deprecated. Extend the existing test so that it ignores /dev/fd/ as well as /dev/fdset/ A simple test of this, if you are using the bash shell, is: qemu-img info <( cat /dev/null ) without this patch: $ qemu-img info <( cat /dev/null ) qemu-img: Host floppy pass-through is deprecated Support for it will be removed in a future release. qemu-img: Could not open '/dev/fd/63': Could not refresh total sector count: Illegal seek with this patch: $ qemu-img info <( cat /dev/null ) qemu-img: Could not open '/dev/fd/63': Could not refresh total sector count: Illegal seek Signed-off-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-id: 1435761614-31358-1-git-send-email-rjones@xxxxxxxxxx Fixes: https://bugs.launchpad.net/qemu/+bug/1470536 Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 53ec73e264f481b79b52efcadc9ceb8f8996975c Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri May 29 18:53:14 2015 +0800 block: Use bdrv_drain to replace uncessary bdrv_drain_all There callers work on a single BlockDriverState subtree, where using bdrv_drain() is more accurate. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c2e0dbbfd7265eb9a7170ab195d8f9f8a1cbd1af Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jul 6 12:24:44 2015 +0800 block: Initialize local_err in bdrv_append_temp_snapshot Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1436156684-16526-1-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit dd63169766abd2b8dc33f4451dac5e778458a47c Author: Li Zhijian <lizhijian@xxxxxxxxxxxxxx> Date: Thu Jul 2 20:18:06 2015 +0800 migration: extend migration_bitmap Prevously, if we hotplug a device(e.g. device_add e1000) during migration is processing in source side, qemu will add a new ram block but migration_bitmap is not extended. In this case, migration_bitmap will overflow and lead qemu abort unexpectedly. Signed-off-by: Li Zhijian <lizhijian@xxxxxxxxxxxxxx> Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 2ff64038a59e8de2baa485806be0838f49f70b79 Author: Li Zhijian <lizhijian@xxxxxxxxxxxxxx> Date: Thu Jul 2 20:18:05 2015 +0800 migration: protect migration_bitmap Signed-off-by: Li Zhijian <lizhijian@xxxxxxxxxxxxxx> Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 59f39a47411ab6007a592555dc639aa9753f8d23 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jul 2 09:22:03 2015 +0100 check_section_footers: Check the correct section_id The section footers check was incorrectly checking the section_id in the SaveStateEntry not the LoadStateEntry. These can validly be different if the two QEMU instances have instantiated their devices in a different order. The test only cares that we're finishing the same section we started, and hence it's the LoadStateEntry that we care about. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reported-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 7cf1fe6d68eb2ad3b77e2a89f097354db5d627e2 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed May 20 17:15:42 2015 +0200 migration: Add migration events on target side We reuse the migration events from the source side, sending them on the appropiate place. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit b05dc72342b27585909d9e99d95d17fd3dfbb269 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Tue Jul 7 14:44:05 2015 +0200 migration: Make events a capability Make check fails with events. THis is due to the parser/lexer that it uses. Just in case that they are more broken parsers, just only send events when there are capabilities. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit 598cd2bda0845096d2f06500e45b4d0d399b384a Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed May 20 12:16:15 2015 +0200 migration: create migration event We have one argument that tells us what event has happened. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit f2bb932491185a39922dff0514c4b08c092f3c35 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Jun 17 01:38:25 2015 +0200 migration: No need to call trace_migrate_set_state() We now use the helper everywhere, so no need to call this on this two places. See on previous commit that there were a place where we missed to mark the trace. Now all tracing is done in migrate_set_state(). Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit 7844337d1efb2c47dc3f306d7621e1cafca8ba67 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Jun 17 01:36:40 2015 +0200 migration: Use always helper to set state There were three places that were not using the migrate_set_state() helper, just fix that. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit 656a233440e552230f9d1da016b94a81b86658dc Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Jul 1 09:32:29 2015 +0200 migration: ensure we start in NONE state Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit a5c17b5f68ff7e37ce6e6e1f5457307fe07629e7 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Jun 17 02:06:20 2015 +0200 migration: Use cmpxchg correctly cmpxchg returns the old value Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit 61964c23e5ddd5a33f15699e45ce126f879e3e33 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed May 13 18:17:43 2015 +0200 migration: Add configuration section It needs to be the first one and it is not optional, that is the reason why it is opencoded. For new machine types, it is required that machine type name is the same in both sides. It is just done right now for pc's. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit df8961522a3d6bc7bb60c2830ef59e7c6c67a928 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Oct 15 09:39:14 2014 +0200 vmstate: Create optional sections To make sections optional, we need to do it at the beggining of the code. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit 13d16814d2058f10461e6987c8216950389c1310 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Oct 8 13:58:24 2014 +0200 global_state: Make section optional This section would be sent: a- for all new machine types b- for old machine types if section state is different form {running,paused} that were the only giving us troubles. So, in new qemus: it is alwasy there. In old qemus: they are only there if it an error has happened, basically stoping on target. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit df4b1024526cae3479da3492d6371fd4a7324a03 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Oct 8 10:58:10 2014 +0200 migration: create new section to store global state This includes a new section that for now just stores the current qemu state. Right now, there are only one way to control what is the state of the target after migration. - If you run the target qemu with -S, it would start stopped. - If you run the target qemu without -S, it would run just after migration finishes. The problem here is what happens if we start the target without -S and there happens one error during migration that puts current state as -EIO. Migration would ends (notice that the error happend doing block IO, network IO, i.e. nothing related with migration), and when migration finish, we would just "continue" running on destination, probably hanging the guest/corruption data, whatever. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit ca3fc39ea9045188e37b84c4f92ee79c7ed4b1c3 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Oct 8 12:47:08 2014 +0200 runstate: migration allows more transitions now Next commit would allow to move from incoming migration to error happening on source. Should we add more states to this transition? Luiz? Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit 5e0f1940caf49f56e3bee123aa92e42a3f7fad20 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed Oct 8 11:53:22 2014 +0200 runstate: Add runstate store This allows us to store the current state to send it through migration. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit ff14e817f6c5f110b77e22185b256a17a96aa881 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Fri Jun 12 18:37:52 2015 +0100 Fix older machine type compatibility on power with section footers I forgot to add compatibility for Power when adding section footers. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Fixes: 37fb569c0198cba58e3e Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit ef4b722d19cab845eaa0d1f912018b09a9d8288b Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:28 2015 +0100 Fail more cleanly in mismatched RAM cases If the number of RAMBlocks was different on the source from the destination, QEMU would hang waiting for a disconnect on the source and wouldn't release from that hang until the destination was manually killed. Mark the stream as being in error, this causes the destination to die and the source to carry on. (It still gets a whole bunch of warnings on the destination, and I've not managed to complete another migration after the 1st one, still progress). Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit afcddefdbe75d0c20bf6e11b5512ba768ce0700c Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:27 2015 +0100 Sanity check RDMA remote data Perform some basic (but probably not complete) sanity checking on requests from the RDMA source. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Michael R. Hines <mrhines@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit e4d633207c129dc5b7d145240ac4a1997ef3902f Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:26 2015 +0100 Sort destination RAMBlocks to be the same as the source Use the order of incoming RAMBlocks from the source to record an index number; that then allows us to sort the destination local RAMBlock list to match the source. Now that the RAMBlocks are known to be in the same order, this simplifies the RDMA Registration step which previously tried to match RAMBlocks based on offset (which isn't guaranteed to match). Looking at the existing compress code, I think it was erroneously relying on an assumption of matching ordering, which this fixes. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 760ff4bebc86d08b252809e0da7261c986d022ff Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:25 2015 +0100 Rework ram block hash RDMA uses a hash from block offset->RAM Block; this isn't needed on the destination, and it becomes harder to maintain after the next patch in the series that sorts the block list. Split the hash so that it's only generated on the source. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 03fcab38617ac9bcd6ed28cb1b6a0ecd8fb3bc82 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:24 2015 +0100 Allow rdma_delete_block to work without the hash In the next patch we remove the hash on the destination, rdma_delete_block does two things with the hash which can be avoided: a) The caller passes the offset and rdma_delete_block looks it up in the hash; fixed by getting the caller to pass the block b) The hash gets recreated after deletion; fixed by making that conditional on the hash being initialised. While this function is currently only used during cleanup, Michael asked that we keep it general for future dynamic block registration work. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 632e3a5cd812d6bbd38fd2f3ffc189ff5ea51926 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:23 2015 +0100 Rework ram_control_load_hook to hook during block load We need the names of RAMBlocks as they're loaded for RDMA, reuse a slightly modified ram_control_load_hook: a) Pass a 'data' parameter to use for the name in the block-reg case b) Only some hook types now require the presence of a hook function. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit b12f7777981953b7d939496283014740bdd6de64 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:22 2015 +0100 Translate offsets to destination address space The 'offset' field in RDMACompress and 'current_addr' field in RDMARegister are commented as being offsets within a particular RAMBlock, however they appear to actually be offsets within the ram_addr_t space. The code currently assumes that the offsets on the source/destination match, this change removes the need for the assumption for these structures by translating the addresses into the ram_addr_t space of the destination host. Note: An alternative would be to change the fields to actually take the data they're commented for; this would potentially be simpler but would break stream compatibility for those cases that currently work. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 4fb5364b9096d6110c46604dbf1e19b7e766e757 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:21 2015 +0100 Store block name in local blocks structure In a later patch the block name will be used to match up two views of the block list. Keep a copy of the block name with the local block list. (At some point it could be argued that it would be best just to let migration see the innards of RAMBlock and avoid the need to use foreach). Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Michael R. Hines <mrhines@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 24ec68ef84fdacd5dddb83f3b341165c4815e6d6 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu Jun 11 18:17:20 2015 +0100 rdma typos A couple of typo fixes. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 1aca9a5f7d5a1ef9ee0233eac0fccc77ea6f0626 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Tue Jun 23 17:34:35 2015 +0100 Only try and read a VMDescription if it should be there The VMDescription section maybe after the EOF mark, the current code does a 'qemu_get_byte' and either gets the header byte identifying the description or an error (which it ignores). Doing the 'get' upsets RDMA which hangs on old machine types without the VMDescription. Just avoid reading the VMDescription if we wouldn't send it. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 728470bea15b11ba7b3e3db54f0d9939908e0e65 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue Jun 23 15:56:38 2015 +0800 rdma: fix memory leak Variable "r" going out of scope leaks the storage it points to in line 3268. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 849729bb796e0ecbb3f370f119682f2821dd1441 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Wed Jul 1 03:33:12 2015 -0700 rocker: tests: don't need to specify master/self when setting vlans 4.1 Linux kernel doesn't require specifying "master" or "self" when setting vlans on a port, so clean these up from the tests that use vlans. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Message-id: 1435746792-41278-6-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d0d2555852c5e684a97dce787d3c2a65b9a6d64c Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Wed Jul 1 03:33:11 2015 -0700 rocker: mark copy-to-cpu pkts as forwarding offloaded For pkts copied to the CPU (to be processed by guest driver), mark the Rx descriptor with flag "OFFLOAD_FWD" to indicate device has already forwarded pkt. The guest driver will use this indicator to avoid duplicate forwarding in the guest OS. Examples include bcast/mcast/unknown ucast pkts flooded to bridged ports. We want to avoid both the device and the guest bridge driver flooding these pkts, which would result in duplicates pkts on the wire. Packet sampling, such as sFlow, can also use this technique to mark pkts for the guest OS to record but otherwise drop. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Message-id: 1435746792-41278-5-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 96497af0afd60e57749316f1bc196b417055c585 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Wed Jul 1 03:33:10 2015 -0700 rocker: return -1 when dropping packet on ingress Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Message-id: 1435746792-41278-4-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit f211fcd75fec96ec9850885622ed028c6f7ebdf4 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Wed Jul 1 03:33:09 2015 -0700 rocker: fix missing break statements Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Reported-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1435746792-41278-3-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d1a88c96b7f94c8e12c07518f55fce8873e814d0 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Wed Jul 1 03:33:08 2015 -0700 rocker: fix misplaced break statement Premature break in switch case block. This particular case (group L2 rewrite) will be used for L2 LAG and L3 ECMP support, neither of which are enabled in the guest driver at this time, but are under development. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Reported-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1435746792-41278-2-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 66851f640b73a5a84160ee6ab19ab429f68bbb9f Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Tue Jun 30 19:25:53 2015 -0700 rocker: don't queue receive pkts when port is disabled Commit 6e99c63 ("net/socket: Drop net_socket_can_send") changed the semantics around .can_receive for sockets to now require the device to flush queued pkts when transitioning to a .can_receive=true state. Rocker device was not flushing the queue on .can_receive=true transition, so the receiver was stuck. But, turns out we really don't want any queuing at all on the port when the port is disabled, otherwise when the port transitions to enabled, we'd receive and forward stale pkts that really should have been dropped. So, let's remove .can_receive so avoid queuing and drop the pkt in .receive if the port is disabled. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1435717553-36187-1-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b83b5f2ef9753713c2fb64ff4cae7cb1e080624e Author: Brian Kress <kressb@xxxxxxxxx> Date: Tue Jun 23 11:49:25 2015 -0400 vmxnet3: Fix incorrect small packet padding When running ESXi under qemu there is an issue with the ESXi guest discarding packets that are too short. The guest discards any packets under the normal minimum length for an ethernet packet (60). This results in odd behaviour where other hosts or VMs on other hosts can communicate with the ESXi guest just fine (since there's a physical NIC somewhere doing padding), but VMs on the host and the host itself cannot because the ARP request packets are too small for the ESXi host to accept. Someone in the past thought this was worth fixing, and added code to the vmxnet3 qemu emulation such that if it is receiving packets smaller than 60 bytes to pad the packet out to 60. Unfortunately this code is wrong (or at least in the wrong place). It does so BEFORE before taking into account the vnet_hdr at the front of the packet added by the tap device. As a result, it might add padding, but it never adds enough. Specifically it adds 10 less (the length of the vnet_hdr) than it needs to. The following (hopefully "obviously correct") patch simply swaps the order of processing the vnet header and the padding. With this patch an ESXi guest is able to communicate with the host or other local VMs. Signed-off-by: Brian Kress <kressb@xxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Dmitry Fleytman <dmitry@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5df6a1855b62dc653515d919e48c5b6f00c48f32 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Jun 25 10:18:05 2015 +0100 e1000: flush packets when link comes up e1000_can_receive() checks the link up status register bit. If the bit is clear, packets will be queued and the peer may disable receive to avoid wasting CPU reading packets that cannot be delivered. The queue must be flushed once the link comes back up again. This patch fixes broken e1000 receive with Mac OS X Snow Leopard guests and tap networking. Flushing the queue invokes the async send callback, which re-enables tap fd read. Reported-by: Jonathan Liu <net147@xxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1435223885-12745-1-git-send-email-stefanha@xxxxxxxxxx commit ec50dd4634ae06091e61f42b7ba975f9ed510ad0 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Thu Jun 25 14:24:10 2015 +0800 rocker: fix memory leak Meanwhile, using g_new0 instead of g_malloc0, refer to commit 5839e53. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Message-id: 1435213450-6700-1-git-send-email-arei.gonglei@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 920557971b60e53c2f3f22e5d6c620ab1ed411fd Author: Paulo Alcantara <pcacjr@xxxxxxxxx> Date: Sun Jun 28 14:58:56 2015 -0300 ich9: add TCO interface emulation This interface provides some registers within a 32-byte range and can be acessed through PCI-to-LPC bridge interface (PMBASE + 0x60). It's commonly used as a watchdog timer to detect system lockups through SMIs that are generated -- if TCO_EN bit is set -- on every timeout. If NO_REBOOT bit is not set in GCS (General Control and Status register), the system will be resetted upon second timeout if TCO_RLD register wasn't previously written to prevent timeout. This patch adds support to TCO watchdog logic and few other features like mapping NMIs to SMIs (NMI2SMI_EN bit), system intruder detection, etc. are not implemented yet. Signed-off-by: Paulo Alcantara <pcacjr@xxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 71ba2f0af398f616e154137d9fdda25c2da01324 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Jul 7 13:00:56 2015 +0300 acpi: split out ICH ACPI support MIPS doesn't need it, and including it creates problem as we are adding dependency on ISA LPC bridge. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 9fd72468dfe40532df7c64d35054994058106c42 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:31 2015 +0100 crypto: move built-in D3DES implementation into crypto/ To prepare for a generic internal cipher API, move the built-in D3DES implementation into the crypto/ directory. This is not in fact a normal D3DES implementation, it is D3DES with double & triple length modes removed, and the key bytes in reversed bit order. IOW it is crippled specifically for the "benefit" of RFB, so call the new files desrfb.c instead of d3des.c to make it clear that it isn't a generally useful impl. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-4-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6f2945cde60545aae7f31ab9d5ef29531efbc94f Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:30 2015 +0100 crypto: move built-in AES implementation into crypto/ To prepare for a generic internal cipher API, move the built-in AES implementation into the crypto/ directory Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-3-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ddbb0d09661f5fce21b335ba9aea8202d189b98e Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed Jul 1 18:10:29 2015 +0100 crypto: introduce new module for computing hash digests Introduce a new crypto/ directory that will (eventually) contain all the cryptographic related code. This initially defines a wrapper for initializing gnutls and for computing hashes with gnutls. The former ensures that gnutls is guaranteed to be initialized exactly once in QEMU regardless of CLI args. The block quorum code currently fails to initialize gnutls so it only works by luck, if VNC server TLS is not requested. The hash APIs avoids the need to litter the rest of the code with preprocessor checks and simplifies callers by allocating the correct amount of memory for the requested hash. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Message-Id: <1435770638-25715-2-git-send-email-berrange@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7a63f3cdc44230109c91cdc0ee912c3cc7837141 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Jul 2 17:24:41 2015 +0100 block: update bdrv_drain_all()/bdrv_drain() comments The doc comments for bdrv_drain_all() and bdrv_drain() are outdated: * The bdrv_drain() comment is a poor man's bdrv_lock()/bdrv_unlock() which Fam Zheng is currently developing. Unfortunately this warning was never really enough because devices keep submitting I/O and op blockers don't prevent that. * The bdrv_drain_all() comment is still partially correct but reflects the nature of the implementation rather than API documentation. Do make it clear that bdrv_drain() is only appropriate within an AioContext. For anything spanning AioContexts you need bdrv_drain_all(). Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1435854281-6078-1-git-send-email-stefanha@xxxxxxxxxx commit 1bd84ee717bf146c19281cce48a36a2f4d71748d Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Thu Jul 2 11:06:11 2015 +0300 qcow2: remove unnecessary check The value of 'i' is guaranteed to be >= 0 Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1435824371-2660-1-git-send-email-berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 501eea4f4187b6c62b6cf348ab0b100d57d8c56b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Mon Apr 28 11:10:12 2014 +0200 virtio-gpu: add to display-vga test Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit b3409a31001e86d48221ea967b1c696c6497f318 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jun 24 12:22:09 2015 +0200 virtio-gpu: use virtio_instance_init_common, fixup properties Switch over to virtio_instance_init_common. Drop duplicate properties in virtio-gpu-pci and virtio-vga as they are properly aliased now. Also drop the indirection via DEFINE_VIRTIO_GPU_PROPERTIES, we don't need it any more as the properties are defined in a single place now. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e18882952e46634ab7f53ef018a5e2e980996d48 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jun 24 12:19:42 2015 +0200 virtio-gpu: update console device property. Update the device link of the QemuConsole, so it points to the virtio-gpu-pci or virtio-vga device instead of virtio-gpu-device. This is needed because we want to find the device by id, for example for input routing, and the id specified on the command line is attached to the pci proxy, not the virtio device. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 6b3f7f639ed8861cd034292f9bb85b00c73658a6 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Tue Jun 16 17:07:54 2015 +0100 vl: move rom_load_all after machine init done On ARM, commit ac9d32e39664e060cd1b538ff190980d57ad69e4 postponed the memory preparation for boot until the machine init done notifier. This has for consequence to insert ROM at machine init done time. However the rom_load_all function stayed called before the ROM are inserted. As a consequence the rom_load_all function does not do everything it is expected to do, on ARM. It currently registers the ROM reset notifier but does not iterate through the registered ROM list. the isrom field is not set properly. This latter is used to report info in the monitor and also to decide whether the rom->data can be freed on ROM reset notifier. To fix that regression the patch moves the rom_load_all call after machine init done. We also take the opportunity to rename the rom_load_all function into rom_check_and_resgister_reset() and integrate the rom_load_done in it. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reported-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-Id: <1434470874-22573-1-git-send-email-eric.auger@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 1452673888f6d7f0454276d049846c9bec659233 Merge: f6e3035 4330296 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jul 7 09:22:40 2015 +0100 Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150706.0' into staging VFIO updates for 2.4-rc0 - "real" host page size API (Peter Crosthwaite) - platform device irqfd support (Eric Auger) - spapr container disconnect fix (Alexey Kardashevskiy) - quirk for broken Chelsio hardware (Gabriel Laupre) - coverity fix (Paolo Bonzini) # gpg: Signature made Mon Jul 6 19:23:49 2015 BST using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex@xxxxxxxxxxx>" # gpg: aka "Alex Williamson <alwillia@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex.l.williamson@xxxxxxxxx>" * remotes/awilliam/tags/vfio-update-20150706.0: vfio/pci : Add pba_offset PCI quirk for Chelsio T5 devices vfio: Unregister IOMMU notifiers when container is destroyed hw/vfio/platform: add irqfd support kvm: some fixes to kvm_resamplefds_allowed sysbus: add irq_routing_notifier intc: arm_gic_kvm: set the qemu_irq/gsi mapping kvm-all.c: add qemu_irq/gsi hash table and utility routines kvm: rename kvm_irqchip_[add,remove]_irqfd_notifier with gsi suffix vfio: cpu: Use "real" page size API cpu-all: complete "real" host page size API vfio: fix return type of pread Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Conflicts: kvm-all.c commit f329c74c1e7f08399f0d237f78571eb0ca6a89dd Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Jun 23 15:52:56 2015 +0200 Revert "dataplane: allow virtio-1 devices" This reverts commit f5a5628cf0b65b223fa0c9031714578dfac4cf04. This was an old patch that had been already superseded by b0e5d90eb ("dataplane: endianness-aware accesses"). Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit be1e50a27d5b6845729ae0854f57f3816cf47edb Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Fri Jun 26 09:32:28 2015 +0200 dataplane: fix cross-endian issues Accesses to vring_avail_event and vring_used_event must honor the queue endianness. This patch allows cross-endian setups to use dataplane (tested with ppc64 on ppc64le, and vice-versa). Suggested-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit f6e3035f75e5c6a73485335765ae070304c7a110 Merge: 7edd8e4 355023f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 6 23:37:53 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream-smm' into staging This series implements KVM support for SMM, and lets you enable/disable it through the "smm" property of x86 machine types. # gpg: Signature made Mon Jul 6 17:41:05 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream-smm: pc: add SMM property ich9: add smm_enabled field and arguments pc_piix: rename kvm_enabled to smm_enabled target-i386: register a separate KVM address space including SMRAM regions kvm-all: kvm_irqchip_create is not expected to fail kvm-all: add support for multiple address spaces kvm-all: make KVM's memory listener more generic kvm-all: move internal types to kvm_int.h kvm-all: remove useless typedef kvm-all: put kvm_mem_flags to more work target-i386: add support for SMBASE MSR and SMIs piix4/ich9: do not raise SMI on ACPI enable/disable commands linux-headers: Update to 4.2-rc1 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 43302969966bc3a95470bfc300289a83068ef5d9 Author: Gabriel Laupre <glaupre@xxxxxxxxxxx> Date: Mon Jul 6 12:15:15 2015 -0600 vfio/pci : Add pba_offset PCI quirk for Chelsio T5 devices Fix pba_offset initialization value for Chelsio T5 Virtual Function device. The T5 hardware has a bug in it where it reports a Pending Interrupt Bit Array Offset of 0x8000 for its SR-IOV Virtual Functions instead of the 0x1000 that the hardware actually uses internally. As the hardware doesn't return the correct pba_offset value, add a quirk to instead return a hardcoded value of 0x1000 when a Chelsio T5 VF device is detected. This bug has been fixed in the Chelsio's next chip series T6 but there are no plans to respin the T5 ASIC for this bug. It is just documented in the T5 Errata and left it at that. Signed-off-by: Gabriel Laupre <glaupre@xxxxxxxxxxx> Reviewed-by: Bandan Das <bsd@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit f8d8a944009b7e836c718a05590ea6b36146978f Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Mon Jul 6 12:15:15 2015 -0600 vfio: Unregister IOMMU notifiers when container is destroyed On systems with guest visible IOMMU, adding a new memory region onto PCI bus calls vfio_listener_region_add() for every DMA window. This installs a notifier for IOMMU memory regions. The notifier is supposed to be removed vfio_listener_region_del(), however in the case of mixed PHB (emulated + VFIO devices) when last VFIO device is unplugged and container gets destroyed, all existing DMA windows stay alive altogether with the notifiers which are on the linked list which head was in the destroyed container. This unregisters IOMMU memory region notifier when a container is destroyed. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit fb5f816499a5184a1336d72db030b8419b523082 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jul 6 12:15:14 2015 -0600 hw/vfio/platform: add irqfd support This patch aims at optimizing IRQ handling using irqfd framework. Instead of handling the eventfds on user-side they are handled on kernel side using - the KVM irqfd framework, - the VFIO driver virqfd framework. the virtual IRQ completion is trapped at interrupt controller This removes the need for fast/slow path swap. Overall this brings significant performance improvements. Signed-off-by: Alvise Rigo <a.rigo@xxxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Tested-by: Vikram Sethi <vikrams@xxxxxxxxxxxxxx> Acked-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 879904e8635b316de18393222f02d46d2d1f7f4e Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jul 6 12:15:14 2015 -0600 kvm: some fixes to kvm_resamplefds_allowed Commit f41389ae3c54b introduced kvm_resamplefds_enabled() and associated kvm_resamplefds_allowed boolean. This patch adds non-KVM version for kvm_resamplefds_enabled and also declares kvm_resamplefds_allowed in kvm-stub as it is done for fellow kvm_irqfds_allowed. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 715ca691daca081108b33306faa6fa102f0df8d8 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jul 6 12:15:14 2015 -0600 sysbus: add irq_routing_notifier Add a new connect_irq_notifier notifier in the SysBusDeviceClass. This notifier, if populated, is called after sysbus_connect_irq. This mechanism is used to setup VFIO signaling once VFIO platform devices get attached to their platform bus, on a machine init done notifier. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Tested-by: Vikram Sethi <vikrams@xxxxxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 6a1a9cfa1c4a3e5b521d82e6adb94311fc5b9f8b Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jul 6 12:15:13 2015 -0600 intc: arm_gic_kvm: set the qemu_irq/gsi mapping The arm_gic_kvm now calls kvm_irqchip_set_qemuirq_gsi to build the hash table storing qemu_irq/gsi mappings. From that point on irqfd can be setup directly from the qemu_irq using kvm_irqchip_add_irqfd_notifier. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Tested-by: Vikram Sethi <vikrams@xxxxxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 197e35249a7360534e1aea0f2268ad0e1aa27121 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jul 6 12:15:13 2015 -0600 kvm-all.c: add qemu_irq/gsi hash table and utility routines VFIO platform device needs to setup irqfd but it does not know the gsi corresponding to the device qemu_irq. This patch proposes to store a hash table in kvm_state using the qemu_irq as key and the gsi as a value. kvm_irqchip_set_qemuirq_gsi allows to insert such a pair. The interrupt controller is supposed to use it. kvm_irqchip_[add, remove]_irqfd_notifier allows to setup/tear down irqfd directly from the qemu_irq. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Tested-by: Vikram Sethi <vikrams@xxxxxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 1c9b71a7311ed99635a2d007fc8a856879537a05 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jul 6 12:15:13 2015 -0600 kvm: rename kvm_irqchip_[add,remove]_irqfd_notifier with gsi suffix Anticipating for the introduction of new add/remove functions taking a qemu_irq parameter, let's rename existing ones with a gsi suffix. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Tested-by: Vikram Sethi <vikrams@xxxxxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit f7ceed190d7dcd907afe4b46b23809aaad09a619 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Mon Jul 6 12:15:12 2015 -0600 vfio: cpu: Use "real" page size API This is system level code, and should only depend on the host page size, not the target page size. Note that HOST_PAGE_SIZE is misleadingly lead and is really aligning to both host and target page size. Hence it's replacement with REAL_HOST_PAGE_SIZE. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Tested-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 4e51361d79289aee2985dfed472f8d87bd53a8df Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Mon Jul 6 12:15:12 2015 -0600 cpu-all: complete "real" host page size API Currently the "host" page size alignment API is really aligning to both host and target page sizes. There is the qemu_real_page_size which can be used for the actual host page size but it's missing a mask and ALIGN macro as provided for qemu_page_size. Complete the API. This allows system level code that cares about the host page size to use a consistent alignment interface without having to un-needingly align to the target page size. This also reduces system level code dependency on the cpu specific TARGET_PAGE_SIZE. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Tested-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 7d489dcdf5fd71b5052ffd401b869a627e1c751f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Jul 6 12:15:12 2015 -0600 vfio: fix return type of pread size_t is an unsigned type, thus the error case is never reached in the below call to pread. If bytes is negative, it will be seen as a very high positive value. Spotted by Coverity. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 355023f2010c4df619d88a0dd7012b4b9c74c12c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:30:52 2015 +0200 pc: add SMM property The property can take values on, off or auto. The default is "off" for KVM and pre-2.4 machines, otherwise "auto" (which makes it available on TCG or on new-enough kernels). Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fba72476c6b7be60ac74c5bcdc06c61242d1fe4f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:30:51 2015 +0200 ich9: add smm_enabled field and arguments Q35's ACPI device is hard-coding SMM availability to KVM. Place the logic where the board is created instead, so that it will be possible to override it. Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 61e66c6237a0ca3eac35cf3145ccbb3ab5b6354c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:30:17 2015 +0200 pc_piix: rename kvm_enabled to smm_enabled We will enable SMM even if KVM is in use. Rename the field and arguments. Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6410848bec38089424d54a6a8f10d4cf77182b5d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:30:16 2015 +0200 target-i386: register a separate KVM address space including SMRAM regions Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8db4936bb648e15173d687bc162be14fd0d4260c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:30:15 2015 +0200 kvm-all: kvm_irqchip_create is not expected to fail KVM_CREATE_IRQCHIP should never fail, and so should its userspace wrapper kvm_irqchip_create. The function does not do anything if the irqchip capability is not available, as is the case for PPC. With this patch, kvm_arch_init can allocate memory and it will not be leaked. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 38bfe69180f99d05611a14bab4bb72c95e755b58 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:30:14 2015 +0200 kvm-all: add support for multiple address spaces Make kvm_memory_listener_register public, and assign a kernel address space id to each KVMMemoryListener. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7bbda04c8d13d0a599b31ed1c10dc76a62f9d4dc Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:30:13 2015 +0200 kvm-all: make KVM's memory listener more generic No semantic change, but s->slots moves into a new struct KVMMemoryListener. KVM's memory listener becomes a member of struct KVMState, and becomes of type KVMMemoryListener. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 8571ed35cfa50ed6b2aaee484dfa4f58176ebe00 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:28:45 2015 +0200 kvm-all: move internal types to kvm_int.h i386 code will have to define a different KVMMemoryListener. Create an internal header so that KVMSlot is not exposed outside. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 714f78c587ba628169b8ae6f91866c52fe6a799f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:28:44 2015 +0200 kvm-all: remove useless typedef Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d6ff5cbc1231a5aec997abf3a809c7013e60472f Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Thu Jun 18 18:28:43 2015 +0200 kvm-all: put kvm_mem_flags to more work Currently kvm_mem_flags just translates bools to bits, let's make it also determine the bools first. This avoids its parameter list growing each time we add a flag. Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fc12d72e10828ca6ff75f2ad432b741f07a10cef Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:28:42 2015 +0200 target-i386: add support for SMBASE MSR and SMIs Apart from the MSR, the smi field of struct kvm_vcpu_events has to be translated into the corresponding CPUX86State fields. Also, memory transaction flags depend on SMM state, so pull it from struct kvm_run on every exit from KVM to userspace. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit afd6895b45f20eb43b7ff95f7a76cc5af8d36cd7 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:28:41 2015 +0200 piix4/ich9: do not raise SMI on ACPI enable/disable commands These commands are handled entirely by QEMU. Do not raise an SMI when they happen, because Windows (at least 2008r2) expects these commands to work and (depending on the value of APMC_EN at startup) the firmware might not have installed an SMI handler. When this happens (e.g. the kernel supports SMIs, or you are using TCG, but you have used "-machine smm=off") RIP is moved to 0x38000 where there is no code to execute. Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 25b8b39b6d7de95d0dd5ae7b66b3ac4b9b83e060 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Mon Jul 6 12:10:57 2015 +1000 linux-headers: Update to 4.2-rc1 This updates linux-headers against master 4.2-rc1 (commit d770e558e21961ad6cfdf0ff7df0eb5d7d4f0754). This is the result of ./scripts/update-linux-headers.sh work. Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7edd8e4660beb301d527257f8e04ebec0f841cb0 Merge: 3fa18bc b242e0e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 6 14:03:44 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * more of Peter Crosthwaite's multiarch preparation patches * unlocked MMIO support in KVM * support for compilation with ICC # gpg: Signature made Mon Jul 6 13:59:20 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: exec: skip MMIO regions correctly in cpu_physical_memory_write_rom_internal Stop including qemu-common.h in memory.h kvm: Switch to unlocked MMIO acpi: mark PMTIMER as unlocked kvm: Switch to unlocked PIO kvm: First step to push iothread lock out of inner run loop memory: let address_space_rw/ld*/st* run outside the BQL exec: pull qemu_flush_coalesced_mmio_buffer() into address_space_rw/ld*/st* memory: Add global-locking property to memory regions main-loop: introduce qemu_mutex_iothread_locked main-loop: use qemu_mutex_lock_iothread consistently Fix irq route entries exceeding KVM_MAX_IRQ_ROUTES cpu-defs: Move out TB_JMP defines include/exec: Move tb hash functions out include/exec: Move standard exceptions to cpu-all.h cpu-defs: Move CPU_TEMP_BUF_NLONGS to tcg memory_mapping: Rework cpu related includes cutils: allow compilation with icc qemu-common: add VEC_OR macro Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b242e0e0e2969c044a318e56f7988bbd84de1f63 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Sat Jul 4 00:24:51 2015 +0200 exec: skip MMIO regions correctly in cpu_physical_memory_write_rom_internal Loading the BIOS in the mac99 machine is interesting, because there is a PROM in the middle of the BIOS region (from 16K to 32K). Before memory region accesses were clamped, when QEMU was asked to load a BIOS from 0xfff00000 to 0xffffffff it would put even those 16K from the BIOS file into the region. This is weird because those 16K were not actually visible between 0xfff04000 and 0xfff07fff. However, it worked. After clamping was added, this also worked. In this case, the cpu_physical_memory_write_rom_internal function split the write in three parts: the first 16K were copied, the PROM area (second 16K) were ignored, then the rest was copied. Problems then started with commit 965eb2f (exec: do not clamp accesses to MMIO regions, 2015-06-17). Clamping accesses is not done for MMIO regions because they can overlap wildly, and MMIO registers can be expected to perform full-width accesses based only on their address (with no respect for adjacent registers that could decode to completely different MemoryRegions). However, this lack of clamping also applied to the PROM area! cpu_physical_memory_write_rom_internal thus failed to copy the third range above, i.e. only copied the first 16K of the BIOS. In effect, address_space_translate is expecting _something else_ to do the clamping for MMIO regions if the incoming length is large. This "something else" is memory_access_size in the case of address_space_rw, so use the same logic in cpu_physical_memory_write_rom_internal. Reported-by: Alexander Graf <agraf@xxxxxxxxxx> Reviewed-by: Laurent Vivier <lvivier@xxxxxxxxxx> Tested-by: Laurent Vivier <lvivier@xxxxxxxxxx> Fixes: 965eb2f Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fba0a593b2809ecdda68650952cf3d3332ac1990 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 3 15:18:24 2015 +0100 Stop including qemu-common.h in memory.h Including qemu-common.h from other header files is generally a bad idea, because it means it's very easy to end up with a circular dependency. For instance, if we wanted to include memory.h from qom/cpu.h we'd end up with this loop: memory.h -> qemu-common.h -> cpu.h -> cpu-qom.h -> qom/cpu.h -> memory.h Remove the include from memory.h. This requires us to fix up a few other files which were inadvertently getting declarations indirectly through memory.h. The biggest change is splitting the fprintf_function typedef out into its own header so other headers can get at it without having to include qemu-common.h. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1435933104-15216-1-git-send-email-peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3fa18bc9a55e067ba3012ab1d394f5d5a7e51419 Merge: 261ccf4 1479073 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 6 12:51:51 2015 +0100 Merge remote-tracking branch 'remotes/xtensa/tags/20150706-xtensa' into staging Xtensa fixes: - add 64-bit floating point registers; - fix gdb register map construction. # gpg: Signature made Mon Jul 6 11:27:45 2015 BST using RSA key ID F83FA044 # gpg: Good signature from "Max Filippov <max.filippov@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Max Filippov <jcmvbkbc@xxxxxxxxx>" * remotes/xtensa/tags/20150706-xtensa: target-xtensa: fix gdb register map construction target-xtensa: add 64-bit floating point registers Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1479073b7e849fa03e5892eea0e0b5dadde1a98a Author: Max Filippov <jcmvbkbc@xxxxxxxxx> Date: Wed Jul 1 13:00:29 2015 +0300 target-xtensa: fix gdb register map construction Due to different gdb overlay organization between windowed/call0 configurations core import script doesn't always work correctly. Simplify the script: always copy complete gdb register map from overlay, count registers at core registerstion time. Update existing cores. Signed-off-by: Max Filippov <jcmvbkbc@xxxxxxxxx> commit ddd44279fdbc545a9182cb642645af8a4672c267 Author: Max Filippov <jcmvbkbc@xxxxxxxxx> Date: Mon Jun 29 10:50:03 2015 +0300 target-xtensa: add 64-bit floating point registers Xtensa ISA got specification for 64-bit floating point registers and opcodes, see ISA, 4.3.11 "Floating point coprocessor option". Add 64-bit FP registers. Although 64-bit floating point is currently not supported by xtensa translator, these registers need to be reported to gdb with proper size, otherwise it wouldn't find other registers. Signed-off-by: Max Filippov <jcmvbkbc@xxxxxxxxx> commit 261ccf426a6df854ba398be92413476919dd67f9 Merge: f50a164 257621a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 6 11:04:54 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150706' into staging target-arm queue: * TLBI ALLEI1IS should operate on all CPUs, not just this one * Fix interval interrupt of cadence ttc in decrement mode * Implement YIELD insn to yield in ARM and Thumb translators * ARM GIC: reset all registers * arm_mptimer: fix timer shutdown and mode change * arm_mptimer: respect IT bit state # gpg: Signature made Mon Jul 6 10:58:27 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150706: arm_mptimer: Respect IT bit state arm_mptimer: Fix timer shutdown and mode change hw/intc/arm_gic_common.c: Reset all registers target-arm: Implement YIELD insn to yield in ARM and Thumb translators target-arm: Split DISAS_YIELD from DISAS_WFE Fix interval interrupt of cadence ttc when timer is in decrement mode target-arm: fix write helper for TLBI ALLE1IS Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 257621a9566054472d1d55a819880d0f9da02bda Author: Dmitry Osipenko <digetx@xxxxxxxxx> Date: Mon Jul 6 04:27:12 2015 +0300 arm_mptimer: Respect IT bit state The timer should fire the interrupt only if the IT (interrupt enable) bit state of the control register is enabled. Signed-off-by: Dmitry Osipenko <digetx@xxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8a52340cbaf60d4dd0a78bbfe12632639fe3da6d Author: Dmitry Osipenko <digetx@xxxxxxxxx> Date: Mon Jul 6 01:47:47 2015 +0300 arm_mptimer: Fix timer shutdown and mode change The running timer can't be stopped because timer control code just doesn't handle disabling the timer. Fix it by deleting the timer if the enable bit is cleared. The timer won't start periodic ticking if a ONE-SHOT -> PERIODIC mode change happens after a one-shot tick was completed. Fix it by re-starting ticking if the timer isn't ticking right now. To avoid code churning, these two fixes are squashed in one commit. Signed-off-by: Dmitry Osipenko <digetx@xxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 12dc273e98e4e111880b25c12bf671dc8951b8e6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 29 19:25:45 2015 +0100 hw/intc/arm_gic_common.c: Reset all registers The arm_gic_common reset function was missing reset code for several of the GIC's state fields: * bpr[] * abpr[] * priority1[] * priority2[] * sgi_pending[] * irq_target[] (SMP configurations only) These probably went unnoticed because most guests will either never touch them, or will write to them in the process of configuring the GIC before enabling interrupts. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1435602345-32210-1-git-send-email-peter.maydell@xxxxxxxxxx Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit c87e5a61c2b3024116f52f7e68273f864ff7ab82 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 6 10:05:44 2015 +0100 target-arm: Implement YIELD insn to yield in ARM and Thumb translators Implement the YIELD instruction in the ARM and Thumb translators to actually yield control back to the top level loop rather than being a simple no-op. (We already do this for A64.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1435672316-3311-3-git-send-email-peter.maydell@xxxxxxxxxx commit 049e24a191c212d9468db84169197887f2c91586 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jul 6 10:05:44 2015 +0100 target-arm: Split DISAS_YIELD from DISAS_WFE Currently we use DISAS_WFE for both WFE and YIELD instructions. This is functionally correct because at the moment both of them are implemented as "yield this CPU back to the top level loop so another CPU has a chance to run". However it's rather confusing that YIELD ends up calling HELPER(wfe), and if we ever want to implement real behaviour for WFE and SEV it's likely to trip us up. Split out the yield codepath to use DISAS_YIELD and a new HELPER(yield) function, and have HELPER(wfe) call HELPER(yield). Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1435672316-3311-2-git-send-email-peter.maydell@xxxxxxxxxx Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> commit a7ffaf5c96e26820edffa94eeac766fe60bfdd31 Author: Johannes Schlatow <schlatow@xxxxxxxxxxxxxxxx> Date: Mon Jul 6 10:05:44 2015 +0100 Fix interval interrupt of cadence ttc when timer is in decrement mode The interval interrupt is not set if the timer is in decrement mode. This is because x >=0 and x < interval after leaving the while-loop. Signed-off-by: Johannes Schlatow <schlatow@xxxxxxxxxxxxxxxx> Message-id: 20150630135821.51f3b4fd@johanness-latitude Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2a6332d968297266dbabf9d33f959e3a5efdd0f9 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Mon Jul 6 10:05:43 2015 +0100 target-arm: fix write helper for TLBI ALLE1IS TLBI ALLE1IS is an operation that does invalidate TLB entries on all PEs in the same Inner Sharable domain, not just on the current CPU. So we must use tlbiall_is_write() here. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1435676538-31345-1-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f50a1640fb82708a5d528dee1ace42a224b95b15 Merge: 63a9294 7c649ac Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Jul 5 20:35:47 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Sat Jul 4 07:06:08 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/ide-pull-request: (35 commits) ahci: fix sdb fis semantics qtest/ahci: halted ncq migration test ahci: Do not map cmd_fis to generate response ahci: ncq migration ahci: add get_cmd_header helper ahci: add cmd header to ncq transfer state qtest/ahci: halted NCQ test ahci: correct ncq sector count ahci: correct types in NCQTransferState ahci: add rwerror=stop support for ncq ahci: factor ncq_finish out of ncq_cb ahci: refactor process_ncq_command ahci: assert is_ncq for process_ncq ahci: stash ncq command ide: add limit to .prepare_buf() qtest/ahci: ncq migration test qtest/ahci: simple ncq data test libqos/ahci: Force all NCQ commands to be LBA48 libqos/ahci: set the NCQ tag on command_commit libqos/ahci: adjust expected NCQ interrupts ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 63a9294ddc9cf4f2bdcd0179324fedcbb6fae59f Merge: 3536064 e75e2a1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Jul 5 19:33:51 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging NUMA queue, 2015-07-03 # gpg: Signature made Fri Jul 3 21:49:58 2015 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/numa-pull-request: numa: API to lookup NUMA node by address numa: Store boot memory address range in node_info numa,pc-dimm: Store pc-dimm memory information in numa_info pc: Abort if HotplugHandlerClass::plug() fails pc,pc-dimm: Factor out reusable parts in pc_dimm_plug to a separate routine pc,pc-dimm: Extract hotplug related fields in PCMachineState to a structure Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7c649ac5b607e2339fb54fc0fc01311ba5eacadd Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 ahci: fix sdb fis semantics There are two things to fix here: The first one is subtle: the PxSACT register in the AHCI HBA has different semantics from the field it is shadowing, the ACT field in the Set Device Bits FIS. In the HBA register, PxSACT acts as a bitfield indicating outstanding NCQ commands where a set bit indicates a pending NCQ operation. The FIS field however operates as an RWC register update to PxSACT, where a set bit indicates a *successfully* completed command. Correct the FIS semantics. At the same time, move the "clear finished" action to the SDB FIS generation instead of the register read to mimick how the other shadow registers work, which always just report the last reported value from a FIS, and not the most current values which may not have been reported by a FIS yet. Lastly and more simply, SATA 3.2 section 13.6.4.2 (and later sections) all specify that the Interrupt bit for the SDB FIS should always be set to one for NCQ commands. That's currently the only time we generate this FIS, so set it on all the time. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-16-git-send-email-jsnow@xxxxxxxxxx commit 8146d7dc2756138bd4011e8d882ead929f25f2d0 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 qtest/ahci: halted ncq migration test Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-15-git-send-email-jsnow@xxxxxxxxxx commit dd6282217d8fee36e3854eab2635bec9cc5d5236 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 ahci: Do not map cmd_fis to generate response The Register D2H FIS should copy the current values of the registers instead of just parroting back the same values the guest sent back to it. In this case, the SECTOR COUNT variables are actually not generally meaningful in terms of standard commands (See ATA8-AC3 Section 9.2 Normal Outputs), so it actually probably doesn't matter what we put in here. Meanwhile, we do need to use the Register update FIS from the NCQ pathways (in error cases), so getting rid of references to cur_cmd here is a win for AHCI concurrency. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-14-git-send-email-jsnow@xxxxxxxxxx commit 684d50132fdd68f4c2cba9e65b50f9b8ef4c5164 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 ahci: ncq migration Migrate the NCQ queue. This is solely for the benefit of halted commands, since anything else should have completed and had any relevant status flushed to the HBA registers already. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-13-git-send-email-jsnow@xxxxxxxxxx commit ee364416c1b5ed1adc779ca7197451a131666236 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 ahci: add get_cmd_header helper cur_cmd is an internal bookmark that points to the current AHCI Command Header being processed by the AHCI state machine. With NCQ needing to occasionally rely on some of the same AHCI helpers, we cannot use cur_cmd and will need to grab explicit pointers instead. In an attempt to begin relying on the cur_cmd pointer less, add a helper to let us specifically get the pointer to the command header of particular interest. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-12-git-send-email-jsnow@xxxxxxxxxx commit c82bd3c893825fc76af3634f5461f5eabd94e9df Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 ahci: add cmd header to ncq transfer state While the rest of the AHCI device can rely on a single bookmarked pointer for the AHCI Command Header currently being processed, NCQ is asynchronous and may have many commands in flight simultaneously. Add a cmdh pointer to the ncq_tfs object and make the sglist prepare function take an AHCICmdHeader pointer so we can be explicit about where we'd like to build SGlists from. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-11-git-send-email-jsnow@xxxxxxxxxx commit 7f6cf5ee1236d94fc25830a47438e57aa294d9fe Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 qtest/ahci: halted NCQ test Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-10-git-send-email-jsnow@xxxxxxxxxx commit e08a98357b5811e7933ff077f6da4b85175caf8a Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 ahci: correct ncq sector count uint16_t isn't enough to hold the real sector count, since a value of zero implies a full 64K sectors, so we need a uint32_t here. We *could* cheat and pretend that this value is 0-based and fit it in a uint16_t, but I'd rather waste 2 bytes instead of a future dev's 10 minutes when they forget to +1/-1 accordingly somewhere. See SATA 3.2, section 13.6.4.1 "READ FPDMA QUEUED". Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-9-git-send-email-jsnow@xxxxxxxxxx commit 9364384de0e3b8a5bdea67ba49bee9ea7f1b8f26 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:05 2015 -0400 ahci: correct types in NCQTransferState Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-8-git-send-email-jsnow@xxxxxxxxxx commit 7c03a691077e71a08bbca06568cd97f09537458c Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 ahci: add rwerror=stop support for ncq Handle NCQ failures for cases where we want to halt the VM on IO errors. Upon a VM state change, retry the halted NCQ commands. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-7-git-send-email-jsnow@xxxxxxxxxx commit 54f3223730736fca1e6e89bb7f99c4f8432fdabb Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 ahci: factor ncq_finish out of ncq_cb When we add werror=stop or rerror=stop support to NCQ, we'll want to take a codepath where we don't actually complete the command, so factor that out into a new routine. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-6-git-send-email-jsnow@xxxxxxxxxx commit 631ddc22cbb401f2777dc8b117196f0988df4eea Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 ahci: refactor process_ncq_command Split off execute_ncq_command so that we can call it separately later if we desire. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-5-git-send-email-jsnow@xxxxxxxxxx commit 922f893e57da24bc80db3e79bea56485d1c111fa Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 ahci: assert is_ncq for process_ncq We already checked this in the handle_cmd phase, so just change this to an assertion and simplify the error logic. (Also, fix the switch indent, because checkpatch.pl yelled.) ((Sorry for churn.)) Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-4-git-send-email-jsnow@xxxxxxxxxx commit 4614619ee4ad96d2715dc41f9430fb43335c15d2 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 ahci: stash ncq command For migration and werror=stop/rerror=stop resume purposes, it will be convenient to have the command handy inside of ncq_tfs. Eventually, we'd like to avoid reading from the FIS entirely after the initial read, so this is a byte (hah!) sized step in that direction. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-3-git-send-email-jsnow@xxxxxxxxxx commit a718978ed58abc1ad92567a9c17525136be02a71 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 ide: add limit to .prepare_buf() prepare_buf should not always grab as many descriptors as it can, sometimes it should self-limit. For example, an NCQ transfer of 1 sector with a PRDT that describes 4GiB of data should not copy 4GiB of data, it should just transfer that first 512 bytes. PIO is not affected, because the dma_buf_rw dma helpers already have a byte limit built-in to them, but DMA/NCQ will exhaust the entire list regardless of requested size. AHCI 1.3 specifies in section 6.1.6 Command List Underflow that NCQ is not required to detect underflow conditions. Non-NCQ pathways signal underflow by writing to the PRDBC field, which will already occur by writing the actual transferred byte count to the PRDBC, signaling the underflow. Our NCQ pathways aren't required to detect underflow, but since our DMA backend uses the size of the PRDT to determine the size of the transer, if our PRDT is bigger than the transaction (the underflow condition) it doesn't cost us anything to detect it and truncate the PRDT. This is a recoverable error and is not signaled to the guest, in either NCQ or normal DMA cases. For BMDMA, the existing pathways should see no guest-visible difference, but any bytes described in the overage will no longer be transferred before indicating to the guest that there was an underflow. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435767578-32743-2-git-send-email-jsnow@xxxxxxxxxx commit 07a1ee7958cc3433706ab0d3a07c42fdd9d98fe6 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 qtest/ahci: ncq migration test Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-17-git-send-email-jsnow@xxxxxxxxxx commit 26ad004585835e7c126bb94fd5161db1c60169f3 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 qtest/ahci: simple ncq data test Test the NCQ pathways for a simple IO RW test. Also, test that libqos doesn't explode when running NCQ commands :) Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-16-git-send-email-jsnow@xxxxxxxxxx commit e38cc93aca5d40a58e65bb0dfa23eaf3290bbf76 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 libqos/ahci: Force all NCQ commands to be LBA48 NCQ commands are LBA48 by definition. See SATA 3.2 13.6.4.1 "READ FPDMA QUEUED", or SATA 3.2 13.6.5.1 "WRITE FPDMA QUEUED." Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-15-git-send-email-jsnow@xxxxxxxxxx commit a8973ff50a04f96c3ce5c803c8fd3ec16ed8d6c5 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 libqos/ahci: set the NCQ tag on command_commit NCQ commands have the concept of a "TAG" that they need to set, but in the AHCI world, it is mandated that the TAG always match the command slot that you executed the NCQ from. See AHCI 9.3.1.1.5.2 "Native Queued Commands". Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-14-git-send-email-jsnow@xxxxxxxxxx commit 359790c2542a8c4da3d4c8fb626ca2675a417d51 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:04 2015 -0400 libqos/ahci: adjust expected NCQ interrupts NCQ commands will expect the SDBS interrupt, and in the normative case, do not expect to see a D2H Register FIS unless something went wrong. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-13-git-send-email-jsnow@xxxxxxxxxx commit 4de484698bdda6c5e093dfbe4368cdb364fdf87f Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 libqos/ahci: edit wait to be ncq aware The wait command should check to make sure SACT is clear as well as the Command Issue register. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-12-git-send-email-jsnow@xxxxxxxxxx commit cb45304108ab733aaf2e4351e77cb6d07ac88fd5 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 libqos/ahci: add NCQ frame support NCQ frames are generated a little differently than their non-NCQ cousins. Add support for them. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-11-git-send-email-jsnow@xxxxxxxxxx commit 40d29928caa6db154182f5314f497020f81e640e Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 libqos/ahci: fix cmd_sanity for ncq NCQ commands should not / do not update the byte count in the command header post command, so this field is meaningless for NCQ tests. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-10-git-send-email-jsnow@xxxxxxxxxx commit 34475239b8f1fff0b715cb20f8b534b9d07a897e Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 ahci/qtest: Execute IDENTIFY prior to data commands If you try to execute an NCQ command before trying to engage with the device by issuing an IDENTIFY command, the error bits that are part of the signature will fool the test suite into thinking there was a failure. Issue IDENTIFY first on "boot", which will clear the signature out of the registers for us. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-9-git-send-email-jsnow@xxxxxxxxxx commit 0437d32ae232af37d3b94064a563eb51d4eedd62 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 ahci: ncq sector count correction This value should not be size-corrected, 0 sectors does not imply 1 sector(s). This is just debug information, but it's misleading! Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-8-git-send-email-jsnow@xxxxxxxxxx commit 5d5f89212f19e3d7d3da1328137ca9e33eead7bf Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 ahci: add ncq debug checks Most of the time, these bits can be safely ignored. For the purposes of debugging however, it's nice to know that they're not being used. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-7-git-send-email-jsnow@xxxxxxxxxx commit d56f4d6965ebcf8f3c496845c286e3a66496fdff Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 ahci: separate prdtl from opts There's no real reason to have it bundled together, and this way is a little nicer to follow if you have the AHCI spec pulled up. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-6-git-send-email-jsnow@xxxxxxxxxx commit 3bcbe4aa803c1a41e5392ecac7b4fc3c99a42f89 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 ahci: check for ncq prdtl overflow Don't attempt the NCQ transfer if the PRDT we were given is not big enough to perform the entire transfer. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-5-git-send-email-jsnow@xxxxxxxxxx commit a55c8231d04e3023bc5c3da9290f01e7d6989a94 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 ahci: add ncq_err helper Set some appropriate error bits for NCQ for us. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-4-git-send-email-jsnow@xxxxxxxxxx commit b6fe41fa6dbdf7b92b76cd4848ef442de18e03d3 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 ahci: use shorter variables Trivial cleanup that I didn't want to tack-on to anything else. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-3-git-send-email-jsnow@xxxxxxxxxx commit 7763ed1506a9ffe74a80332182cc4f229251f998 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:03 2015 -0400 ahci: Rename NCQFIS structure fields Several fields of the NCQFIS structure are ambiguously named. This patch clarifies the intended (if unsupported) usage of the NCQ fields to aid in creating more meaningful debug messages through the NCQ codepaths. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435016308-6150-2-git-send-email-jsnow@xxxxxxxxxx commit d31a3ebc28bf401cc5cce43f36068697d670c3f9 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:02 2015 -0400 qtest/ahci: add port_reset test Test that we can survive a couple of cycles of running a basic identify test, some IO, and resetting the HBA. Ensures that we can bring the HBA back to compliant spec during the lifecycle of the VM. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1434470575-21625-5-git-send-email-jsnow@xxxxxxxxxx commit 95ea663693fdf4f39976f9aadb004fc77c2058ee Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:02 2015 -0400 libqos/ahci: fix memory management bugs There's a handful of trivial bugs in the libqos/ahci functions, squish them together. - Zero cached pointers after freeing them - The Command List Buffer is an array of 32x 32 byte structures, not 32x 8 byte pointers -- it's 1MiB, not 256 bytes. Zero it ALL. - Free the correct command in ahci_pick_cmd. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1434470575-21625-4-git-send-email-jsnow@xxxxxxxxxx commit 0d3e9d1f598e803a02c9bf43ec0b053e873ca79a Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:02 2015 -0400 qtest/ahci: add test_max Test that the FIS delivered after a nondata command has appropriately updated registers, just as we'd expect a data command to do. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1434470575-21625-3-git-send-email-jsnow@xxxxxxxxxx commit e9ebb2f76778d19227476e34c3d7aa6b8975c1b6 Author: John Snow <jsnow@xxxxxxxxxx> Date: Sat Jul 4 02:06:02 2015 -0400 ahci: Do not ignore memory access read size The only guidance the AHCI specification gives on memory access is: "Register accesses shall have a maximum size of 64-bits; 64-bit access must not cross an 8-byte alignment boundary." I interpret this to mean that aligned or unaligned 1, 2 and 4 byte accesses should work, as well as aligned 8 byte accesses. In practice, a real Q35/ICH9 responds to 1, 2, 4 and 8 byte reads regardless of alignment. Windows 7 can be observed making 1 byte reads to the middle of 32 bit registers to fetch error codes. Introduce a wrapper to support unaligned accesses to AHCI. This wrapper will support aligned 8 byte reads, but will make no effort to support unaligned 8 byte reads, which although they will work on real hardware, are not guaranteed to work and do not appear to be used by either Windows or Linux. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1434470575-21625-2-git-send-email-jsnow@xxxxxxxxxx commit e75e2a14d5c13ad38dcf72b69922dee2dafbb0d0 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 13:50:27 2015 +0530 numa: API to lookup NUMA node by address Introduce an API numa_get_node(ram_addr_t addr, Error **errp) that returns the NUMA node to which the given address belongs to. This API works uniformly for both boot time as well as hotplugged memory. This API is needed by sPAPR PowerPC to support ibm,dynamic-reconfiguration-memory device tree node which is needed for memory hotplug. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Tested-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit abafabd8c982e875d60a10d37f0b91cff1003c55 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 13:50:26 2015 +0530 numa: Store boot memory address range in node_info Store memory address range information of boot memory in address range list of numa_info. This helps to have a common NUMA node lookup by address function that works for both boot-time memory and hotplugged memory. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Tested-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit fa9ea81d15d459f6c4a39d77ae680af94cebd65e Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 13:50:25 2015 +0530 numa,pc-dimm: Store pc-dimm memory information in numa_info Start storing the (start_addr, end_addr) of the pc-dimm memory in corresponding numa_info[node] so that this information can be used to lookup node by address. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Tested-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 8e23184b6b2f8426041854b18fb56a3ff197d5a0 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 13:50:24 2015 +0530 pc: Abort if HotplugHandlerClass::plug() fails HotplugHandlerClass::plug() shouldn't fail and hence use error_abort to abort if it fails. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Tested-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 43bbb49ef7032a8bfdafbd02d0286512af161089 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 13:50:23 2015 +0530 pc,pc-dimm: Factor out reusable parts in pc_dimm_plug to a separate routine pc_dimm_plug() has code that will be needed for memory plug handlers in other archs too. Extract code from pc_dimm_plug() into a generic routine pc_dimm_memory_plug() that resides in pc-dimm.c. Also correspondingly refactor re-usable unplug code into pc_dimm_memory_unplug(). Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Tested-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit a7d69ff10b085ba6f8236600829532984cdea714 Author: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 29 13:50:22 2015 +0530 pc,pc-dimm: Extract hotplug related fields in PCMachineState to a structure Move hotplug_memory_base and hotplug_memory fields of PCMachineState into a separate structure so that the same can be made use of from other architectures supporing memory hotplug. Signed-off-by: Bharata B Rao <bharata@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Tested-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 35360642d043c2a5366e8a04a10e5545e7353bd5 Merge: 5317b0f 496eaca Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jul 3 12:05:31 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20150703-1' into staging virtio-input: add input routing support, update multiseat docs. # gpg: Signature made Fri Jul 3 11:22:33 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-input-20150703-1: update pci-bridge-seat section in docs/multiseat.txt virtio-input: add input routing support Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 496eacaa67653023540e090fb70b7caba429bbc0 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jul 1 10:59:47 2015 +0200 update pci-bridge-seat section in docs/multiseat.txt Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 5cce173323cfe1bb22f7a10f9b73ac7796909cef Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jun 24 11:59:16 2015 +0200 virtio-input: add input routing support Add display and head properties for input routing to virtio-input devices, update multiseat documentation. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 5317b0f6d4bb581c5c8f88f31138ee301ad2b7e5 Merge: 6686ce3 c4d3c0a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 2 15:20:55 2015 +0100 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20150702-v3' into staging Several s390x patches including: - missing virtio-1 related code for virtio-ccw - bugfixes in ipl device, gdb, virtio-ccw - bugfix in s390-ccw bios + rebuild - introduce versioned machines for s390-ccw-virtio # gpg: Signature made Thu Jul 2 15:05:34 2015 BST using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20150702-v3: s390x/migration: Introduce 2.4 machine s390x/gdb: synchronize cpu state after modifying acrs s390x/ipl: Fix boot if no bootindex was specified virtio-ccw: migrate ->revision s390x/virtio-ccw: support virtio-1 set_vq format s390x/virtio-ccw: add virtio set-revision call s390x/css: Add a callback for when subchannel gets disabled s390-ccw.img: update s390-ccw.img: Consume service interrupts css: mss/mcss-e vs. migration virtio-ccw: complete handling of guest-initiated resets Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c4d3c0a2696c09a884b680d15b03325e46656a6c Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Wed Jul 1 11:16:57 2015 +0200 s390x/migration: Introduce 2.4 machine The section footer changes commit f68945d42bab ("Add a protective section footer") and commit 37fb569c0198 ("Disable section footers on older machine types") broke migration for any non-versioned machines. This pinpoints a problem of s390-ccw machines: it needs to be versioned to be compatible with future changes in common code data structures such as section footers. Let's introduce a version scheme for s390-ccw-virtio machines. We will use the old s390-ccw-virtio name as alias to the latest version as all existing libvirt XML for the ccw type were expanded by libvirt to that name. The only downside of this patch is, that the old alias s390-ccw will no longer be available as machines can have only one alias, but it should not really matter. Cc: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Cc: Juan Quintela <quintela@xxxxxxxxxx> Cc: Boris Fiuczynski <fiuczy@xxxxxxxxxxxxxxxxxx> Cc: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Message-Id: <1435742217-62246-1-git-send-email-borntraeger@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 55b1b753dff022dcc95123bed35946b4977d31fa Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Tue Jun 23 09:10:51 2015 +0200 s390x/gdb: synchronize cpu state after modifying acrs Whenever we touch the access control registers, we have to make sure that the values will make it into kvm. Otherwise the change will simply be lost. When synchronizing qemu and kvm, a normal KVM_PUT_RUNTIME_STATE does not take care of these registers. Let's simply trigger a KVM_PUT_FULL_STATE sync, so the values will directly be written to kvm. The performance overhead can be ignored and this is much cleaner than manually writing these registers to kvm via our two supported ways. Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 6efd2c2a125b4369b8def585b0dac35c849b5eb3 Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Thu Jun 18 16:37:39 2015 +0200 s390x/ipl: Fix boot if no bootindex was specified commit fa92e218df1d ("s390x/ipl: avoid sign extension") introduced a regression: qemu-system-s390x -drive file=image.qcow,format=qcow2 does not boot, the bios states "No virtio-blk device found!" adding bootindex=1 does boot. The reason is that the uint32_t as return value will not do the right thing for the return -1 (default without bootindex). The bios itself, will interpret a 64bit -1 as autodetect (but it will interpret 32bit -1 as ccw device address ff.ff.ffff) Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx # v2.3.0 Tested-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 213941d73baf8ba7ec5381c8402fed7925d613d4 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 25 12:20:08 2015 +0200 virtio-ccw: migrate ->revision We need to migrate the revision field as well. No compatibility concerns as we already introduced migration of ->config_vector in this release. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 0db87e0d1763d3fb4039c2cffb0f3264da88ab30 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Dec 11 14:25:13 2014 +0100 s390x/virtio-ccw: support virtio-1 set_vq format Support the new CCW_CMD_SET_VQ format for virtio-1 devices. While we're at it, refactor the code a bit and enforce big endian fields (which had always been required, even for legacy). Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c42767f2bbd18d4ec895395c01c64bbec16b5b84 Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Thu Dec 11 14:25:12 2014 +0100 s390x/virtio-ccw: add virtio set-revision call Handle the virtio-ccw revision according to what the guest sets. When revision 1 is selected, we have a virtio-1 standard device with byteswapping for the virtio rings. When a channel gets disabled, we have to revert to the legacy behavior in case the next user of the device does not negotiate the revision 1 anymore (e.g. the boot firmware uses revision 1, but the operating system only uses the legacy mode). Note that revisions > 0 are still disabled. [CH: assure memory accesses are always BE] Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 6686ce3f1628f045035d58db8890d20705fd5c34 Merge: d2966f8 764ba3a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jul 2 10:44:34 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Thu Jul 2 10:10:39 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: block: remove redundant check before g_slist_find() block/nfs: limit maximum readahead size to 1MB block/iscsi: restore compatiblity with libiscsi 1.9.0 iotests: Use event_wait in wait_ready qemu-iotests: Add test case for mirror with unmap qemu-iotests: Make block job methods common block: Remove bdrv_reset_dirty block: Fix dirty bitmap in bdrv_co_discard mirror: Do zero write on target if sectors not allocated qmp: Add optional bool "unmap" to drive-mirror block: Add bdrv_get_block_status_above timer: Use a single definition of NSEC_PER_SEC for the whole codebase timer: Move NANOSECONDS_PER_SECONDS to timer.h blockdev: no need to drain+flush in hmp_drive_del qapi: Rename 'dirty-bitmap' mode to 'incremental' qcow2: Handle EAGAIN returned from update_refcount block/iscsi: add support for request timeouts Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 764ba3ae511adddfa750db290ac8375d660ca5b9 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 29 16:12:13 2015 +0300 block: remove redundant check before g_slist_find() An empty GSList is represented by a NULL pointer, therefore it's a perfectly valid argument for g_slist_find() and there's no need to make any additional check. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1435583533-5758-1-git-send-email-berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 29c838cdc96c4d117f00c75bbcb941e1be9590fb Author: Peter Lieven <pl@xxxxxxx> Date: Fri Jun 26 13:14:01 2015 +0200 block/nfs: limit maximum readahead size to 1MB a malicious caller could otherwise specify a very large value via the URI and force libnfs to allocate a large amount of memory for the readahead buffer. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1435317241-25585-1-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 9049736ec70fdc886ac0df521fdd8b2886b2cb63 Author: Peter Lieven <pl@xxxxxxx> Date: Fri Jun 26 12:18:01 2015 +0200 block/iscsi: restore compatiblity with libiscsi 1.9.0 RHEL7 and others are stuck with libiscsi 1.9.0 since there unfortunately was an ABI breakage after that release. Signed-off-by: Peter Lieven <pl@xxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1435313881-19366-1-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d7b25297920d18fa2a2cde1ed21fde38a88c935f Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jun 8 13:56:14 2015 +0800 iotests: Use event_wait in wait_ready Only poll the specific type of event we are interested in, to avoid stealing events that should be consumed by someone else. Suggested-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c615091793f53ff33b8f6c1b1ba711cf7c93e97b Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jun 8 13:56:13 2015 +0800 qemu-iotests: Add test case for mirror with unmap This checks that the discard on mirror source that effectively zeroes data is also reflected by the data of target. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 866323f39d5c7bb053f5e5bf753908ad9f5abec7 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jun 8 13:56:12 2015 +0800 qemu-iotests: Make block job methods common Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6e82e4bce127654b2dd42ef393587775be792334 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jun 8 13:56:11 2015 +0800 block: Remove bdrv_reset_dirty Using this function would always be wrong because a dirty bitmap must have a specific owner that consumes the dirty bits and calls bdrv_reset_dirty_bitmap(). Remove the unused function to avoid future misuse. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 508249952c0ea7472c62e17bf8132295dab4912d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jun 8 13:56:10 2015 +0800 block: Fix dirty bitmap in bdrv_co_discard Unsetting dirty globally with discard is not very correct. The discard may zero out sectors (depending on can_write_zeroes_with_unmap), we should replicate this change to destination side to make sure that the guest sees the same data. Calling bdrv_reset_dirty also troubles mirror job because the hbitmap iterator doesn't expect unsetting of bits after current position. So let's do it the opposite way which fixes both problems: set the dirty bits if we are to discard it. Reported-by: wangxiaolong@xxxxxxxxx Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit dcfb3beb5130694b76b57de109619fcbf9c7e5b5 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jun 8 13:56:09 2015 +0800 mirror: Do zero write on target if sectors not allocated If guest discards a source cluster, mirroring with bdrv_aio_readv is overkill. Some protocols do zero upon discard, where it's best to use bdrv_aio_write_zeroes, otherwise, bdrv_aio_discard will be enough. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 0fc9f8ea2800b76eaea20a8a3a91fbeeb4bfa81b Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jun 8 13:56:08 2015 +0800 qmp: Add optional bool "unmap" to drive-mirror If specified as "true", it allows discarding on target sectors where source is not allocated. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit ba3f0e2545c365ebe1dbddb0e53058710d41881e Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Jun 8 13:56:07 2015 +0800 block: Add bdrv_get_block_status_above Like bdrv_is_allocated_above, this function follows the backing chain until seeing BDRV_BLOCK_ALLOCATED. Base is not included. Reimplement bdrv_is_allocated on top. [Initialized bdrv_co_get_block_status_above() ret to 0 to silence mingw64 compiler warning about the unitialized variable. assert(bs != base) prevents that case but I suppose the program could be compiled with -DNDEBUG. --Stefan] Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e0cf11f31c24cfb17f44ed46c254d84c78e7f6e9 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Fri Jun 12 16:01:30 2015 +0300 timer: Use a single definition of NSEC_PER_SEC for the whole codebase Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: c6e55468856ba0b8f95913c4da111cc0ef266541.1434113783.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 471fae3c98d4f44b1957eb09d51ace440c585a20 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Fri Jun 12 16:01:29 2015 +0300 timer: Move NANOSECONDS_PER_SECONDS to timer.h We want to be able to reuse this define by making it common to multiple QEMU modules. This also makes it an integer since there's no need for it to be a float. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 6375912849da2ab561046dd013684535ccecca44.1434113783.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 126b8bbdfe8bc4042f13f230a4b36f90646f47c6 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu May 28 16:17:09 2015 +0200 blockdev: no need to drain+flush in hmp_drive_del bdrv_close already does that, and in fact hmp_drive_del would need another drain after the flush (which bdrv_close does). So remove the duplication. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1432822629-25401-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 4b80ab2b7d950d5b22647b364e37eb81c756f061 Author: John Snow <jsnow@xxxxxxxxxx> Date: Thu Jun 4 20:20:34 2015 -0400 qapi: Rename 'dirty-bitmap' mode to 'incremental' If we wish to make differential backups a feature that's easy to access, it might be pertinent to rename the "dirty-bitmap" mode to "incremental" to make it clear what /type/ of backup the dirty-bitmap is helping us perform. This is an API breaking change, but 2.4 has not yet gone live, so we have this flexibility. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1433463642-21840-2-git-send-email-jsnow@xxxxxxxxxx Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 3e5feb6202149e8a963a33b911216e40d790f1d7 Author: JindÅ?ich MakoviÄ?ka <makovick@xxxxxxxxx> Date: Wed Jun 24 07:05:25 2015 +0200 qcow2: Handle EAGAIN returned from update_refcount Fixes a crash during image compression Signed-off-by: JindÅ?ich MakoviÄ?ka <makovick@xxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5dd7a535b71a0f2f8e7af75c5d694174359ce323 Author: Peter Lieven <pl@xxxxxxx> Date: Tue Jun 16 13:45:07 2015 +0200 block/iscsi: add support for request timeouts libiscsi starting with 1.15 will properly support timeout of iscsi commands. The default will remain no timeout, but this can be changed via cmdline parameters, e.g.: qemu -iscsi timeout=30 -drive file=iscsi://... If a timeout occurs a reconnect is scheduled and the timed out command will be requeued for processing after a successful reconnect. The required API call iscsi_set_timeout is present since libiscsi 1.10 which was released in October 2013. However, due to some bugs in the libiscsi code the use is not recommended before version 1.15. Please note that this patch bumps the libiscsi requirement to 1.10 to have all function and macros defined. The patch fixes also a off-by-one error in the NOP timeout calculation which was fixed while touching these code parts. Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1434455107-19328-1-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit de7ea885c5394c1fba7443cbf33bd2745d32e6c2 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:47:26 2015 +0200 kvm: Switch to unlocked MMIO Do not take the BQL before dispatching MMIO requests of KVM VCPUs. Instead, address_space_rw will do it if necessary. This enables completely BQL-free MMIO handling in KVM mode for upcoming devices with fine-grained locking. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1434646046-27150-10-git-send-email-pbonzini@xxxxxxxxxx> commit 7070e085d490c396f9237c8f10bf8b6e69cd0066 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:47:25 2015 +0200 acpi: mark PMTIMER as unlocked Accessing QEMU_CLOCK_VIRTUAL is thread-safe. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1434646046-27150-9-git-send-email-pbonzini@xxxxxxxxxx> commit 80b7d2efb63c225797345c152cdd3392b9fe7b72 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Thu Jun 18 18:47:24 2015 +0200 kvm: Switch to unlocked PIO Do not take the BQL before dispatching PIO requests of KVM VCPUs. Instead, address_space_rw will do it if necessary. This enables completely BQL-free PIO handling in KVM mode for upcoming devices with fine-grained locking. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1434646046-27150-8-git-send-email-pbonzini@xxxxxxxxxx> commit 4b8523ee896750c37b4fa224a40d34703cbdf4c6 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Thu Jun 18 18:47:23 2015 +0200 kvm: First step to push iothread lock out of inner run loop This opens the path to get rid of the iothread lock on vmexits in KVM mode. On x86, the in-kernel irqchips has to be used because we otherwise need to synchronize APIC and other per-cpu state accesses that could be changed concurrently. Regarding pre/post-run callbacks, s390x and ARM should be fine without specific locking as the callbacks are empty. MIPS and POWER require locking for the pre-run callback. For the handle_exit callback, it is non-empty in x86, POWER and s390. Some POWER cases could do without the locking, but it is left in place for now. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1434646046-27150-7-git-send-email-pbonzini@xxxxxxxxxx> commit 4840f10eff37eebc609fcc933ab985dc66df95c6 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Thu Jun 18 18:47:22 2015 +0200 memory: let address_space_rw/ld*/st* run outside the BQL The MMIO case is further broken up in two cases: if the caller does not hold the BQL on invocation, the unlocked one takes or avoids BQL depending on the locking strategy of the target memory region and its coalesced MMIO handling. In this case, the caller should not hold _any_ lock (a friendly suggestion which is disregarded by virtio-scsi-dataplane). Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Cc: Frederic Konrad <fred.konrad@xxxxxxxxxxxxx> Message-Id: <1434646046-27150-6-git-send-email-pbonzini@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 125b3806668106667dd2ae049593852859e12b63 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:47:21 2015 +0200 exec: pull qemu_flush_coalesced_mmio_buffer() into address_space_rw/ld*/st* As memory_region_read/write_accessor will now be run also without BQL held, we need to move coalesced MMIO flushing earlier in the dispatch process. Cc: Frederic Konrad <fred.konrad@xxxxxxxxxxxxx> Message-Id: <1434646046-27150-5-git-send-email-pbonzini@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 196ea13104f802c508e57180b2a0d2b3418989a3 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Thu Jun 18 18:47:20 2015 +0200 memory: Add global-locking property to memory regions This introduces the memory region property "global_locking". It is true by default. By setting it to false, a device model can request BQL-free dispatching of region accesses to its r/w handlers. The actual BQL break-up will be provided in a separate patch. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Cc: Frederic Konrad <fred.konrad@xxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1434646046-27150-4-git-send-email-pbonzini@xxxxxxxxxx> commit afbe70535ff1a8a7a32910cc15ebecc0ba92e7da Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:47:19 2015 +0200 main-loop: introduce qemu_mutex_iothread_locked This function will be used to avoid recursive locking of the iothread lock whenever address_space_rw/ld*/st* are called with the BQL held, which is almost always the case. Tracking whether the iothread is owned is very cheap (just use a TLS variable) but requires some care because now the lock must always be taken with qemu_mutex_lock_iothread(). Previously this wasn't the case. Outside TCG mode this is not a problem. In TCG mode, we need to be careful and avoid the "prod out of compiled code" step if already in a VCPU thread. This is easily done with a check on current_cpu, i.e. qemu_in_vcpu_thread(). Hopefully, multithreaded TCG will get rid of the whole logic to kick VCPUs whenever an I/O event occurs! Cc: Frederic Konrad <fred.konrad@xxxxxxxxxxxxx> Message-Id: <1434646046-27150-3-git-send-email-pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2e7f7a3c86f884a77296a137b7c730a4d580c5c9 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 18 18:47:18 2015 +0200 main-loop: use qemu_mutex_lock_iothread consistently The next patch will require the BQL to be always taken with qemu_mutex_lock_iothread(), while right now this isn't the case. Outside TCG mode this is not a problem. In TCG mode, we need to be careful and avoid the "prod out of compiled code" step if already in a VCPU thread. This is easily done with a check on current_cpu, i.e. qemu_in_vcpu_thread(). Hopefully, multithreaded TCG will get rid of the whole logic to kick VCPUs whenever an I/O event occurs! Cc: Frederic Konrad <fred.konrad@xxxxxxxxxxxxx> Message-Id: <1434646046-27150-2-git-send-email-pbonzini@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bdf026317daa3b9dfa281f29e96fbb6fd48394c8 Author: 马æ??é?? <kevinnma@xxxxxxxxxxx> Date: Wed Jul 1 15:41:41 2015 +0200 Fix irq route entries exceeding KVM_MAX_IRQ_ROUTES Last month, we experienced several guests crash(6cores-8cores), qemu logs display the following messages: qemu-system-x86_64: /build/qemu-2.1.2/kvm-all.c:976: kvm_irqchip_commit_routes: Assertion `ret == 0' failed. After analysis and verification, we can confirm it's irq-balance daemon(in guest) leads to the assertion failure. Start a 8 core guest with two disks, execute the following scripts will reproduce the BUG quickly: irq_affinity.sh ======================================================================== vda_irq_num=25 vdb_irq_num=27 while [ 1 ] do for irq in {1,2,4,8,10,20,40,80} do echo $irq > /proc/irq/$vda_irq_num/smp_affinity echo $irq > /proc/irq/$vdb_irq_num/smp_affinity dd if=/dev/vda of=/dev/zero bs=4K count=100 iflag=direct dd if=/dev/vdb of=/dev/zero bs=4K count=100 iflag=direct done done ======================================================================== QEMU setup static irq route entries in kvm_pc_setup_irq_routing(), PIC and IOAPIC share the first 15 GSI numbers, take up 23 GSI numbers, but take up 38 irq route entries. When change irq smp_affinity in guest, a dynamic route entry may be setup, the current logic is: if allocate GSI number succeeds, a new route entry can be added. The available dynamic GSI numbers is 1021(KVM_MAX_IRQ_ROUTES-23), but available irq route entries is only 986(KVM_MAX_IRQ_ROUTES-38), GSI numbers greater than route entries. irq-balance's behavior will eventually leads to total irq route entries exceed KVM_MAX_IRQ_ROUTES, ioctl(KVM_SET_GSI_ROUTING) fail and kvm_irqchip_commit_routes() trigger assertion failure. This patch fix the BUG. Signed-off-by: Wenshuang Ma <kevinnma@xxxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 62ac4a52e27c706c860403fd1d8535a9a1073a19 Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Thu Dec 11 14:25:11 2014 +0100 s390x/css: Add a callback for when subchannel gets disabled We need a possibility to run code when a subchannel gets disabled. This patch adds the necessary infrastructure. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 6e7cd94462d65405037c993fc4401d6fceed6660 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 25 13:48:58 2015 +0200 s390-ccw.img: update Update for "s390-ccw.img: Consume service interrupts". Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit bdc7fe3638fa7693eed5886b5b2afe0858d875fc Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Fri Jun 19 15:40:45 2015 +0200 s390-ccw.img: Consume service interrupts We have to consume the outstanding service interrupt after each service call, otherwise a correct implementation will return CC=2 on subsequent service calls. Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit ec7353a146bb39c3bb3e5ccc50ca585aed97b7cf Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Wed Jun 24 10:57:23 2015 +0200 css: mss/mcss-e vs. migration Our main channel_subsys structure is not a device (yet), but we need to setup mss/mcss-e again if the guest had enabled it before. Use a hack that should catch most configurations (assuming that the guest will have enabled at least one device in higher subchannel sets or channel subsystems if it enabled the functionality.) Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit fa8b0ca5d1b69975b715a259d3586cadf7a5280f Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Jun 23 15:46:31 2015 +0200 virtio-ccw: complete handling of guest-initiated resets For a guest-initiated reset, we need to not only reset the virtio device, but also reset the VirtioCcwDevice into a clean state. This includes resetting the indicators, or else a guest will not be able to e.g. switch from classic interrupts to adapter interrupts. Split off this routine into a new function virtio_ccw_reset_virtio() to make the distinction between resetting the virtio-related devices and the base subchannel device clear. CC: qemu-stable@xxxxxxxxxx Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit d2966f804d70a244f5dde395fc5d22a50ed3e74e Merge: 2b464e1 a435612 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 29 17:03:20 2015 +0100 Merge remote-tracking branch 'remotes/vivier/tags/pull-m68k-20150629' into staging Trivial m68k cleanup # gpg: Signature made Mon Jun 29 16:38:40 2015 BST using DSA key ID ABF36C53 # gpg: Good signature from "Laurent Vivier <laurent@xxxxxxxxx>" # gpg: aka "Laurent Vivier <Laurent@xxxxxxxxx>" # gpg: aka "Laurent Vivier <Laurent@xxxxxxxxxxxx>" # gpg: aka "Laurent Vivier (Red Hat) <lvivier@xxxxxxxxxx>" # gpg: aka "[jpeg image of size 3881]" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 9EC7 B78A C0AC E697 5E4B BDE3 34A4 F6C9 ABF3 6C53 * remotes/vivier/tags/pull-m68k-20150629: m68k: remove useless parameter op_size from gen_lea_indexed() m68k: remove useless file m68k-qreg.h m68k: is_mem is useless Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a435612616202c837d62626dbe3e33a4e9a95772 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Wed Jun 24 02:51:49 2015 +0200 m68k: remove useless parameter op_size from gen_lea_indexed() Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <huth@xxxxxxxxxxxxx> commit bb337ac978b6def085eabf17830d5cc2a1bce6a8 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Wed Jun 24 02:07:24 2015 +0200 m68k: remove useless file m68k-qreg.h Unused since: commit e1f3808e03f73e7a7fa966afbed2455dd052202e Author: pbrook <pbrook@c046a42c-6fe2-441c-8c8c-71466251a162> Date: Sat May 24 22:29:16 2008 +0000 Convert m68k target to TCG. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <huth@xxxxxxxxxxxxx> commit 805167adcb900fa7b2b114d639c418f5313d0b42 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Wed Jun 24 01:00:22 2015 +0200 m68k: is_mem is useless Remove is_mem as it is never tested anymore since: commit bfa50bc2638d877cf2900712b7503be22e8811cb Author: aliguori <aliguori@c046a42c-6fe2-441c-8c8c-71466251a162> Date: Tue Nov 18 20:26:41 2008 +0000 Remove premature memop TB terminations (Jan Kiszka) Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Reviewed-by: Thomas Huth <huth@xxxxxxxxxxxxx> commit 2b464e13f0d30e6c0b8f69ec908fceab30aea986 Merge: dc1e135 5f37fd8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 29 13:26:43 2015 +0100 Merge remote-tracking branch 'remotes/bkoppelmann/tags/pull-tricore-20150629' into staging TriCore bugfixes # gpg: Signature made Mon Jun 29 13:08:17 2015 BST using RSA key ID 6B69CA14 # gpg: Good signature from "Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx>" * remotes/bkoppelmann/tags/pull-tricore-20150629: target-tricore: fix depositing bits from PCXI into ICR Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5f37fd8e2980818ab71bc4b4e21129e29acd73f7 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jun 24 14:01:10 2015 +0200 target-tricore: fix depositing bits from PCXI into ICR Spotted by Coverity, because (env->PCXI & MASK_PCXI_PCPN) >> 24 is always zero. The immediately preceding assignment is also wrong though. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Message-Id: <1435147270-1040-1-git-send-email-pbonzini@xxxxxxxxxx> commit dc1e1350f8061021df765b396295329797d66933 Merge: d14b9d7 d46f7c9 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 26 15:57:43 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio, pci fixes, enhancements Almost exclusively bugfixes, though in this case, we are adding functionality to the pxb in order to make OVMF work on it. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Fri Jun 26 14:43:27 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: Fix glib_subprocess test hw/pci-bridge: format special OFW unit address for PXB host hw/core: explicit OFW unit address callback for SysBusDeviceClass hw/pci-bridge: disable SHPC in PXB hw/pci-bridge: introduce "shpc" property hw/pci: introduce shpc_present() helper function hw/pci-bridge: add macro for "msi" property hw/pci-bridge: add macro for "chassis_nr" property hw/pci-bridge: expose _test parameter in SHPC_VMSTATE() migration: introduce VMSTATE_BUFFER_UNSAFE_INFO_TEST() add pci-bridge-seat pc: cleanup and convert TMP ACPI device description to AML API MAINTAINERS: add ACPI entry vhost: correctly pass error to caller in vhost_dev_enable_notifiers() balloon: add a feature bit to let Guest OS deflate balloon on oom qdev: fix OVERFLOW_BEFORE_WIDEN virito-pci: fix OVERRUN problem Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 41da4bd6420afd1209c408974920f63ff9c658e1 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat May 30 23:11:46 2015 -0700 cpu-defs: Move out TB_JMP defines These are not Architecture specific in any way so move them out of cpu-defs.h. tb-hash.h is an appropriate place as a leading user and their strong relationship to TB hashing and caching. Reviewed-by: Richard Henderson <rth@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <43ceca65a3fa240efac49aa0bf604ad0442e1710.1433052532.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e1b89321bafea9fb33d87852fc91fee579d17dfe Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat May 30 23:11:45 2015 -0700 include/exec: Move tb hash functions out This is one of very few things in exec-all with a genuine CPU architecture dependency. Move these hashing helpers to a new header to trim exec-all.h down to a near architecture-agnostic header. The defs are only used by cpu-exec and translate-all which are both arch-obj's so the new tb-hash.h has no core code usage. Reviewed-by: Richard Henderson <rth@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <9d048b96f7cfa64a4d9c0b88e0dd2877fac51d41.1433052532.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9e0dc48c9f05505b53cb28f860456a0648e56ddf Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat May 30 23:11:42 2015 -0700 include/exec: Move standard exceptions to cpu-all.h These exception indicies are generic and don't have any reliance on the per-arch cpu.h defs. Move them to cpu-all.h so they can be used by core code that does not have access to cpu-defs.h. Reviewed-by: Richard Henderson <rth@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <dbebd3062c7cd4332240891a3564e73f374ddfcd.1433052532.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6e0b07306d1793e8402dd218d2e38a7377b5fc27 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sat May 30 23:11:34 2015 -0700 cpu-defs: Move CPU_TEMP_BUF_NLONGS to tcg The usages of this define are pure TCG and there is no architecture specific variation of the value. Localise it to the TCG engine to remove another architecture agnostic piece from cpu-defs.h. This follows on from a28177820a868eafda8fab007561cc19f41941f4 where temp_buf was moved out of the CPU_COMMON obsoleting the need for the super early definition. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <498e8e5325c1a1aff79e5bcfc28cb760ef6b214e.1433052532.git.crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 94beb661bd90bcb477eed6d3b07aced988c40163 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Jun 7 14:59:09 2015 -0700 memory_mapping: Rework cpu related includes This makes it more consistent with all other core code files, which either just rely on qemu-common.h inclusion or precede cpu.h with qemu-common.h. cpu-all.h should not be included in addition to cpu.h. Remove it. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <1433714349-7262-1-git-send-email-crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 27e7755bea57c66097000f7612271ceefcbeb4a4 Author: Artyom Tarasenko <atar4qemu@xxxxxxxxx> Date: Tue Jun 23 14:30:18 2015 +0200 cutils: allow compilation with icc Use VEC_OR macro for operations on VECTYPE operands Signed-off-by: Artyom Tarasenko <atar4qemu@xxxxxxxxx> Message-Id: <3f62d7a3a265f7dd99e50d016a0333a99a4a082a.1435062067.git.atar4qemu@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 34664507c7f038842f20a2c787915680b1fabba2 Author: Artyom Tarasenko <atar4qemu@xxxxxxxxx> Date: Tue Jun 23 14:30:17 2015 +0200 qemu-common: add VEC_OR macro Intel C Compiler version 15.0.3.187 Build 20150407 doesn't support '|' function for non floating-point simd operands. Define VEC_OR macro which uses _mm_or_si128 supported both in icc and gcc on x86 platform. Signed-off-by: Artyom Tarasenko <atar4qemu@xxxxxxxxx> Message-Id: <54c804cdb3b3a93e93ef98f085dc57c4092580b7.1435062067.git.atar4qemu@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d14b9d79be8a424ebc66450d565b81eff2296d55 Merge: ccb0c7e 4e2c0b2 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 26 14:40:47 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150626' into staging target-arm queue: * Change the virt board's default interface type for block devices to virtio * Improve some error messages that will now be triggered by some incorrect but previously worked-by-accident command lines * Print ELR if we're doing debug logging of AArch64 exception entry * Handle the "completely empty semihosting commandline" correctly for softmmu (we already did for linux-user) * Add GICv2m description to ACPI tables for virt board * Fix some incorrect table revision entries in virt board ACPI tables # gpg: Signature made Fri Jun 26 14:29:39 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150626: hw/arm/virt: Make block devices default to virtio qdev-properties-system: Improve error message for drive assignment conflict qdev-properties-system: Change set_pointer's parse callback to use Error target-arm: A64: Print ELR when taking exceptions target-arm: default empty semihosting cmdline hw/arm/virt-acpi-build: Add GICv2m description in ACPI MADT table hw/arm/virt-acpi-build: Fix table revision and some comments Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4e2c0b2a4ab810c8989e181a010e75aeaa1c55f3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 26 14:22:37 2015 +0100 hw/arm/virt: Make block devices default to virtio Now we have virtio-pci, we can make the virt board's default block device type be IF_VIRTIO. This allows users to use simplified command lines that don't have to explicitly create virtio-pci-blk devices; the -hda &c very short options now also work. This means we also need to set no_cdrom to avoid getting a default cdrom device -- this is needed because the virtio-blk device will fail if it is connected to a block backend with no media, which is what the default cdrom device typically is. Providing a cdrom with media via -cdrom will succeed, but silently create a device with non-removable medium. this is probably not really what the user wants, but is the best we can do now. Note that this change means that some command lines which used to work (by accident) will stop working. Where a drive was connected manually to a device but without 'if=none' being specified, we used to treat this as an IDE drive, which we would then not autoplug because the board doesn't support IDE. Now we will treat it as a virtio disk and autoplug it, which means the attempt to use the drive manually will fail: qemu-system-arm: -drive file=img.qcow2,id=foo: Drive 'foo' is already in use because it has been automatically connected to another device (did you need 'if=none' in the drive options?) The command line will have to be changed to include 'if=none', as the error message suggests. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435068107-12594-4-git-send-email-peter.maydell@xxxxxxxxxx commit 62f7dbde4c75e48921fd1b773865250130c57bd8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 26 14:22:36 2015 +0100 qdev-properties-system: Improve error message for drive assignment conflict If the user forgot if=none on their drive specification they're likely to get an error message because the drive is assigned once automatically by QEMU and once by the manual id=/drive= user command line specification. Improve the error message produced in this case to explicitly guide the user towards if=none. We rephrase the "drive conflict but not for an if=something" error as well to keep the wording in line. The two cases that change are: (1) Drive specified as to be auto-connected and also manually connected (and the board does handle this if= type): qemu-system-x86_64 -nodefaults -display none \ -drive if=scsi,file=tmp.qcow2,id=foo -device ide-hd,drive=foo Previously: qemu-system-x86_64: -device ide-hd,drive=foo: Property 'ide-hd.drive' can't take value 'foo', it's in use Now: qemu-system-x86_64: -device ide-hd,drive=foo: Drive 'foo' is already in use because it has been automatically connected to another device (did you need 'if=none' in the drive options?) (2) Drive specified to be manually connected in two different ways: qemu-system-x86_64 -nodefaults -display none \ -drive if=none,file=tmp.qcow2,id=foo -device ide-hd,drive=foo \ -device ide-hd,drive=foo Previously: qemu-system-x86_64: -device ide-hd,drive=foo: Property 'ide-hd.drive' can't take value 'foo', it's in use Now: qemu-system-x86_64: -device ide-hd,drive=foo: Drive 'foo' is already in use by another device Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435068107-12594-3-git-send-email-peter.maydell@xxxxxxxxxx commit f1fb9f0dc087c02b230be4cc96c5c76521f188fa Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 26 14:22:36 2015 +0100 qdev-properties-system: Change set_pointer's parse callback to use Error Instead of having set_pointer() call a parse callback which returns an error number that we then convert to an Error string with error_set_from_qdev_prop_error(), make the parse callback take an Error** and set the error itself. This will allow parse routines to provide more helpful error messages than the generic ones. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435068107-12594-2-git-send-email-peter.maydell@xxxxxxxxxx commit b21ab1fc217b4a2b8f2f85d16bdd8510a7817a34 Author: Soren Brinkmann <soren.brinkmann@xxxxxxxxxx> Date: Fri Jun 26 14:22:36 2015 +0100 target-arm: A64: Print ELR when taking exceptions When taking an exception print the content of the exception link register. This is useful especially for synchronous exceptions because in that case this registers holds the address of the instruction that generated the exception. Signed-off-by: Soren Brinkmann <soren.brinkmann@xxxxxxxxxx> Message-id: 1435036655-16132-1-git-send-email-soren.brinkmann@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f3c2bda216a00676e40301b5843ac3d6c3b2537a Author: Liviu Ionescu <ilg@xxxxxxxxxx> Date: Fri Jun 26 14:22:36 2015 +0100 target-arm: default empty semihosting cmdline If neither explicit semihosting args nor -kernel are used, make SYS_GET_CMDLINE return an empty string. Signed-off-by: Liviu Ionescu <ilg@xxxxxxxxxx> Message-id: AC7B5AFC-06AE-4FAD-9852-B65708E80E09@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ca7937365305d144cf0c97b907dac6f70ea152ef Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri Jun 26 14:22:36 2015 +0100 hw/arm/virt-acpi-build: Add GICv2m description in ACPI MADT table Add GICv2m description in ACPI MADT table, so guest can use MSI when booting with ACPI. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Andrew Jones <drjones@xxxxxxxxxx> Tested-by: Andrew Jones <drjones@xxxxxxxxxx> Message-id: 1434676210-2276-1-git-send-email-shannon.zhao@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d0652b5765859049c96a13372bbe075be44e756b Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri Jun 26 14:22:36 2015 +0100 hw/arm/virt-acpi-build: Fix table revision and some comments The table revision is not the ACPI spec version. Fix the wrong revision and also some comments. Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1433820378-8336-1-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ccb0c7e122db72d3a5da798c6414d4912bba828f Merge: 0a4a031 4b3bcd0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 26 11:32:58 2015 +0100 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150626' into staging MIPS patches 2015-06-26 Changes: * MIPS UHI semihosting support * microMIPS32 R6 support # gpg: Signature made Fri Jun 26 10:42:33 2015 BST using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 8DD3 2F98 5495 9D66 35D4 4FC0 5211 8E3C 0B29 DA6B * remotes/lalrae/tags/mips-20150626: target-mips: add mips32r6-generic CPU definition target-mips: microMIPS32 R6 POOL16{A, C} instructions target-mips: microMIPS32 R6 Major instructions target-mips: microMIPS32 R6 POOL32{I, C} instructions target-mips: microMIPS32 R6 POOL32F instructions target-mips: microMIPS32 R6 POOL32A{XF} instructions target-mips: microMIPS32 R6 branches and jumps target-mips: add microMIPS32 R6 opcode enum target-mips: signal RI for removed instructions in microMIPS R6 target-mips: raise RI exceptions when FIR.PS = 0 target-mips: rearrange gen_compute_compact_branch target-mips: refactor {D}LSA, {D}ALIGN, {D}BITSWAP target-mips: remove an unused argument target-mips: add microMIPS TLBINV, TLBINVF target-mips: fix {RD, WR}PGPR in microMIPS target-mips: convert host to MIPS errno values when required target-mips: add Unified Hosting Interface (UHI) support target-mips: remove identical code in different branch hw/mips: Do not clear BEV for MIPS malta kernel load include/softmmu-semi.h: Make semihosting support 64-bit clean Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4b3bcd016d83cc75f6a495c1db54b6c77f037adc Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:27 2015 +0100 target-mips: add mips32r6-generic CPU definition Define a new CPU definition supporting MIPS32 Release 6 ISA and microMIPS32 Release 6 ISA. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit ed7ce6c0f9d4370826557ce33d652beb88ccb3e6 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:26 2015 +0100 target-mips: microMIPS32 R6 POOL16{A, C} instructions microMIPS32 Release 6 POOL16A/ POOL16C instructions Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit ab39ee452d74855adec91056812b8e1e5166302c Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:25 2015 +0100 target-mips: microMIPS32 R6 Major instructions Add new microMIPS32 Release 6 Major opcode instructions Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 3b4a5489447e7ed17cc504572cf729833853e7ab Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:24 2015 +0100 target-mips: microMIPS32 R6 POOL32{I, C} instructions Add new microMIPS32 Release 6 POOL32I/POOL32C type instructions Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 2a24a7badeb6ad3ba72e7984f299623035d564d6 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:23 2015 +0100 target-mips: microMIPS32 R6 POOL32F instructions Add new microMIPS32 Release 6 POOL32F instructions Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit e03320958305a68f2bc6a32c87d7ed48303438f9 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:22 2015 +0100 target-mips: microMIPS32 R6 POOL32A{XF} instructions Add new microMIPS32 Release 6 pool32a/pool32axf instructions. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 65935f070aa710cf340e96ae7ee36d2c1d5c8d15 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:21 2015 +0100 target-mips: microMIPS32 R6 branches and jumps Add new microMIPS32 Release 6 branch and jump instructions. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 3a1f426828cd8ffeec1a4fa8ca6ca3ed4f800edb Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:20 2015 +0100 target-mips: add microMIPS32 R6 opcode enum Add microMIPS32 Release 6 opcode enum. Remove RI checking for pre-R6 reserved opcode. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 9e8f441a7e094c0dc33a1c8f521d9e5bcfc1b4da Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:19 2015 +0100 target-mips: signal RI for removed instructions in microMIPS R6 Signal a Reserved Instruction exception for removed instruction encoding in microMIPS Release 6. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit e29c962804c4dd3fabd44e703aa87eec555ed910 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:18 2015 +0100 target-mips: raise RI exceptions when FIR.PS = 0 64-bit paired-single (PS) floating point data type is optional in the pre-Release 6. It has to raise RI exception when PS type is not implemented. (FIR.PS = 0) (The PS data type is removed in the Release 6.) Loongson-2E and Loongson-2F don't have any implementation field in FCSR0(FIR) but do support PS data format, therefore for these cores RI will not be signalled regardless of PS bit. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 6893f07466b045c5faf314ab9e57ef3b4a6f9e49 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:17 2015 +0100 target-mips: rearrange gen_compute_compact_branch The function will be also used for microMIPS Release 6. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 1f1b4c008e250f870719ed38fbd0bcc14322fc01 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:16 2015 +0100 target-mips: refactor {D}LSA, {D}ALIGN, {D}BITSWAP Refactor those instructions in order to reuse them for microMIPS32 Release 6. Rearrange gen_move_low32(). Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit f60eeb0c5ddd8ceb8ca6b3ba032159027afab67a Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:15 2015 +0100 target-mips: remove an unused argument Remove an unused argument from decode_micromips32_opc() Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit e60ec06357470db5a0f25901ca19b6237e6da927 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:14 2015 +0100 target-mips: add microMIPS TLBINV, TLBINVF Add microMIPS TLBINV, TLBINVF Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 1bf5902de03732d4067c4e90171a1741d6542c45 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Thu Jun 25 00:24:13 2015 +0100 target-mips: fix {RD, WR}PGPR in microMIPS rt, rs were swapped Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 2c44b19c199f4ce2f1721120744d3d6e5d01d274 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Fri Jun 19 11:08:44 2015 +0100 target-mips: convert host to MIPS errno values when required Convert only errno values which can be returned by system calls in mips-semi.c and are not generic to all archs. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 3b3c1694cfd394b73de426edebdbf90c28f664fd Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Fri Jun 19 11:08:43 2015 +0100 target-mips: add Unified Hosting Interface (UHI) support Add UHI semihosting support for MIPS. QEMU run with "-semihosting" option will alter the behaviour of SDBBP 1 instruction -- UHI operation will be called instead of generating a debug exception. Also tweak Malta's pseudo-bootloader. On CPU reset the $4 register is set to -1 if semihosting arguments are passed to indicate that the UHI operations should be used to obtain input arguments. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit ff334767728011218c62f7476232d260cb5b28e6 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Fri Jun 19 11:08:42 2015 +0100 target-mips: remove identical code in different branch Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit d6ca4277eee98b3c561e21ac105199891d346d79 Author: Matthew Fortune <matthew.fortune@xxxxxxxxxx> Date: Fri Jun 19 11:08:41 2015 +0100 hw/mips: Do not clear BEV for MIPS malta kernel load The BEV flag controls whether the boot exception vector is still in place when starting a kernel. When cleared the exception vector at EBASE (or hard coded address of 0x80000000) is used instead. The early stages of the linux kernel would benefit from BEV still being set to ensure any faults get handled by the boot rom exception handlers. This is a moot point for system qemu as there aren't really any BEV handlers, but there are other good reasons to change this... The UHI (semi-hosting interface) defines special behaviours depending on whether an application starts in an environment with BEV set or cleared. When BEV is set then UHI assumes that a bootloader is relatively dumb and has no advanced exception handling logic. However, when BEV is cleared then UHI assumes that the bootloader has the ability to handle UHI exceptions with its exception handlers and will unwind and forward UHI SYSCALL exceptions to the exception vector that was installed prior to running the application. Signed-off-by: Matthew Fortune <matthew.fortune@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 9f6f7ca1490563d98003149e6de32caf25c670da Author: Maciej W. Rozycki <macro@xxxxxxxxxxxxxxxx> Date: Fri Jun 19 11:08:40 2015 +0100 include/softmmu-semi.h: Make semihosting support 64-bit clean Correct addresses passed around in semihosting to use a data type suitable for both 32-bit and 64-bit targets. Signed-off-by: Maciej W. Rozycki <macro@xxxxxxxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 0a4a0312bf8b029cbd32a97db2cad669cf65ac49 Merge: 58e8b33 1e81aba Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 25 14:03:55 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Wed Jun 24 16:37:23 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: net: simplify net_client_init1() net: drop if expression that is always true net: raise an error if -net type is invalid net: replace net_client_init1() netdev whitelist with blacklist net: add missing "netmap" to host_net_devices[] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 58e8b33518fd2bb6dce0ba7b6347c3df85aea3c6 Merge: 355df30 1204854 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 25 11:19:46 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Wed Jun 24 16:27:53 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: virito-blk: drop duplicate check qemu-iotests: fix 051.out after qdev error message change iov: don't touch iov in iov_send_recv() raw-posix: Introduce hdev_is_sg() raw-posix: Use DPRINTF for DEBUG_FLOPPY raw-posix: DPRINTF instead of DEBUG_BLOCK_PRINT Fix migration in case of scsi-generic block: Use bdrv_is_sg() everywhere nvme: Fix memleak in nvme_dma_read_prp vvfat: add a label option util/hbitmap: Add an API to reset all set bits in hbitmap virtio-blk: Use blk_drain() to drain IO requests block-backend: Introduce blk_drain() throttle: Check current timers before updating any_timer_armed[] block: Let bdrv_drain_all() to call aio_poll() for each AioContext Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1e81aba5ac0b908ab859bf8ddf43ece33732d49c Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed May 27 17:16:52 2015 +0100 net: simplify net_client_init1() Drop the union and move the hubport creation into the !is_netdev case. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Message-id: 1432743412-15943-6-git-send-email-stefanha@xxxxxxxxxx commit 4ef0defbad9bc8b195f3392d1b7dcb42cd7ebe11 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed May 27 17:16:51 2015 +0100 net: drop if expression that is always true Both is_netdev and !is_netdev paths already check that net_client_init_func[opts->kind] is non-NULL so there is no need for the if statement. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Message-id: 1432743412-15943-5-git-send-email-stefanha@xxxxxxxxxx commit d139e9a6cf01b8c31f5904b4ba40521d7224f7de Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed May 27 17:16:50 2015 +0100 net: raise an error if -net type is invalid When a -net type is used that was not compiled into the binary there should be an error message. Note the special case for -net none, which is a no-op. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Message-id: 1432743412-15943-4-git-send-email-stefanha@xxxxxxxxxx commit 1322629b4f25730aed973d51983e7a3b021fe9c9 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed May 27 17:16:49 2015 +0100 net: replace net_client_init1() netdev whitelist with blacklist It's cumbersome to keep the whitelist up-to-date. New netdev backends should most likely be allowed so a blacklist makes more sense than a whitelist. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Message-id: 1432743412-15943-3-git-send-email-stefanha@xxxxxxxxxx commit 027a247bbf703e94258d07e38948946d7b85e91c Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed May 27 17:16:48 2015 +0100 net: add missing "netmap" to host_net_devices[] Although hmp-commands.hx lists "netmap" as a valid host_net_add type, the command rejects it because it's missing from the list. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1432743412-15943-2-git-send-email-stefanha@xxxxxxxxxx commit 12048545019cd1d64c8147ea9277648e685fa489 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed Jun 24 17:29:24 2015 +0800 virito-blk: drop duplicate check in_num = req->elem.in_num, and req->elem.in_num is checked in line 489, so the check about in_num variable is superflous, let's drop it. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1435138164-11728-1-git-send-email-arei.gonglei@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a30c4eb2ce7b2c15ab556be3cfe2340c17271ddd Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Jun 23 15:56:09 2015 +0100 qemu-iotests: fix 051.out after qdev error message change Commit f006cf7fa9a63ba8e4ccf57d46231ce594301727 ("qdev-monitor: Propagate errors through qdev_device_add()") dropped a meaningless error message. This change in output caused qemu-iotests 051 to fail: QEMU_PROG: -device ide-drive,drive=disk: Device initialization failed. -QEMU_PROG: -device ide-drive,drive=disk: Device 'ide-drive' could not be initialized Update 051.out so the test passes again. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1435071369-30936-1-git-send-email-stefanha@xxxxxxxxxx commit d46f7c9e648d8098ac73b36834ac81237b8c2c2d Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Jun 24 10:45:42 2015 +0100 Fix glib_subprocess test A typo means that the tests dependent on glib with subprocess support are never run. Fixes: 9d41401b90fa10b335d2e739149d36437cfbf622 Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 48ea3dedc54dbcb3c738ddef02a336739910ecfd Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:17 2015 +0200 hw/pci-bridge: format special OFW unit address for PXB host We have agreed that OpenFirmware device paths in the "bootorder" fw_cfg file should follow the pattern /pci@i0cf8,%x/... for devices that live behind an extra root bus. The extra root bus in question is the %x'th among the extra root buses. (In other words, %x gives the position of the affected extra root bus relative to the other extra root buses, in bus_nr order.) %x starts at 1, and is formatted in hex. The portion of the unit address that comes before the comma is dynamically taken from the main host bridge, similarly to sysbus_get_fw_dev_path(). Cc: Kevin O'Connor <kevin@xxxxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 0b336b3b98d8983d821ef9b0f159acc7c77cbac7 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:16 2015 +0200 hw/core: explicit OFW unit address callback for SysBusDeviceClass The sysbus_get_fw_dev_path() function formats OpenFirmware device path nodes ("driver-name@unit-address") for sysbus devices. The first choice for "unit-address" is the base address of the device's first MMIO region. The second choice is its first IO port. However, if two sysbus devices with the same "driver-name" lack both MMIO and PIO resources, then there is no good way to distinguish them based on their OFW nodes, because in this case unit-address is omitted completely for both devices. An example is TYPE_PXB_HOST ("pxb-host"). For the sake of such devices, introduce the explicit_ofw_unit_address() "virtual member function". With this function, each sysbus device in the same SysBusDeviceClass can state its own address. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d10dda2d60c8c225a89a53d53add799b69f6bb46 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:14 2015 +0200 hw/pci-bridge: disable SHPC in PXB OVMF downloads the ACPI linker/loader script from QEMU when the edk2 PCI Bus driver globally signals the firmware that PCI enumeration and resource allocation have completed. At this point QEMU regenerates the ACPI payload in an fw_cfg read callback, and this is when the PXB's _CRS gets populated. Unfortunately, when this happens, the PCI_COMMAND_MEMORY bit is clear in the root bus's command register, *unlike* under SeaBIOS. The consequences unfold as follows: - When build_crs() fetches dev->io_regions[i].addr, it is all-bits-one, because pci_update_mappings() --> pci_bar_address() calculated it as PCI_BAR_UNMAPPED, due to the PCI_COMMAND_MEMORY bit being clear. - Consequently, the SHPC MMIO BAR (bar 0) of the bridge is not added to the _CRS, *despite* having been programmed in PCI config space. - Similarly, the SHPC MMIO BAR of the PXB is not removed from the main root bus's DWordMemory descriptor. - Guest OSes (Linux and Windows alike) notice the pre-programmed SHPC BAR within the PXB's config space, and notice that it conflicts with the main root bus's memory resource descriptors. Linux reports pci 0000:04:00.0: BAR 0: can't assign mem (size 0x100) pci 0000:04:00.0: BAR 0: trying firmware assignment [mem 0x88200000-0x882000ff 64bit] pci 0000:04:00.0: BAR 0: [mem 0x88200000-0x882000ff 64bit] conflicts with PCI Bus 0000:00 [mem 0x88200000-0xfebfffff] While Windows Server 2012 R2 reports https://technet.microsoft.com/en-us/library/cc732199%28v=ws.10%29.aspx This device cannot find enough free resources that it can use. If you want to use this device, you will need to disable one of the other devices on this system. (Code 12) This issue was apparently encountered earlier, see the "hack" in: https://lists.nongnu.org/archive/html/qemu-devel/2015-01/msg02983.html and the current hole-punching logic in build_crs() and build_ssdt() is probably supposed to remedy exactly that problem -- however, for OVMF they don't work, because at the end of the PCI enumeration and resource allocation, which cues the ACPI linker/loader client, the command register is clear. The "shpc" property of "pci-bridge", introduced in the previous patches, allows us to disable the standard hotplug controller cleanly, eliminating the SHPC bar and the conflict. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4e5c9bfecf5da13e8e0f790002a55bb1cc0437b1 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:13 2015 +0200 hw/pci-bridge: introduce "shpc" property In the PCI expander bridge, we will want to disable those features of pci-bridge that relate to SHPC (standard hotplug controller): - SHPC bar and underlying MemoryRegion - interrupt (INTx or MSI) - effective hotplug callbacks - other SHPC hooks (initialization, cleanup, migration etc) Introduce a new feature request bit in the PCIBridgeDev.flags field, and turn off the above if the bit is explicitly cleared. Suggested-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 23ab143dcce8d7f758eb6946ebf68d8689018a9c Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:12 2015 +0200 hw/pci: introduce shpc_present() helper function It follows msi_present() in "include/hw/pci/msi.h". Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 7a7c6a41c5583b24f6a35b02c7f68c84ebd7e177 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:11 2015 +0200 hw/pci-bridge: add macro for "msi" property This should help catch property name typos at compile time. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 3cf0ecb3c4f9bb6a7a58a62c0209509b4c9d13c6 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:10 2015 +0200 hw/pci-bridge: add macro for "chassis_nr" property This should help catch property name typos at compile time. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 0034e56209c1333bfca53356ce82663d801a15c5 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:09 2015 +0200 hw/pci-bridge: expose _test parameter in SHPC_VMSTATE() Change the signature of the function-like macro SHPC_VMSTATE(), so that we can produce and expect this field conditionally in the migration stream, starting with an upcoming patch. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 9df0b0e09c48ad543e6d12ee0c17d1857f83d3ca Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Fri Jun 19 04:40:08 2015 +0200 migration: introduce VMSTATE_BUFFER_UNSAFE_INFO_TEST() There is no _TEST() variant of VMSTATE_BUFFER_UNSAFE_INFO() yet, but we'll soon need it. Introduce it and rebase the original VMSTATE_BUFFER_UNSAFE_INFO() on top. The parameter order of the new function-like macro follows that of VMSTATE_SINGLE_TEST(): "_test" is introduced between "_state" and "_version". Cc: Juan Quintela <quintela@xxxxxxxxxx> Cc: Amit Shah <amit.shah@xxxxxxxxxx> Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 355df30554445c043a12168e9c5f912742050548 Merge: 000d604 3de3d69 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 23 18:25:55 2015 +0100 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-06-23' into staging trivial patches for 2015-06-23 # gpg: Signature made Tue Jun 23 18:23:45 2015 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-06-23: (21 commits) util/qemu-sockets: improve ai_flag hints for ipv6 hosts hw/display/tcx.c: Fix memory leak hw/display/cg3.c: Fix memory leak Makefile: Add "make ctags" Makefile: Fix "make cscope TAGS" qemu-options: Use @itemx where appropriate qemu-options: Improve -global documentation throttle: Fix typo in the documentation of block_set_io_throttle hw/display/qxl-logger.c: Constify some variable configure: rearrange --help and consolidate enable/disable together libcacard: pkgconfig: tidy dependent libs vt82c686: QOMify xen_pt: QOMify wdt_i6300esb: QOMify piix4: QOMify piix: piix3 QOMify pci-assign: QOMify Print error when failing to load PCI config data Grammar: 'as to'->'as for' remove libdecnumber/dpd/decimal128Local.h ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3de3d698d942d1116152417f882c897b26b44e41 Author: Wolfgang Bumiller <w.bumiller@xxxxxxxxxxx> Date: Thu May 21 14:33:29 2015 +0200 util/qemu-sockets: improve ai_flag hints for ipv6 hosts *) Do not use AI_ADDRCONFIG on listening sockets, because this flag makes it impossible to explicitly listen on '127.0.0.1' if no global ipv4 address is configured additionally, making this a very uncomfortable option. *) Add AI_V4MAPPED hint for connecting sockets. If your system is globally only connected via ipv6 you often still want to be able to use '127.0.0.1' and 'localhost' (even if localhost doesn't also have an ipv6 entry). For example, PVE - unless explicitly asking for insecure mode - uses ipv4 loopback addresses with QEMU for live migrations tunneled over SSH. These fail to start because AI_ADDRCONFIG makes getaddrinfo refuse to work with '127.0.0.1'. As for the AI_V4MAPPED flag: glibc uses it by default, and providing non-0 flags removes it. I think it makes sense to use it. I also want to point out that glibc explicitly sidesteps POSIX standards when passing 0 as hints by then assuming both AI_V4MAPPED and AI_ADDRCONFIG (the latter being a rather weird choice IMO), while according to POSIX.1-2001 it should be assumed 0. (glibc considers its choice an improvement.) Since either AI_CANONNAME or AI_PASSIVE are passed in our cases, glibc's default flags in turn are disabled again unless explicitly added, which I do with this patch. Signed-off-by: Wolfgang Bumiller <w.bumiller@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 8684e85ca911b41d6a82ac5bcc5a0bfaba5eb7da Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Thu May 28 19:13:45 2015 +0800 hw/display/tcx.c: Fix memory leak Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 22b2aeb82c811b227862c21e7a607087efbe5563 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Thu May 28 19:13:42 2015 +0800 hw/display/cg3.c: Fix memory leak Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ae5fdc81a16534ea04fc475f8723e81857c46ad4 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri May 22 13:35:08 2015 +0800 Makefile: Add "make ctags" This generates ctags file Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit eaa2ddbb76798ec70d12351c0db43a7728d29150 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri May 22 13:35:07 2015 +0800 Makefile: Fix "make cscope TAGS" Cscope and TAGS files work in source directory rather than the build directory, also, don't ask users to run configure first, because they may have an out of tree build. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f9cfd6555a3afb142a74a68438c6f4ee4c127e66 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Jun 15 14:35:59 2015 +0200 qemu-options: Use @itemx where appropriate Doesn't appear to make a difference, but let's use it consistently. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ae08fd5a365e650d70acfe1d9027501707041b52 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Jun 15 14:35:58 2015 +0200 qemu-options: Improve -global documentation Recent commit 3751d7c "vl: allow full-blown QemuOpts syntax for -global" overloaded its existing argument syntax DRIVER.PROP=VALUE with QemuOpts syntax. Unambigious as long as no DRIVER contains '='. Its documentation claims that "the two syntaxes are equivalent." Improve it to spell out how exactly the old syntax gets desugared into the new one. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 6b932c0a5f951f1cfd3c459d8946074b9df8b829 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 15 16:12:52 2015 +0300 throttle: Fix typo in the documentation of block_set_io_throttle Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a91e21186f81f712af8c02c7eec996ce25fb391f Author: Frediano Ziglio <fziglio@xxxxxxxxxx> Date: Thu Jun 11 14:17:56 2015 +0100 hw/display/qxl-logger.c: Constify some variable Signed-off-by: Frediano Ziglio <fziglio@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit c23f23b970ae8ce75d2254c64cf23d95a757811e Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Wed Jun 17 22:19:26 2015 +0300 configure: rearrange --help and consolidate enable/disable together This is an attempt to rearrange configure --help output a bit and consolidate pairs of --enable/disable into its own section. After this, help text is easier to sort, manage and read. More descriptive text can be added as well, since we now have more space. While at it, mention en/dis-able-vte. Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 1e4db0595777b9b9a5a6a9f49ac3d187dda341f9 Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Wed Jun 17 21:02:03 2015 +0300 libcacard: pkgconfig: tidy dependent libs libcacard.pc file lists only one package in Requires field, which is nss, while glib-2.0 is also a requiriment. Furthermore, for libraries used internally by the library (this is the way nss and glib are used by libcacard), Requires.private shold be used instead of Requires. Fix both issues. This does not affect linking of qemu because it links with objects from libcacard directly. Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 417349e6e95d9aa4e0fbc01434de30e8d405ab56 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 13 08:43:27 2015 +0800 vt82c686: QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f9b9d292afcb55f23b8863c0388a4b3e42c79747 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 13 08:43:26 2015 +0800 xen_pt: QOMify Cc: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Tested-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 41fc9050fed524d300062fd8fe7aecd5c7adf5ac Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 13 08:43:25 2015 +0800 wdt_i6300esb: QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit acff3e48b7e1ac18e034cc612346bdc38ad96ee1 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 13 08:43:24 2015 +0800 piix4: QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b7c69719d21bea305b7cff6ecde0974edc5ff4b8 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 13 08:43:23 2015 +0800 piix: piix3 QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 1ea6305a834a01bba55309d012ee1fdc46c3eff2 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 13 08:43:22 2015 +0800 pci-assign: QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 7c59364d0329d36a7759033962a469ca714f884d Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Jun 3 17:58:01 2015 +0100 Print error when failing to load PCI config data When loading migration fails due to a disagreement about PCI config data we don't currently get any errors explaining that was the cause of the problem or which byte in the config data was at fault. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 4aab6282f8e1f7652b0470b078a08ab5678fb929 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Wed Jun 3 19:43:56 2015 +0100 Grammar: 'as to'->'as for' Fixup migrate-incoming text as requested by Eric in: http://lists.nongnu.org/archive/html/qemu-devel/2015-03/msg03362.html Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit bfa3ab619731653e752c7cf0ab3395ec8e70fe79 Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Wed Jun 3 17:37:27 2015 +0300 remove libdecnumber/dpd/decimal128Local.h Commit 72ac97cdfc added two equivalent versions of decimal128Local.h, one in libdecnumber/dpd/ and another in include/libdecnumber/dpd/. Being identical by the code, the two files however differs in the licensing terms. The one in libdecnumber/dpd/ (which is being removed by this patch) is licensed as GPL3.1 (plus gcc runtime exception), which, as far as I know, is not compatible with GPL-2. This file is not used (it is included from include/libdecnumber/dpd/decimal128.h, so version in include/ is used). More, the version in include/ can also be removed, since none of the 3 defines from that file are actually used by the code. Even more, one of the defines from there, decimal128SetSign, is redefined (to equivalent value) in libdecnumber/dpd/decimal128.c, but again, never used. What a mess... Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a4969e90b8110d6880d1a7fcb3cab27c316a0d3e Author: Alex Bennée <alex.bennee@xxxxxxxxxx> Date: Wed Jun 3 14:22:41 2015 +0100 configure: append --extra-ldflags to LDFLAGS The help text says --extra-ldflags is appended to LDFLAGS so make it so. Signed-off-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 000d6042da0d73e5a71318b5fa96e5a084534d12 Merge: 6966b2a ffffbb3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 23 17:46:20 2015 +0100 Merge remote-tracking branch 'remotes/sstabellini/tags/xen-220615-3' into staging xen-220615, more SOB lines # gpg: Signature made Tue Jun 23 17:19:08 2015 BST using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>" * remotes/sstabellini/tags/xen-220615-3: Revert "xen-hvm: increase maxmem before calling xc_domain_populate_physmap" xen/pass-through: constify some static data xen/pass-through: log errno values rather than function return ones xen/pass-through: ROM BAR handling adjustments xen/pass-through: fold host PCI command register writes Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ffffbb369f3ed9bca5ff2867143f76d0c6e069c0 Author: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Date: Mon Jun 22 13:00:42 2015 +0000 Revert "xen-hvm: increase maxmem before calling xc_domain_populate_physmap" This reverts commit c1d322e6048796296555dd36fdd102d7fa2f50bf. The original commit fixes a bug when assigning a large number of devices which require option roms to a guest. (One known configuration that needs extra memory is having more than 4 emulated NICs assigned. Three or fewer NICs seems to work without this functionality.) However, by unilaterally increasing maxmem, it introduces two problems. First, now libxl's calculation of the required maxmem during migration is broken -- any guest which exercised this functionality will fail on migration. (Guests which have the default number of devices are not affected.) Secondly, it makes it impossible for a higher-level toolstack or administer to predict how much memory a VM will actually use, making it much more difficult to effectively use all of the memory on a machine. Signed-off-by: George Dunlap <george.dunlap@xxxxxxxxxxxxx> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 74526eb01886ca45774c1e9c736f61536fa2bda1 Author: Jan Beulich <JBeulich@xxxxxxxx> Date: Fri Jun 5 13:04:55 2015 +0100 xen/pass-through: constify some static data This is done indirectly by adjusting two typedefs and helps emphasizing that the respective tables aren't supposed to be modified at runtime (as they may be shared between devices). Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 3782f60d2047cb86567889307ce78baacf518635 Author: Jan Beulich <JBeulich@xxxxxxxx> Date: Fri Jun 5 13:04:18 2015 +0100 xen/pass-through: log errno values rather than function return ones Functions setting errno commonly return just -1, which is of no particular use in the log file. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 69976894c1d91c4b0c985fa05936cb6b8d01382b Author: Jan Beulich <JBeulich@xxxxxxxx> Date: Mon Jun 8 14:11:51 2015 +0100 xen/pass-through: ROM BAR handling adjustments Expecting the ROM BAR to be written with an all ones value when sizing the region is wrong - the low bit has another meaning (enable/disable) and bits 1..10 are reserved. The PCI spec also mandates writing all ones to just the address portion of the register. Use suitable constants also for initializing the ROM BAR register field description. Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> commit 950fe0aa3f55ad6bb135fc9cde9ebf4df05f62fc Author: Jan Beulich <JBeulich@xxxxxxxx> Date: Fri May 15 13:46:11 2015 +0100 xen/pass-through: fold host PCI command register writes The code introduced to address XSA-126 allows simplification of other code in xen_pt_initfn(): All we need to do is update "cmd" suitably, as it'll be written back to the host register near the end of the function anyway. Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> commit eb6c6a604890201e321a6ace32973d10dc033245 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 18 12:17:29 2015 +0200 add pci-bridge-seat Simplifies multiseat configuration, see docs/multiseat.txt update for details. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 72d97b3a543a9c2c820bd463ba24751ae4247ac3 Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Tue Jun 9 05:31:53 2015 +0200 pc: cleanup and convert TMP ACPI device description to AML API remove some code duplication in acpi-build.c and drop 5 ASL and binary blobs files with TPM ACPI device description, replacing them with 1 small hunk written in AML API. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 0e0b3592f6cfc56b3a4cc2c040552b7caaf2329f Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Tue Jun 23 08:09:34 2015 +0200 MAINTAINERS: add ACPI entry Igor agreed to help review ACPI patches, add an entry to MAINTAINERS with all ACPI stuff I could think of. Note: I listed ARM ACPI files here just to make sure we are Cc'd, no plan to maintain ACPI for ARM through my tree :) Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 16617e36b02ebdc83f215d89db9ac00f7d6d6d83 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:13:14 2015 +0800 vhost: correctly pass error to caller in vhost_dev_enable_notifiers() We override the error value r in fail_vq, this will cause the caller can't detect the failure which may cause the caller may disable the notifiers twice if vhost is failed to start. Fix this by using another variable to keep track the return value of set_host_notifier(). Fixes b0b3db79559e57db340b292621c397e7a6cdbdc5 ("vhost-net: cleanup host notifiers at last step") Cc: qemu-stable@xxxxxxxxxx Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit e3816255bf4b6377bb405331e2ee0dc14d841b80 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Mon Jun 15 13:52:52 2015 +0300 balloon: add a feature bit to let Guest OS deflate balloon on oom Excessive virtio_balloon inflation can cause invocation of OOM-killer, when Linux is under severe memory pressure. Various mechanisms are responsible for correct virtio_balloon memory management. Nevertheless it is often the case that these control tools does not have enough time to react on fast changing memory load. As a result OS runs out of memory and invokes OOM-killer. The balancing of memory by use of the virtio balloon should not cause the termination of processes while there are pages in the balloon. Now there is no way for virtio balloon driver to free memory at the last moment before some process get killed by OOM-killer. This does not provide a security breach as balloon itself is running inside Guest OS and is working in the cooperation with the host. Thus some improvements from Guest side should be considered as normal. To solve the problem, introduce a virtio_balloon callback which is expected to be called from the oom notifier call chain in out_of_memory() function. If virtio balloon could release some memory, it will make the system return and retry the allocation that forced the out of memory killer to run. This behavior should be enabled if and only if appropriate feature bit is set on the device. It is off by default. This functionality was recently merged into vanilla Linux. commit 5a10b7dbf904bfe01bb9fcc6298f7df09eed77d5 Author: Raushaniya Maksudova <rmaksudova@xxxxxxxxxxxxx> Date: Mon Nov 10 09:36:29 2014 +1030 This patch adds respective control bits into QEMU. It introduces deflate-on-oom option for balloon device which does the trick. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Raushaniya Maksudova <rmaksudova@xxxxxxxxxxxxx> CC: Anthony Liguori <aliguori@xxxxxxxxxx> CC: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: James Bottomley <JBottomley@xxxxxxxx> Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 6b64640dd25846c4de42aa433db56e0ff975993a Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Thu May 21 09:50:10 2015 +0800 iov: don't touch iov in iov_send_recv() Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Message-id: 555D39D2.4000705@xxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 3307ed7b3fac5ba99eb3b84904b0b7cdc3592a61 Author: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Date: Tue Jun 23 13:45:00 2015 +0300 raw-posix: Introduce hdev_is_sg() Until now, an SG device was identified only by checking if its path started with "/dev/sg". Then, hdev_open() would set the bs->sg flag accordingly. The patch relies on the actual properties of the device instead of the specified file path. To this end, test for an SG device (e.g. /dev/sg0) by ensuring that all of the following holds: - The specified file name corresponds to a character device - The device supports the SG_GET_VERSION_NUM ioctl - The device supports the SG_GET_SCSI_ID ioctl Signed-off-by: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Message-id: 1435056300-14924-6-git-send-email-dimara@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a93a3982a6645463fa822131d38b17284edd5633 Author: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Date: Tue Jun 23 13:44:59 2015 +0300 raw-posix: Use DPRINTF for DEBUG_FLOPPY Get rid of several #ifdef DEBUG_FLOPPY and substitute them with DPRINTF. Signed-off-by: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435056300-14924-5-git-send-email-dimara@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit bcb225550dcc0d6fcef8e97012bae572ba78f73a Author: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Date: Tue Jun 23 13:44:58 2015 +0300 raw-posix: DPRINTF instead of DEBUG_BLOCK_PRINT Building the QEMU tools fails if we #define DEBUG_BLOCK inside block/raw-posix.c. Here instead of adding qemu-log.o in block-obj-y so that DEBUG_BLOCK_PRINT can be used, we substitute the latter with a simple DPRINTF() (that does not cause bit-rot). Signed-off-by: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435056300-14924-4-git-send-email-dimara@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1b6bc94d5d43ff3e39abadae19f2dbcb0954eb93 Author: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Date: Tue Jun 23 13:44:57 2015 +0300 Fix migration in case of scsi-generic During migration, QEMU uses fsync()/fdatasync() on the open file descriptor for read-write block devices to flush data just before stopping the VM. However, fsync() on a scsi-generic device returns -EINVAL which causes the migration to fail. This patch skips flushing data in case of an SG device, since submitting SCSI commands directly via an SG character device (e.g. /dev/sg0) bypasses the page cache completely, anyway. Note that fsync() not only flushes the page cache but also the disk cache. The scsi-generic device never sends flushes, and for migration it assumes that the same SCSI device is used by the destination host, so it does not issue any SCSI SYNCHRONIZE CACHE (10) command. Finally, remove the bdrv_is_sg() test from iscsi_co_flush() since this is now redundant (we flush the underlying protocol at the end of bdrv_co_flush() which, with this patch, we never reach). Signed-off-by: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435056300-14924-3-git-send-email-dimara@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b192af8acc597a6e8068873434e56e0c7de1b7d3 Author: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Date: Tue Jun 23 13:44:56 2015 +0300 block: Use bdrv_is_sg() everywhere Instead of checking bs->sg use bdrv_is_sg() consistently throughout the code. Signed-off-by: Dimitris Aragiorgis <dimara@xxxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1435056300-14924-2-git-send-email-dimara@xxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 25940fa7e57ffce9d495b4c2aadc39790535856d Author: Lu Lina <lina.lulina@xxxxxxxxxx> Date: Fri Jun 19 14:27:34 2015 +0800 nvme: Fix memleak in nvme_dma_read_prp Signed-off-by: Lu Lina <lina.lulina@xxxxxxxxxx> Acked-by: Keith Busch <keith.busch@xxxxxxxxx> Message-id: 1434695254-69808-1-git-send-email-kathy.wangting@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d5941ddae82a35771656d7e35f64f7f8f19c5627 Author: Wolfgang Bumiller <w.bumiller@xxxxxxxxxxx> Date: Fri Jun 19 11:35:29 2015 +0200 vvfat: add a label option Until now the vvfat volume label was hardcoded to be "QEMU VVFAT", now you can pass a file.label=labelname option to the -drive to change it. The FAT structure defines the volume label to be limited to 11 bytes and is filled up spaces when shorter than that. The trailing spaces however aren't exposed to the user by operating systems. [Added missing comment '#' characters in block-core.json to fix build errors. --Stefan] Signed-off-by: Wolfgang Bumiller <w.bumiller@xxxxxxxxxxx> Message-id: 1434706529-13895-2-git-send-email-w.bumiller@xxxxxxxxxxx Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c6a8c3283f1d53e360073bdb32f87a97e78e2880 Author: Wen Congyang <wency@xxxxxxxxxxxxxx> Date: Fri May 22 09:29:46 2015 +0800 util/hbitmap: Add an API to reset all set bits in hbitmap The function bdrv_clear_dirty_bitmap() is updated to use faster hbitmap_reset_all() call. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Signed-off-by: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 555E868A.60506@xxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6e40b3bfc7e82823cf4df5f0bf668f56db41e53a Author: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 17 13:37:20 2015 +0300 virtio-blk: Use blk_drain() to drain IO requests Each call of the virtio_blk_reset() function calls blk_drain_all(), which works for all existing BlockDriverStates, while draining only one is needed. This patch replaces blk_drain_all() by blk_drain() in virtio_blk_reset(). virtio_blk_data_plane_stop() should be called after draining because it restores vblk->complete_request. Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Message-id: 1434537440-28236-3-git-send-email-yarygin@xxxxxxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 97b0385a346829cf03efe131a26a4b6a4cd0a21f Author: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 17 13:37:19 2015 +0300 block-backend: Introduce blk_drain() This patch introduces the blk_drain() function which allows to replace blk_drain_all() when only one BlockDriverState needs to be drained. Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1434537440-28236-2-git-send-email-yarygin@xxxxxxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 2f388b93a147258f9dbc83ebe63365edac4aa7a2 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 15 18:41:15 2015 +0300 throttle: Check current timers before updating any_timer_armed[] Calling throttle_group_config() cancels all timers from a particular BlockDriverState, so any_timer_armed[] should be updated accordingly. However, with the current code it may happen that a timer is armed in a different BlockDriverState from the same group, so any_timer_armed[] would be set to false in a situation where there is still a timer armed. The consequence is that we might end up with two timers armed. This should not have any noticeable impact however, since all accesses to the ThrottleGroup are protected by a lock, and the situation would become normal again shortly thereafter as soon as all timers have been fired. The correct way to solve this is to check that we're actually cancelling a timer before updating any_timer_armed[]. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1434382875-3998-1-git-send-email-berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit f406c03c093f1451ac0ba7fde31eeb78e5e5e417 Author: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 10 14:38:17 2015 +0300 block: Let bdrv_drain_all() to call aio_poll() for each AioContext After the commit 9b536adc ("block: acquire AioContext in bdrv_drain_all()") the aio_poll() function got called for every BlockDriverState, in assumption that every device may have its own AioContext. If we have thousands of disks attached, there are a lot of BlockDriverStates but only a few AioContexts, leading to tons of unnecessary aio_poll() calls. This patch changes the bdrv_drain_all() function allowing it find shared AioContexts and to call aio_poll() only for unique ones. Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Tested-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Message-id: 1433936297-7098-4-git-send-email-yarygin@xxxxxxxxxxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6966b2a07190004e18ede33ce50a65009b36f3a6 Merge: a320697 a5d4d7b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 23 13:32:50 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20150623-1' into staging virtio-input: property fixes, add evdev passthrough # gpg: Signature made Tue Jun 23 09:33:29 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-input-20150623-1: Add MAINTAINERS entry for virtio-input virtio-input: evdev passthrough virtio-input: move properties, use virtio_instance_init_common Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a3206972a9eab65ec8e8f9ae320ad628ba4b58f1 Merge: 0c8ff72 a0b1a66 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 23 10:38:00 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-06-22' into staging Monitor patches # gpg: Signature made Mon Jun 22 18:56:18 2015 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-monitor-2015-06-22: (24 commits) Include monitor/monitor.h exactly where needed Include qapi/qmp/qerror.h exactly where needed qerror: Move #include out of qerror.h qerror: Finally unused, clean up qmp: Wean off qerror_report() tpm: Avoid qerror_report() outside QMP command handlers qerror: Clean up QERR_ macros to expand into a single string qerror: Eliminate QERR_DEVICE_NOT_FOUND vl: Use error_report() for --display errors vl: Avoid qerror_report() outside QMP command handlers QemuOpts: Wean off qerror_report_err() qdev-monitor: Propagate errors through qdev_device_add() qdev-monitor: Propagate errors through set_property() qdev-monitor: Convert qbus_find() to Error qdev-monitor: Fix check for full bus qdev-monitor: Stop error avalanche in qbus_find_recursive() disas: Remove uses of CPU env monitor: Split mon_get_cpu fn to remove ENV_GET_CPU monitor: Fix failure path for "S" argument monitor: Point to "help" command on syntax error ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a5d4d7b580f42c47d240a2068c810e4147147f6e Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jun 19 10:25:34 2015 +0200 Add MAINTAINERS entry for virtio-input Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 006a5edebe656114e0e0a6fb24b8aae6401c1cf4 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Mar 28 09:18:47 2014 +0100 virtio-input: evdev passthrough This allows to assign host input devices to the guest: qemu -device virtio-input-host-pci,evdev=/dev/input/event<nr> The guest gets exclusive access to the input device, so be careful with assigning the keyboard if you have only one connected to your machine. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 6f2b9a5b24c488d38ace01910c684749ff922e26 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 18 17:45:47 2015 +0200 virtio-input: move properties, use virtio_instance_init_common Move properties from virtio-*-pci to virtio-*-device. Also make better use of QOM and attach common properties to the abstract parent classes (virtio-input-device and virtio-input-pci-device). Switch the hid device instance init functions over to use virtio_instance_init_common, so we get the properties of the virtio device aliased properly to the virtio pci proxy. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 1fa795a853255fcc93e5d3e2a92d161a2ed96eb8 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue Jun 23 09:53:05 2015 +0800 qdev: fix OVERFLOW_BEFORE_WIDEN Potentially overflowing expression "1 << prop->bitnr" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned). Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 3750dabc69d76f0938cc726a64a70e4ae2fe21df Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue Jun 23 09:53:04 2015 +0800 virito-pci: fix OVERRUN problem Overrunning array "proxy->guest_features" of 2 4-byte elements at element index 2 (byte offset 8) using index "proxy->gfselect" (which evaluates to 2). Normally, the Linux kernel driver just read/write '0' or '1' as the "proxy->gfselect" values, so using '<' instead of '=<' to make coverity happy and avoid potential harm. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit a0b1a66ea39bca011108734147a72232a4d08c7a Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Mar 17 18:16:21 2015 +0100 Include monitor/monitor.h exactly where needed In particular, don't include it into headers. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit cc7a8ea740ec74a144e866a1d24aa6b490e31923 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Mar 17 17:22:46 2015 +0100 Include qapi/qmp/qerror.h exactly where needed In particular, don't include it into headers. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit d49b68364414d649b8e26232f2a600d415611662 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Mar 17 18:29:20 2015 +0100 qerror: Move #include out of qerror.h Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 4629ed1e98961bbe678db68ef5f4342ff174a6c3 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Mar 17 14:29:59 2015 +0100 qerror: Finally unused, clean up Remove it except for two things in qerror.h: * Two #include to be cleaned up separately to avoid cluttering this patch. * The QERR_ macros. Mark as obsolete. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 485febc6d1382a82e4e1640729fffbf0c1392a44 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 13 17:25:50 2015 +0100 qmp: Wean off qerror_report() The traditional QMP command handler interface int qmp_FOO(Monitor *mon, const QDict *params, QObject **ret_data); doesn't provide for returning an Error object. Instead, the handler is expected to stash it in the monitor with qerror_report(). When we rebased QMP on top of QAPI, we didn't change this interface. Instead, commit 776574d introduced "middle mode" as a temporary aid for converting existing QMP commands to QAPI one by one. More than three years later, we're still using it. Middle mode has two effects: * Instead of the native input marshallers static void qmp_marshal_input_FOO(QDict *, QObject **, Error **) it generates input marshallers conforming to the traditional QMP command handler interface. * It suppresses generation of code to register them with qmp_register_command() This permits giving them internal linkage. As long as we need qmp-commands.hx, we can't use the registry behind qmp_register_command(), so the latter has to stay for now. The former has to go to get rid of qerror_report(). Changing all QMP commands to fit the QAPI mold in one go was impractical back when we started, but by now there are just a few stragglers left: do_qmp_capabilities(), qmp_qom_set(), qmp_qom_get(), qmp_object_add(), qmp_netdev_add(), do_device_add(). Switch middle mode to generate native input marshallers, and adapt the stragglers. Simplifies both the monitor code and the stragglers. Rename do_qmp_capabilities() to qmp_capabilities(), and do_device_add() to qmp_device_add, because that's how QMP command handlers are named today. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 8b53a19675d2329695179e47aa3797692fb0d9ba Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Mar 17 12:09:02 2015 +0100 tpm: Avoid qerror_report() outside QMP command handlers qerror_report() is a transitional interface to help with converting existing monitor commands to QMP. It should not be used elsewhere. Replace by error_report(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit c6bd8c706a799eb0fece99f468aaa22b818036f3 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Mar 17 11:54:50 2015 +0100 qerror: Clean up QERR_ macros to expand into a single string These macros expand into error class enumeration constant, comma, string. Unclean. Has been that way since commit 13f59ae. The error class is always ERROR_CLASS_GENERIC_ERROR since the previous commit. Clean up as follows: * Prepend every use of a QERR_ macro by ERROR_CLASS_GENERIC_ERROR, and delete it from the QERR_ macro. No change after preprocessing. * Rewrite error_set(ERROR_CLASS_GENERIC_ERROR, ...) into error_setg(...). Again, no change after preprocessing. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 75158ebbe259f0bd8bf435e8f4827a43ec89c877 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Mar 16 08:57:47 2015 +0100 qerror: Eliminate QERR_DEVICE_NOT_FOUND Error classes other than ERROR_CLASS_GENERIC_ERROR should not be used in new code. Hiding them in QERR_ macros makes new uses hard to spot. Fortunately, there's just one such macro left. Eliminate it with this coccinelle semantic patch: @@ expression EP, E; @@ -error_set(EP, QERR_DEVICE_NOT_FOUND, E) +error_set(EP, ERROR_CLASS_DEVICE_NOT_FOUND, "Device '%s' not found", E) Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit c6bf0f7ffa90c720377eb6bddd27037041acbc5b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Feb 13 18:23:45 2015 +0100 vl: Use error_report() for --display errors Results in nicer error messages. Before this patch: Invalid GTK option string: gtk,lirum-larum After: qemu-system-x86_64: -display gtk,lirum-larum: Invalid GTK option string Of course, the thing ought to use QemuOpts instead of parsing by hand. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 1459407e88632e6d66cd6b71326eaf78e0a80772 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Feb 27 09:47:12 2015 +0100 vl: Avoid qerror_report() outside QMP command handlers qerror_report() is a transitional interface to help with converting existing monitor commands to QMP. It should not be used elsewhere. Replace by error_report() in initial startup helpers parse_sandbox() and parse_add_fd(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 70b9433109ed99217b812f19800de550e2e0ecd5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Feb 13 12:50:26 2015 +0100 QemuOpts: Wean off qerror_report_err() qerror_report_err() is a transitional interface to help with converting existing monitor commands to QMP. It should not be used elsewhere. The only remaining user in qemu-option.c is qemu_opts_parse(). Is it used in QMP context? If not, we can simply replace qerror_report_err() by error_report_err(). The uses in qemu-img.c, qemu-io.c, qemu-nbd.c and under tests/ are clearly not in QMP context. The uses in vl.c aren't either, because the only QMP command handlers there are qmp_query_status() and qmp_query_machines(), and they don't call it. Remaining uses: * drive_def(): Command line -drive and such, HMP drive_add and pci_add * hmp_chardev_add(): HMP chardev-add * monitor_parse_command(): HMP core * tmp_config_parse(): Command line -tpmdev * net_host_device_add(): HMP host_net_add * net_client_parse(): Command line -net and -netdev * qemu_global_option(): Command line -global * vnc_parse_func(): Command line -display, -vnc, default display, HMP change, QMP change. Bummer. * qemu_pci_hot_add_nic(): HMP pci_add * usb_net_init(): Command line -usbdevice, HMP usb_add Propagate errors through qemu_opts_parse(). Create a convenience function qemu_opts_parse_noisily() that passes errors to error_report_err(). Switch all non-QMP users outside tests to it. That leaves vnc_parse_func(). Propagate errors through it. Since I'm touching it anyway, rename it to vnc_parse(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit f006cf7fa9a63ba8e4ccf57d46231ce594301727 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 12 14:00:41 2015 +0100 qdev-monitor: Propagate errors through qdev_device_add() Also polish an error message while I'm touching the line anyway, Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> commit 4caa489d1337c1a72d2e36185e4586ad246b98e1 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 12 13:58:02 2015 +0100 qdev-monitor: Propagate errors through set_property() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> commit d282842999b914c38c8be4659012aa619c22af8b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Mar 11 19:16:04 2015 +0100 qdev-monitor: Convert qbus_find() to Error As usual, the conversion breaks printing explanatory messages after the error: actual printing of the error gets delayed, so the explanations precede rather than follow it. Pity. Disable them for now. See also commit 7216ae3. While there, eliminate QERR_BUS_NOT_FOUND, and clean up unusual spelling in the error message. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit ed238ba2a0239368dd0cec9bfaf3300a5bd303ce Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Mar 11 18:39:16 2015 +0100 qdev-monitor: Fix check for full bus Property bus has always been too screwed up to be really usable for values other than plain bus IDs. This just fixes a bug that crept in in commit 1395af6 "qdev: add a maximum device allowed field for the bus." It doesn't always fail when it should: $ qemu-system-x86_64 -nodefaults -device virtio-serial-pci -device virtio-rng-device,bus=pci.0/virtio-serial-pci/virtio-bus Happily plugs the virtio-rng-device into the virtio-bus provided by virtio-serial-pci, even though its only slot is already occupied by a virtio-serial-device. And sometimes fails when it shouldn't: $ qemu-system-x86_64 -nodefaults -device virtio-serial-pci -device virtserialport,bus=virtio-bus/virtio-serial-device Yes, the virtio-bus is full, but the virtio-serial-bus provided by virtio-serial-device isn't, and that's the one we're trying to use. Root cause: we check "bus full" when we resolve the first element of the path. That's the correct one only when it's also the last one. Fix by moving the "bus full" check to right before we return a bus. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit a5ec494e274ddcad6d487e3872e16964ef57e0de Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Mar 11 17:26:31 2015 +0100 qdev-monitor: Stop error avalanche in qbus_find_recursive() Reproducer: $ qemu-system-x86_64 -nodefaults -device virtio-rng-pci -device virtio-rng-pci -device virtio-rng-device,bus=virtio-bus qemu-system-x86_64: -device virtio-rng-device,bus=virtio-bus: Bus 'virtio-bus' is full qemu-system-x86_64: -device virtio-rng-device,bus=virtio-bus: Bus 'virtio-bus' is full qemu-system-x86_64: -device virtio-rng-device,bus=virtio-bus: Bus 'virtio-bus' not found qbus_find_recursive() reports the "is full" error itself, and leaves reporting "not found" to its caller. The result is confusion. Write it a function contract that permits leaving all error reporting to the caller, and implement it. Update callers to detect and report "is full". Screwed up when commit 1395af6 added the max_dev limit and the "is full" error condition to enforce it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit d49190c4208f2c556c3a01962a81f8a85d522bb1 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 24 14:20:41 2015 -0700 disas: Remove uses of CPU env disas does not need to access the CPU env for any reason. Change the APIs to accept CPU pointers instead. Small change pattern needs to be applied to all target translate.c. This brings us closer to making disas.o a common-obj and less architecture specific in general. Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Cc: "Edgar E. Iglesias" <edgar.iglesias@xxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Cc: Michael Walle <michael@xxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Cc: Jia Liu <proljc@xxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Cc: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Cc: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Cc: Guan Xuetao <gxt@xxxxxxxxxxxxxxx> Cc: Max Filippov <jcmvbkbc@xxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 5bcda5f7349da01aded719b595f32ce2b9d396db Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 24 14:20:40 2015 -0700 monitor: Split mon_get_cpu fn to remove ENV_GET_CPU The monitor currently has one helper, mon_get_cpu() which will return an env pointer. The target specific users of this API want an env, but all the target agnostic users really just want the cpu pointer. These users then need to use the target-specifically defined ENV_GET_CPU to navigate back up to the CPU from the ENV. Split the API for the two uses cases to remove all need for ENV_GET_CPU. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit e549d2aaeba1cfac207c9a9675cc203e6372a22e Author: Bandan Das <bsd@xxxxxxxxxx> Date: Wed Jun 3 18:38:10 2015 -0400 monitor: Fix failure path for "S" argument Since the "S" argument type is only used with the "?" flag, the bug can't bite. Signed-off-by: Bandan Das <bsd@xxxxxxxxxx> Acked-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit dd41eea77129a4cd8ae5170b02e0fee175af314e Author: Bandan Das <bsd@xxxxxxxxxx> Date: Wed Jun 3 18:38:09 2015 -0400 monitor: Point to "help" command on syntax error When a command fails due to incorrect syntax or input, suggest using the "help" command to get more information about the command. This is only applicable for HMP. Signed-off-by: Bandan Das <bsd@xxxxxxxxxx> Acked-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ae50212ff717f3d295ebff352eb7d6cc08332b7e Author: Bandan Das <bsd@xxxxxxxxxx> Date: Wed Jun 3 18:38:08 2015 -0400 monitor: cleanup parsing of cmd name and cmd arguments There's too much going on in monitor_parse_command(). Split up the arguments parsing bits into a separate function monitor_parse_arguments(). Let the original function check for command validity and sub-commands if any and return data (*cmd) that the newly introduced function can process and return a QDict. Also, pass a pointer to the cmdline to track current parser location. Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Bandan Das <bsd@xxxxxxxxxx> Acked-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 19f2db5c84e563597bd8b3c3190aef591060dec2 Author: Bandan Das <bsd@xxxxxxxxxx> Date: Wed Jun 3 18:38:07 2015 -0400 monitor: remove debug prints The preferred solution is to use tracepoints and there is good chance of bitrot with the debug prints not being enabled at compile time. Remove them. Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Bandan Das <bsd@xxxxxxxxxx> Acked-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 34acbc95229f9f841bde83691a5af949c15e105b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Fri May 15 16:25:00 2015 -0600 qobject: Use 'bool' inside qdict Now that qbool is fixed, let's fix getting and setting a bool value to a qdict member to also use C99 bool rather than int. I audited all callers to ensure that the changed return type will not cause any changed semantics. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Acked-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit fc48ffc39ed1060856475e4320d5896f26c945e8 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Fri May 15 16:24:59 2015 -0600 qobject: Use 'bool' for qbool We require a C99 compiler, so let's use 'bool' instead of 'int' when dealing with boolean values. There are few enough clients to fix them all in one pass. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Acked-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 0c8ff723bd29e5c8b2ca989f857ae5c37ec49c4e Author: Greg Ungerer <gerg@xxxxxxxxxxx> Date: Fri Jun 19 23:43:26 2015 +1000 m68k: fix usp processing on interrupt entry and exception exit The action to potentially switch sp register is not occurring at the correct point in the interrupt entry or exception exit sequences. For the interrupt entry case the sp on entry is used to create the stack exception frame - but this may well be the user stack pointer, since we haven't done the switch yet. Re-order the flow to switch the sp regs then use the current sp to create the exception frame. For the return from exception case the code is unwinding the sp after switching sp registers. But it should always unwind the supervisor sp first, then carry out any required sp switch. Note that these problems don't effect operation unless the user sp bit is set in the CACR register. Only a single sp is used in the default power up state. Previously Linux only used this single sp mode. But modern versions of Linux use the user sp mode now, so we need correct behavior for Linux to work. Signed-off-by: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Reviewed-by: Laurent Vivier <laurent@xxxxxxxxx> Tested-by: Laurent Vivier <laurent@xxxxxxxxx> Message-id: 1434721406-25288-4-git-send-email-gerg@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2a8327e8a8288e301a2f01bc3ca2d465a3a4ca78 Author: Greg Ungerer <gerg@xxxxxxxxxxx> Date: Fri Jun 19 23:43:25 2015 +1000 m68k: implement move to/from usp register instruction Fill out the code support for the move to/from usp instructions. They are being decoded, but there is no code to support there actions. So add it. Current versions of Linux running on the ColdFire 5208 use these instructions. Signed-off-by: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Laurent Vivier <laurent@xxxxxxxxx> Tested-by: Laurent Vivier <laurent@xxxxxxxxx> Message-id: 1434721406-25288-3-git-send-email-gerg@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8c52f0cbba76310ad626e54996dbce08c7a8a820 Author: Greg Ungerer <gerg@xxxxxxxxxxx> Date: Fri Jun 19 23:43:24 2015 +1000 m68k: implement more ColdFire 5208 interrupt controller functionality Implement the SIMR and CIMR registers of the 5208 interrupt controller. These are used by modern versions of Linux running on ColdFire (not sure of the exact version they were introduced, but they have been in for quite a while now). Without this change when attempting to run a linux-3.5 kernel you will see: qemu: hardware error: mcf_intc_write: Bad write offset 28 and execution will stop and dump out. Signed-off-by: Greg Ungerer <gerg@xxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Tested-by: Laurent Vivier <laurent@xxxxxxxxx> Message-id: 1434721406-25288-2-git-send-email-gerg@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0a3346f5dea0a679322df804e1e78d7c10d12a9f Merge: cb4e0f9 daeba96 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 22 12:50:30 2015 +0100 Merge remote-tracking branch 'remotes/afaerber/tags/qom-devices-for-peter' into staging QOM infrastructure fixes and device conversions * Changes to name string ownership for alias properties * Improvements around enum properties * Cleanups around -object handling * New helper functions * Cleanups of qdev init helper functions * Add path argument to qom-tree script * QTest cleanup to use new qtest_add_data_func() consistently # gpg: Signature made Fri Jun 19 18:14:38 2015 BST using RSA key ID 3E7E013F # gpg: Good signature from "Andreas Färber <afaerber@xxxxxxx>" # gpg: aka "Andreas Färber <afaerber@xxxxxxxx>" * remotes/afaerber/tags/qom-devices-for-peter: qdev: Un-deprecate qdev_init_nofail() qdev: Deprecated qdev_init() is finally unused, drop qom: Don't pass string table to object_get_enum() function qom: Add an object_property_add_enum() helper function qom: Make enum string tables const-correct qom: Add object_new_with_props() / object_new_withpropv() helpers qom: Add helper function for getting user objects root vl: Create (most) objects before creating chardev backends doc: Document user creatable object types in help text backends: Fix typename of 'policy' enum property in hostmem obj scripts: Add support for path as argument of qom-tree tests: Use qtest_add_data_func() consistently qdev: Free property names after registering gpio aliases qom: strdup() target property name on object_property_add_alias() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cb4e0f9ddf7d45de7e4716cbab661ea568bd0b6c Merge: ad7020a e4a511f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 22 11:50:07 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * i8254 security fix * Avoid long 100% CPU wait after restarting guests that use the periodic timer * Fixes for access clamping (WinXP, MIPS) * wixl/.msi support for qemu-ga on Windows # gpg: Signature made Fri Jun 19 11:30:53 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: exec: clamp accesses against the MemoryRegionSection exec: do not clamp accesses to MMIO regions mc146818rtc: Reset the periodic timer on load qemu-timer: Call clock reset notifiers on forward jumps tests: virtio-scsi: Add test for unaligned WRITE SAME tests: virtio-scsi: Move start/stop to individual test functions libqos: Complete virtio device ID definition list libqos: Allow calling guest_free on NULL pointer tests: Link libqos virtio object to virtio-scsi-test i8254: fix out-of-bounds memory access in pit_ioport_read() qemu-ga: Building Windows MSI installation with configure/Makefile qemu-ga: Introduce Windows MSI script qemu-ga: debug printouts to help troubleshoot installation qemu-ga: adding vss-[un]install options qemu-log: Open file for logging when specified Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ad7020a7e7b27d468ecc2aacb04ba4eb09017074 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:52 2015 -0700 target-microblaze: Remove dead code This code is already being run in the mb_cpu_realizefn() function. As PVR registers are preserved on reset this code is not required. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 033af8e9aaba1994c4816cea5828aaddc383a907 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:48 2015 -0700 s3adsp1800: Remove the hardcoded values from the reset Remove the hardcoded values from the machine specific reset function, as the same values are already set in the standard MicroBlaze reset. This also allows the entire reset function to be deleted, as PVR registers are now preserved on reset. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit a87310a62d1885b8f6d6b5b30227cbd9792d2c3c Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:45 2015 -0700 ml605_mmu: Move the hardcoded values to the init function Move the hard coded register values to the init function. This also allows the entire reset function to be deleted, as PVR registers are now preserved on reset. The hardcoded PVR0 values can be removed as they are setting the endianness and stack protection, which is already done or invalid. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 6fad9e986b82c7c7ed7cfa0cc3ee38b3510a5432 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:42 2015 -0700 target-microblaze: Convert pvr-full to a CPU property Originally the pvr-full PVR bits were manually set for each machine. This is a hassle and difficult to read, instead set them based on the CPU properties. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 72e38754853443830152a3cfe586db1d9b15e8fe Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:38 2015 -0700 target-microblaze: Convert version_mask to a CPU property Originally the version_mask PVR bits were manually set for each machine. This is a hassle and difficult to read, instead set them based on the CPU properties. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit a88bbb006a523deabb90245a283d1914abd34e3e Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:35 2015 -0700 target-microblaze: Convert endi to a CPU property Originally the endi PVR bits were manually set for each machine. This is a hassle and difficult to read, instead set them based on the CPU properties. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit a6c3ed24748f06742413e174167b0faa7030c244 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:32 2015 -0700 target-microblaze: Convert dcache-writeback to a CPU property Originally the dcache-writeback PVR bits were manually set for each machine. This is a hassle and difficult to read, instead set them based on the CPU properties. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 714461237083c1eadcb9d686f8ce4088737c1d0a Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:29 2015 -0700 target-microblaze: Convert use-mmu to a CPU property Originally the use-mmu PVR bits were manually set for each machine. This is a hassle and difficult to read, instead set them based on the CPU properties. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit be67e9ab9740d5a80e5c37bfd35247a4e449bc5a Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Thu Jun 18 21:16:25 2015 -0700 target-microblaze: Rename the usefpu variable Rename the usefpu variable to use_fpu. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit f44c475cb6ded298486a589c4205ab70e485b48c Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Fri May 29 16:32:35 2015 +1000 target-microblaze: Disable stack protection by default Stack protection is not available when the MMU is enabled. As the MMU is enabled by default, disable stack protection by default. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 4e5d45ae5756123b3b7000c8b0b3d3a9ea4737da Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Fri May 29 16:31:58 2015 +1000 target-microblaze: Convert use-fpu to a CPU property Originally the use-fpu PVR bits were manually set for each machine. This is a hassle and difficult to read, instead set them based on the CPU properties. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit f27183abaaaf48e9d1f8469c7e99a987444f4410 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Fri May 29 16:31:20 2015 +1000 target-microblaze: Tidy up the base-vectors property Rename the "xlnx.base-vectors" string to "base-vectors" and move the base_vectors variable into the cfg struct. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 9aaaa181949e4a23ca298fb7006e2d8bac842e92 Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Fri May 29 16:30:43 2015 +1000 target-microblaze: Allow the stack protection to be disabled Microblaze stack protection is configurable and isn't always enabled. This patch allows the stack protection to be disabled from the CPU properties. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 8bac22423e4c3b70082dd6c1b492ccf21f3b5a0c Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Fri May 29 16:30:05 2015 +1000 target-microblaze: Preserve the pvr registers during reset Move the Microblaze PVR registers to the end of the CPUMBState and preserve them during reset. This is similar to what the QEMU ARM model does with some of it's registers. This allows the Microblaze PVR registers to only be set once at realise instead of constantly at reset. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 53432dc9ea37d3be4c8efc3023c2382e9da5334a Author: Alistair Francis <alistair.francis@xxxxxxxxxx> Date: Fri May 29 16:29:28 2015 +1000 target-microblaze: Fix up indentation Fix up the incorrect indentation level in the helper_stackprot() function. Signed-off-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit d87636b18f8de901e76bedd9c7f55d3eaed924ee Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 24 20:31:40 2015 -0700 microblaze: s3adsp: Instantiate CPU using QOM Instantiate and realise the CPU directly, rather than using cpu_mb_init. Microblazes cpu_model argument is a dummy so remove the default cpu_model set logic. Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit daeba9699d41ad79e2f3d34acea9c85c5d67a2ac Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 19 16:17:23 2015 +0200 qdev: Un-deprecate qdev_init_nofail() It's a perfectly sensible helper function. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 0210afe6690be045cb849b2f16bffabda575a9bf Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 19 16:17:22 2015 +0200 qdev: Deprecated qdev_init() is finally unused, drop qdev_init() is a wrapper around setting property "realized" to true, plus error handling that passes errors to qerror_report_err(). qerror_report_err() is a transitional interface to help with converting existing monitor commands to QMP. It should not be used elsewhere. All code has been modernized to avoid qdev_init() and its inappropriate error handling. We can finally drop it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit a3590dacce94519c1747d8bf423744c6bb7d9941 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 27 16:07:56 2015 +0100 qom: Don't pass string table to object_get_enum() function Now that properties can be explicitly registered as an enum type, there is no need to pass the string table to the object_get_enum() function. The object property registration already has a pointer to the string table. In changing this method signature, the hostmem backend object has to be converted to use the new enum property registration code, which simplifies it somewhat. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit a8e3fbedc827f992657f5670212e854f62ec12ad Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 13 17:14:08 2015 +0100 qom: Add an object_property_add_enum() helper function A QOM property can be parsed as enum using the visit_type_enum() helper function, but this forces callers to use the more complex generic object_property_add() method when registering it. It also requires that users of that object have access to the string map when they want to read the property value. This patch introduces a specialized object_property_add_enum() method which simplifies the use of enum properties, so the setters/getters directly get passed the int value. typedef enum { MYDEV_TYPE_FROG, MYDEV_TYPE_ALLIGATOR, MYDEV_TYPE_PLATYPUS, MYDEV_TYPE_LAST } MyDevType; Then provide a table of enum <-> string mappings static const char *const mydevtypemap[MYDEV_TYPE_LAST + 1] = { [MYDEV_TYPE_FROG] = "frog", [MYDEV_TYPE_ALLIGATOR] = "alligator", [MYDEV_TYPE_PLATYPUS] = "platypus", [MYDEV_TYPE_LAST] = NULL, }; Assuming an object struct of typedef struct { Object parent_obj; MyDevType devtype; ...other fields... } MyDev; The property can then be registered as follows: static int mydev_prop_get_devtype(Object *obj, Error **errp G_GNUC_UNUSED) { MyDev *dev = MYDEV(obj); return dev->devtype; } static void mydev_prop_set_devtype(Object *obj, int value, Error **errp G_GNUC_UNUSED) { MyDev *dev = MYDEV(obj); dev->devtype = value; } object_property_add_enum(obj, "devtype", mydevtypemap, "MyDevType", mydev_prop_get_devtype, mydev_prop_set_devtype, NULL); Note there is no need to check the range of 'value' in the setter, because the string->enum conversion code will have already done that and reported an error as required. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 2e4450ff432daef524cb3557fca68a3b7b5c7823 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 13 17:14:07 2015 +0100 qom: Make enum string tables const-correct The enum string table parameters in various QOM/QAPI methods are declared 'const char *strings[]'. This results in const warnings if passed a variable that was declared as static const char * const strings[] = { .... }; Add the extra const annotation to the parameters, since neither the string elements, nor the array itself should ever be modified. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit a31bdae5a76ecc060c1eb8a66be1896072c1e8b2 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 13 17:14:06 2015 +0100 qom: Add object_new_with_props() / object_new_withpropv() helpers It is reasonably common to want to create an object, set a number of properties, register it in the hierarchy and then mark it as complete (if a user creatable type). This requires quite a lot of error prone, verbose, boilerplate code to achieve. First a pair of functions object_set_props() / object_set_propv() are added which allow for a list of objects to be set in one single API call. Then object_new_with_props() / object_new_with_propv() constructors are added which simplify the sequence of calls to create an object, populate properties, register in the object composition tree and mark the object complete, into a single method call. Usage would be: Error *err = NULL; Object *obj; obj = object_new_with_propv(TYPE_MEMORY_BACKEND_FILE, object_get_objects_root(), "hostmem0", &err, "share", "yes", "mem-path", "/dev/shm/somefile", "prealloc", "yes", "size", "1048576", NULL); Note all property values are passed in string form and will be parsed into their required data types, using normal QOM semantics for parsing from string format. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit bc2256c4ae86308a1521c89456b599d441119418 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 13 17:14:05 2015 +0100 qom: Add helper function for getting user objects root Add object_get_objects_root() function which is a convenience for obtaining the Object * located at /objects in the object composition tree. Convert existing code over to use the new API where appropriate. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit f08f9271bfe3f19a5eb3d7a2f48532065304d5c8 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 13 17:14:04 2015 +0100 vl: Create (most) objects before creating chardev backends Some types of object must be created before chardevs, other types of object must be created after chardevs. As such there is no option but to create objects in two phases. This takes the decision to create as many object types as possible right away before anyother backends are created, and only delay creation of those few which have an explicit dependency on the chardevs. Hopefully the set which need delaying will remain small over time. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit b9174d4f250cacb43b7cd9e07cf9f86818d62afd Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 13 17:14:03 2015 +0100 doc: Document user creatable object types in help text The QEMU help for -object is essentially useless, just giving users the generic syntax. Move it down into its own section and introduce a nested table where each user creatable object can be documented. The existing memory-backend-file, rng-random and rng-egd object types are documented. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit b1028b4e8683740cd257a9b77577734664e61511 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Wed May 13 17:14:02 2015 +0100 backends: Fix typename of 'policy' enum property in hostmem obj The 'policy' property was being registered with a typename of 'str', but it is in fact an enum of the 'HostMemPolicy' type. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 799810fb2810ec4cb82f12ec9b023e1bfe434d71 Merge: ffdb140 a59d31a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 19 17:05:15 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150619' into staging target-arm queue: * support --semihosting-config,arg=value * Cortex-R5 support (including implementing them on the Zynq board) * Cortex-M4 support (without FPU) * enable vfio-calxeda-xgmac * don't reset ALIAS sysregs # gpg: Signature made Fri Jun 19 14:41:54 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150619: semihosting: add --semihosting-config arg sub-argument semihosting: create SemihostingConfig structure and semihost.h arm: xlnx-zynqmp: Add 2xCortexR5 CPUs arm: xlnx-zynqmp: Add boot-cpu property arm: xlnx-zynqmp: Preface CPU variables with "apu" target-arm: Add support for Cortex-R5 target-arm: Implement PMSAv7 MPU target-arm: Add registers for PMSAv7 target-arm/helper.c: define MPUIR register target-arm: Do not reset sysregs marked as ALIAS hw/arm/sysbus-fdt: enable vfio-calxeda-xgmac dynamic instantiation target-arm: Add the Cortex-M4 CPU Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a59d31a1ebdce796a469242800db89bf09c94580 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Fri Jun 19 14:17:45 2015 +0100 semihosting: add --semihosting-config arg sub-argument Add new "arg" sub-argument to the --semihosting-config allowing the user to pass multiple input arguments separately. It is required for example by UHI semihosting to construct argc and argv. Also, update ARM semihosting to support new option (at the moment it is the only target which cares about arguments). If the semihosting is enabled and no semihosting args have been specified, then fall back to -kernel/-append. The -append string is split on whitespace before initializing semihosting.argv[1..n]; this is different from what QEMU MIPS machines' pseudo-bootloaders do (i.e. argv[1] contains the whole -append), but is more intuitive from UHI user's point of view and Linux kernel just does not care as it concatenates argv[1..n] into single cmdline string anyway. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Message-id: 1434643256-16858-3-git-send-email-leon.alrae@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cfe67cef48696e8b901aff38a82056ae64d69c98 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Fri Jun 19 14:17:45 2015 +0100 semihosting: create SemihostingConfig structure and semihost.h Remove semihosting_enabled and semihosting_target and replace them with SemihostingConfig structure containing equivalent fields. The structure is defined in vl.c where it is actually set. Also introduce separate header file include/exec/semihost.h allowing to access semihosting config related stuff from target specific semihosting code. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1434643256-16858-2-git-send-email-leon.alrae@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b58850e79d8df1185bd4999df81fbe6954cd2790 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Fri Jun 19 14:17:45 2015 +0100 arm: xlnx-zynqmp: Add 2xCortexR5 CPUs Add the 2xCortexR5 CPUs to zynqmp board. They are powered off on reset (this is true of real hardware) by default or selectable as the boot processor. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: da34128c73ca13fc4f8c3293e1a33d1e1e345655.1434501320.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6396a193d36e10ff38f26d4ef785aba97362f29e Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Fri Jun 19 14:17:45 2015 +0100 arm: xlnx-zynqmp: Add boot-cpu property Add a string property that specifies the primary boot cpu. All CPUs except the one selected will start-powered-off. This allows for elf boots on any CPU, which prepares support for booting R5 elfs directly on the R5 processors. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 53331c00d80c7ce9c6a83712348773f1b38fae2b.1434501320.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2e5577bc5563ccf453249e884be9a223deabab5b Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Fri Jun 19 14:17:45 2015 +0100 arm: xlnx-zynqmp: Preface CPU variables with "apu" The CPUs currently supported by zynqmp are the APU (application processing unit) CPUs. There are other CPUs in Zynqmp so unqualified "cpus" in ambiguous. Preface the variables with "APU" accordingly, to prepare support adding the RPU (realtime processing unit) processors. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: ce32287fc365aea898465e981da3546a227e0811.1434501320.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d6a6b13ea1dfeb25c43a648e94cfe4395906f1da Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Fri Jun 19 14:17:45 2015 +0100 target-arm: Add support for Cortex-R5 Introduce a CPU model for the Cortex R5 processor. ARMv7 with MPU, and both thumb and ARM div instructions. Also implement dummy ATCM and BTCM. These CPs are defined for R5 but don't have a lot of meaning in QEMU yet. Raz them so the guest can proceed if they are read. The TCM registers will return a size of 0, indicating no TCM. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: efe213163e6800578494aba864ac30329de4d396.1434501320.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f6bda88ff839e2adefe4959b7def420b90703855 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Fri Jun 19 14:17:45 2015 +0100 target-arm: Implement PMSAv7 MPU Unified MPU only. Uses ARM architecture major revision to switch between PMSAv5 and v7 when ARM_FEATURE_MPU is set. PMSA v6 remains unsupported and is asserted against. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: dcb03cda6dd754c5cc6a962fa11f25089811e954.1434501320.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6cb0b013a1fa421cdfb83257cd33f855cc90649a Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Fri Jun 19 14:17:44 2015 +0100 target-arm: Add registers for PMSAv7 Define the arm CP registers for PMSAv7 and their accessor functions. RGNR serves as a shared index that indexes into arrays storing the DRBAR, DRSR and DRACR registers. DRBAR and friends have to be VMSDd separately from the CP interface using a new PMSA specific VMSD subsection. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 172cf135fbd8f5cea413c00e71cc1c3cac704744.1434501320.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3281af8114c6b8ead02f08b58e3c36895c1ea047 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Fri Jun 19 14:17:44 2015 +0100 target-arm/helper.c: define MPUIR register Define the MPUIR register for MPU supporting ARMv6 and onwards. Currently we only support unified MPU. The size of the unified MPU is defined via the number of "dregions". So just a single config is added to specify this size. (When split MPU is implemented we will add an extra iregions config). Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 9f248950b803a08c8b3c978931663182f7e882e7.1434501320.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b061a82b8afcc45ce09d770d9c0acdf429401054 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Fri Jun 19 14:17:44 2015 +0100 target-arm: Do not reset sysregs marked as ALIAS cp_reg_reset() is called from g_hash_table_foreach() which does not define a specific ordering of the hash table iteration. Thus doing reset for registers marked as ALIAS would give an ambiguous result when resetvalue is different for original and alias registers. Exit cp_reg_reset() early when passed an alias register. Then clean up alias register definitions from needless resetvalue and resetfn. In particular, this fixes a bug in the handling of the PMCR register, which had different resetvalues for its 32 and 64-bit views. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1434554713-10220-1-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit decf4f807b4498ca35a87e9de82bc9a4e64cc29a Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Fri Jun 19 14:17:44 2015 +0100 hw/arm/sysbus-fdt: enable vfio-calxeda-xgmac dynamic instantiation This patch allows the instantiation of the vfio-calxeda-xgmac device from the QEMU command line (-device vfio-calxeda-xgmac,host="<device>"). A specialized device tree node is created for the guest, containing compat, dma-coherent, reg and interrupts properties. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Acked-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1434455898-17895-1-git-send-email-eric.auger@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ba890a9b2509a0087bb7eafddae02ea5ecbb7bb4 Author: Aurelio C. Remonda <aurelioremonda@xxxxxxxxx> Date: Fri Jun 19 14:17:44 2015 +0100 target-arm: Add the Cortex-M4 CPU This patch adds the Cortex-M4 CPU. The M4 is basically the same as the M3, the main differences being the DSP instructions and an optional FPU. Only no-FPU cortex-M4 is implemented here, cortex-M4F is not because the core target-arm code doesn't support the M-profile FPU model yet. Signed-off-by: Aurelio C. Remonda <aurelioremonda@xxxxxxxxx> Message-id: 1434461850-4104-1-git-send-email-aurelioremonda@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ffdb1409a79c9cc91afd9f58df625fdca16bf8b9 Merge: 89e9429 693a3e0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 19 12:54:08 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20150619-1' into staging cocoa queue: * Add Machine menu, with entries for pause, resume, reset, power down, and media change and eject for removable drives # gpg: Signature made Fri Jun 19 11:24:11 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-cocoa-20150619-1: ui/cocoa.m: Add machine menu items to change and eject removable drive media ui/cocoa.m: Add Reset and Power Down menu items to Machine menu ui/cocoa.m: Add Machine menu with pause and resume menu items Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 89e9429c3cb42400f3a80890e0c20b18aa62a11d Merge: 473a494 1e7398a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 19 11:30:57 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio, pci fixes, enhancements Most notably this includes virtio cross-endian patches. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Fri Jun 19 11:18:05 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: vhost: enable vhost without without MSI-X pci: Don't register a specialized 'config_write' if default behavior is intended hw/core: rebase sysbus_get_fw_dev_path() to g_strdup_printf() vhost_net: re-enable when cross endian vhost-net: tell tap backend about the vnet endianness tap: fix non-linux build tap: add VNET_LE/VNET_BE operations vhost: set vring endianness for legacy virtio virtio: introduce virtio_legacy_is_cross_endian() linux-headers: sync vhost.h vhost-user: part of virtio Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e4a511f8cc6f4a46d409fb5c9f72c38ba45f8d83 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jun 17 10:36:54 2015 +0200 exec: clamp accesses against the MemoryRegionSection Because the clamping was done against the MemoryRegion, address_space_rw was effectively broken if a write spanned multiple sections that are not linear in underlying memory (with the memory not being under an IOMMU). This is visible with the MIPS rc4030 IOMMU, which is implemented as a series of alias memory regions that point to the actual RAM. Tested-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Tested-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 965eb2fcdfe919ecced6c34803535ad32dc1249c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jun 17 10:40:27 2015 +0200 exec: do not clamp accesses to MMIO regions It is common for MMIO registers to overlap, for example a 4 byte register at 0xcf8 (totally random choice... :)) and a 1 byte register at 0xcf9. If these registers are implemented via separate MemoryRegions, it is wrong to clamp the accesses as the value written would be truncated. Hence for these regions the effects of commit 23820db (exec: Respect as_translate_internal length clamp, 2015-03-16, previously applied as commit c3c1bb99) must be skipped. Tested-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Tested-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ae46e23964ad45d5bc72374040e87d8f52ac2178 Author: Paul Donohue <qemu-devel@xxxxxxxxxx> Date: Fri Jun 12 10:10:14 2015 -0400 mc146818rtc: Reset the periodic timer on load When loading a VM from a snapshot or migration, clock changes can cause the periodic timer to stall or loop rapidly. qemu-timer has a reset notifier mechanism that is used to avoid timer stalls or loops if the host clock changes while the VM is running when using QEMU_CLOCK_HOST. However, when loading a snapshot or migration, qemu-timer is initialized and fires the reset notifier before mc146818rtc is initialized and has registered its reset handler. In addition, this mechanism isn't used when using QEMU_CLOCK_REALTIME, which might also change when loading a snapshot or migration. To correct that problem, this commit resets the periodic timer after loading from a snapshot or migration if the clock has either jumped backward or has jumped forward by more than the clock jump limit that is used by the reset notifier code in qemu-timer. Signed-off-by: Paul Donohue <qemu-git@xxxxxxxxxx> Message-Id: <20150612141013.GE2749@xxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fb1a3a051d89975f26296163066bb0745ecca49d Author: Paul Donohue <qemu-devel@xxxxxxxxxx> Date: Fri Jun 12 10:08:45 2015 -0400 qemu-timer: Call clock reset notifiers on forward jumps Commit 691a0c9c introduced a mechanism by which QEMU_CLOCK_HOST can notify other parts of the emulator when the host clock has jumped backward. This is used to avoid stalling timers that were scheduled based on the host clock. However, if the host clock jumps forward, then timers that were scheduled based on the host clock may fire rapidly and cause other problems. For example, the mc146818rtc periodic timer will block execution of the VM and consume host CPU while firing every interrupt for the time period that was skipped by the host clock. To correct that problem, this commit fires the reset notification if the host clock jumps forward by more than a hard-coded limit. The limit is currently set to a value of 60 seconds, which should be small enough to prevent excessive timer loops, but large enough to avoid frequent resets in idle VMs. Signed-off-by: Paul Donohue <qemu-git@xxxxxxxxxx> Message-Id: <20150612140845.GD2749@xxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 397c767b2de5b918a7b890d02aae83d6dcb2a470 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 24 19:35:20 2015 +0800 tests: virtio-scsi: Add test for unaligned WRITE SAME This is an exercise for virtio-scsi tests using the libqos virtio library. A few common routines are added to facilitate future extensions of the test set. The added test case is a regression test for the bug in d7f4b1999e. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 693a3e01af8082f855094061650311fcaf3e1269 Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Fri Jun 19 10:53:27 2015 +0100 ui/cocoa.m: Add machine menu items to change and eject removable drive media Adds all removable devices to the Machine menu as a Change and Eject menu item pair. ide-cd0 would have a "Change ide-cd0..." and "Eject ide-cd0" menu items. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 270746142c3c96549ecd82c6097a6d85a35f27cf Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Fri Jun 19 10:53:27 2015 +0100 ui/cocoa.m: Add Reset and Power Down menu items to Machine menu Add "Reset" and "Power Down" menu items to Machine menu. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1e7398a140f7a6bd9f5a438e7ad0f1ef50990e25 Author: Pankaj Gupta <pagupta@xxxxxxxxxx> Date: Tue Jun 16 13:48:59 2015 +0530 vhost: enable vhost without without MSI-X We use vhostforce to enable vhost even if Guests don't have MSI-X support and we fall back to QEMU virtio-net. This gives a very small performance gain, but the disadvantage is that guest now controls which virtio code is running (qemu or vhost) so our attack surface is doubled. This patch will enable vhost unconditionally whenever it's requested. For compatibility, enable vhost when vhostforce is set, as well. Signed-off-by: Pankaj Gupta <pagupta@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> commit 74de5504fd063019433ec0746105da774ede790d Author: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Date: Tue Jun 16 11:24:39 2015 +0300 pci: Don't register a specialized 'config_write' if default behavior is intended Few devices have their specialized 'config_write' methods which simply call 'pci_default_write_config' followed by a 'msix_write_config' or 'msi_write_config' calls, using exact same arguments. This is unnecessary as 'pci_default_write_config' already invokes 'msi_write_config' and 'msix_write_config'. Also, since 'pci_default_write_config' is the default 'config_write' handler, we can simply avoid the registration of these specialized versions. Cc: Leonid Shatz <leonid.shatz@xxxxxxxxxxxxxxxxxx> Signed-off-by: Shmulik Ladkani <shmulik.ladkani@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 5ba03e2dd785362026917e4cc8a1fd2c64e8e62c Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Wed Jun 17 14:45:03 2015 +0200 hw/core: rebase sysbus_get_fw_dev_path() to g_strdup_printf() This is done mainly for improving readability, and in preparation for the next patch, but Markus pointed out another bonus for the string being returned: "No arbitrary length limit. Before the patch, it's 39 characters, and the code breaks catastrophically when qdev_fw_name() is longer: the second snprintf() is called with its first argument pointing beyond path[], and its second argument underflowing to a huge size." Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Tested-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1717388645670336c48aa05d19b0acd07687a821 Author: Cédric Le Goater <clg@xxxxxxxxxx> Date: Wed Jun 17 15:23:54 2015 +0200 vhost_net: re-enable when cross endian Cross-endianness is now checked by the core vhost code. revert 371df9f5e0f1 "vhost-net: disable when cross-endian" Signed-off-by: Cédric Le Goater <clg@xxxxxxxxxx> [ added commit message, Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> ] Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 5be7d9f1b1452613b95c6ba70b8d7ad3d0797991 Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 17 15:23:49 2015 +0200 vhost-net: tell tap backend about the vnet endianness The default behaviour for TAP/MACVTAP is to consider vnet as native endian. This patch handles the cases when this is not true: - virtio 1.0: always little-endian - legacy cross-endian Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4ee9b43be9a6e4ae161a1e6322bfef90818589f6 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jun 18 16:52:23 2015 +0200 tap: fix non-linux build tap_fd_set_vnet_le/tap_fd_set_vnet_be was missing, fix it up. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> commit 8524f1c79e614552c0165db9cc75a8a6bd8607a5 Author: John Arbuckle <programmingkidx@xxxxxxxxx> Date: Fri Jun 19 10:53:27 2015 +0100 ui/cocoa.m: Add Machine menu with pause and resume menu items Add Machine menu to the Macintosh interface with pause and resume menu items. These items can either pause or resume execution of the guest operating system. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Message-id: 6D7AE6AA-0595-4FAD-AACF-9DFAB87248F0@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 473a49460db0a90bfda046b8f3662b49f94098eb Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Jun 18 13:49:28 2015 -0300 q35: Re-enable FDC on pc-q35-2.3 and older commit ea96bc629cbd52be98b2967a4b4f72e91dfc3ee4 doesn't match the patch submitted by Laszlo to qemu-devel. We reuse pc_q35_2_4_machine_options() inside pc_q35_2_3_machine_options(), so we need to undo the no_floppy change in pc_q35_2_3_machine_options(). (This discrepancy was due to a bad merge.) This restores the previous behavior where all the 2.3 and older machines had no_floppy=0. Reported-by: Ján Tomko <jtomko@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Message-id: 1434646168-3100-1-git-send-email-ehabkost@xxxxxxxxxx Cc: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> [PMM: mention that this was a merge issue, not a review issue] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ff5397bc72a1716bb34302dd470343ebee7d6bf2 Author: Martin Cerveny <M.Cerveny@xxxxxxxxxxxx> Date: Wed May 13 14:14:54 2015 +0200 scripts: Add support for path as argument of qom-tree Add processing of optional argument path as "tree base". Signed-off-by: Martin Cerveny <M.Cerveny@xxxxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 53f77e4562f85ccf82c8831a4448e9aefb538837 Author: Andreas Färber <afaerber@xxxxxxx> Date: Wed Mar 25 18:40:15 2015 +0100 tests: Use qtest_add_data_func() consistently Replace uses of g_test_add_data_func() for QTest test cases. It is still valid to use it for any non-QTest test cases, which are not run for multiple target binaries. Suggested-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 6bc5cf92c0ab0085ba9a6e0cebcf5a544f416ca7 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Apr 9 16:57:30 2015 -0300 qdev: Free property names after registering gpio aliases Now that object_property_add_alias() strdup()s target_name, we can free the property names in qdev_pass_gpios(). Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 1590d266d96b3f9b42443d6388dfc38f527ac2d8 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Apr 9 16:57:29 2015 -0300 qom: strdup() target property name on object_property_add_alias() With this, object_property_add_alias() callers can safely free the target property name, like what already happens with the 'name' argument to all object_property_add*() functions. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> commit 8ffe756da0481233e1bd518b2b16489f51856292 Merge: 1b58f5a e1d4210 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 18 13:32:39 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-06-18' into staging QAPI patches # gpg: Signature made Thu Jun 18 13:20:00 2015 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-06-18: qapi-types: Bury code dead since commit 6b5abc7 qapi-types: Split generate_fwd_builtin() off generate_fwd_struct() qapi-types: Drop unused members parameters qapi-types: Don't filter out expressions with 'gen' qapi: Catch and reject flat union branch of array type tests/qapi-schema: New flat union array branch test case qapi: Better separate the different kinds of helpers qapi: Move exprs checking from parse_schema() to check_exprs() qapi: Fix to reject stray 't', 'f' and 'n' qapi: Simplify inclusion cycle detection qapi: Fix file name in error messages for included files qapi: Improve a couple of confusing variable names qapi: Eliminate superfluous QAPISchema attribute input_dir qapi: Drop bogus command from docs MAINTAINERS: Fix up QAPI and QAPI schema file patterns Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e1d4210c3a50059a3889cedc44a8aa193fa63d7d Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 12 09:45:55 2015 +0200 qapi-types: Bury code dead since commit 6b5abc7 Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit c5ecd7e18f912ab5e91f09b0333fb07567885d42 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 12 09:22:32 2015 +0200 qapi-types: Split generate_fwd_builtin() off generate_fwd_struct() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit ae0a7a109037160465f55f8bab06897f0a904def Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 12 10:40:17 2015 +0200 qapi-types: Drop unused members parameters Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 4f3568002393380558705397bda4cd5f224ffe29 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 12 08:32:51 2015 +0200 qapi-types: Don't filter out expressions with 'gen' Useless, because it can only occur in commands, and we're not dealing with commands here. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit f9a1427361fe06ac67480d580412dc4ed6f5d03b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jun 10 13:07:43 2015 +0200 qapi: Catch and reject flat union branch of array type Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 75276710ae0a9f802a9774a8d845a2c84f89305a Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jun 10 13:03:04 2015 +0200 tests/qapi-schema: New flat union array branch test case The new test demonstrates another generator crash. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 00e4b285a31d19dcd88bd46729c9e09bfc9cc7fd Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jun 10 10:04:36 2015 +0200 qapi: Better separate the different kinds of helpers Insert comments to separate sections dealing with parsing, semantic analysis, code generation, and so forth. Move helpers to their proper section. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 4d076d67c2c74662db092ecf4f99600b18209b2e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jun 10 08:55:21 2015 +0200 qapi: Move exprs checking from parse_schema() to check_exprs() To have expression semantic analysis in one place rather than two. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit e565d934d21e3544b820cd03b88061e71ab644a0 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Jun 10 08:24:58 2015 +0200 qapi: Fix to reject stray 't', 'f' and 'n' Screwed up in commit e53188a. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit a1366087270b312d94ff8c4031395a4218f160d4 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Jun 9 16:54:09 2015 +0200 qapi: Simplify inclusion cycle detection We maintain a stack of filenames in include_hist for convenient cycle detection. As error_path() demonstrates, the same information is readily available in the expr_info, so just use that, and drop include_hist. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 8608d2525186062099a38971c276752e7a38903a Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Jun 9 18:32:29 2015 +0200 qapi: Fix file name in error messages for included files We print the name as it appears in the include expression. Tools processing error messages want it relative to the working directory. Make it so. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 54414047eca5bee7d5ba6e7af5fb251f8635896c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Jun 9 16:22:45 2015 +0200 qapi: Improve a couple of confusing variable names old name new name ---------------------------- input_file fname input_relname fname input_fname abs_fname include_path incl_abs_fname parent_info incl_info Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 12c707944927b8aa42752198dcf419a0bafe5d33 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Jun 9 16:49:13 2015 +0200 qapi: Eliminate superfluous QAPISchema attribute input_dir Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 836c3b01d2630192d6f5a941ca073bc8d650574b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Jun 9 14:38:58 2015 +0200 qapi: Drop bogus command from docs Commit 87a560c4 added it in the wrong place. Commit 59a2c4ce added it in the right place, but didn't remove it from the wrong place. Do that now. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 0311c5bde313c9ffcda2a198bd7cc70ae130d973 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Jun 12 15:15:54 2015 +0200 MAINTAINERS: Fix up QAPI and QAPI schema file patterns Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 1b58f5a7f6fbe811cc486cd5786483bad5d51bbf Merge: e207527 a3122b6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 18 11:36:42 2015 +0100 Merge remote-tracking branch 'remotes/mcayland/tags/qemu-openbios-signed' into staging Update OpenBIOS images # gpg: Signature made Wed Jun 17 20:06:06 2015 BST using RSA key ID AE0F321F # gpg: Good signature from "Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx>" * remotes/mcayland/tags/qemu-openbios-signed: Update OpenBIOS images Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e20752775197d3606c50703422d2c5d53ecf54bb Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Wed Jun 17 13:35:00 2015 +0100 vfio: fix build error on CentOS 5.7 Include linux/vfio.h after sys/ioctl.h, just like in hw/vfio/common.c. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Acked-by: Alex Williamson <alex.williamson@xxxxxxxxxx> Message-id: 1434544500-22405-1-git-send-email-leon.alrae@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a3122b681aee8a41268c610ca3a5e7a066a9091a Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Wed Jun 17 20:02:15 2015 +0100 Update OpenBIOS images Update OpenBIOS images to SVN r1340 built from submodule. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> commit c80cd6bb9c20ef518c56319ce44d2971171e677d Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 17 15:23:44 2015 +0200 tap: add VNET_LE/VNET_BE operations The linux tap and macvtap backends can be told to parse vnet headers according to little or big endian. This is done through the TUNSETVNETLE and TUNSETVNETBE ioctls. This patch brings all the plumbing for QEMU to use these APIs. Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 04b7a1523d65bb5c78832098cf3108a1aadcaf8a Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 17 15:23:39 2015 +0200 vhost: set vring endianness for legacy virtio Legacy virtio is native endian: if the guest and host endianness differ, we have to tell vhost so it can swap bytes where appropriate. This is done through a vhost ring ioctl. Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 41d283bdab08868a244b9c19dce507fdf15a8990 Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 17 15:23:34 2015 +0200 virtio: introduce virtio_legacy_is_cross_endian() This helper will be used by vhost and tap to detect cross-endianness in the legacy virtio case. Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 332f64073bddc9240cd572f64682a44572b67049 Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 17 15:23:29 2015 +0200 linux-headers: sync vhost.h This patch brings the cross-endian vhost API to QEMU. Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 06b008d941fd3e9684d38a9b3181a1cf301c78d1 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 24 19:35:19 2015 +0800 tests: virtio-scsi: Move start/stop to individual test functions Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bea2f0982b335c13448dbde8a409107764fa8b59 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 24 19:35:18 2015 +0800 libqos: Complete virtio device ID definition list Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 28452758c405e16d9890c44d6031d44233e8cb38 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 24 19:35:17 2015 +0800 libqos: Allow calling guest_free on NULL pointer Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ebe7d8b166c59b029521f8d95db011e5e0fc649d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 24 19:35:16 2015 +0800 tests: Link libqos virtio object to virtio-scsi-test Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d4862a87e31a51de9eb260f25c9e99a75efe3235 Author: Petr Matousek <pmatouse@xxxxxxxxxx> Date: Wed Jun 17 12:46:11 2015 +0200 i8254: fix out-of-bounds memory access in pit_ioport_read() Due converting PIO to the new memory read/write api we no longer provide separate I/O region lenghts for read and write operations. As a result, reading from PIT Mode/Command register will end with accessing pit->channels with invalid index. Fix this by ignoring read from the Mode/Command register. This is CVE-2015-3214. Reported-by: Matt Tait <matttait@xxxxxxxxxx> Fixes: 0505bcdec8228d8de39ab1a02644e71999e7c052 Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Petr Matousek <pmatouse@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9dacf32d2cbd66cbcce7944ebdfd6b2df20e33b8 Author: Yossi Hindin <yhindin@xxxxxxxxxx> Date: Wed May 6 14:57:40 2015 +0300 qemu-ga: Building Windows MSI installation with configure/Makefile New options were added to enable Windows MSI installation package creation: Option --enable-guest-agent-msi, like the name suggests, enables building Windows MSI package for QEMU guest agent; option --disable-guest-agent-msi disables MSI package creation; by default, no MSI package is created Signed-off-by: Yossi Hindin <yhindin@xxxxxxxxxx> Message-Id: <1430913460-13174-5-git-send-email-yhindin@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 66ae13bb9eb2b16b59698e992bfcea61563b9d78 Author: Yossi Hindin <yhindin@xxxxxxxxxx> Date: Wed May 6 14:57:39 2015 +0300 qemu-ga: Introduce Windows MSI script The script enables building Windows MSI installation package on Linux with wixl tool. Signed-off-by: Yossi Hindin <yhindin@xxxxxxxxxx> Message-Id: <1430913460-13174-4-git-send-email-yhindin@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c69403fcd4a0cb89f838a212ab71e4a1a3464c95 Author: Yossi Hindin <yhindin@xxxxxxxxxx> Date: Wed May 6 14:57:38 2015 +0300 qemu-ga: debug printouts to help troubleshoot installation Debug printouts extended, helps installation troubleshooting Signed-off-by: Yossi Hindin <yhindin@xxxxxxxxxx> Message-Id: <1430913460-13174-3-git-send-email-yhindin@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5e031072e71eebab3d7d2ea4609e84bc928d893e Author: Yossi Hindin <yhindin@xxxxxxxxxx> Date: Wed May 6 14:57:37 2015 +0300 qemu-ga: adding vss-[un]install options Existing command line options include '-s install' and '-s uninstall'. These options install/uninstall both Windows QEMU GA service and optional VSS COM server. The QEMU GA Windows service allows always-on serving guest agent's QMP commands and VSS COM server enables guest agent integration with Volume Shadow Service. This commit introdices new options '-s vss-install' and '-s vss-uninstall', affecting only GA VSS COM server registration. The new options are useful for registering and unregistering the COM server during MSI installation, upgrade and uninstallation. Signed-off-by: Yossi Hindin <yhindin@xxxxxxxxxx> Message-Id: <1430913460-13174-2-git-send-email-yhindin@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 67633bb4f7743be2cb2e70b61e482ab92bf1724e Author: Pranith Kumar <bobby.prani@xxxxxxxxx> Date: Wed Jun 10 10:20:24 2015 -0400 qemu-log: Open file for logging when specified qemu-log defaults to stderr when there is no '-D' option mentioned on command line. When '-D' option is specified, we also need to specify '-d' option for it to use the specified logfile. When using monitor to enable logging this is troublesome since there will be no '-d' option because of which monitor dumps the logs to stderr. Fix this by opening the log file when '-D' is specified on the command line. Also fix an ancient comment which does not hold true since changing location and log level has now been streamlined. Signed-off-by: Pranith Kumar <bobby.prani@xxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Luiz Capitulino <lcapitulino@xxxxxxxxxx> CC: Markus Armbruster <armbru@xxxxxxxxxx> CC: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-Id: <1433946024-18439-1-git-send-email-bobby.prani@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f754c3c9cce3c4789733d9068394be4256dfe6a8 Merge: a09f4a9 1f68f1d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jun 17 12:43:26 2015 +0100 Merge remote-tracking branch 'remotes/agraf/tags/signed-s390-for-upstream' into staging Patch queue for s390 - 2015-06-17 This is a special one. Two awesome features in one pull request: - CCW support for TCG - Watchpoint support for TCG To celebrate this, we also switch the default machine model from s390-virtio to s390-ccw and give users a fully working s390x model again! # gpg: Signature made Wed Jun 17 11:42:26 2015 BST using RSA key ID 03FEDC60 # gpg: Good signature from "Alexander Graf <agraf@xxxxxxx>" # gpg: aka "Alexander Graf <alex@xxxxxxxxx>" * remotes/agraf/tags/signed-s390-for-upstream: (26 commits) s390x: Switch to s390-ccw machine as default target-s390x: PER: add Breaking-Event-Address register target-s390x: PER instruction-fetch nullification event support target-s390x: PER store-using-real-address event support target-s390x: PER storage-alteration event support translate-all: fix watchpoints if retranslation not possible target-s390x: PER instruction-fetch event support target-s390x: PER successful-branching event support target-s390x: basic PER event handling target-s390x: add get_per_in_range function target-s390x: add get_per_atmid function target-s390x: add PER related constants target-s390x: mvc_fast_memmove: access memory through softmmu target-s390x: mvc_fast_memset: access memory through softmmu target-s390x: function to adjust the length wrt page boundary softmmu: provide tlb_vaddr_to_host function for user mode target-s390x: wire up I/O instructions in TCG mode target-s390x: wire up DIAG REIPL in TCG mode target-s390x: wire up DIAG IPL in TCG mode target-s390x: fix s390_cpu_initial_reset ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1f68f1d36c3af09ed31a529ad69c3d09880d10fd Author: Alexander Graf <agraf@xxxxxxx> Date: Tue Jun 16 23:06:33 2015 +0200 s390x: Switch to s390-ccw machine as default We now finally have TCG support for the basic set of instructions necessary to run the s390-ccw machine. That means in any aspect possible that machine type is now superior to the legacy s390-virtio machine. Switch over to the ccw machine as default. That way people don't get a halfway broken machine with the s390x target. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 3da0ab35292fe93640cfdd95aa8bedec8f145d2c Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:46:03 2015 +0200 target-s390x: PER: add Breaking-Event-Address register This patch adds support for PER Breaking-Event-Address register. Like real hardware, it save the current PSW address when the PSW address is changed by an instruction. We have to take care of optimizations QEMU does, a branch to the next instruction is still a branch. This register is copied to low core memory when a program exception happens. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 83bb161299c019e25a3add59504f0b69e6257dcd Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:46:02 2015 +0200 target-s390x: PER instruction-fetch nullification event support For the instruction-fetch nullification event, we just reuse the existing instruction-fetch code and trigger the exception immediately in that case. There is no need to save the CPU state in the TCG code as it has been saved by the previous instruction before calling the per_check_exception helper. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 2f54394997bfc808bbfbebb2d8294edd17d63808 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:46:01 2015 +0200 target-s390x: PER store-using-real-address event support This PER event happens each time the STURA or STURG instructions are used. As they use helpers, we can just save the event in the PER code there, if enabled. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 311918b979c5364c30392c1054ed77d047a83953 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:46:00 2015 +0200 target-s390x: PER storage-alteration event support For the PER storage-alteration event we can use the QEMU watchpoint infrastructure. When PER is enabled or PER control register changed we enable the corresponding watchpoints. When a watchpoint arises we can save the event. Unfortunately the current code does not provide the address space used to trigger the watchpoint. For now we assume it comes from the default ASC. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 8d302e76755b8157373073d7107e31b0b13f80c1 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:59 2015 +0200 translate-all: fix watchpoints if retranslation not possible The tb_check_watchpoint function currently assumes that all memory access is done either directly through the TCG code or through an helper which knows its return address. This is obviously wrong as the helpers use cpu_ldxx/stxx_data functions to access the memory. Instead of aborting in that case, don't try to retranslate the code, but assume that the CPU state (and especially the program counter) has been saved before calling the helper. Then invalidate the TB based on this address. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit f0e0d817c22539cd2ce1bcb5487e076f117b04c0 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:58 2015 +0200 target-s390x: PER instruction-fetch event support For the PER instruction-fetch, we can't use the QEMU breakpoint infrastructure as it triggers for a single address and not a full address range, and as it actually stop before the instruction and not before. We therefore call an helper with the just fetched instruction address, which check if the address is within the PER address range. If it is the case, an event is recorded and will be signaled through an exception. Note that we implement here the PER-3 behaviour, that is an invalid opcode is not considered as an instruction fetch. Without PER-3 this behavious is undefined. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 2c2275eb41c612df4bd115cf71d6e651d105f69c Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:57 2015 +0200 target-s390x: PER successful-branching event support For the PER successful-branching event support, we can't rely on any QEMU infrastucture. We therefore call an helper in all places where a branch can be taken. We have to pay attention to the branch to next case, as it's still a taken branch. We don't need to care about the cases using goto_tb, as we have disabled them in the previous patch. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 777c98c32ce577a9671b9267ff6e2802f69ebafd Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:56 2015 +0200 target-s390x: basic PER event handling This patch add basic support to generate PER exceptions. It adds two fields to the cpu structure to record for the PER address and PER code & ATMID values. When an exception is triggered and a PER event is pending, the two PER values are copied to the lowcore area. At the end of an instruction, an helper is checking for a possible pending PER event and triggers an exception in that case. For that to work with branches, we need to disable TB chaining when PER is activated. Fortunately it's already in the TB flags. Finally in case of a SERVICE CALL exception, we need to trigger the PER exception immediately after. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit d453d103831c966e7920f146eb3416e43b588f89 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:55 2015 +0200 target-s390x: add get_per_in_range function This function checks if an address is in between the PER starting address and the PER ending address, taking care of a possible address range loop. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a8f931a931f8866abdb2f836d0fb6fb7d2606645 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:54 2015 +0200 target-s390x: add get_per_atmid function This function returns the ATMID field that is stored in the per_perc_atmid lowcore entry. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit fb01bf4c6b86d9ac00ea87d60f97871ee1488188 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:53 2015 +0200 target-s390x: add PER related constants Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 6da528d14de29138ca5ac43d6d059889dd24f464 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:52 2015 +0200 target-s390x: mvc_fast_memmove: access memory through softmmu mvc_fast_memmove is bypassing the softmmu functions, getting the physical source and destination addresses using the mmu_translate function and accessing the corresponding physical memory. This prevents watchpoints to work correctly. Instead use the tlb_vaddr_to_host function to get the host addresses corresponding to the guest source and destination addresses through the softmmu code and fallback to the byte level code in case the corresponding address are not in the QEMU TLB or being examined through a watchpoint. As a bonus it works even for area crossing pages by splitting the are into chunks contained in a single page, bringing some performances improvements. We can therefore remove the 8-byte loads/stores method, as it is now quite unlikely to be used. At the same time change the name of the function to fast_memmove as it's not specific to mvc and use the same argument order as the C memmove function. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit fc89efe693278c79273f3bbf6b581e8a749c85b0 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:51 2015 +0200 target-s390x: mvc_fast_memset: access memory through softmmu mvc_fast_memset is bypassing the softmmu functions, getting the physical address using the mmu_translate function and accessing the corresponding physical memory. This prevents watchpoints to work correctly. Instead use the tlb_vaddr_to_host function to get the host address corresponding to the guest address through the softmmu code and fallback to the byte level code in case the corresponding address is not in the QEMU TLB or being examined through a watchpoint. As a bonus it works even for area crossing pages by splitting the are into chunks contained in a single page, bringing some performances improvements. At the same time change the name of the function to fast_memset as it's not specific to mvc and use the same argument order as the C memset function. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit d7ce6b7a0ba4328a286d09d96395a8fc2fd6943c Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:50 2015 +0200 target-s390x: function to adjust the length wrt page boundary This patch adds a function to adjust the length of a transfer so that it doesn't cross a page boundary in softmmu mode. It does nothing in user mode. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 2e83c496261c799b0fe6b8e18ac80cdc0a5c97ce Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sat Jun 13 00:45:49 2015 +0200 softmmu: provide tlb_vaddr_to_host function for user mode To avoid to many #ifdef in target code, provide a tlb_vaddr_to_host for both user and softmmu modes. In the first case the function always succeed and just call the g2h function. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit ad8a4570add09a7635cb8cd1c9327640521ee7a7 Author: Alexander Graf <agraf@xxxxxxx> Date: Mon Jun 15 17:57:09 2015 +0200 target-s390x: wire up I/O instructions in TCG mode The code handling the I/O instructions for KVM decodes the instruction itself. In TCG mode also pass the full instruction word to the helpers. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 2ecacb0b4b6c73af424b7b4389fa55809368a98b Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 17:57:08 2015 +0200 target-s390x: wire up DIAG REIPL in TCG mode Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 8df7eef3059394bd53cdf7609aac9a50a78aa030 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 17:57:07 2015 +0200 target-s390x: wire up DIAG IPL in TCG mode DIAG IPL is already implemented for KVM, but not wired from TCG. For that change the format of the instruction so that we can get R1 and R3 numbers in addition to the function code. The diag function can change plenty of things, including CC, so we should enter with a static CC. Also it doesn't set the value of general register 2 to 0 as in the current code. We also need to exit the CPU loop after a reset, which means a new PSW. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit cbed0ba78f04ce9e2e718431f64eb4b621288aca Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 17:57:06 2015 +0200 target-s390x: fix s390_cpu_initial_reset The s390_cpu_initial_reset function zeroes a big part of the CPU state structure, including CPU_COMMON, and thus the QEMU TLB structure. As they should not be initialized with zeroes only, we need to call the tlb_flush to initialize it correctly. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit cc0d079d4582ee0ed97b5e3e3da4f6cb2b5bd67f Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 17:57:05 2015 +0200 target-s390x: initialize I/O interrupt queue env->io_index[] should be set to -1 during CPU reset to mark the I/O interrupt queue as empty. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 7107e5a756317151666d47d1bc1e170293babaff Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 17:57:04 2015 +0200 target-s390x: correctly initialize ext interrupt queue env->ext_index should be initialized to -1 to mark the external interrupt queue as emtpy. This should not be done in s390_cpu_initfn as all the interrupt fields are later reset to 0 by the memset in s390_cpu_initial_reset or s390_cpu_full_reset. Move the initialization there. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 06e3c077daa08c0a616e9507eb737401883ab645 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 17:57:03 2015 +0200 target-s390x: fix setcc in TCG mode In TCG mode we should store the CC value in env->cc_op. However do it inconditionnaly because: - the tcg_enabled function is not inlined - it's probably faster to always store the value, especially given it is likely in the same cache line than env->psw.mask. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a499973ff32bc58f2db7b88ad5597ffdbc2becd7 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 17:57:02 2015 +0200 virtio-ccw: disable ioevent bit when ioeventfds are not enabled This remove the corresponding error messages in TCG mode, and allow to simplify the s390_assign_subch_ioeventfd() function. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit d49f4ab48ec76e590ad72a2d6c3fba8459d3ded7 Author: Alexander Graf <agraf@xxxxxxx> Date: Mon Jun 15 17:57:01 2015 +0200 s390/ioinst: fix endianness in ioinst_schib_valid The ioinst_schib_valid gets a SCHIB in guest endianness, we should byteswap the fields we access. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit ae52e585bf5e9678a77be033fd4b430a2e78dfed Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 17:57:00 2015 +0200 s390/ioinst: fix IO_INT_WORD_ISC macro The I/O-Interruption Subclass field corresponds to bits 2 to 5 (BE notation) of the Interruption-Identification Word. The value should be shift by 27 instead of 24. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a09f4a9d19c500ea5cbcdc0bd7f0d540cf54f9f5 Merge: 8c29f8d f3bcd42 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jun 17 11:12:35 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-seabios-1.8.2-20150617-1' into staging update seabios to release 1.8.2 add vgabios for virtio-vga # gpg: Signature made Wed Jun 17 08:34:22 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-seabios-1.8.2-20150617-1: update seabios and vgabios binaries tag our seabios builds update seabios submodule to release 1.8.2 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8c29f8d6b9595ac0f9ab1b41f22e91aebab482d7 Merge: 93f6d1c f8d30a4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jun 17 10:13:40 2015 +0100 Merge remote-tracking branch 'remotes/kvaneesh/tags/for-upstream-signed' into staging VirtFS update: * Fix for virtfs-proxy-helper crash * Gracefully handle the error condition on input validation in virtfs-proxy-helper # gpg: Signature made Tue Jun 16 16:21:28 2015 BST using RSA key ID 04C4E23A # gpg: Good signature from "Aneesh Kumar K.V <aneesh.kumar@xxxxxxxxxxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 4846 9DE7 1860 360F A6E9 968C DE41 A4FE 04C4 E23A * remotes/kvaneesh/tags/for-upstream-signed: virtfs-proxy-helper: fail gracefully if socket path is too long virtfs-proxy-helper: add missing long option terminator Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f3bcd42683dcc48c576281399d6cf6b34da6ba41 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jun 17 09:28:03 2015 +0200 update seabios and vgabios binaries Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 7edf2f0ec4edbde50be3b54306adf5b8b16ca68b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jun 17 09:24:55 2015 +0200 tag our seabios builds Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 10500ce26069b7c4746e8a2276aa03220a29581c Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jun 17 09:11:47 2015 +0200 update seabios submodule to release 1.8.2 git shortlog rel-1.8.1..rel-1.8.2 ================================= Gerd Hoffmann (1): vga: rework virtio-vga support Kevin O'Connor (5): vgabios: Add config option for assembler fixups vgabios: Emulate "leal" instruction build: Support "make VERSION=xyz" to override the default build version build: CONFIG_VGA_FIXUP_ASM should depend on CONFIG_BUILD_VGABIOS vgabios: On bda_save_restore() the saved vbe_mode also has flags in it Paolo Bonzini (1): smm: ignore bits 16,18-31 of SMM revision ID Vladimir Serbinenko (1): ahci: Ignore max_ports. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f8d30a4f96d6c3a12e692d2e69b8fe4734b916c6 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 30 14:57:16 2015 +0100 virtfs-proxy-helper: fail gracefully if socket path is too long Replace the assertion check with graceful failure when the socket path is too long. Programs should not crash on invalid input. Print an error message and exit properly. Cc: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@xxxxxxxxxxxxxxxxxx> commit bf6667d63ef4c4fbaf91051589a594ec1c235308 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 30 14:57:15 2015 +0100 virtfs-proxy-helper: add missing long option terminator The getopt_long(3) long options array must have a zeroed terminator. This patch solves a segmentation fault when an unknown command-line option is encountered: $ fsdev/virtfs-proxy-helper --help Segmentation fault (core dumped) Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@xxxxxxxxxxxxxxxxxx> commit 93f6d1c16036aaf34055d16f54ea770fb8d6d280 Merge: 4316536 7a4dfd1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 16 10:35:43 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20150615-1' into staging virtio-gpu: pci support bits and virtio-vga. # gpg: Signature made Mon Jun 15 13:55:19 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vga-20150615-1: virtio-vga: add vgabios configuration virtio-vga: add '-vga virtio' support virtio-vga: add virtio gpu device with vga compatibility virtio-gpu-pci: add virtio pci support virtio-gpu: fix error message Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4316536bf424d2e7f9cfa7d0dd561adb0986cc81 Merge: 1dfe73b 45c874e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 16 09:07:22 2015 +0100 Merge remote-tracking branch 'remotes/riku/tags/pull-linux-user-20150616' into staging linux-user patches for 2.4 softfreeze second spin with ioctl patch refreshed # gpg: Signature made Tue Jun 16 08:03:14 2015 BST using RSA key ID DE3C9BC0 # gpg: Good signature from "Riku Voipio <riku.voipio@xxxxxx>" # gpg: aka "Riku Voipio <riku.voipio@xxxxxxxxxx>" * remotes/riku/tags/pull-linux-user-20150616: linux-user: ioctl() command type is int linux-user: fix the breakpoint inheritance in spawned threads linux-user: use __get_user and __put_user in cmsg conversions linux-user: Fix length handling in host_to_target_cmsg linux-user: Use abi_ulong for TARGET_ELF_PAGESTART linux-user: Allocate thunk size dynamically Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 45c874ebbae661238bfa3c0534480ebe2940b112 Author: Laurent Vivier <laurent@xxxxxxxxx> Date: Tue Jun 16 00:35:28 2015 +0200 linux-user: ioctl() command type is int When executing a 64bit target chroot on 64bit host, the ioctl() command can mismatch. It seems the previous commit doesn't solve the problem in my case: 9c6bf9c7 linux-user: Fix ioctl cmd type mismatch on 64-bit targets For example, a ppc64 chroot on an x86_64 host: bash-4.3# ls Unsupported ioctl: cmd=0x80087467 Unsupported ioctl: cmd=0x802c7415 The origin of the problem is in syscall.c:do_ioctl(). static abi_long do_ioctl(int fd, abi_long cmd, abi_long arg) In this case (ppc64) abi_long is long (on the x86_64), and cmd = 0x0000000080087467 then if (ie->target_cmd == cmd) target_cmd is int, so target_cmd = 0x80087467 and to compare an int with a long, the sign is extended to 64bit, so the comparison is: if (0xffffffff80087467 == 0x0000000080087467) which doesn't match whereas it should. This patch uses int in the case of the target command type instead of abi_long. Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 1d085f6cae51b1a0fb92ad03ce8bf038e29c9750 Author: Thierry Bultel <thierry.bultel@xxxxxxxxxxxxx> Date: Fri Jun 12 11:24:10 2015 +0200 linux-user: fix the breakpoint inheritance in spawned threads When a thread is spawned, cpu_copy re-initializes the bp & wp lists of current thread, instead of the ones of the new thread. The effect is that breakpoints are no longer hit. Signed-off-by: Thierry Bultel <thierry.bultel@xxxxxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 876e23cb2e545148a0ee4effda5c63c861855941 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 26 19:46:32 2015 +0100 linux-user: use __get_user and __put_user in cmsg conversions The target payloads in cmsg conversions may not have the alignment required by the host. Using the get_user and put_user functions is the easiest way to handle this and also do the byte-swapping we require. (Note that prior to this commit target_to_host_cmsg was incorrectly using __put_user() rather than __get_user() for the SCM_CREDENTIALS conversion, which meant it wasn't getting the benefit of the misalignment handling.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit c2aeb2586bd258ad76fcfe308f883075e73ff1d2 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 26 19:46:31 2015 +0100 linux-user: Fix length handling in host_to_target_cmsg The previous code for handling payload length when converting cmsg structures from host to target had a number of problems: * we required the msg->msg_controllen to declare the buffer to have enough space for final trailing padding (we were checking against CMSG_SPACE), whereas the kernel does not require this, and common userspace code assumes this. (In particular, glibc's "try to talk to nscd" code that it will run on startup will receive a cmsg with a 4 byte payload and only allocate 4 bytes for it, which was causing us to do the wrong thing on architectures that need 8-alignment.) * we weren't correctly handling the fact that the SO_TIMESTAMP payload may be larger for the target than the host * we weren't marking the messages with MSG_CTRUNC when we did need to truncate a message that wasn't truncated by the host, but were instead logging a QEMU message; since truncation is always the result of a guest giving us an insufficiently sized buffer, we should report it to the guest as the kernel does and don't log anything Rewrite the parts of the function that deal with length to fix these issues, and add a comment in target_to_host_cmsg to explain why the overflow logging it does is a QEMU bug, not a guest issue. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 1dfe73b94de5a75038a725b17dc7d08a23a977ec Merge: b500e4d f264d51 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:43:09 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150615' into staging target-arm queue: * Handle "extended small page" descriptors correctly * Use extended address bits from supersection short descriptors * Update interrupt status for all cores in gic_update * Fix off-by-one in exynos4210_fimd bit-swap code * Remove stray unused 'pending_exception' field * Add Cortex-A53 KVM support * Fix reset value of REVIDR * Add AArch32 MIDR aliases for ARMv8 cores * MAINTAINERS update for ARM ACPI code * Trust the kernel's value of MPIDR if we're using KVM * Various pxa2xx device updates to avoid old APIs * Mark pxa2xx copro registers as ARM_CP_IO so -icount works * Correctly UNDEF Thumb2 DSP insns on Cortex-M3 * Initial work towards implementing PMSAv7 * Fix a reset order bug introduced recently * Correct "preferred return address" for cpreg access exceptions * Add ACPI SPCR table for the virt board # gpg: Signature made Mon Jun 15 18:19:34 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150615: (28 commits) hw/arm/virt-acpi-build: Add SPCR table ACPI: Add definitions for the SPCR table target-arm: Correct "preferred return address" for cpreg access exceptions hw/arm/boot: fix rom_reset notifier registration order arm: helper: rename get_phys_addr_mpu arm: Add has-mpu property arm: Implement uniprocessor with MP config arm: Refactor get_phys_addr FSR return mechanism arm: helper: Factor out CP regs common to [pv]msa arm: Don't add v7mp registers in MPU systems arm: Do not define TLBTR in PMSA systems target-arm: Add the THUMB_DSP feature hw/sd/pxa2xx_mmci: Stop using old_mmio in MemoryRegionOps hw/arm/pxa2xx: Convert pxa2xx-ssp to VMState hw/arm/pxa2xx: Add reset method for pxa2xx_ssp hw/arm/pxa2xx: Convert pxa2xx-fir to QOM and VMState hw/arm/pxa2xx: Mark coprocessor registers as ARM_CP_IO target-arm: Use the kernel's idea of MPIDR if we're using KVM MAINTAINERS: Add myself as ARM ACPI Subsystem maintainer target-arm: add AArch32 MIDR aliases in ARMv8 ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f264d51d8ad939d7fb339d61a8cf680ed0cb21a2 Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Mon Jun 15 18:06:11 2015 +0100 hw/arm/virt-acpi-build: Add SPCR table Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> Tested-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1433929959-29530-3-git-send-email-drjones@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b8a0d75ef85b8f24c92a6c50817fa9579b4a98d9 Author: Andrew Jones <drjones@xxxxxxxxxx> Date: Mon Jun 15 18:06:11 2015 +0100 ACPI: Add definitions for the SPCR table SPCR is the Serial Port Console Redirection Table. See the document linked from http://uefi.org/acpi. For serial port types, "Interface Type", see the documentation for the Debug Port Table 2 (DBG2). Signed-off-by: Andrew Jones <drjones@xxxxxxxxxx> Tested-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1433929959-29530-2-git-send-email-drjones@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3977ee5d7a9f2e3664dd8b233f3224694e23b62b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:06:11 2015 +0100 target-arm: Correct "preferred return address" for cpreg access exceptions The architecture defines that when taking an exception trying to access a coprocessor register, the "preferred return address" for the exception is the address of the instruction that caused the exception. Correct an off-by-4 error which meant we were returning the address after the instruction for traps which happened because of a failure of a runtime access-check function on an AArch32 register. (Traps caused by translate-time checkable permissions failures had the correct address, as did traps on AArch64 registers.) This fixes https://bugs.launchpad.net/qemu/+bug/1463338 Reported-by: Robert Buhren <robert@xxxxxxxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1433861440-30133-1-git-send-email-peter.maydell@xxxxxxxxxx commit 63a183ed0eac2956574745c84faffa042d99afb8 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jun 15 18:06:11 2015 +0100 hw/arm/boot: fix rom_reset notifier registration order commit ac9d32e39664e060cd1b538ff190980d57ad69e4 had the consequence to register the do_cpu_reset after the rom_reset one. Hence they get executed in the wrong order. This commit restores the registration of do_cpu_reset in arm_load_kernel. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reported-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Tested-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1434111582-9325-1-git-send-email-eric.auger@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 13689d43646482f7305282de1bdd662c0d2b8b77 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Mon Jun 15 18:06:10 2015 +0100 arm: helper: rename get_phys_addr_mpu This get_phys_addr is really for pmsav5. Rename it accordingly. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: bf4b019aa87d682a45998105ef8e4d4e97a5e117.1434066412.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8f325f568fbd0158cd413e7d637573ba90b3eaab Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Mon Jun 15 18:06:10 2015 +0100 arm: Add has-mpu property For processors that support MPUs, add a property to de-feature it. This is similar to the implementation of the EL3 feature. The processor definition in init sets ARM_FEATURE_MPU if it can support an MPU. post_init exposes the property, defaulting to true. If cleared by the instantiator, ARM_FEATURE_MPU is then removed at realize time. This is to support R profile processors that may or may-not have an MPU configured. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 632918cc48786e868ea18aa6bd12f70597994cad.1434066412.git.peter.crosthwaite@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a8e81b319d1ae1224cc7059877dcdf04a5aad59d Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Mon Jun 15 18:06:10 2015 +0100 arm: Implement uniprocessor with MP config Add a boolean for indicating uniprocessors with MP extensions. This drives the U bit in MPIDR. Prepares support for Cortex-R5. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: a70a80583df265e0174f01fa1fc92b33ea6d1db5.1434066412.git.peter.crosthwaite@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b7cc4e82f04a1c5b218a657f677a2fdd1e1c2889 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Mon Jun 15 18:06:10 2015 +0100 arm: Refactor get_phys_addr FSR return mechanism Currently, the return code for get_phys_addr is overloaded for both success/fail and FSR value return. This doesn't handle the case where there is an error with a 0 FSR. This case exists in PMSAv7. So rework get_phys_addr and friends to return a success/failure boolean return code and populate the FSR via a caller provided uint32_t pointer. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: a209e3d8ae00cda55260c970891f520210e26bad.1434066412.git.peter.crosthwaite@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8e5d75c950a1241f6e1243c37f28cd58f68fedc9 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Mon Jun 15 18:06:10 2015 +0100 arm: helper: Factor out CP regs common to [pv]msa V6+ PMSA and VMSA share some common registers that are currently in the VMSA definition block. Split them out into a new def that can be shared to PMSA. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 284db78a43c63c9bfbb60de539672c361bcb6af8.1434066412.git.peter.crosthwaite@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5e5cf9e35f25f9f932a6ce25107c11b67b426a43 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Mon Jun 15 18:06:10 2015 +0100 arm: Don't add v7mp registers in MPU systems These registers are VMSA specific so they should be conditional on VMSA (i.e. !MPU). Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 7bb8843e45f2635c6b7a583c5bb5da51ed4442a0.1434066412.git.peter.crosthwaite@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8085ce63c5967d200f1241b6c0a189371993c5df Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Mon Jun 15 18:06:10 2015 +0100 arm: Do not define TLBTR in PMSA systems If doing a PMSA (MPU) system do not define the VMSA specific TLBTR CP. The def is done separately from VMSA registers group as it is affected by both the OMAP/STRONGARM RW errata and the MIDR backgrounding. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: b03fea3840207edf633f5c9189400c3dd6a28d14.1434066412.git.peter.crosthwaite@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 62b44f059a84d1ac580a653fc4110dfabaef6b83 Author: Aurelio C. Remonda <aurelioremonda@xxxxxxxxx> Date: Mon Jun 15 18:06:09 2015 +0100 target-arm: Add the THUMB_DSP feature Create an ARM_FEATURE_THUMB_DSP controlling the Thumb encodings of the 85 DSP instructions (these are all Thumb2). This is enabled for all non-M-profile CPUs with Thumb2 support, as the instructions are mandatory for R and A profiles. On M profile they are optional and not present in the Cortex-M3 (though they are in the M4). The effect of this commit is that we will now treat the DSP encodings as illegal instructions on M3, when previously we incorrectly implemented them. Signed-off-by: Aurelio C. Remonda <aurelioremonda@xxxxxxxxx> Message-id: 1434311355-26554-1-git-send-email-aurelioremonda@xxxxxxxxx [PMM: added clz/crc32/crc32c and default case to the early-decode switch; minor format/spacing fixups; reworded commit message a bit] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 13e1e476b4bc111d36fffaea025f90d8db52b697 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:06:09 2015 +0100 hw/sd/pxa2xx_mmci: Stop using old_mmio in MemoryRegionOps Update the pxa2xx_mmci device to stop using the old_mmio read and write callbacks in its MemoryRegionOps. This actually simplifies the code because the separate byte/halfword/word access functions were all calling into a single function to do the work anyway. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1434117989-7367-6-git-send-email-peter.maydell@xxxxxxxxxx commit 8e079caf82c3658ee64bca37c91953b38296d427 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:06:09 2015 +0100 hw/arm/pxa2xx: Convert pxa2xx-ssp to VMState The pxa2xx-ssp device is already a QOM device but is still using the old-style register_savevm(); convert to VMState. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1434117989-7367-5-git-send-email-peter.maydell@xxxxxxxxxx commit ce3203464bee89d2ae958717222981326a37775e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:06:09 2015 +0100 hw/arm/pxa2xx: Add reset method for pxa2xx_ssp The pxa2xx_ssp device was missing a reset method; add one. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter..crosthwaite@xxxxxxxxxx> Message-id: 1434117989-7367-4-git-send-email-peter.maydell@xxxxxxxxxx commit 1fd9f2df241554b68b3a19ad1c94c475c7bb85ea Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:06:09 2015 +0100 hw/arm/pxa2xx: Convert pxa2xx-fir to QOM and VMState Convert the pxa2xx-fir device to QOM, including using a VMState for its migration info. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1434117989-7367-3-git-send-email-peter.maydell@xxxxxxxxxx commit 14c3032a7ebd5a354381465453c0c0690b7342d1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:06:09 2015 +0100 hw/arm/pxa2xx: Mark coprocessor registers as ARM_CP_IO The pxa2xx custom coprocessor registers in cp6 and cp14 do device accesses, so mark the non-constant regs as ARM_CP_IO so that icount works correctly and doesn't abort. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1434117989-7367-2-git-send-email-peter.maydell@xxxxxxxxxx commit eb5e1d3c85dffe677da2550d211f9304a7d5ba3b Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Mon Jun 15 18:06:09 2015 +0100 target-arm: Use the kernel's idea of MPIDR if we're using KVM When we're using KVM, the kernel's internal idea of the MPIDR affinity fields must match the values we tell it for the guest vcpu cluster configuration in the device tree. Since at the moment the kernel doesn't support letting userspace tell it the correct affinity fields to use, we must read the kernel's view and reflect that back in the device tree. Signed-off-by: Shlomo Pongratz <shlomo.pongratz@xxxxxxxxxx> Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Message-id: 02f601d0a1e6$90c7d630$b2578290$@samsung.com [PMM: Use a local #define rather than a global variable for the TCG ARM_CPUS_PER_CLUSTER setting. Tweak a comment. Update the commit message.] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8f4d260e70aff7c3796d97c78ba0663696e2d503 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Mon Jun 15 18:06:08 2015 +0100 MAINTAINERS: Add myself as ARM ACPI Subsystem maintainer Add Shannon Zhao as the maintainer for the ARM ACPI Subsystem. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Claudio Fontana <claudio.fontana@xxxxxxxxxx> Acked-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1433248318-6076-1-git-send-email-shannon.zhao@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ac00c79ff6635ae9fd732ff357ada0d05e795500 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Mon Jun 15 18:06:08 2015 +0100 target-arm: add AArch32 MIDR aliases in ARMv8 According to ARMv8 ARM, there are additional aliases to MIDR system register in AArch32 state. So add them to the list. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1433321048-23793-3-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 13b72b2b9aa7ab7ee129e38e9587acd6a1b9a932 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Mon Jun 15 18:06:08 2015 +0100 target-arm: Fix REVIDR reset value According to ARM Cortex-A53/A57 TRM, REVIDR reset value should be zero. So let REVIDR reset value be specified by CPU model and correct it for Cortex-A53/A57. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1433321048-23793-2-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8772de2c53b44c75f18140646aa928e6d77cb9d8 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Mon Jun 15 18:06:08 2015 +0100 hw/arm/virt: Add cortex-a53 cpu support in machine virt Add cortex-a53 cpu support in machine virt, so it can be used for TCG and KVM. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1433207452-4512-3-git-send-email-shannon.zhao@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7525465e6def0ef878741087b36e4657016dce80 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Mon Jun 15 18:06:08 2015 +0100 target-arm/kvm64: Add cortex-a53 cpu support Since commit e353102(target-arm: cpu64: Add support for Cortex-A53) has added Cortex-A53 cpu support for target-arm, this patch just enables it for kvm-arm. Here adding XGENE_POTENZA just makes the enum continuous. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Message-id: 1433207452-4512-2-git-send-email-shannon.zhao@xxxxxxxxxx [PMM: Don't add the CPU types to cpus_to_try[]; this array only lists old CPUs which were supported in pre-PREFERRED_TARGET kernels] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a79e0218e0ae27c9cdd2648bd46e5a916c903cc2 Author: Alex Bennée <alex.bennee@xxxxxxxxxx> Date: Mon Jun 15 18:06:08 2015 +0100 target-arm/cpu.h: remove pending_exception This isn't used by any of the code. In fact it looks like it was never used as it came in with ARMv7 support. Signed-off-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1434020015-8868-1-git-send-email-alex.bennee@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 644ead5be1a851abff16886240c5c6fc1c5137c0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:06:08 2015 +0100 hw/display/exynos4210_fimd: Fix bit-swapping code fimd_swap_data() includes code to reverse the bits in a 64-bit integer, but an off-by-one error meant that it would try to shift off the top of the integer. Correct the bug (spotted by Coverity). Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1432912615-23107-1-git-send-email-peter.maydell@xxxxxxxxxx commit 235069a380147e31236b94c31528fc5170c3a421 Author: Johan Karlsson <Johan.Karlsson@xxxxxxxx> Date: Mon Jun 15 18:06:07 2015 +0100 arm_gic: gic_update should always update all cores This patch fixes so that gic_update always updates all the cores with new pending irq states. If the function returns early it is possible to get interrupts that has already been acknowledged. Signed-off-by: Johan Karlsson <johan.karlsson@xxxxxxxx> [PMM: rebased to apply to current master] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4e42a6ca37e39e56725518851f4388e46bd91129 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Mon Jun 15 18:06:07 2015 +0100 target-arm: use extended address bits from supersection short descriptor Since ARMv7 with LPAE support, a supersection short translation table descriptor has had extended base address fields which hold bits 39:32 of translated address. These fields are IMPDEF in ARMv6 and ARMv7 without LPAE support. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1433235718-30485-1-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit fc1891c74ae122a9dc7854f38bae7db03cd911e6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 18:06:07 2015 +0100 target-arm: Handle "extended small page" descriptors correctly The old ARMv5-style page table format includes a kind of second level descriptor named the "extended small page" format, whose primary purpose is to allow specification of the TEX memory attribute bits on a 4K page. This exists on ARMv6 and also (as an implementation extension) on XScale CPUs; it's UNPREDICTABLE on v5. We were mishandling this in two ways: (1) we weren't implementing it for v6 (probably never noticed because Linux will use the new-style v6 page table format there) (2) we were not correctly setting the page_size, which is 4K, not 1K The latter bug went unnoticed for years because the only thing which the page_size affects is which TLB entries get flushed when the guest does a TLB invalidate on an address in the page, and prior to commit 2f0d8631b7 we were doing a full TLB flush very frequently due to Linux's habit of writing the SCTLR pointlessly a lot. (We can assume that after commit 2f0d8631b7 the bug went unnoticed for a year because nobody's actually using the Zaurus/XScale emulation...) Report the correct page size for these descriptors, and permit them on ARMv6 CPUs. This fixes a problem where a kernel image for Zaurus can boot the kernel OK but gets random segfaults when it tries to run userspace programs. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1432844085-16441-1-git-send-email-peter.maydell@xxxxxxxxxx commit b500e4db8e3e0b5f41a2dd14e2001200e5fc7d6b Merge: 46bca54 d95d7d8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 16:15:32 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-audio-20150615-1' into staging audio: remove obsolete backends (esd, fmod, winwave). audio: stop using global variables, small fixes. audio: remove some obsolte and unused code. # gpg: Signature made Mon Jun 15 13:24:44 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-audio-20150615-1: ossaudio: use trace events instead of debug config flag alsaaudio: use trace events instead of verbose dsoundaudio: remove primary buffer dsoundaudio: remove *_retries kludges audio: remove plive audio: remove LOG_TO_MONITOR along with default_mon MAINTAINERS: remove malc from audio sdlaudio: do not allow multiple instances coreaudio: do not use global variables where possible dsoundaudio: do not use global variables paaudio: fix possible resource leak wavaudio: do not use global variables ossaudio: do not use global variables alsaaudio: do not use global variables paaudio: do not use global variables audio: expose drv_opaque to init_out and init_in only enable dsound in case the header file is present audio: remove winwave audio driver audio: remove fmod backend audio: remove esd backend Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6a084ea39aec84d352dbd3de0f523daaaaac8c7d Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Jun 15 16:20:21 2015 +0200 vhost-user: part of virtio vhost user is related to virtio, add it to the relevant entry. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 46bca5404b08201bb9df1ac32bc88fc7e6db1f74 Merge: f3e3b08 8369e33 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 13:24:50 2015 +0100 Merge remote-tracking branch 'remotes/borntraeger/tags/s390x-20150615' into staging s390x/kvm/watchdog 1. Implement a diag288 based watchdog 2. Fix virtio-ccw BIOS for gcc >= 4.9 # gpg: Signature made Mon Jun 15 12:36:25 2015 BST using RSA key ID B5A61C7C # gpg: Good signature from "Christian Borntraeger (IBM) <borntraeger@xxxxxxxxxx>" * remotes/borntraeger/tags/s390x-20150615: s390/bios: build with -fdelete-null-pointer-checks watchdog: Add new Virtual Watchdog action INJECT-NMI nmi: Implement inject_nmi() for non-monitor context use s390x/watchdog: diag288 migration support s390x/kvm: diag288 instruction interception and handling s390x/watchdog: introduce diag288 watchdog device watchdog: change option wording to allow for more watchdogs Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8369e339d24f365750da456588e742674c153437 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon Jun 15 12:24:03 2015 +0200 s390/bios: build with -fdelete-null-pointer-checks Starting with version 4.9, GCC assumes it can't safely dereference null pointers, and uses this for some optimizations. On s390, the lowcore memory is located at address 0, so this assumption is wrong and breaks the s390-ccw firmware. Pass -fdelete-null-pointer-checks to avoid that. Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1434363843-14576-1-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit d95d7d802c33f6277c9fb967c14ae0cc99aeb072 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Fri Jun 12 14:33:07 2015 +0200 ossaudio: use trace events instead of debug config flag Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit fbb7ef56d55723a4996c288b50a16e6283eea13f Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Fri Jun 12 14:33:06 2015 +0200 alsaaudio: use trace events instead of verbose Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 6dd35fd81e06d469b6f5280adee0a16ee383db57 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Fri Jun 12 14:33:05 2015 +0200 dsoundaudio: remove primary buffer Enabling this option just creates a playback buffer with the specified settings, and then ignores it. It's probably some outdated hack to set audio formats on windows. (The first created stream dictates all other streams settings, at least on some Windows versions). Setting DAC_FIXED_SETTINGS should have the same effect as setting (the now removed) primary buffer. Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2762955f723570944966347600b5746e7dd99388 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Fri Jun 12 14:33:04 2015 +0200 dsoundaudio: remove *_retries kludges According to MSDN this may happen when the window is not in the foreground, but the default is 1 since a long time (which means no retries), so it should be ok. I've found no problems during testing it on Windows 7 and wine, so this was probably only the case with some old Windows versions. Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 73ad33ef7ba0d1e7c7f276663f36c4f72b9193a9 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Fri Jun 12 14:33:03 2015 +0200 audio: remove plive It was useless even 3 years ago, so it can probably safely go away: https://lists.nongnu.org/archive/html/qemu-devel/2012-03/msg02427.html Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 06ac27f683c52890a6d174adba8c92354fa1eceb Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Fri Jun 12 14:33:02 2015 +0200 audio: remove LOG_TO_MONITOR along with default_mon Setting QEMU_AUDIO_LOG_TO_MONITOR=1 can crash qemu (if qemu tries to log to the monitor before it's being initialized), and also nothing else in qemu logs to the monitor. This log to monitor feature was the last thing that used the default_mon variable, so I removed it too (as using it can cause problems). Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 65eb1e6b4c1c4f66deff9cdf9bfbdea267c59343 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Jun 9 12:51:36 2015 +0200 MAINTAINERS: remove malc from audio email bounces, with a appearently permanent error: "av1474@xxxxxxxx mail receiving disabled, rejecting" Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Gonglei <arei.gonglei@xxxxxxxxxx> commit 81ebb07c56a28aa7ca47c38eb44690025a9dd6b9 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:55 2015 +0200 sdlaudio: do not allow multiple instances Since SDL uses a lot of global data, we can't create independent instances of sdl audio backend. Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit d1f52a1d704de2252bc48c64ca4d46086cb249a2 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:54 2015 +0200 coreaudio: do not use global variables where possible Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 191e1f0acd32360b917fa54a52389b97d9b52b6f Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:52 2015 +0200 dsoundaudio: do not use global variables Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 49dd6d0d33e1a59b4055713079e64062bc5092b5 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:53 2015 +0200 paaudio: fix possible resource leak qpa_audio_init did not clean up resources properly if the initialization failed. This hopefully fixes it. Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f2dcc6cec285938967446d412b0477e02e26f3ca Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:51 2015 +0200 wavaudio: do not use global variables Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 4045a85ad1aadb1a56038ed3358e2093ba88f91f Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:50 2015 +0200 ossaudio: do not use global variables Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 765b37da3f2824afd45b38c038af44da42b956f6 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:48 2015 +0200 alsaaudio: do not use global variables Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 9a644c4b4dfc7ebe7994bfa568cbeaa1847ca5ff Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:49 2015 +0200 paaudio: do not use global variables Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 5706db1deb061ee9affdcea81e59c4c2cad7c41e Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:47 2015 +0200 audio: expose drv_opaque to init_out and init_in Currently the opaque pointer returned by audio_driver's init is only exposed to the driver's fini, but not to audio_pcm_ops. This way if someone wants to share a variable with the driver and the pcm, he must use global variables. This patch fixes it by adding a third parameter to audio_pcm_op's init_out and init_in. Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 307119e7d948bcdb5918fd762153deda471e695b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jun 10 09:07:35 2015 +0200 only enable dsound in case the header file is present Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f3e3b083d4c266ea864ae3c83da49d4086857679 Merge: 8aeaa05 67251a3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 15 10:43:06 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer core and image format patches # gpg: Signature made Fri Jun 12 16:08:53 2015 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: (25 commits) block: Fix reopen flag inheritance block: Add BlockDriverState.inherits_from block: Add list of children to BlockDriverState queue.h: Add QLIST_FIX_HEAD_PTR() block: Drain requests before swapping nodes in bdrv_swap() block: Move flag inheritance to bdrv_open_inherit() block: Use QemuOpts in bdrv_open_common() block: Use macro for cache option names vmdk: Use bdrv_open_image() quorum: Use bdrv_open_image() check-qdict: Test cases for new functions qdict: Add qdict_{set,copy}_default() qdict: Add qdict_array_entries() iotests: Add tests for overriding BDRV_O_PROTOCOL block: driver should override flags in bdrv_open() block: Change bitmap truncate conditional to assertion block: record new size in bdrv_dirty_bitmap_truncate raw-posix: Fix .bdrv_co_get_block_status() for unaligned image size vmdk: Use vmdk_find_index_in_cluster everywhere vmdk: Fix index_in_cluster calculation in vmdk_co_get_block_status ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3cec7cc22f95ce31565e8e2c03b06a2f7ae8bc6f Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:46 2015 +0200 audio: remove winwave audio driver DirectSound should be a superior choice on Windows. Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 14382605da6bda74516f275695bd3345bc54c464 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:45 2015 +0200 audio: remove fmod backend Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 0bac111167e33838fa869cacd16f92e5899252b3 Author: KÅ?vágó, Zoltán <dirty.ice.hu@xxxxxxxxx> Date: Wed Jun 3 23:03:44 2015 +0200 audio: remove esd backend ESD is no longer developed and replaced by PulseAudio. Signed-off-by: KÅ?vágó, Zoltán <DirtY.iCE.hu@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 79cb1f1d698da5e1e183863aa3c8a91b2e750664 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Mon Apr 20 16:15:20 2015 +0100 linux-user: Use abi_ulong for TARGET_ELF_PAGESTART TARGET_ELF_PAGESTART is required to use abi_ulong to correctly handle addresses for different target bits width. This patch fixes a problem when running a 64-bit user mode application on 32-bit host machines. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 8be656b87c6bb1b9f8af3ff78094413d71e4443a Author: Alexander Graf <agraf@xxxxxxx> Date: Wed May 6 23:47:32 2015 +0200 linux-user: Allocate thunk size dynamically We store all struct types in an array of static size without ever checking whether we overrun it. Of course some day someone (like me in another, ancient ALSA enabling patch set) will run into the limit without realizing it. So let's make the allocation dynamic. We already know the number of structs that we want to allocate, so we only need to pass the variable into the respective piece of code. Also, to ensure we don't accidently overwrite random memory, add some asserts to sanity check whether a thunk is actually part of our array. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Riku Voipio <riku.voipio@xxxxxxxxxx> commit 8aeaa055f5d3d4e87bf870892ba301eae57bdc1d Merge: 0a2df85 2db33f8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 12 18:04:14 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Fri Jun 12 15:57:47 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: qemu-iotests: expand test 093 to support group throttling throttle: Update throttle infrastructure copyright throttle: add the name of the ThrottleGroup to BlockDeviceInfo throttle: acquire the ThrottleGroup lock in bdrv_swap() throttle: Add throttle group support throttle: Add throttle group infrastructure tests throttle: Add throttle group infrastructure throttle: Extract timers from ThrottleState into a separate structure raw-posix: Fix .bdrv_co_get_block_status() for unaligned image size Revert "iothread: release iothread around aio_poll" Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 67251a311371c4d22e803f151f47fe817175b6c3 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 9 18:54:04 2015 +0200 block: Fix reopen flag inheritance When reopening an image, the block layer already takes care to reopen bs->file as well with recalculated inherited flags. The same must happen for any other child (most notably missing before this patch: backing files). If bs->file (or any other child) didn't originally inherit from bs, e.g. because it was created separately and then only referenced, it must not inherit flags on reopen either, so check the inherited_from field before propagation the reopen down. VMDK already reopened its extents manually; this code can now be dropped. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit bddcec3745b0220d4a7eda700950812a94398668 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 9 18:47:50 2015 +0200 block: Add BlockDriverState.inherits_from Currently, the block layer assumes that any block node can have only one parent, and if it has a parent, that it inherits some options/flags from this parent. This is not true any more: With references used in block device creation, a single node can be used by multiple parents, or it can be created separately and not inherit flags from any parent. To handle reopens correctly, a node must know from which parent it inherited options. This patch adds the information to BlockDriverState. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 6e93e7c41fdfdee3068770cae79380e1d986b76a Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Apr 8 13:49:41 2015 +0200 block: Add list of children to BlockDriverState This allows iterating over all children of a given BDS, not only including bs->file and bs->backing_hd, but also driver-specific ones like VMDK extents or Quorum children. For bdrv_swap(), the list of children of the swapped BDS stays at that BDS (because that's where the pointers stay as well). The list head moves and pointers to it must be fixed up therefore. The list of children in the parent of the swapped BDS is not affected by the swap. The contents of the BDS objects is swapped, so the existing pointer in the parent automatically points to the newly swapped in BDS. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit ae81693004fd95f7013e42811944707a92948d9a Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Jun 10 13:47:35 2015 +0200 queue.h: Add QLIST_FIX_HEAD_PTR() If the head of a list has been moved to a different memory location, the le_prev link in the first list entry has to be fixed up. Provide a macro that implements this fixup. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 6ee4ce1ee75a651c246d926c2302281b51981f6d Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Jun 10 13:33:17 2015 +0200 block: Drain requests before swapping nodes in bdrv_swap() bdrv_swap() requires that there are no requests in flight on either of the two devices. The request coroutine would work on the wrong BlockDriverState object (with bs->opaque even being interpreted as a different type potentially) and all sorts of bad things would result from this. The currently existing callers mostly ensure that there is no I/O pending on nodes that are swapped. In detail, this is: 1. Live snapshots. This goes through qmp_transaction(), which calls bdrv_drain_all() before doing anything. The command is executed synchronously, so no new I/O can be issued concurrently. 2. snapshot=on in bdrv_open(). We're in the middle of opening the image (both the original image and its temporary overlay), so there can't be any I/O in flight yet. 3. Mirroring. bdrv_drain() is already used on the source device so that the mirror doesn't miss anything. However, the main loop runs between that and the bdrv_swap() (which is actually a bug, being addressed in another series), so there is a small window in which new I/O might be issued that would be in flight during bdrv_swap(). It is safer to just drain the request queue of both devices in bdrv_swap() instead of relying on callers to do the right thing. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit f3930ed0bb1945b59da8e591072b5c79606d0760 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Apr 8 13:43:47 2015 +0200 block: Move flag inheritance to bdrv_open_inherit() Instead of letting every caller of bdrv_open() determine the right flags for its child node manually and pass them to the function, pass the parent node and the role of the newly opened child (like backing file, protocol layer, etc.). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 18edf289a8951f3a48caff3b5fe17f2d414c2924 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Apr 7 17:12:56 2015 +0200 block: Use QemuOpts in bdrv_open_common() Instead of manually parsing options and then deleting them from the options QDict, just use QemuOpts like most other places that deal with block device options. More options will be added there and then QemuOpts is a lot more manageable than open-coding everything. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 54861b9280e95dd16c062b26a9d0adfe3608c63c Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Apr 7 16:55:00 2015 +0200 block: Use macro for cache option names Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> commit a646836784a0fc50fee6f9a0d3fb968289714128 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Apr 7 15:35:59 2015 +0200 vmdk: Use bdrv_open_image() Besides standardising on a single interface for opening child nodes, this patch allows the user to specify options to individual extent nodes. Overriding file names isn't possible with this yet, so it's of limited usefulness, but still a step forward. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> commit ea6828d81b34d42f407e8de28694d2751ee660a2 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Jan 21 18:49:28 2015 +0100 quorum: Use bdrv_open_image() Besides standardising on a single interface for opening child nodes, this simplifies the .bdrv_open() implementation of the quorum block driver by using block layer functionality for handling BlockdevRefs. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> commit ef1919df26b9b094aa41733466b134111fcdbd36 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 28 17:37:55 2015 +0200 check-qdict: Test cases for new functions This adds test cases for the following new QDict functions: * qdict_array_entries() * qdict_set_default_str() * qdict_copy_default() Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 7990d2c99c974ae8e3c3f719d8321ddc6eac93bc Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Mon Jan 19 21:22:45 2015 +0100 qdict: Add qdict_{set,copy}_default() In the block layer functions that determine options for a child block device, it's a common pattern to either copy options from the parent's options or to set a default string if the option isn't explicitly set yet for the child. Provide convenience functions so that it becomes a one-liner for each option. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit bd50530a9f40f6560a03caeaaddd451e2ce90ed8 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed Jan 21 17:15:44 2015 +0100 qdict: Add qdict_array_entries() This counts the entries in a flattened array in a QDict without actually splitting the QDict into a QList. bdrv_open_image() doesn't take a QList, but rather a QDict and a key prefix string, so this is more convenient for block drivers which have a dynamically sized list of child nodes (e.g. Quorum) and are to be converted to using bdrv_open_image() as the standard interface for opening child nodes. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 0a2df857a7038c75379cc575de5d4be4c0ac629e Merge: 9faffeb fafa4d5 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 12 15:39:05 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Fri Jun 12 13:57:20 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: qmp/hmp: add rocker device support rocker: bring link up/down on PHY enable/disable rocker: update tests using hw-derived interface names rocker: Add support for phys name iohandler: Change return type of qemu_set_fd_handler to "void" event-notifier: Always return 0 for posix implementation xen_backend: Remove unused error handling of qemu_set_fd_handler oss: Remove unused error handling of qemu_set_fd_handler alsaaudio: Remove unused error handling of qemu_set_fd_handler main-loop: Drop qemu_set_fd_handler2 Change qemu_set_fd_handler2(..., NULL, ...) to qemu_set_fd_handler tap: Drop tap_can_send net/socket: Drop net_socket_can_send netmap: Drop netmap_can_send l2tpv3: Drop l2tpv3_can_send stubs: Add qemu_set_fd_handler Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a68197ff5b11f5a58d48e485d16a36758aeca7f4 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Thu Mar 19 14:53:17 2015 -0400 iotests: Add tests for overriding BDRV_O_PROTOCOL This adds tests for overriding the qemu-internal BDRV_O_PROTOCOL flag by explicitly specifying a block driver. As one test must be run over the NBD protocol while the other must not, this patch adds two separate iotests. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 53a295131274c87914c97053e2ca00f19a9c2efa Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Thu Mar 19 14:53:16 2015 -0400 block: driver should override flags in bdrv_open() The BDRV_O_PROTOCOL flag should have an impact only if no driver is specified explicitly. Therefore, if bdrv_open() is called with an explicit block driver argument (either through the options QDict or through the drv parameter) and that block driver is a protocol block driver, BDRV_O_PROTOCOL should be set; if it is a format block driver, BDRV_O_PROTOCOL should be unset. While there was code to unset the flag in case a format block driver has been selected, it only followed the bdrv_fill_options() function call whereas the flag in fact needs to be adjusted before it is used there. With that change, BDRV_O_PROTOCOL will always be set if the BDS should be a protocol driver; if the driver has been specified explicitly, the new code will set it; and bdrv_fill_options() will only "probe" a protocol driver if BDRV_O_PROTOCOL is set. The probing after bdrv_fill_options() cannot select a protocol driver. Thus, bdrv_open_image() to open BDS.file is never called if a protocol BDS is about to be created. With that change in turn it is impossible to call bdrv_open_common() with a protocol drv and file != NULL, which allows us to remove the bdrv_swap() call. This change breaks a test case in qemu-iotest 051: "-drive file=t.qcow2,file.driver=qcow2" now works because the explicitly specified "qcow2" overrides the BDRV_O_PROTOCOL which is automatically set for the "file" BDS (and the filename is just passed down). Therefore, this patch removes that test case. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 06207b0ff596aa4bb192d1fafc593847ed888e39 Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Jun 10 13:24:54 2015 -0400 block: Change bitmap truncate conditional to assertion This is an artifact of an older version that had both all-bitmap and single-bitmap truncate functions, and some info got lost in the shuffle. Bitmaps can only be frozen during a backup operation, and a backup operation should prevent a resize operation, so just assert that this cannot happen. Suggested-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5270b6a0d0cf41e49d634007ace40f5dfc381940 Author: John Snow <jsnow@xxxxxxxxxx> Date: Mon Jun 8 16:49:15 2015 -0400 block: record new size in bdrv_dirty_bitmap_truncate ce1ffea8 neglected to update the BdrvDirtyBitmap structure itself for internal consistency. It's currently not an issue, but for migration and persistence series this will cause headaches. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b8684454e152ca2e100f4b59d80de2be27186206 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Jun 9 10:45:16 2015 +0200 raw-posix: Fix .bdrv_co_get_block_status() for unaligned image size Image files with an unaligned image size have a final hole that starts at EOF, i.e. in the middle of a sector. Currently, *pnum == 0 is returned when checking the status of this sector. In qemu-img, this triggers an assertion failure. In order to fix this, one type for the sector that contains EOF must be found. Treating a hole as data is safe, so this patch rounds the calculated number of data sectors up, so that a partial sector at EOF is treated as a full data sector. This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1229394 Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Tested-by: Cole Robinson <crobinso@xxxxxxxxxx> commit 90df601f06de14f062d2e8dc1bc57f0decf86fd1 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:02:57 2015 +0800 vmdk: Use vmdk_find_index_in_cluster everywhere Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 61f0ed1d54601b91b8195c1a30d7046f83283b40 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:02:56 2015 +0800 vmdk: Fix index_in_cluster calculation in vmdk_co_get_block_status It has the similar issue with b1649fae49a8. Since the calculation is repeated for a few times already, introduce a function so it can be reused. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit bc85ef265a0118d044ff62ae217c186cb08e0866 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Jun 1 18:09:19 2015 +0200 qcow2: Add DEFAULT_L2_CACHE_CLUSTERS If a relatively large cluster size is chosen, the default of 1 MB L2 cache is not really appropriate. In this case, unless overridden by the user, the default cache size should not be determined by its size in bytes but by the number of L2 tables (clusters) it is supposed to contain. Note that without this patch, MIN_L2_CACHE_SIZE will effectively take over the same role. However, providing space for just two L2 tables is not enough to be the default. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a4291eafc597c0944057930acf3e51d899f79c2e Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Jun 1 18:09:18 2015 +0200 iotests: qcow2 COW with minimal L2 cache size This adds a test case to test 103 for performing a COW operation in a qcow2 image using an L2 cache with minimal size (which should be at least two clusters so the COW can access both source and destination simultaneously). Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 57e216695948a79d9ced82fc217a37cce70fd986 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Jun 1 18:09:17 2015 +0200 qcow2: Set MIN_L2_CACHE_SIZE to 2 The L2 cache must cover at least two L2 tables, because during COW two L2 tables are accessed simultaneously. Reported-by: Alexander Graf <agraf@xxxxxxx> Cc: qemu-stable <qemu-stable@xxxxxxxxxx> Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Tested-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9aa711d75030356f1e179b9f71780da5fd1a45bb Author: Fam Zheng <famz@xxxxxxxxxx> Date: Tue May 19 10:46:13 2015 +0000 qemu-iotests: Fix 128 if sudo required If passwordless "sudo" works, use it in the qemu-io cmd. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ff793890faeb119c8dad53b7ed614407ff7b027a Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 12:01:41 2015 -0400 iotests: remove assertIsNotNone call RHEL6 doesn't have Python 2.7, so replace this call with assertNotEqual(x, None) which will work just as well. Reported-by: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9faffeb7772fddcb5d3fb2dbdcfe7e8a38f01637 Merge: 4cb618a d218b28 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 12 14:31:13 2015 +0100 Merge remote-tracking branch 'remotes/aurel/tags/pull-sh4-next-20150612' into staging sh4 linux-user cpu and hwcap misc optimizations and cleanup convert r2d to new MMIO accessor style # gpg: Signature made Fri Jun 12 11:28:43 2015 BST using RSA key ID 1DDD8C9B # gpg: Good signature from "Aurelien Jarno <aurelien@xxxxxxxxxxx>" # gpg: aka "Aurelien Jarno <aurelien@xxxxxxxx>" # gpg: aka "Aurelien Jarno <aurel32@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 7746 2642 A9EF 94FD 0F77 196D BA9C 7806 1DDD 8C9B * remotes/aurel/tags/pull-sh4-next-20150612: target-sh4: remove dead code target-sh4: factorize fmov implementation target-sh4: split out Q and M from of SR and optimize div1 target-sh4: optimize negc using add2 and sub2 target-sh4: optimize subc using sub2 target-sh4: optimize addc using add2 target-sh4: Split out T from SR target-sh4: use bit number for SR constants sh4/r2d: convert to new MMIO accessor style linux-user: Add HWCAP for SH4 linux-user: Default sh4 to sh7785 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2db33f88d2b340c049c576ad75d442e4b6ffe768 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 8 18:17:48 2015 +0200 qemu-iotests: expand test 093 to support group throttling This patch improves the test by attaching a different number of drives to the VM and putting them in the same throttling group. The test verifies that the I/O is evenly distributed among all members of the group, and that the limits are enforced. By default the test is repeated 3 times with 1, 2 and 3 drives, but the maximum number of simultaneous drives is configurable. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 513df1da5c658878191b579ebcddd985adcd4122.1433779731.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a291d5d9b9940e1b07319041afc2c4b9285b9c48 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 8 18:17:47 2015 +0200 throttle: Update throttle infrastructure copyright Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 07dcd4ed02f0110b13b3140f477b761b8bb8e270.1433779731.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b8fe1694e506362706cde65d1bf55b23e62b150e Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 8 18:17:46 2015 +0200 throttle: add the name of the ThrottleGroup to BlockDeviceInfo Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 172df91f09c69c6f0440a697bbd1b3f95b077ee4.1433779731.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit db6283385cb708b9d589e5b57e96eab4afd0269e Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 8 18:17:45 2015 +0200 throttle: acquire the ThrottleGroup lock in bdrv_swap() bdrv_swap() touches the fields of a BlockDriverState that are protected by the ThrottleGroup lock. Although those fields end up in their original place, they are temporarily swapped in the process, so there's a chance that an operation on a member of the same group happening on a different thread can try to use them. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: d92dc40d7c4f1fc5cda5cbbf4ffb7a4670b79d17.1433779731.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 76f4afb40fa076ed23fe0ab42c7a768ddb71123f Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 8 18:17:44 2015 +0200 throttle: Add throttle group support The throttle group support use a cooperative round robin scheduling algorithm. The principles of the algorithm are simple: - Each BDS of the group is used as a token in a circular way. - The active BDS computes if a wait must be done and arms the right timer. - If a wait must be done the token timer will be armed so the token will become the next active BDS. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: f0082a86f3ac01c46170f7eafe2101a92e8fde39.1433779731.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1fee955f9cc5903b3c7f79bbd90929aefad583a6 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 8 18:17:43 2015 +0200 throttle: Add throttle group infrastructure tests Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: ba7b9dc7fca43efbb31d5f3aad91a8dbdbea635b.1433779731.git.berto@xxxxxxxxxx Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 2ff1f2e3a39daf4a401a8904d00b29ea8c450463 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 8 18:17:42 2015 +0200 throttle: Add throttle group infrastructure Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 2fdb4de17210b733a13eb472c33cd08b45f8fd21.1433779731.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 0e5b0a2d54f4dca2f6d1a676da8ec089dc143001 Author: Benoît Canet <benoit.canet@xxxxxxxxxxxx> Date: Mon Jun 8 18:17:41 2015 +0200 throttle: Extract timers from ThrottleState into a separate structure Group throttling will share ThrottleState between multiple bs. As a consequence the ThrottleState will be accessed by multiple aio context. Timers are tied to their aio context so they must go out of the ThrottleState structure. This commit paves the way for each bs of a common ThrottleState to have its own timer. Signed-off-by: Benoit Canet <benoit.canet@xxxxxxxxxxxx> Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 6cf9ea96d8b32ae2f8769cead38f68a6a0c8c909.1433779731.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit f4a769abaa51badea666093077c50c568c35de17 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Jun 9 10:55:08 2015 +0200 raw-posix: Fix .bdrv_co_get_block_status() for unaligned image size Image files with an unaligned image size have a final hole that starts at EOF, i.e. in the middle of a sector. Currently, *pnum == 0 is returned when checking the status of this sector. In qemu-img, this triggers an assertion failure. In order to fix this, one type for the sector that contains EOF must be found. Treating a hole as data is safe, so this patch rounds the calculated number of data sectors up, so that a partial sector at EOF is treated as a full data sector. This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1229394 Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1433840108-9996-1-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit da5e1de95bb235330d7724316e7a29239d1359d5 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Jun 3 10:15:33 2015 +0100 Revert "iothread: release iothread around aio_poll" This reverts commit a0710f7995f914e3044e5899bd8ff6c43c62f916. In qemu-devel email message <556DBF87.2020908@xxxxxxxxxx>, Christian Borntraeger writes: Having many guests all with a kernel/ramdisk (via -kernel) and several null block devices will result in hangs. All hanging guests are in partition detection code waiting for an I/O to return so very early maybe even the first I/O. Reverting that commit "fixes" the hangs. Reverting this commit for the 2.4 release. More time is needed to investigate and correct this patch. Reported-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Suggested-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit fafa4d508b42a70a59a6bd647a2c0cfad86246c3 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Wed Jun 10 18:21:21 2015 -0700 qmp/hmp: add rocker device support Add QMP/HMP support for rocker devices. This is mostly for debugging purposes to see inside the device's tables and port configurations. Some examples: (qemu) info rocker sw1 name: sw1 id: 0x0000013512005452 ports: 4 (qemu) info rocker-ports sw1 ena/ speed/ auto port link duplex neg? sw1.1 up 10G FD No sw1.2 up 10G FD No sw1.3 !ena 10G FD No sw1.4 !ena 10G FD No (qemu) info rocker-of-dpa-flows sw1 prio tbl hits key(mask) --> actions 2 60 pport 1 vlan 1 LLDP src 00:02:00:00:02:00 dst 01:80:c2:00:00:0e 2 60 pport 1 vlan 1 ARP src 00:02:00:00:02:00 dst 00:02:00:00:03:00 2 60 pport 2 vlan 2 IPv6 src 00:02:00:00:03:00 dst 33:33:ff:00:00:02 proto 58 3 50 vlan 2 dst 33:33:ff:00:00:02 --> write group 0x32000001 goto tbl 60 2 60 pport 2 vlan 2 IPv6 src 00:02:00:00:03:00 dst 33:33:ff:00:03:00 proto 58 3 50 1 vlan 2 dst 33:33:ff:00:03:00 --> write group 0x32000001 goto tbl 60 2 60 pport 2 vlan 2 ARP src 00:02:00:00:03:00 dst 00:02:00:00:02:00 3 50 2 vlan 2 dst 00:02:00:00:02:00 --> write group 0x02000001 goto tbl 60 2 60 1 pport 2 vlan 2 IP src 00:02:00:00:03:00 dst 00:02:00:00:02:00 proto 1 3 50 2 vlan 1 dst 00:02:00:00:03:00 --> write group 0x01000002 goto tbl 60 2 60 1 pport 1 vlan 1 IP src 00:02:00:00:02:00 dst 00:02:00:00:03:00 proto 1 2 60 pport 1 vlan 1 IPv6 src 00:02:00:00:02:00 dst 33:33:ff:00:00:01 proto 58 3 50 vlan 1 dst 33:33:ff:00:00:01 --> write group 0x31000000 goto tbl 60 2 60 pport 1 vlan 1 IPv6 src 00:02:00:00:02:00 dst 33:33:ff:00:02:00 proto 58 3 50 1 vlan 1 dst 33:33:ff:00:02:00 --> write group 0x31000000 goto tbl 60 1 60 173 pport 2 vlan 2 LLDP src <any> dst 01:80:c2:00:00:0e --> write group 0x02000000 1 60 6 pport 2 vlan 2 IPv6 src <any> dst <any> --> write group 0x02000000 1 60 174 pport 1 vlan 1 LLDP src <any> dst 01:80:c2:00:00:0e --> write group 0x01000000 1 60 174 pport 2 vlan 2 IP src <any> dst <any> --> write group 0x02000000 1 60 6 pport 1 vlan 1 IPv6 src <any> dst <any> --> write group 0x01000000 1 60 181 pport 2 vlan 2 ARP src <any> dst <any> --> write group 0x02000000 1 10 715 pport 2 --> apply new vlan 2 goto tbl 20 1 60 177 pport 1 vlan 1 ARP src <any> dst <any> --> write group 0x01000000 1 60 174 pport 1 vlan 1 IP src <any> dst <any> --> write group 0x01000000 1 10 717 pport 1 --> apply new vlan 1 goto tbl 20 1 0 1432 pport 0(0xffff) --> goto tbl 10 (qemu) info rocker-of-dpa-groups sw1 id (decode) --> buckets 0x32000001 (type L2 multicast vlan 2 index 1) --> groups [0x02000001,0x02000000] 0x02000001 (type L2 interface vlan 2 pport 1) --> pop vlan out pport 1 0x01000002 (type L2 interface vlan 1 pport 2) --> pop vlan out pport 2 0x02000000 (type L2 interface vlan 2 pport 0) --> pop vlan out pport 0 0x01000000 (type L2 interface vlan 1 pport 0) --> pop vlan out pport 0 0x31000000 (type L2 multicast vlan 1 index 0) --> groups [0x01000002,0x01000000] [Added "query-" prefixes to rocker.json commands as suggested by Eric Blake <eblake@xxxxxxxxxx>. --Stefan] Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: Jiri Pirko <jiri@xxxxxxxxxxx> Message-id: 1433985681-56138-5-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5ff1547b756a820bc7b695fe393b25d82467d1fe Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Wed Jun 10 18:21:20 2015 -0700 rocker: bring link up/down on PHY enable/disable When the OS driver enables/disables the port, go ahead and set the port's link status to up/down in response to the change. This more closely emulates real hardware when the PHY for the port is brought up/down and the PHY negotiates carrier (link status) with link partner. In the case of qemu, the virtual rocker device can't really do link negotiation with the link partner as that requires signally over a physical medium (the wire), so just pretend the negotiation was successful and bring the link up when the port is enabled. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1433985681-56138-4-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 73da0232098a69d06ce0d49ad8751b7c5e8b9448 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Wed Jun 10 18:21:19 2015 -0700 rocker: update tests using hw-derived interface names With previous patch to support phy name attribute for each port, the OS can name port interfaces using the hw-derived name. So update rocker tests to use the new hw-derived interface names. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1433985681-56138-3-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 773495364ffbfc6a4d1e13e24e932f96409ba1d3 Author: David Ahern <dsahern@xxxxxxxxx> Date: Wed Jun 10 18:21:18 2015 -0700 rocker: Add support for phys name Add ROCKER_TLV_CMD_PORT_SETTINGS_PHYS_NAME to port settings. This attribute exports the port name to the guest OS allowing it to name interfaces with sensible defaults. Mostly done by Scott for phys_id support; adapted to phys_name by David. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: David Ahern <dsahern@xxxxxxxxx> Message-id: 1433985681-56138-2-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit f4d248bdc33167ab9e91b1470ef47a61dffd0b38 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:24 2015 +0800 iohandler: Change return type of qemu_set_fd_handler to "void" Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-14-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1e354528bdaf9671ffc94e531e6967233abe7b8f Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:23 2015 +0800 event-notifier: Always return 0 for posix implementation qemu_set_fd_handler cannot fail, let's always return 0. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-13-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6b5166f8a82888638bb9aba9dc49aa7fa25f292f Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:22 2015 +0800 xen_backend: Remove unused error handling of qemu_set_fd_handler The function cannot fail, so the check is superfluous. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-12-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b027a538c6790bcfc93ef7f4819fe3e581445959 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:21 2015 +0800 oss: Remove unused error handling of qemu_set_fd_handler The function cannot fail, so the check is superfluous. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-11-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit be93f216278d84d283187c95cef16c0b60b711b8 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:20 2015 +0800 alsaaudio: Remove unused error handling of qemu_set_fd_handler The function cannot fail, so the check is superfluous. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-10-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6484e422479c93f28e3f8a68258b0eacd3b31e6d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:19 2015 +0800 main-loop: Drop qemu_set_fd_handler2 All users are converted to qemu_set_fd_handler now, drop qemu_set_fd_handler2 and IOHandlerRecord.fd_read_poll. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-9-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 82e1cc4bf91a2e1c3b62297b10b0ab1d93adfc45 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:18 2015 +0800 Change qemu_set_fd_handler2(..., NULL, ...) to qemu_set_fd_handler Done with following Coccinelle semantic patch, plus manual cosmetic changes in net/*.c. @@ expression E1, E2, E3, E4; @@ - qemu_set_fd_handler2(E1, NULL, E2, E3, E4); + qemu_set_fd_handler(E1, E2, E3, E4); Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-8-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a90a7425cf592a3afeff3eaf32f543b83050ee5c Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:17 2015 +0800 tap: Drop tap_can_send This callback is called by main loop before polling s->fd, if it returns false, the fd will not be polled in this iteration. This is redundant with checks inside read callback. After this patch, the data will be sent to peer when it arrives. If the device can't receive, it will be queued to incoming_queue, and when the device status changes, this queue will be flushed. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-7-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6e99c631f116221d169ea53953d91b8aa74d297a Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:16 2015 +0800 net/socket: Drop net_socket_can_send This callback is called by main loop before polling s->fd, if it returns false, the fd will not be polled in this iteration. This is redundant with checks inside read callback. After this patch, the data will be sent to peer when it arrives. If the device can't receive, it will be queued to incoming_queue, and when the device status changes, this queue will be flushed. If the peer is not ready, disable the read poll until send completes. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-6-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e8dd1d9c396104f0fac4b39a701143df49df2a74 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:15 2015 +0800 netmap: Drop netmap_can_send This callback is called by main loop before polling s->fd, if it returns false, the fd will not be polled in this iteration. This is redundant with checks inside read callback. After this patch, the data will be copied from s->fd to s->iov when it arrives. If the device can't receive, it will be queued to incoming_queue, and when the device status changes, this queue will be flushed. Also remove the qemu_can_send_packet() check in netmap_send. If it's true, we are good; if it's false, the qemu_sendv_packet_async would return 0 and read poll will be disabled until netmap_send_completed is called. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-5-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 95b1416ae93106923f733941e52dfe55c4318643 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:14 2015 +0800 l2tpv3: Drop l2tpv3_can_send This callback is called by main loop before polling s->fd, if it returns false, the fd will not be polled in this iteration. This is redundant with checks inside read callback. After this patch, the data will be copied from s->fd to s->msgvec when it arrives. If the device can't receive, it will be queued to incoming_queue, and when the device status changes, this queue will be flushed. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-4-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 0bc12c4f7e8b5ff0f83908bdef0c247f1ca1a9d8 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Jun 4 14:45:12 2015 +0800 stubs: Add qemu_set_fd_handler Some qemu_set_fd_handler2 stub callers will be converted to call qemu_set_fd_handler, add this stub for them before making the change. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1433400324-7358-2-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 4cb618abc1818586c08011ff0a84a015787b1672 Merge: a4ef02f 6773f9b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 12 12:49:40 2015 +0100 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150612' into staging MIPS patches 2015-06-12 Changes: * improve dp8393x network card and rc4030 chipset emulation * support misaligned R6 and MSA memory accesses * support MIPS eXtended and Large Physical Addressing * add Config5.FRE bit and ERETNC instruction (Config5.LLB) * support ememsize on MALTA # gpg: Signature made Fri Jun 12 09:38:11 2015 BST using RSA key ID 0B29DA6B # gpg: Good signature from "Leon Alrae <leon.alrae@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 8DD3 2F98 5495 9D66 35D4 4FC0 5211 8E3C 0B29 DA6B * remotes/lalrae/tags/mips-20150612: (29 commits) target-mips: enable XPA and LPA features target-mips: remove misleading comments in translate_init.c target-mips: add MTHC0 and MFHC0 instructions target-mips: add CP0.PageGrain.ELPA support target-mips: support Page Frame Number Extension field target-mips: extend selected CP0 registers to 64-bits in MIPS32 target-mips: correct MFC0 for CP0.EntryLo in MIPS64 net/dp8393x: fix hardware reset net/dp8393x: correctly reset in_use field net/dp8393x: add load/save support net/dp8393x: add PROM to store MAC address net/dp8393x: QOM'ify net/dp8393x: use dp8393x_ prefix for all functions net/dp8393x: do not use old_mmio accesses net/dp8393x: always calculate proper checksums dma/rc4030: convert to QOM dma/rc4030: use trace events instead of custom logging dma/rc4030: document register at offset 0x210 dma/rc4030: do not use old_mmio accesses dma/rc4030: use AddressSpace and address_space_rw in users ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a4ef02fd9b3d12b105b56942166c8364ade9be0f Merge: d8e3b72 4fa3dd1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 12 11:06:03 2015 +0100 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20150612' into staging migration/next for 20150612 # gpg: Signature made Fri Jun 12 05:56:21 2015 BST using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20150612: (21 commits) Remove unneeded memset Rename RDMA structures to make destination clear Teach analyze-migration.py about section footers Add a protective section footer Disable section footers on older machine types Merge section header writing Move loadvm_handlers into MigrationIncomingState Move copy out of qemu_peek_buffer Create MigrationIncomingState qemu_ram_foreach_block: pass up error value, and down the ramblock name Split header writing out of qemu_savevm_state_begin Add qemu_get_counted_string to read a string prefixed by a count byte migration: Use normal VMStateDescriptions for Subsections migration: create savevm_state migration: Remove duplicated assignment of SETUP status rdma: Fix qemu crash when IPv6 address is used for migration arch_init: Clean up the duplicate variable 'len' defining in ram_load() migration: reduce include files migration: Add myself to the copyright list of both files migration: move savevm.c inside migration/ ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d218b28d28b8f4de297bfd35c082b22f153cf0df Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:28:56 2015 +0200 target-sh4: remove dead code Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 91b4d29f4eecab14c5f8888ecd7b3a740ad80b7c Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:28:56 2015 +0200 target-sh4: factorize fmov implementation Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 1d565b21e1aecbb0da6589f3c4ea83c9c788ad63 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:28:56 2015 +0200 target-sh4: split out Q and M from of SR and optimize div1 Splitting Q and M out of SR, it's possible to optimize div1 by using TCG code instead of an helper. At the same time removed the now unused gen_copy_bit_i32 function. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 60eb27fe4951fbe6cf5e24cc3d6df7e97c43a909 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:28:56 2015 +0200 target-sh4: optimize negc using add2 and sub2 Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit d0f44a55fa321e042bd6b2a0fa25ac48864b7a25 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:28:56 2015 +0200 target-sh4: optimize subc using sub2 Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit a2368e01c95a093d250a0e5d3cef53dddf642f1e Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:28:56 2015 +0200 target-sh4: optimize addc using add2 Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 34086945254c035a03e01e472d99e4524a2f2416 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:28:56 2015 +0200 target-sh4: Split out T from SR In preparation for more efficient setting of this field. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 5ed9a259c164bb9fd2a6fe8a363a4bda2e4a5461 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:28:56 2015 +0200 target-sh4: use bit number for SR constants Use the bit number for SR constants instead of using a bit mask. This make possible to also use the constants for shifts. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 563807520ff19e6ed2d40695f543f1fba7ba432f Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:16:43 2015 +0200 sh4/r2d: convert to new MMIO accessor style The documentation is clear to use 16-bit accesses for all registers. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit e42fd944f02dda893fc8773959d6db75f2a49367 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat May 23 15:06:54 2015 -0700 linux-user: Add HWCAP for SH4 Only exposing FPU and LLSC as the only features supported by the translator. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 91c45a38f282b970f443f8e9d6bdb6ffaa00dfbf Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat May 23 15:06:53 2015 -0700 linux-user: Default sh4 to sh7785 Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 7a4dfd1e4a741991df1acf31672b391648e0aa0c Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 10 13:04:17 2014 +0200 virtio-vga: add vgabios configuration Add seavgabios configuration for virtio-vga, hook up the new vgabios in the makefiles. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit a94f0c5ca2f0e3dba4a64f40c9d2e1149017d81d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 10 14:28:48 2014 +0200 virtio-vga: add '-vga virtio' support Some convinience fluff: Add support for '-vga virtio', also add virtio-vga to the list of vga cards so '-device virtio-vga' will turn off the default vga. Written by Dave Airlie and Gerd Hoffmann. Signed-off-by: Dave Airlie <airlied@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit c5d4dac86b61070c078a7b35e25f56d2c8bff508 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 10 14:25:45 2014 +0200 virtio-vga: add virtio gpu device with vga compatibility This patch adds a virtio-vga device. It is simliar to virtio-gpu-pci, but it also adds in vga compatibility, so guests without native virtio-gpu support can drive the device in vga mode. It is compatible with stdvga. Written by Dave Airlie and Gerd Hoffmann. Signed-off-by: Dave Airlie <airlied@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 9eafb62d47ac1c8c2d431e1b4829445444ccc2ee Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 10 14:20:34 2014 +0200 virtio-gpu-pci: add virtio pci support This patch adds virtio-gpu-pci, which is the pci proxy for the virtio gpu device. With this patch in place virtio-gpu is functional. You need a linux guest with a virtio-gpu driver though, and output will appear pretty late in boot, once the kernel initialized drm and fbcon. Written by Dave Airlie and Gerd Hoffmann. Signed-off-by: Dave Airlie <airlied@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2c84167b4efa4a0e81946ef624e96005396e14b2 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Mar 17 08:56:18 2015 +0100 virtio-gpu: fix error message iov limit was raised, but the error message still has the old limit ... Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 6773f9b687e0a8ab4b638ef88d075fb233fb7669 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Apr 14 10:33:43 2015 +0100 target-mips: enable XPA and LPA features Enable XPA in MIPS32R5-generic and LPA in MIPS64R6-generic. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 28b027d5b63c7550c7390041d6dd50948c8f55b8 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Apr 14 10:33:35 2015 +0100 target-mips: remove misleading comments in translate_init.c PABITS are not hardcoded to 36 bits and we do not model 59 PABITS (which is the architectural limit) in QEMU. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 5204ea79ea739b557f47fc4db96c94edcb33a5d6 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Thu Sep 11 16:28:17 2014 +0100 target-mips: add MTHC0 and MFHC0 instructions Implement MTHC0 and MFHC0 instructions. In MIPS32 they are used to access upper word of extended to 64-bits CP0 registers. In MIPS64, when CP0 destination register specified is the EntryLo0 or EntryLo1, bits 1:0 of the GPR appear at bits 31:30 of EntryLo0 or EntryLo1. This is to compensate for RI and XI, which were shifted to bits 63:62 by MTC0 to EntryLo0 or EntryLo1. Therefore creating separate functions for EntryLo0 and EntryLo1. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit e117f52636d04502fab28bd3abe93347c29f39a5 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Apr 14 10:09:38 2015 +0100 target-mips: add CP0.PageGrain.ELPA support CP0.PageGrain.ELPA enables support for large physical addresses. This field is encoded as follows: 0: Large physical address support is disabled. 1: Large physical address support is enabled. If this bit is a 1, the following changes occur to coprocessor 0 registers: - The PFNX field of the EntryLo0 and EntryLo1 registers is writable and concatenated with the PFN field to form the full page frame number. - Access to optional COP0 registers with PA extension, LLAddr, TagLo is defined. P5600 can operate in 32-bit or 40-bit Physical Address Mode. Therefore if XPA is disabled (CP0.PageGrain.ELPA = 0) then assume 32-bit Address Mode. In MIPS64 assume 36 as default PABITS (when CP0.PageGrain.ELPA = 0). env->PABITS value is constant and indicates maximum PABITS available on a core, whereas env->PAMask is calculated from env->PABITS and is also affected by CP0.PageGrain.ELPA. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit cd0d45c40133ef8b409aede5ad8a99aeaf6a70fe Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Thu Sep 11 16:28:16 2014 +0100 target-mips: support Page Frame Number Extension field Update tlb->PFN to contain PFN concatenated with PFNX. PFNX is 0 if large physical address is not supported. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 284b731a6ae47b9ebabb9613e753c4d83cf75dd3 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Jun 9 17:14:13 2015 +0100 target-mips: extend selected CP0 registers to 64-bits in MIPS32 Extend EntryLo0, EntryLo1, LLAddr and TagLo from 32 to 64 bits in MIPS32. Introduce gen_move_low32() function which moves low 32 bits from 64-bit temp to GPR; it sign extends 32-bit value on MIPS64 and truncates on MIPS32. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit b435f3f3d174721382b55bbd0c785ec50c1796a9 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Fri Mar 20 12:06:10 2015 +0000 target-mips: correct MFC0 for CP0.EntryLo in MIPS64 CP0.EntryLo bits 31:30 have to be cleared. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 4fa3dd17dc29c316726f0d4a354a4d895e130c73 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Mon Apr 20 16:57:21 2015 +0100 Remove unneeded memset Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Michael R. Hines <mrhines@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit a97270ad5d6dd0382ecb4568674226c8463e59fb Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Mon Apr 20 16:57:16 2015 +0100 Rename RDMA structures to make destination clear RDMA has two data types that are named confusingly; RDMALocalBlock (pointed to indirectly by local_ram_blocks) RDMARemoteBlock (pointed to by block in RDMAContext) RDMALocalBlocks, as the name suggests is a data strucuture that represents the RDMAable RAM Blocks on the current side of the migration whichever that is. RDMARemoteBlocks is always the shape of the RAMBlocks on the destination, even on the destination. Rename: RDMARemoteBlock -> RDMADestBlock context->'block' -> context->dest_blocks Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Michael R. Hines <mrhines@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 73d9a7961ab1b083fb2095413a3bd091e35f4369 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Tue May 19 12:29:53 2015 +0100 Teach analyze-migration.py about section footers Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit f68945d42bab700d95b87f62e0898606ce2421ed Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Tue May 19 12:29:52 2015 +0100 Add a protective section footer Badly formatted migration streams can go undetected or produce misleading errors due to a lock of checking at the end of sections. In particular a section that adds an extra 0x00 at the end causes what looks like a normal end of stream and thus doesn't produce any errors, and something that ends in a 0x01..0x04 kind of look like real section headers and then fail when the section parser tries to figure out which section they are. This is made worse by the choice of 0x00..0x04 being small numbers that are particularly common in normal section data. This patch adds a section footer consisting of a marker (0x7e - ~) followed by the section-id that was also sent in the header. If they mismatch then it throws an error explaining which section was being loaded. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 37fb569c0198cba58e3e1bdf6b9702c8248b89dd Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Tue May 19 12:29:51 2015 +0100 Disable section footers on older machine types The next patch adds section footers; but we don't want to break migration compatibility so disable them on older machine types Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit ce39bfc9186005d222a78db4a7fbdc83e2d62481 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Tue May 19 12:29:50 2015 +0100 Merge section header writing The header writing for device sections is open coded in a few places, merge it into one. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 1a8f46f8d61ef885ff9d0bda251e4e9830c932ef Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu May 21 13:24:16 2015 +0100 Move loadvm_handlers into MigrationIncomingState In postcopy we need the loadvm_handlers to be used in a couple of different instances of the loadvm loop/routine, and thus it can't be local any more. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 7c1e52ba6f3994dc127118f491258ce84d0beb52 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu May 21 13:24:15 2015 +0100 Move copy out of qemu_peek_buffer qemu_peek_buffer currently copies the data it reads into a buffer, however a future patch wants access to the buffer without the copy, hence rework to remove the copy to the layer above. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit bca7856ae8220d9f15ff0f44b97397529e26a552 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu May 21 13:24:14 2015 +0100 Create MigrationIncomingState There are currently lots of pieces of incoming migration state scattered around, and postcopy is adding more, and it seems better to try and keep it together. allocate MIS in process_incoming_migration_co Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit e3807054e20fb3b94d18cb751c437ee2f43b6fac Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu May 21 13:24:13 2015 +0100 qemu_ram_foreach_block: pass up error value, and down the ramblock name check the return value of the function it calls and error if it's non-0 Fixup qemu_rdma_init_one_block that is the only current caller, and rdma_add_block the only function it calls using it. Pass the name of the ramblock to the function; helps in debugging. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: Michael R. Hines <mrhines@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit f796baa1b3efcf105ba3a465f797e05ac2b3dcfc Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu May 21 13:24:12 2015 +0100 Split header writing out of qemu_savevm_state_begin Split qemu_savevm_state_begin to: qemu_savevm_state_header That writes the initial file header. qemu_savevm_state_begin That sets up devices and does the first device pass. Used later in postcopy. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit b3af1bc9d21e6bec7dfd283d91b465c9f815b6d6 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Thu May 21 13:24:11 2015 +0100 Add qemu_get_counted_string to read a string prefixed by a count byte and use it in loadvm_state and ram_load. Where ever it's used, check the return and error if it failed. Minor: ram_load was using a 257 byte array for its string, the maximum length is 255 bytes + 0 terminator, so fix to 256 Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 5cd8cadae8db905afcbf877cae568c27d1d55a8a Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Tue Sep 23 14:09:54 2014 +0200 migration: Use normal VMStateDescriptions for Subsections We create optional sections with this patch. But we already have optional subsections. Instead of having two mechanism that do the same, we can just generalize it. For subsections we just change: - Add a needed function to VMStateDescription - Remove VMStateSubsection (after removal of the needed function it is just a VMStateDescription) - Adjust the whole tree, moving the needed function to the corresponding VMStateDescription Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 0163a2e025cda6acb33e100d296965671ace17d9 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed May 13 13:37:04 2015 +0200 migration: create savevm_state This way, we will put savevm global state here, instead of lots of variables. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> commit e45a1ebfc65fb23be8cddb684d97eaa92725484d Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Wed May 20 17:14:28 2015 +0200 migration: Remove duplicated assignment of SETUP status We assign the MIGRATION_STATUS_SETUP status in two places. Just in succession. Just remove the second one. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 5b61d5752156dcbbe2bf1366c877a676ed9f8f51 Author: Padmanabh Ratnakar <padmanabh.ratnakar@xxxxxxxxxxxxx> Date: Wed Jun 3 04:44:10 2015 +0530 rdma: Fix qemu crash when IPv6 address is used for migration Qemu crashes when IPv6 address is specified for migration and access to any RDMA uverbs device available on the system is blocked using cgroups. Fix the crash by checking the return value of ibv_open_device routine. Signed-off-by: Meghana Cheripady <meghana.cheripady@xxxxxxxxxxxxx> Signed-off-by: Padmanabh Ratnakar <padmanabh.ratnakar@xxxxxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 5ee6926582cca64238967b2d00d870265cdb10b8 Author: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Date: Fri May 15 17:00:03 2015 +0800 arch_init: Clean up the duplicate variable 'len' defining in ram_load() There are two places that define 'len' variable, It's OK for compiling, but makes it difficult for reading. Remove the local one which defined in the inside 'while' loop. Signed-off-by: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 7205c9ec525fe375dd34c0f116c36dc4aab4c0f7 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Fri May 8 13:54:36 2015 +0200 migration: reduce include files To make changes easier, with the copy, I maintained almost all include files. Now I remove the unnecessary ones on this patch. This compiles on linux x64 with all architectures configured, and cross-compiles for windows 32 and 64 bits. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 76cc7b587f1cd1679821e034a2d9974af9bc7d2b Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Fri May 8 13:20:21 2015 +0200 migration: Add myself to the copyright list of both files If anyone feels like adding himself to the list, just sent me a patch. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit c3049a56d69f1ee7e85b5100ba5d0e3dc69a14f1 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Fri May 8 12:49:01 2015 +0200 migration: move savevm.c inside migration/ Now, everything is in place. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 56e93d26b85bac76b93211393163c2ebcdee9481 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Thu May 7 19:33:31 2015 +0200 migration: move ram stuff to migration/ram For historic reasons, ram migration have been on arch_init.c. Just split it into migration/ram.c, the same that happened with block.c. There is only code movement, no changes altogether. Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 795dc6e46d953d70b4b7ddd3f4956f8f4b9d8565 Author: Mao Chuan Li <maochuan@xxxxxxxxxxxxxxxxxx> Date: Thu Feb 5 18:28:36 2015 +0800 watchdog: Add new Virtual Watchdog action INJECT-NMI This patch allows QEMU to inject a NMI into a guest when the watchdog expires. Signed-off-by: Mao Chuan Li <maochuan@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> CC: Eric Blake <eblake@xxxxxxxxxx> CC: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit f9a535e089abcbc7ac99db83c8c6e4644e395b12 Author: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Date: Thu Feb 5 18:28:35 2015 +0800 nmi: Implement inject_nmi() for non-monitor context use Let's introduce a general "inject_nmi()" function that doesn't rely on the cpu index of the monitor, but uses cpu index 0 as default (except for x86). This function can then later be used from a non-monitor context. Signed-off-by: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> CC: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit d67f5fe63caa0f707fa91c760508c340e050b6f0 Author: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Date: Thu Feb 5 18:28:34 2015 +0800 s390x/watchdog: diag288 migration support Add vmstate structure to keep state and data during migration. Signed-off-by: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 8fc639af4b62930671b6988c1f7eedf9e7c9f7bc Author: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Date: Thu Jun 11 13:55:26 2015 +0200 s390x/kvm: diag288 instruction interception and handling Intercept the diag288 requests from kvm guests, and hand the requested command to the diag288 watchdog device for further handling. Signed-off-by: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 188f24c2c149bcb0088c6317e99e09afc007de34 Author: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Date: Thu Feb 5 18:28:32 2015 +0800 s390x/watchdog: introduce diag288 watchdog device This patch introduces a new diag288 watchdog device that will, just like other watchdogs, monitor a guest and take corresponding actions when it detects that the guest is not responding. diag288 is s390x specific. The wiring to s390x KVM will be done in separate patches. Signed-off-by: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> [split out qemu-option.hx base changes] commit d7933ef3ac81149a51ba43ddac9fe70405008aba Author: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Date: Thu Jun 11 17:32:05 2015 +0200 watchdog: change option wording to allow for more watchdogs We will introduce a new watchdog for s390x. Lets adopt qemu-options.hx to allow more watchdog devices. Signed-off-by: Xu Wang <gesaint@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> [split out qemu-option.hx base changes] commit d8e3b729cf452d2689c8669f1ec18158db29fd5a Merge: afa25c4 4ebc736 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 11 15:33:38 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging pc, acpi, virtio Most notably this includes virtio 1 patches Still not all devices converted, and not fully spec compliant, so disabled by default. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu Jun 11 12:53:08 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: (42 commits) i386/acpi-build: fix PXB workarounds for unsupported BIOSes i386/acpi-build: more traditional _UID and _HID for PXB root buses vhost-scsi: move qdev properties into vhost-scsi.c virtio-9p-device: move qdev properties into virtio-9p-device.c virtio-serial-bus: move qdev properties into virtio-serial-bus.c virtio-rng: move qdev properties into virtio-rng.c virtio-scsi: move qdev properties into virtio-scsi.c virtio-net.h: Remove unsed DEFINE_VIRTIO_NET_PROPERTIES virtio-net: move qdev properties into virtio-net.c virtio-input: emulated devices [pci] virtio-input: core code & base class [pci] pci: add PCI_CLASS_INPUT_* virtio-pci: fill VirtIOPCIRegions early. virtio-pci: drop identical virtio_pci_cap virtio-pci: move cap type to VirtIOPCIRegion virtio-pci: move virtio_pci_add_mem_cap call to virtio_pci_modern_region_map virtio-pci: add virtio_pci_modern_region_map() virtio-pci: add virtio_pci_modern_regions_init() virtio-pci: add struct VirtIOPCIRegion for virtio-1 regions virtio-balloon: switch to virtio_add_feature ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit afa25c4bb5bd0732dca4aa0691fd4682d242925f Merge: 0b70743 08d49df Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 11 14:40:25 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-sdl-20150611-1' into staging sdl2: fix crash in handle_windowevent() when restoring the screen size # gpg: Signature made Thu Jun 11 08:57:38 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-sdl-20150611-1: sdl2: fix crash in handle_windowevent() when restoring the screen size Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0b70743d4f4f260b2fe6ed53fecc6bc6cda13910 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Thu Jun 11 09:44:40 2015 +0100 hw/vfio/platform: replace g_malloc0_n by g_new0 g_malloc0_n() is introduced since glib-2.24 while QEMU currently requires glib-2.22. This may cause a link error on some distributions. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Gonglei <arei.gonglei@xxxxxxxxxx> Acked-by: Alex Williamson <alex.williamson@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 169b71331eaff7a28e3d4fabe8733e7db91f01aa Merge: 39e16a5 5a9259a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 11 12:12:58 2015 +0100 Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20150611-1' into staging spice: fix segfault in qemu_spice_create_update, ui_info tweaks. # gpg: Signature made Thu Jun 11 08:48:49 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/spice/tags/pull-spice-20150611-1: spice: ui_info tweaks spice-display: fix segfault in qemu_spice_create_update Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4ebc736e9938a7e88ecc785734b17145bf802a56 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu Jun 11 02:37:59 2015 +0200 i386/acpi-build: fix PXB workarounds for unsupported BIOSes The patch apci: fix PXB behaviour if used with unsupported BIOS uses the following condition to see if a "PXB mem/IO chunk" has *not* been configured by the BIOS: (!range_base || range_base > range_limit) When this condition evaluates to true, said patch *omits* the corresponding entry from the _CRS. Later on the patch checks for the opposite condition (with the intent of *adding* entries to the _CRS if the "PXB mem/IO chunks" *have* been configured). Unfortunately, the condition was negated incorrectly: only the first ! operator was removed, which led to the nonsensical expression (range_base || range_base > range_limit) leading to bogus entries in the _CRS, and causing BSOD in Windows Server 2012 R2 when it runs on OVMF. The correct negative of the condition seen at the top is (range_base && range_base <= range_limit) Fix the expressions. Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c96d9286a6d70452e5fa4f1e3f840715e325be95 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu Jun 11 02:37:58 2015 +0200 i386/acpi-build: more traditional _UID and _HID for PXB root buses The ACPI specification permits the _HID and _UID objects to evaluate to strings. (See "6.1.5 _HID (Hardware ID)" and "6.1.12 _UID (Unique ID)" in the ACPI v6.0 spec.) With regard to related standards, the UEFI specification can also express a device address composed from string _HID and _UID identifiers, inside the Expanded ACPI Device Path Node. (See "9.3.3 ACPI Device Path", Table 49, in the UEFI v2.5 spec.) However, numeric (integer) contents for both _HID and _UID are more traditional. They are recommended by the UEFI spec for size reasons: [...] the ACPI Device Path node is smaller and should be used if possible to reduce the size of device paths that may potentially be stored in nonvolatile storage [...] External tools support them better (for example the --acpi_hid and --acpi_uid options of "efibootmgr" only take numeric identifiers). Finally, numeric _HID and _UID contents are existing practice in the QEMU source. This patch was tested with a Fedora 20 LiveCD and a preexistent Windows Server 2012 R2 guest. Using "acpidump" and "iasl" in the Fedora guest, we get, in the SSDT: > Scope (\_SB) > { > Device (PC04) > { > Name (_UID, 0x04) // _UID: Unique ID > Name (_HID, EisaId ("PNP0A03") /* PCI Bus */) // _HID: Hardware ID Cc: Marcel Apfelbaum <marcel@xxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 39e16a5b708358202e8d2252e3d84863666dc9e5 Merge: 0e12e61 060ab76 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 11 11:18:11 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-gtk-20150611-1' into staging gtk: don't exit early in case gtk init fails # gpg: Signature made Thu Jun 11 10:38:29 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-gtk-20150611-1: gtk: don't exit early in case gtk init fails Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 060ab76356fff6a420bc881a574c40a5dda086af Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jun 5 13:07:58 2015 +0200 gtk: don't exit early in case gtk init fails Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> commit bd8f1ebce430eb6c1dd92e34baf7bc35aa600464 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:49 2015 +0200 net/dp8393x: fix hardware reset Documentation is not clear of what happens when doing a hardware reset, but firmware expect all registers to be zero unless specified otherwise. This fixes reboot on MIPS Magnum. Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 409b52bfe199d8106dadf7c5ff3d88d2228e89b5 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:48 2015 +0200 net/dp8393x: correctly reset in_use field Don't write more than the field width, which is always 16 bit. Fixes network in NetBSD 5.1/arc Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 1670735dd7087224cf8fabd37c78fc2aa1f0b22f Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:47 2015 +0200 net/dp8393x: add load/save support Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 89ae0ff9b73ee74c9ba707a09a07ad77b9fdccb4 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:46 2015 +0200 net/dp8393x: add PROM to store MAC address Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 104655a5c818ea8de1329cef50d1cc8defc524f3 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:45 2015 +0200 net/dp8393x: QOM'ify Signed-off-by: Laurent Vivier <laurent@xxxxxxxxx> Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 3df5de64f06f6b288b1cf30ce2bad7878a96454b Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:44 2015 +0200 net/dp8393x: use dp8393x_ prefix for all functions Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 84689cbb97d2f8c7bb1ebe069f887eaaaddb0902 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:43 2015 +0200 net/dp8393x: do not use old_mmio accesses Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit f2f62c4db244f392381c9061c4185ced98f9be57 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:42 2015 +0200 net/dp8393x: always calculate proper checksums Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit d791d60f1cf944f578aa26ca9f8903ce5dda1c78 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:41 2015 +0200 dma/rc4030: convert to QOM Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 95c357bc461b00785284403bf56567657d42e915 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:40 2015 +0200 dma/rc4030: use trace events instead of custom logging Remove also unneeded debug logs. Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit dc6e3e1e1aef2e6b2ed2ddf80c9559c91f685ecd Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:39 2015 +0200 dma/rc4030: document register at offset 0x210 Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit b421f3f52aed306ecc69221a13fac22d03905956 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:38 2015 +0200 dma/rc4030: do not use old_mmio accesses Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit dd8205130bab277a27889b6d3c0c6c7651585732 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:37 2015 +0200 dma/rc4030: use AddressSpace and address_space_rw in users Now that rc4030 internally uses an AddressSpace for DMA handling, make its root memory region public. This is especially usefull for dp8393x netcard, which now uses well known QEMU types and methods. Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit a3d586f704609a45b6037534cb2f34da5dfd8895 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:36 2015 +0200 dma/rc4030: create custom DMA address space Add a new memory region in system address space where DMA address space definition (the 'translation table') belongs, so we can update on the fly the DMA address space. Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 9b1d21c53b73c8f8f79e4aae69c4eb7a5270d6d4 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Wed Jun 3 22:45:35 2015 +0200 mips jazz: compile only in 64 bit Remove now useless device models from other MIPS configurations We're now compiling 12 files less than before. Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit ce9782f40ac16660ea9437bfaa2c9c34d5ed8110 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Thu Jun 4 17:00:31 2015 +0100 target-mips: add ERETNC instruction and Config5.LLB bit ERETNC is identical to ERET except that an ERETNC will not clear the LLbit that is set by execution of an LL instruction, and thus when placed between an LL and SC sequence, will never cause the SC to fail. Presence of ERETNC is denoted by the Config5.LLB. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit adc370a48fd26b92188fa4848dfb088578b1936c Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Mon Jun 1 12:13:24 2015 +0100 target-mips: Misaligned memory accesses for MSA MIPS SIMD Architecture vector loads and stores require misalignment support. MSA Memory access should work as an atomic operation. Therefore, it has to check validity of all addresses for a vector store access if it is spanning into two pages. Separating helper functions for each data format as format is known in translation. To use mmu_idx from cpu_mmu_index() instead of calculating it from hflag. Removing save_cpu_state() call in translation because it is able to use cpu_restore_state() on fault as GETRA() is passed. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> [leon.alrae@xxxxxxxxxx: remove unused do_* functions] Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 3b4afc9e75ab1a95f33e41f462921093f8a109c4 Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Mon Jun 1 12:13:23 2015 +0100 softmmu: Add probe_write() Probe for whether the specified guest write access is permitted. If it is not permitted then an exception will be taken in the same way as if this were a real write access (and we will not return). Otherwise the function will return, and there will be a valid entry in the TLB for this access. Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit be3a8c53b4f18bcc51a462d977cc61a0f46ebb1c Author: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Date: Mon Jun 1 12:13:22 2015 +0100 target-mips: Misaligned memory accesses for R6 Release 6 requires misaligned memory access support for all ordinary memory access instructions (for example, LW/SW, LWC1/SWC1). However misaligned support is not provided for certain special memory accesses such as atomics (for example, LL/SC). Signed-off-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 71c199c81d290b2077ee7cf5400332a342de3a97 Author: Paul Burton <paul.burton@xxxxxxxxxx> Date: Mon May 25 14:21:04 2015 +0100 mips_malta: provide ememsize env variable to kernels Commit 94c2b6aff43c (mips_malta: support up to 2GiB RAM) provided support for using over 256MB of RAM with the MIPS Malta board, including capping the memsize variable that QEMUs pseudo-bootloader provides to the kernel at 256MB in order to match YAMON. It didn't however provide the ememsize variable which kernels supporting memory outside of the unmapped address spaces (ie. EVA or highmem) may use to determine the true size of the RAM present in the system. Set ememsize to the size of RAM so that such kernels may use all available memory without the user having to manually specifying its size & location. Signed-off-by: Paul Burton <paul.burton@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 7c979afd11b09a16634699dd6344e3ba10c9677e Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Apr 21 16:06:28 2015 +0100 target-mips: add Config5.FRE support allowing Status.FR=0 emulation This relatively small architectural feature adds the following: FIR.FREP: Read-only. If FREP=1, then Config5.FRE and Config5.UFE are available. Config5.FRE: When enabled all single-precision FP arithmetic instructions, LWC1/LWXC1/MTC1, SWC1/SWXC1/MFC1 cause a Reserved Instructions exception. Config5.UFE: Allows user to write/read Config5.FRE using CTC1/CFC1 instructions. Enable the feature in MIPS64R6-generic CPU. Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit eab9944c7801525737626fa45cddaf00932dd2c8 Author: Leon Alrae <leon.alrae@xxxxxxxxxx> Date: Tue Apr 21 16:06:27 2015 +0100 target-mips: move group of functions above gen_load_fpr32() Move the "Tests" group of functions so that gen_load_fpr32() and gen_store_fpr32() can use generate_exception(). Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 5a9259a0b5d6f9424f94539cd9c715b1d166d90c Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Mar 13 12:21:50 2015 +0100 spice: ui_info tweaks Use the new dpy_ui_info_supported function. Clarifies the control flow. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit c6e484707f28b3e115e64122a0570f6b3c585489 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Jun 9 21:08:47 2015 +0200 spice-display: fix segfault in qemu_spice_create_update Although it is pretty unusual the stride for the guest image and the mirror image maintained by spice-display can be different. So use separate variables for them. https://bugzilla.redhat.com/show_bug.cgi?id=1163047 Cc: qemu-stable@xxxxxxxxxx Reported-by: perrier vincent <clownix@xxxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 0e12e61ff9a3407d123d0dbc4d945aec98d60fdf Merge: 3974c9d 62232bf Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jun 10 18:13:58 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20150610-1' into staging stdvga: factor out mmio subregion init virtio-gpu: add virtio gpu core code, 2d mode # gpg: Signature made Wed Jun 10 10:03:11 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vga-20150610-1: virtio-gpu/2d: add virtio gpu core code virtio: update headers, add virtio-gpu (2d) stdvga: factor out mmio subregion init stdvga: pass VGACommonState instead of PCIVGAState stdvga: fix offset in pci_vga_ioport_read Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 21549a4642e1f1b438ffc31dd9dc35f134b10e5b Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Wed Jun 10 23:04:36 2015 +0800 vhost-scsi: move qdev properties into vhost-scsi.c As only one place in vhost-scsi.c uses DEFINE_VHOST_SCSI_PROPERTIES, there is no need to expose it. Inline it into vhost-scsi.c to avoid wrongly use. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 83a84878da2e00b4d350bd90d6775c1f6320e7b4 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Wed Jun 10 23:04:35 2015 +0800 virtio-9p-device: move qdev properties into virtio-9p-device.c As only one place in virtio-9p-device.c uses DEFINE_VIRTIO_9P_PROPERTIES, there is no need to expose it. Inline it into virtio-9p-device.c to avoid wrongly use. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 448777c411b80df0263eb00b9df2f829cdc7cc9b Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Wed Jun 10 23:04:34 2015 +0800 virtio-serial-bus: move qdev properties into virtio-serial-bus.c As only one place in virtio-serial-bus.c uses DEFINE_VIRTIO_SERIAL_PROPERTIES, there is no need to expose it. Inline it into virtio-serial-bus.c to avoid wrongly use. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fe704809b974d8dd8e020b4d3f48ede338a886fe Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Wed Jun 10 23:04:33 2015 +0800 virtio-rng: move qdev properties into virtio-rng.c As only one place in virtio-rng.c uses DEFINE_VIRTIO_RNG_PROPERTIES, there is no need to expose it. Inline it into virtio-rng.c to avoid wrongly use. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 0c63237a90f37fffe8a8016f24f61bb228653e86 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Wed Jun 10 23:04:32 2015 +0800 virtio-scsi: move qdev properties into virtio-scsi.c As only one place in virtio-scsi.c uses DEFINE_VIRTIO_SCSI_PROPERTIES and DEFINE_VIRTIO_SCSI_FEATURES, there is no need to expose them. Inline them into virtio-scsi.c to avoid wrongly use. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit db58c063e159f02f0232d1557f0930fd32a6580f Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Wed Jun 10 23:04:31 2015 +0800 virtio-net.h: Remove unsed DEFINE_VIRTIO_NET_PROPERTIES Remove unsed DEFINE_VIRTIO_NET_PROPERTIES in virtio-net.h and delete a space typo. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 87108bb26ce04637980c0897caeabee8901e72c9 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Wed Jun 10 23:04:30 2015 +0800 virtio-net: move qdev properties into virtio-net.c As only one place in virtio-net.c uses DEFINE_VIRTIO_NET_FEATURES, there is no need to expose it. Inline it into virtio-net.c to avoid wrongly use. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 710e2d90da1a16807f7885d37b203ce739fdc53a Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:42 2015 +0200 virtio-input: emulated devices [pci] This patch adds virtio-pci support for the emulated virtio-input devices. Using them is as simple as adding "-device virtio-tablet-pci" to your command line. If you want add multiple devices but don't want waste a pci slot for each you can compose a multifunction device this way: qemu -device virtio-keyboard-pci,addr=0d.0,multifunction=on \ -device virtio-tablet-pci,addr=0d.1,multifunction=on Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit f958c8aa138718b8126a300d6faece522f7674b8 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:41 2015 +0200 virtio-input: core code & base class [pci] This patch adds the virtio-pci support bits for virtio-input-device. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ffaa05037134d48e3ccd7ebbf2d58db26590b96d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:40 2015 +0200 pci: add PCI_CLASS_INPUT_* Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b6ce27a593ab39ac28baebc3045901925046bebd Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:39 2015 +0200 virtio-pci: fill VirtIOPCIRegions early. Initialize the modern bar and the VirtIOPCIRegion fields early, in realize. Also add a size field to VirtIOPCIRegion and variables for pci bars to VirtIOPCIProxy. This allows virtio-pci subclasses to change things before the device_plugged callback applies them. virtio-vga will use that to arrange regions in a way that virtio-vga is compatible to both stdvga (in vga mode) and virtio-gpu-pci (in pci mode). Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit cc52ea90f835aa66d431db712b22f8b15bec2e46 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:38 2015 +0200 virtio-pci: drop identical virtio_pci_cap Now the three struct virtio_pci_caps are identical, lets drop two of them ;) Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fc004905c5b4b7568aad50087c156a5f4dfae1a7 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:37 2015 +0200 virtio-pci: move cap type to VirtIOPCIRegion Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 54790d71e4adcfaae95dac3c7019b10721e609de Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:36 2015 +0200 virtio-pci: move virtio_pci_add_mem_cap call to virtio_pci_modern_region_map Also fill offset and length automatically, from VirtIOPCIRegion->offset and region size. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit a3cc2e81592aba6d818005c078b94b16ba47a02c Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:35 2015 +0200 virtio-pci: add virtio_pci_modern_region_map() Add function to map modern virtio regions. Add offset to VirtIOPCIRegion. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1141ce2190c85daacfa9b874476651ed0f7dc6df Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:34 2015 +0200 virtio-pci: add virtio_pci_modern_regions_init() Add init function for the modern pci regions, move over the init code. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 588255ad5021f06789f438f7b045015c54e30841 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:33 2015 +0200 virtio-pci: add struct VirtIOPCIRegion for virtio-1 regions For now just place the MemoryRegion there, following patches will add more. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 40de55affda76392627e68d3b1ba5a6a11c492bc Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:32 2015 +0200 virtio-balloon: switch to virtio_add_feature This was missed during the conversion of feature bit manipulation. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fbdc6892dd8a842a3d86b8315ff56399e0387b74 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jun 4 12:34:31 2015 +0200 virtio_balloon: header update add modern header Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 975acc0ae6d60260859884a9235ae3c62e2969a2 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Jun 4 12:34:30 2015 +0200 virtio-pci: correctly set host notifiers for modern bar Currently, during host notifier set. We only add eventfd for legacy bar, this is not correct since: - Non-transitional device does not have legacy bar, so qemu will crash since proxy->bar was not initialized. - Modern device uses modern bar and notify cap to notify the device, we should add eventfd for proxy->notify. So this patch fixes the above two issues by adding eventfd based on whether legacy or modern device were supported. Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4e93a68eb369b2f7adbef7a4f6afd7a30a0ed927 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:29 2015 +0200 virtio-pci: make modern bar 64bit + prefetchable Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 23c5e3977502a1b57fa2d8cf8cf4b5c9e45f0d1f Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:28 2015 +0200 virtio-pci: change & document virtio pci bar layout. This patch adds variables for the pci bars (to get rid of the magic numbers in the code) and moves the modern virtio bar to region 4 so regions 2+3 are kept free. virtio-vga wants use them. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8aca0d75869f8ad0aa0032c50d8c85dcad65302f Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:27 2015 +0200 virtio-pci: make QEMU_VIRTIO_PCI_QUEUE_MEM_MULT smaller Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit e266d421490e0ae83044bbebb209b2d3650c0ba6 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Jun 4 12:34:26 2015 +0200 virtio-pci: add flags to enable/disable legacy/modern Add VIRTIO_PCI_FLAG_DISABLE_LEGACY and VIRTIO_PCI_FLAG_DISABLE_MODERN for VirtIOPCIProxy->flags. Also add properties for them. They can be used to disable modern (virtio 1.0) or legacy (virtio 0.9) modes. By default only legacy is advertized, modern will be turned on by default once all remaining spec compilance issues are addressed. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 54c720d49d3f9741b52ac95c65a5cc990254a5d8 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jun 4 12:34:25 2015 +0200 virtio-pci: switch to modern accessors for 1.0 virtio 1.0 config space is in LE format for all devices, use modern wrappers when accessed through the 1.0 BAR. Reported-by: Rusty Russell <rusty@xxxxxxxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit adfb743c90c7aa5e92907ce875e4f35747ee1963 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jun 4 12:34:24 2015 +0200 virtio: add modern config accessors virtio 1.0 defines config space as LE, as opposed to pre-1.0 which was native endian. Add API for transports to execute word/dword accesses in little endian format - will be useful for mmio and pci (byte access is also wrapped, for completeness). For simplicity, we still keep config in host native endian format, byteswap to LE on guest access. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b8f059081d93f1802480059d1d49fe5c1d32f60c Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jun 4 12:34:23 2015 +0200 virtio: generation counter support Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit dfb8e184db758bff275f94f7aa634300886cfe21 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jun 4 12:34:22 2015 +0200 virtio-pci: initial virtio 1.0 support This is somewhat functional. With this, and linux driver from my tree, I was able to use virtio net as virtio 1.0 device for light browsing. At the moment, dataplane and vhost code is still missing. Based on Cornelia's virtio 1.0 patchset: Date: Thu, 11 Dec 2014 14:25:02 +0100 From: Cornelia Huck <cornelia.huck@xxxxxxxxxx> To: virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx, qemu-devel@xxxxxxxxxx Cc: rusty@xxxxxxxxxxxxxxx, thuth@xxxxxxxxxxxxxxxxxx, mst@xxxxxxxxxx, Cornelia Huck <cornelia.huck@xxxxxxxxxx> Subject: [PATCH RFC v6 00/20] qemu: towards virtio-1 host support Message-Id: <1418304322-7546-1-git-send-email-cornelia.huck@xxxxxxxxxx> which is itself still missing some core bits. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c17bef33601737e24a3d53259ddb6db28ac4d6d2 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jun 4 12:34:21 2015 +0200 linux-headers: add virtio_pci Easier than duplicating code. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 9a2ba82302bea7faf3b9579f9168b89c73ae34ad Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:20 2015 +0200 vhost: 64 bit features Make sure that all vhost interfaces use 64 bit features, as the virtio core does, and make sure to use ULL everywhere possible to be on the safe side. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b1506132001eee6b11cf23b5968cd66ec141a9ed Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Thu Jun 4 12:34:19 2015 +0200 vhost_net: add version_1 feature Add VERSION_1 to list of features that we should test at the backend. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit df91055db5c9cee93d70ca8c08d72119a240b987 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:18 2015 +0200 virtio-net: enable virtio 1.0 virtio-net (non-vhost) now should have everything in place to support virtio 1.0: let's enable the feature bit for it. Note that VIRTIO_F_VERSION_1 is technically a transport feature; once every device is ready for virtio 1.0, we can move setting this feature bit out of the individual devices. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit bb9d17f831fa8e70494eab8421d83a542e3d8508 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:17 2015 +0200 virtio-net: support longer header virtio-1 devices always use num_buffers in the header, even if mergeable rx buffers have not been negotiated. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b6a3cddb22d3f0f729e267d45f350ae31bdebbcf Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:16 2015 +0200 virtio-net: no writeable mac for virtio-1 Devices operating as virtio 1.0 may not allow writes to the mac address in config space. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 0b352fd680e1ca7827ddea47b5e9b603320913b6 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:15 2015 +0200 virtio: allow to fail setting status virtio-1 allow setting of the FEATURES_OK status bit to fail if the negotiated feature bits are inconsistent: let's fail virtio_set_status() in that case and update virtio-ccw to post an error to the guest. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 6c0196d702e8482a17638ee79f45ce27cdd1ef5d Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:14 2015 +0200 virtio: disallow late feature changes for virtio-1 For virtio-1 devices, the driver must not attempt to set feature bits after it set FEATURES_OK in the device status. Simply reject it in that case. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit f5a5628cf0b65b223fa0c9031714578dfac4cf04 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:13 2015 +0200 dataplane: allow virtio-1 devices Handle endianness conversion for virtio-1 virtqueues correctly. Note that dataplane now needs to be built per-target. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ab223c9518e8c7eb542ef3133de1a34475b69790 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:12 2015 +0200 virtio: allow virtio-1 queue layout For virtio-1 devices, we allow a more complex queue layout that doesn't require descriptor table and rings on a physically-contigous memory area: add virtio_queue_set_rings() to allow transports to set this up. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 3c185597c86b8cd0a07c46e7a5bd5aac28bb7200 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Jun 4 12:34:11 2015 +0200 virtio: endianness checks for virtio 1.0 devices Add code that checks for the VERSION_1 feature bit in order to make decisions about the device's endianness. This allows us to support transitional devices. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 3974c9d8ccfccbd81edc9df271fcae7082f3921d Merge: eed8a8f 5efed5a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jun 10 16:52:34 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-fw_cfg-20150610-1' into staging fw_cfg: drop write support, qemu cmdline support, bugfixes. bios-tables-test: fix smbios test. # gpg: Signature made Wed Jun 10 07:29:53 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-fw_cfg-20150610-1: bios-tables-test: handle false-positive smbios signature matches fw_cfg: insert fw_cfg file blobs via qemu cmdline fw_cfg: prohibit insertion of duplicate fw_cfg file names fw_cfg: prevent selector key conflict fw_cfg: remove support for guest-side data writes fw_cfg: fix FW_CFG_BOOT_DEVICE update on ppc and sparc fw_cfg: add fw_cfg_modify_i16 (update) method QemuOpts: increase number of vm_config_groups Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit eed8a8f572e659c85f8711d79c20da95021e06e2 Merge: e015fe0 7a8d15d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jun 10 15:46:39 2015 +0100 Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150609.0' into staging Initial VFIO platform device support, v2 (Eric Auger, et al.) # gpg: Signature made Tue Jun 9 15:25:40 2015 BST using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex@xxxxxxxxxxx>" # gpg: aka "Alex Williamson <alwillia@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex.l.williamson@xxxxxxxxx>" * remotes/awilliam/tags/vfio-update-20150609.0: hw/vfio/platform: calxeda xgmac device hw/vfio/platform: add irq assignment hw/vfio/platform: vfio-platform skeleton Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e015fe008a3a8901913248cdb50c62dba795c588 Merge: b041114 9f7c594 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Jun 10 15:10:14 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/CVE-2015-3209-pcnet-tx-buffer-fix-pull-request' into staging # gpg: Signature made Wed Jun 10 15:04:11 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/CVE-2015-3209-pcnet-tx-buffer-fix-pull-request: pcnet: force the buffer access to be in bounds during tx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9f7c594c006289ad41169b854d70f5da6e400a2a Author: Petr Matousek <pmatouse@xxxxxxxxxx> Date: Sun May 24 10:53:44 2015 +0200 pcnet: force the buffer access to be in bounds during tx 4096 is the maximum length per TMD and it is also currently the size of the relay buffer pcnet driver uses for sending the packet data to QEMU for further processing. With packet spanning multiple TMDs it can happen that the overall packet size will be bigger than sizeof(buffer), which results in memory corruption. Fix this by only allowing to queue maximum sizeof(buffer) bytes. This is CVE-2015-3209. [Fixed 3-space indentation to QEMU's 4-space coding standard. --Stefan] Signed-off-by: Petr Matousek <pmatouse@xxxxxxxxxx> Reported-by: Matt Tait <matttait@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 24bfa207efb9b9d591552eefc1f414ff33ef0eac Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Jun 4 23:05:58 2015 -0400 vhost: put log correctly in vhost_dev_start() We allocate an dummy log even if the size is zero. So we should put it unconditionally too. Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 62232bf48456bda4058ceae05851bc58c1032338 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Sep 10 14:12:28 2014 +0200 virtio-gpu/2d: add virtio gpu core code This patch adds the core code for virtio gpu emulation, covering 2d support. Written by Dave Airlie and Gerd Hoffmann. Signed-off-by: Dave Airlie <airlied@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 53476e07d299b7fc33fa480db6bd9a6b1e2e8a97 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri May 22 15:37:33 2015 +0200 virtio: update headers, add virtio-gpu (2d) Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 220869e12d96bfb0b44d8e47394587c30e9a093f Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Apr 8 09:50:46 2015 +0200 stdvga: factor out mmio subregion init Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit cf45ec6a52af77ec2cdfe229b6f496a29b8f7886 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Apr 8 09:09:49 2015 +0200 stdvga: pass VGACommonState instead of PCIVGAState Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 24cdff7c8278849747035f9554f8c538beabf949 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Apr 8 09:03:54 2015 +0200 stdvga: fix offset in pci_vga_ioport_read Simliar to pci_vga_ioport_write. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 5efed5a172881f601ac3c57c22ec5c5721f895be Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Mon May 18 08:47:24 2015 -0400 bios-tables-test: handle false-positive smbios signature matches It has been reported that sometimes the .rodata section of SeaBIOS, containing the constant string against which the SMBIOS signature ends up being compared, also falls within the guest f-segment. In that case, the test obviously fails, unless we continue searching for the *real* SMBIOS entry point. Rather than stopping at the first match for the SMBIOS signature ("_SM_") in the f-segment (0xF0000-0xFFFFF), continue scanning until either a valid entry point table is found, or the f-segment has been exhausted. Reported-by: Bruce Rogers <brogers@xxxxxxxx> Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Tested-by: Bruce Rogers <brogers@xxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 81b2b81062612ebeac4cd5333a3b15c7d79a5a3d Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Wed Apr 29 11:21:53 2015 -0400 fw_cfg: insert fw_cfg file blobs via qemu cmdline Allow user supplied files to be inserted into the fw_cfg device before starting the guest. Since fw_cfg_add_file() already disallows duplicate fw_cfg file names, qemu will exit with an error message if the user supplies multiple blobs with the same fw_cfg file name, or if a blob name collides with a fw_cfg name programmatically added from within the QEMU source code. A warning message will be printed if the fw_cfg item name does not begin with the prefix "opt/", which is recommended for external, user provided blobs. Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 0eb973f91521c6bcb6399d25327711d083f6eb10 Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Wed Apr 29 11:21:52 2015 -0400 fw_cfg: prohibit insertion of duplicate fw_cfg file names Exit with an error (instead of simply logging a trace event) whenever the same fw_cfg file name is added multiple times via one of the fw_cfg_add_file[_callback]() host-side API calls. Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 0f9b214139d11ef058fa0f1c11c89e94fa6ef95d Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Wed Apr 29 11:21:51 2015 -0400 fw_cfg: prevent selector key conflict Enforce a single assignment of data for each distinct selector key. Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 023e3148567ac898c7258138f8e86c3c2bb40d07 Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Wed Apr 29 11:21:50 2015 -0400 fw_cfg: remove support for guest-side data writes From this point forward, any guest-side writes to the fw_cfg data register will be treated as no-ops. This patch also removes the unused host-side API function fw_cfg_add_callback(), which allowed the registration of a callback to be executed each time the guest completed a full overwrite of a given fw_cfg data item. Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 48779e501810c5046ff8af7b9cf9c99bec2928a1 Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Mon Jun 8 14:10:45 2015 -0400 fw_cfg: fix FW_CFG_BOOT_DEVICE update on ppc and sparc On ppc, sparc, and sparc64, the value of the FW_CFG_BOOT_DEVICE 16bit fw_cfg entry is repeatedly modified from a series of callbacks, which currently results in the previous value's dynamically allocated memory being leaked. This patch switches updating to the new fw_cfg_modify_i16() call, which does not cause memory leaks. Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 1edd34b638f73d39a175fbc4f9ad5c97800d7470 Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Mon Jun 8 14:10:44 2015 -0400 fw_cfg: add fw_cfg_modify_i16 (update) method Allow the ability to modify the value of an existing 16-bit integer fw_cfg item. Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 1ceaefbd0d09642fcff05c6b8da49ad8fbc050cb Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri May 29 14:37:54 2015 +0200 QemuOpts: increase number of vm_config_groups Adding the fw_cfg cmd line support patch by Gabriel L. Somlo hits the limit. Fix this by making the array larger. Cc: Gabriel L. Somlo <somlo@xxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit b0411142f482df92717f8b4a3b746081a62b724f Merge: 44ee94e 36e60ef Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 9 15:29:34 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150609' into staging Collected TCG patches # gpg: Signature made Tue Jun 9 15:06:18 2015 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20150609: tcg/optimize: rename tcg_constant_folding tcg/optimize: fold constant test in tcg_opt_gen_mov tcg/optimize: fold temp copies test in tcg_opt_gen_mov tcg/optimize: remove opc argument from tcg_opt_gen_mov tcg/optimize: remove opc argument from tcg_opt_gen_movi tcg: fix dead computation for repeated input arguments tcg: fix register allocation with two aliased dead inputs tcg: Handle MO_AMASK in tcg_dump_ops tcg: Mask TCGMemOp appropriately for indexing Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7a8d15d7702444be715b6ae32574659483c0c158 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Tue Jun 9 09:00:07 2015 +0100 hw/vfio/platform: calxeda xgmac device The platform device class has become abstract. This patch introduces a calxeda xgmac device that derives from it. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 36e60ef6ac5d8a262d0fbeedfdb2b588514cb1ea Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jun 4 21:53:27 2015 +0200 tcg/optimize: rename tcg_constant_folding The tcg_constant_folding folding ends up doing all the optimizations (which is a good thing to avoid looping on all ops multiple time), so make it clear and just rename it tcg_optimize. Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1433447607-31184-6-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 97a79eb70dd35a24fda87d86196afba5e6f21c5d Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Fri Jun 5 11:19:18 2015 +0200 tcg/optimize: fold constant test in tcg_opt_gen_mov Most of the calls to tcg_opt_gen_mov are preceeded by a test to check if the source temp is a constant. Fold that into the tcg_opt_gen_mov function. Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1433495958-9508-1-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 5365718a9afeeabde3784d82a542f8ad909b18cf Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jun 4 21:53:25 2015 +0200 tcg/optimize: fold temp copies test in tcg_opt_gen_mov Each call to tcg_opt_gen_mov is preceeded by a test to check if the source and destination temps are copies. Fold that into the tcg_opt_gen_mov function. Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1433447607-31184-4-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 8d6a91602ea824ef4435ea38fd475387eecc098c Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jun 4 21:53:24 2015 +0200 tcg/optimize: remove opc argument from tcg_opt_gen_mov We can get the opcode using the TCGOp pointer. It needs to be dereferenced, but it's anyway done a few lines below to write the new value. Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1433447607-31184-3-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit ebd27391b00cdafc81e0541a940686137b3b48df Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jun 4 21:53:23 2015 +0200 tcg/optimize: remove opc argument from tcg_opt_gen_movi We can get the opcode using the TCGOp pointer. It needs to be dereferenced, but it's anyway done a few lines below to write the new value. Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1433447607-31184-2-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit c19f47bf5e8fe3dbd10206a52d0e6e348f803933 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jun 4 21:47:08 2015 +0200 tcg: fix dead computation for repeated input arguments When the same temp is used twice or more as an input argument to a TCG instruction, the dead computation code doesn't recognize the second use as a dead temp. This is because the temp is marked as live in the same loop where dead inputs are checked. The fix is to split the loop in two parts. This avoid emitting a move and using a register for the movcond instruction when used as "move if true" on x86-64. This might bring more improvements on RISC TCG targets which don't have outputs aliased to inputs. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1433447228-29425-3-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 7e1df267a7e8b39fc0cf1d84d2afc2e88ccbfeac Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Thu Jun 4 21:47:07 2015 +0200 tcg: fix register allocation with two aliased dead inputs For TCG ops with two outputs registers (add2, sub2, div2, div2u), when the same input temp is used for the two inputs aliased to the two outputs, and when these inputs are both dead, the register allocation code wrongly assigned the same register to the same output. This happens for example with sub2 t1, t2, t3, t3, t4, t5, when t3 is not used anymore after the TCG op. In that case the same register is used for t1, t2 and t3. The fix is to look for already allocated aliased input when allocating a dead aliased input and check that the register is not already used. Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Message-Id: <1433447228-29425-2-git-send-email-aurelien@xxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 59c4b7e8dfab0cdc41434fedbf2686222f541e57 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Jun 1 14:38:56 2015 -0700 tcg: Handle MO_AMASK in tcg_dump_ops Reviewed-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Tested-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2b7ec66f025263a5331f37d5ad78a625496fd7bd Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri May 29 09:16:51 2015 -0700 tcg: Mask TCGMemOp appropriately for indexing The addition of MO_AMASK means that places that used inverted masks need to be changed to use positive masks, and places that failed to mask the intended bits need updating. Reviewed-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Tested-by: Yongbok Kim <yongbok.kim@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 44ee94e4862603c2b1b21718effc5f17b39f43bc Merge: b781a60 6028ef0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 9 11:07:41 2015 +0100 Merge remote-tracking branch 'remotes/borntraeger/tags/s390x-20150609' into staging s390x/virtio-ccw: migration and virtio for 2.4 1. Migration fixups 2. virtio 9pfs # gpg: Signature made Tue Jun 9 09:00:05 2015 BST using RSA key ID B5A61C7C # gpg: Good signature from "Christian Borntraeger (IBM) <borntraeger@xxxxxxxxxx>" * remotes/borntraeger/tags/s390x-20150609: s390x/migration: add comment about floating point migration s390x/kvm: always ignore empty vcpu interrupt state virtio-ccw/migration: Migrate config vector for virtio devices virtio-ccw: add support for 9pfs Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b781a60b1054e06de6733b75dd1489afff9c3276 Merge: ee09f84 8190483 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 9 10:05:29 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2015-06-09' into staging Error reporting patches # gpg: Signature made Tue Jun 9 06:42:15 2015 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-error-2015-06-09: vhost-user: Improve -netdev/netdev_add/-net/... error reporting QemuOpts: Convert qemu_opt_foreach() to Error QemuOpts: Drop qemu_opt_foreach() parameter abort_on_failure blkdebug: Simplify passing of Error through qemu_opts_foreach() QemuOpts: Convert qemu_opts_foreach() to Error QemuOpts: Drop qemu_opts_foreach() parameter abort_on_failure vl: Fail right after first bad -object vl: Print -device help at most once vl: Report failure to sandbox at most once Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 08d49df0dbaacc220a099dbfb644e1dc0eda57be Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Jun 8 11:12:15 2015 +0200 sdl2: fix crash in handle_windowevent() when restoring the screen size The Ctrl-Alt-u keyboard shortcut restores the screen to its original size. In the SDL2 UI this is done by destroying the window and creating a new one. The old window emits SDL_WINDOWEVENT_HIDDEN when it's destroyed, but trying to call SDL_GetWindowFromID() from that event's window ID returns a null pointer. handle_windowevent() assumes that the pointer is never null so it results in a crash. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 6028ef075791913228c36f10cb270f1f52e9f076 Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Mon Jun 8 12:21:24 2015 +0200 s390x/migration: add comment about floating point migration commit 46c804def4bd ("s390x: move fpu regs into a subsection of the vmstate") moved the fprs into a subsection and bumped the version number. This will allow to not transfer fprs in the future if necessary. Add a comment to mark the return true as intentional. CC: Juan Quintela <quintela@xxxxxxxxxx> CC: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Message-Id: <1433758884-2997-1-git-send-email-borntraeger@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> commit 8190483196148f765c65785876f7b893d64b6cdd Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 13 14:17:16 2015 +0100 vhost-user: Improve -netdev/netdev_add/-net/... error reporting When -netdev vhost-user fails, it first reports a specific error, then one or more generic ones, like this: $ qemu-system-x86_64 -netdev vhost-user,id=foo,chardev=xxx qemu-system-x86_64: -netdev vhost-user,id=foo,chardev=xxx: chardev "xxx" not found qemu-system-x86_64: -netdev vhost-user,id=foo,chardev=xxx: No suitable chardev found qemu-system-x86_64: -netdev vhost-user,id=foo,chardev=xxx: Device 'vhost-user' could not be initialized With the command line, the messages go to stderr. In HMP, they go to the monitor. In QMP, the last one becomes the error reply, and the others go to stderr. Convert net_init_vhost_user() and its helpers to Error. This suppresses the unwanted unspecific error messages, and makes the specific error the QMP error reply. Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Cc: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 71df1d833776647fc12f5bbcd6d6fe4c5e931094 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 12 08:40:25 2015 +0100 QemuOpts: Convert qemu_opt_foreach() to Error Retain the function value for now, to permit selective conversion of its callers. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 1640b200d53e3d981f12a192fe84b7bb7958c065 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 12 07:45:10 2015 +0100 QemuOpts: Drop qemu_opt_foreach() parameter abort_on_failure When the argument is non-zero, qemu_opt_foreach() stops on callback returning non-zero, and returns that value. When the argument is zero, it doesn't stop, and returns the callback's value from the last iteration. The two callers that pass zero could just as well pass one: * qemu_spice_init()'s callback add_channel() either returns zero or exit()s. * config_write_opts()'s callback config_write_opt() always returns zero. Drop the parameter, and always stop. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 8809cfc38e4e93884d664bb00108fc71b423f589 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 13 13:38:42 2015 +0100 blkdebug: Simplify passing of Error through qemu_opts_foreach() Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: qemu-block@xxxxxxxxxx Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Acked-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 28d0de7a4fb721b06de72970bd163f5183c2188b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 13 13:35:14 2015 +0100 QemuOpts: Convert qemu_opts_foreach() to Error Retain the function value for now, to permit selective conversion of its callers. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Acked-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a4c7367f7dd9348f94dc4298571ed515b8160a27 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 13 11:07:24 2015 +0100 QemuOpts: Drop qemu_opts_foreach() parameter abort_on_failure When the argument is non-zero, qemu_opts_foreach() stops on callback returning non-zero, and returns that value. When the argument is zero, it doesn't stop, and returns the bit-wise inclusive or of all the return values. Funky :) The callers that pass zero could just as well pass one, because their callbacks can't return anything but zero: * qemu_add_globals()'s callback qdev_add_one_global() * qemu_config_write()'s callback config_write_opts() * main()'s callbacks default_driver_check(), drive_enable_snapshot(), vnc_init_func() Drop the parameter, and always stop. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Acked-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8122928a52248e28513c79d9b9929c6d20c866ea Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 13 13:08:36 2015 +0100 vl: Fail right after first bad -object Failure to create an object with -object is a fatal error. However, we delay the actual exit until all -object are processed. On the one hand, this permits detection of genuine additional errors. On the other hand, it can muddy the waters with uninteresting additional errors, e.g. when a later -object tries to reference a prior one that failed. We generally stop right on the first bad option, so do that for -object as well. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 8416abb3b0f42132fc6346c439ec543635075135 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 13 13:02:03 2015 +0100 vl: Print -device help at most once We print it once for each -device help. Not helpful. Stop after the first one. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 092b21aa7edf7962248e731cddaf5350d268e333 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 13 12:59:43 2015 +0100 vl: Report failure to sandbox at most once It's reported once per -sandbox on. Stop on the first failure, like we do for other options. Not fixed: "-sandbox on -sandbox off" should leave the sandbox off. It doesn't. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 38559979bf0095a586f61bc9e028df36673f21a1 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jun 8 09:25:26 2015 -0600 hw/vfio/platform: add irq assignment This patch adds the code requested to assign interrupts to a guest. The interrupts are mediated through user handled eventfds only. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Tested-by: Vikram Sethi <vikrams@xxxxxxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 0ea2730bef0b764ce87f5d6859f9b1eac6069250 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Mon Jun 8 09:25:25 2015 -0600 hw/vfio/platform: vfio-platform skeleton Minimal VFIO platform implementation supporting register space user mapping but not IRQ assignment. Signed-off-by: Kim Phillips <kim.phillips@xxxxxxxxxx> Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Tested-by: Vikram Sethi <vikrams@xxxxxxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit ee09f84e6bf5383a23c9624115c26b72aa1e076c Merge: 2e29dd7 24a3142 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 8 15:57:41 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging * KVM error improvement from Laurent * CONFIG_PARALLEL fix from Mirek * Atomic/optimized dirty bitmap access from myself and Stefan * BUILD_DIR convenience/bugfix from Peter C * Memory leak fix from Shannon * SMM improvements (though still TCG only) from myself and Gerd, acked by mst # gpg: Signature made Fri Jun 5 18:45:20 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: (62 commits) update Linux headers from kvm/next atomics: add explicit compiler fence in __atomic memory barriers ich9: implement SMI_LOCK q35: implement TSEG q35: add test for SMRAM.D_LCK q35: implement SMRAM.D_LCK q35: add config space wmask for SMRAM and ESMRAMC q35: fix ESMRAMC default q35: implement high SMRAM hw/i386: remove smram_update target-i386: use memory API to implement SMRAM hw/i386: add a separate region that tracks the SMRAME bit target-i386: create a separate AddressSpace for each CPU vl: run "late" notifiers immediately qom: add object_property_add_const_link vl: allow full-blown QemuOpts syntax for -global pflash_cfi01: add secure property pflash_cfi01: change to new-style MMIO accessors pflash_cfi01: change big-endian property to BIT type target-i386: wake up processors that receive an SMI ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2e29dd7c44db30e3d3c108ab2a622cbdac6d16f0 Merge: 0daba1f 0ba9888 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 8 14:07:32 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Fri Jun 5 20:59:07 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/ide-pull-request: macio: remove remainder_len DBDMA_io property macio: update comment/constants to reflect the new code macio: switch pmac_dma_write() over to new offset/len implementation macio: switch pmac_dma_read() over to new offset/len implementation fdc-test: Test state for existing cases more thoroughly fdc: Fix MSR.RQM flag fdc: Disentangle phases in fdctrl_read_data() fdc: Code cleanup in fdctrl_write_data() fdc: Use phase in fdctrl_write_data() fdc: Introduce fdctrl->phase fdc: Rename fdctrl_set_fifo() to fdctrl_to_result_phase() fdc: Rename fdctrl_reset_fifo() to fdctrl_to_command_phase() Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0daba1f037ab85be7a9ff7ee37ba6b644c5e7977 Author: Alexander Graf <agraf@xxxxxxx> Date: Fri Jun 5 11:05:03 2015 +0200 machine: Drop use of DEFAULT_RAM_SIZE in help text As of commit 076b35b5a (machine: add default_ram_size to machine class) we no longer have a global default ram size, but instead machine specific defaults. When invoking qemu --help we don't know which machine you selected, so we can't tell the user the default RAM size in the help text anymore now. Thus I don't see an easy way to expose the default ram size to the user in the help text. The easiest option IMHO is to just drop this piece of information. Reported-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> Acked-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Acked-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Message-id: 1433495103-62084-1-git-send-email-agraf@xxxxxxx [PMM: rewrapped long commit message lines] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 779cec4d20907cbccb26fbf5f5c19c6cdee33eff Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Jun 8 10:44:30 2015 +0200 monitor: Fix QMP ABI breakage around "id" Commit 65207c5 accidentally dropped a line of code we need along with a comment that became wrong then. This made QMP reject "id": {"execute": "system_reset", "id": "1"} {"error": {"class": "GenericError", "desc": "QMP input object member 'id' is unexpected"}} Put the lost line right back, so QMP again accepts and returns "id", as promised by the ABI: {"execute": "system_reset", "id": "1"} {"return": {}, "id": "1"} Reported-by: Fabio Fantoni <fabio.fantoni@xxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Don Slutz <dslutz@xxxxxxxxxxx> Tested-by: Fabio Fantoni <fabio.fantoni@xxxxxxx> Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Tested-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-id: 1433753070-12632-2-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 24a314269281a175b5540b3b6a8981ed2e8220e1 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Jun 4 16:38:29 2015 +0200 update Linux headers from kvm/next This is kvm.git commit 05ff30bb56c6b3d3000519d6e02ed35678ddae3b. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3bbf572345c65813f86a8fc434ea1b23beb08e16 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Jun 3 14:21:20 2015 +0200 atomics: add explicit compiler fence in __atomic memory barriers __atomic_thread_fence does not include a compiler barrier; in the C++11 memory model, fences take effect in combination with other atomic operations. GCC implements this by making __atomic_load and __atomic_store access memory as if the pointer was volatile, and leaves no trace whatsoever of acquire and release fences in the compiler's intermediate representation. In QEMU, we want memory barriers to act on all memory, but at the same time we would like to use __atomic_thread_fence for portability reasons. Add compiler barriers manually around the __atomic_thread_fence. Message-Id: <1433334080-14912-1-git-send-email-pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 11e66a15a084cb0820dba13f4ea3b15b0512fd39 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed May 6 10:58:30 2015 +0200 ich9: implement SMI_LOCK Add write mask for the smi enable register, so we can disable write access to certain bits. Open all bits on reset. Disable write access to GBL_SMI_EN when SMI_LOCK (in ich9 lpc pci config space) is set. Write access to SMI_LOCK itself is disabled too. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit bafc90bdc594a4d04db846bd8712bdcec59678a8 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Mon Apr 20 10:55:09 2015 +0200 q35: implement TSEG TSEG provides larger amounts of SMRAM than the 128 KB available with legacy SMRAM and high SMRAM. Route access to tseg into nowhere when enabled, for both cpus and busmaster dma, and add tseg window to smram region, so cpus can access it in smm mode. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 66e2ec2417e72edea1df5fb340b210100b0571b7 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Apr 14 15:11:36 2015 +0200 q35: add test for SMRAM.D_LCK Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> [Fix compilation of the newly introduced test. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 68c77acfb18d28933f17b1c2a842bd936ce7223b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Apr 14 14:03:22 2015 +0200 q35: implement SMRAM.D_LCK Once the SMRAM.D_LCK bit has been set by the guest several bits in SMRAM and ESMRAMC become readonly until the next machine reset. Implement this by updating the wmask accordingly when the guest sets the lock bit. As the lock it itself is locked down too we don't need to worry about the guest clearing the lock bit. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b66a67d7519cb7f980885af5391b1103c42e9b6d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Apr 15 16:48:12 2015 +0200 q35: add config space wmask for SMRAM and ESMRAMC Not all bits in SMRAM and ESMRAMC can be changed by the guest. Add wmask defines accordingly and set them in mch_reset(). Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7744752402d11cebe4c1d4079dcd40d3145eb37b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Apr 15 16:43:24 2015 +0200 q35: fix ESMRAMC default The cache bits in ESMRAMC are hardcoded to 1 (=disabled) according to the q35 mch specs. Add and use a define with this default. While being at it also update the SMRAM default to use the name (no code change, just makes things a bit more readable). Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 64130fa4a1514ae7a580b8d46290a11784770600 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Mar 31 17:13:01 2015 +0200 q35: implement high SMRAM When H_SMRAME is 1, low memory at 0xa0000 is left alone by SMM, and instead the chipset maps the 0xa0000-0xbffff window at 0xfeda0000-0xfedbffff. This affects both the "non-SMM" view controlled by D_OPEN and the SMM view controlled by G_SMRAME, so add two new MemoryRegions and toggle the enabled/disabled state of all four in mch_update_smram. Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3de70c0899db2712a5ae321093aa6173d6f76706 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Mar 31 14:14:28 2015 +0200 hw/i386: remove smram_update It's easier to inline it now that most of its work is done by the CPU (rather than the chipset) through /machine/smram and the memory API. Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f809c605122df291bbb9004dc487bde0969134b5 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Mar 31 14:12:25 2015 +0200 target-i386: use memory API to implement SMRAM Remove cpu_smm_register and cpu_smm_update. Instead, each CPU address space gets an extra region which is an alias of /machine/smram. This extra region is enabled or disabled as the CPU enters/exits SMM. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fe6567d5fddfb7501a352c5e080a9eecf7b89177 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Mar 31 14:10:22 2015 +0200 hw/i386: add a separate region that tracks the SMRAME bit This region is exported at /machine/smram. It is "empty" if SMRAME=0 and points to SMRAM if SMRAME=1. The CPU will enable/disable it as it enters or exits SMRAM. While touching nearby code, the existing memory region setup was slightly inconsistent. The smram_region is *disabled* in order to open SMRAM (because the smram_region shows the low VRAM instead of the RAM at 0xa0000). Because SMRAM is closed at startup, the smram_region must be enabled when creating the i440fx or q35 devices. Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2001d0cd6d55e5efa9956fa8ff8b89034d6a4329 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Mar 31 14:11:09 2015 +0200 target-i386: create a separate AddressSpace for each CPU Different CPUs can be in SMM or not at the same time, thus they will see different things where the chipset places SMRAM. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 71cdd1cb914e24000273bbbfa5fb226cdb8ea265 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Mar 31 14:01:06 2015 +0200 vl: run "late" notifiers immediately If a machine_init_done notifier is added late, as part of a hot-plugged device, run it immediately. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fb9e7e334b54350e8e3b62bd7892b78f63a9d848 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue May 5 18:29:00 2015 +0200 qom: add object_property_add_const_link Suggested-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3751d7c43f795b45ffdb9429cfb09c6beea55c68 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Apr 9 14:16:19 2015 +0200 vl: allow full-blown QemuOpts syntax for -global -global does not work for drivers that have a dot in their name, such as cfi.pflash01. This is just a parsing limitation, because such globals can be declared easily inside a -readconfig file. To allow this usage, support the full QemuOpts key/value syntax for -global too, for example "-global driver=cfi.pflash01,property=secure,value=on". The two formats do not conflict, because the key/value syntax does not have a period before the first equal sign. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f71e42a5c98722d6faa5be84a34fbad90d27dc04 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 8 14:09:43 2015 +0200 pflash_cfi01: add secure property When this property is set, MMIO accesses are only allowed with the MEMTXATTRS_SECURE attribute. This is used for secure access to UEFI variables stored in flash. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5aa113f0a2c245b0a77865e1dd2445bdd24c3ef8 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 8 14:00:53 2015 +0200 pflash_cfi01: change to new-style MMIO accessors This is a required step to implement read_with_attrs and write_with_attrs. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e98094221ec336fcfd0c72c66f280f1cabb16c72 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 8 13:53:29 2015 +0200 pflash_cfi01: change big-endian property to BIT type Make this consistent with the secure property, added in the next patch. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit a9bad65d2c1f61af74ce2ff43238d4b20bf81c3a Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue May 19 13:46:47 2015 +0200 target-i386: wake up processors that receive an SMI An SMI should definitely wake up a processor in halted state! This lets OVMF boot with SMM on multiprocessor systems, although it halts very soon after that with a "CpuIndex != BspIndex" assertion failure. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b4854f1384176d897747de236f426d020668fa3c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Apr 30 12:02:46 2015 +0200 target-i386: set G=1 in SMM big real mode selectors Because the limit field's bits 31:20 is 1, G should be 1. VMX actually enforces this, let's do it for completeness in QEMU as well. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9982f74bad70479939491b69522da047a3be5a0d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 11:40:41 2015 +0200 target-i386: mask NMIs on entry to SMM QEMU is not blocking NMIs on entry to SMM. Implementing this has to cover a few corner cases, because: - NMIs can then be enabled by an IRET instruction and there is no mechanism to _set_ the "NMIs masked" flag on exit from SMM: "A special case can occur if an SMI handler nests inside an NMI handler and then another NMI occurs. [...] When the processor enters SMM while executing an NMI handler, the processor saves the SMRAM state save map but does not save the attribute to keep NMI interrupts disabled. - However, there is some hidden state, because "If NMIs were blocked before the SMI occurred [and no IRET is executed while in SMM], they are blocked after execution of RSM." This is represented by the new HF2_SMM_INSIDE_NMI_MASK bit. If it is zero, NMIs are _unblocked_ on exit from RSM. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3f7d84648607cc0fcb3812bb4b88978e2a7aa24f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 8 14:45:53 2015 +0200 target-i386: Use correct memory attributes for ioport accesses In order to do this, stop using the cpu_in*/out* helpers, and instead access address_space_io directly. cpu_in* and cpu_out* remain for usage in the monitor, in qtest, and in Xen. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b216aa6c0fcbaa8ff4128969c14594896a5485a4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 8 13:39:37 2015 +0200 target-i386: Use correct memory attributes for memory accesses These include page table walks, SVM accesses and SMM state save accesses. The bulk of the patch is obtained with sed -i 's/\(\<[a-z_]*_phys\(_notdirty\)\?\>(cs\)->as,/x86_\1,/' Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f794aa4a2fd772a3ec413c4e478cc23857cfee98 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 8 14:52:04 2015 +0200 target-i386: introduce cpu_get_mem_attrs Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d7a0f71d9aac33e58d39fdbe4861d440af44fa8b Author: Victor CLEMENT <victor.clement@xxxxxxxxxxx> Date: Fri May 29 17:14:06 2015 +0200 icount: print a warning if there is no more deadline in sleep=no mode While qemu is running in sleep=no mode, a warning will be printed when no timer deadline is set. As this mode is intended for getting deterministic virtual time, if no timer is set on the virtual clock this determinism is broken. Signed-off-by: Victor CLEMENT <victor.clement@xxxxxxxxxxx> Message-Id: <1432912446-9811-4-git-send-email-victor.clement@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f1f4b57e88ff7c9cb20b074ff6106fd8f4397baa Author: Victor CLEMENT <victor.clement@xxxxxxxxxxx> Date: Fri May 29 17:14:05 2015 +0200 icount: add sleep parameter to the icount option to set icount_sleep mode The 'sleep' parameter sets the icount_sleep mode, which is enabled by default. To disable it, add the 'sleep=no' parameter (or 'nosleep') to the qemu -icount option. Signed-off-by: Victor CLEMENT <victor.clement@xxxxxxxxxxx> Message-Id: <1432912446-9811-3-git-send-email-victor.clement@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5045e9d912588a7421ab899ba510025722666fd1 Author: Victor CLEMENT <victor.clement@xxxxxxxxxxx> Date: Fri May 29 17:14:04 2015 +0200 icount: implement a new icount_sleep mode toggleing real-time cpu sleep When the icount_sleep mode is disabled, the QEMU_VIRTUAL_CLOCK runs at the maximum possible speed by warping the sleep times of the virtual cpu to the soonest clock deadline. The virtual clock will be updated only according the instruction counter. Signed-off-by: Victor CLEMENT <victor.clement@xxxxxxxxxxx> Message-Id: <1432912446-9811-2-git-send-email-victor.clement@xxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ec05ec26f940564b1e07bf88857035ec27e21dd8 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Sun Mar 29 09:31:43 2015 +0200 memory: use mr->ram_addr in "is this RAM?" assertions mr->terminates alone doesn't guarantee that we are looking at a RAM region. mr->ram_addr also has to be checked, in order to distinguish RAM and I/O regions. So, do the following: 1) add a new define RAM_ADDR_INVALID, and test it in the assertions instead of mr->terminates 2) IOMMU regions were not setting mr->ram_addr to a bogus value, initialize it in the instance_init function so that the new assertions would fire for IOMMU regions as well. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5f2cb94688bd0b2c88e0fc1ac3c4582965b7b106 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Dec 2 11:23:19 2014 +0000 memory: make cpu_physical_memory_sync_dirty_bitmap() fully atomic The fast path of cpu_physical_memory_sync_dirty_bitmap() directly manipulates the dirty bitmap. Use atomic_xchg() to make the test-and-clear atomic. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1417519399-3166-7-git-send-email-stefanha@xxxxxxxxxx> [Only do xchg on nonzero words. - Paolo] Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 03eebc9e3246b9b3f5925aa41f7dfd7c1e467875 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Dec 2 11:23:18 2014 +0000 memory: replace cpu_physical_memory_reset_dirty() with test-and-clear The cpu_physical_memory_reset_dirty() function is sometimes used together with cpu_physical_memory_get_dirty(). This is not atomic since two separate accesses to the dirty memory bitmap are made. Turn cpu_physical_memory_reset_dirty() and cpu_physical_memory_clear_dirty_range_type() into the atomic cpu_physical_memory_test_and_clear_dirty(). Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1417519399-3166-6-git-send-email-stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 20015f72bda7d2f356c43580a5542a659afedf83 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Dec 2 11:23:17 2014 +0000 migration: move dirty bitmap sync to ram_addr.h The dirty memory bitmap is managed by ram_addr.h and copied to migration_bitmap[] periodically during live migration. Move the code to sync the bitmap to ram_addr.h where related code lives. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1417519399-3166-5-git-send-email-stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d114875b9a1c21162f69a12d72f69a22e7bab376 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Dec 2 11:23:16 2014 +0000 memory: use atomic ops for setting dirty memory bits Use set_bit_atomic() and bitmap_set_atomic() so that multiple threads can dirty memory without race conditions. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1417519399-3166-4-git-send-email-stefanha@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 36546e5b803f6e363906607307f27c489441fd15 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Dec 2 11:23:15 2014 +0000 bitmap: add atomic test and clear The new bitmap_test_and_clear_atomic() function clears a range and returns whether or not the bits were set. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1417519399-3166-3-git-send-email-stefanha@xxxxxxxxxx> [Test before xchg; then a full barrier is needed at the end just like in the previous patch. The barrier can be avoided if we did at least one xchg. - Paolo] Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9f02cfc84b85929947b32fe1674fbc6a429f332a Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Dec 2 11:23:14 2014 +0000 bitmap: add atomic set functions Use atomic_or() for atomic bitmaps where several threads may set bits at the same time. This avoids the race condition between threads loading an element, bitwise ORing, and then storing the element. When setting all bits in a word we can avoid atomic ops and instead just use an smp_mb() at the end. Most bitmap users don't need atomicity so introduce new functions. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-Id: <1417519399-3166-2-git-send-email-stefanha@xxxxxxxxxx> [Avoid barrier in the single word case, use full barrier instead of write. - Paolo] Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9460dee4b2258e3990906fb34099481c8334c267 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 11:41:32 2015 +0100 memory: do not touch code dirty bitmap unless TCG is enabled cpu_physical_memory_set_dirty_lebitmap unconditionally syncs the DIRTY_MEMORY_CODE bitmap. This however is unused unless TCG is enabled. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e87f7778b64d4a6a78e16c288c7fdc6c15317d5f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Mar 25 15:21:39 2015 +0100 exec: only check relevant bitmaps for cleanliness Most of the time, not all bitmaps have to be marked as dirty; do not do anything if the interesting ones are already dirty. Previously, any clean bitmap would have cause all the bitmaps to be marked dirty. In fact, unless running TCG most of the time bitmap operations need not be done at all, because memory_region_is_logging returns zero. In this case, skip the call to cpu_physical_memory_range_includes_clean altogether as well. With this patch, cpu_physical_memory_set_dirty_range is called unconditionally, so there need not be anymore a separate call to xen_modified_memory. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 72b47e79cef36ed6ffc718f10e21001d7ec2a66f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 13:48:25 2015 +0200 exec: invert return value of cpu_physical_memory_get_clean, rename While it is obvious that cpu_physical_memory_get_dirty returns true even if a single page is dirty, the same is not true for cpu_physical_memory_get_clean; one would expect that it returns true only if all the pages are clean, but it actually looks for even one clean page. (By contrast, the caller of that function, cpu_physical_memory_range_includes_clean, has a good name). To clarify, rename the function to cpu_physical_memory_all_dirty and return true if _all_ the pages are dirty. This is the opposite of the previous meaning, because "all are 1" is the same as "not (any is 0)", so we have to modify cpu_physical_memory_range_includes_clean as well. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 58d2707e8713ef17b89b8b4c9ce586c76655a385 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 11:56:01 2015 +0100 exec: pass client mask to cpu_physical_memory_set_dirty_range This cuts in half the cost of bitmap operations (which will become more expensive when made atomic) during migration on non-VRAM regions. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fc377bcf617a48233a99a9fe0a26247c38b5cb76 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 14:20:35 2015 +0200 translate-all: make less of tb_invalidate_phys_page_range depend on is_cpu_write_access is_cpu_write_access is only set if tb_invalidate_phys_page_range is called from tb_invalidate_phys_page_fast, and hence from notdirty_mem_write. However: - the code bitmap can be built directly in tb_invalidate_phys_page_fast (unconditionally, since is_cpu_write_access would always be passed as 1); - the virtual address is not needed to mark the page as "not containing code" (dirty code bitmap = 1), so we can also remove that use of is_cpu_write_access. For calls of tb_invalidate_phys_page_range that do not come from notdirty_mem_write, the next call to notdirty_mem_write will notice that the page does not contain code anymore, and will fix up the TLB entry. The parameter needs to remain in order to guard accesses to cpu->mem_io_pc. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9564f52da7eb061326956ed9a468935e3352512d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 14:24:54 2015 +0200 cputlb: remove useless arguments to tlb_unprotect_code_phys, rename These days modification of the TLB is done in notdirty_mem_write, so the virtual address and env pointer as unnecessary. The new name of the function, tlb_unprotect_code, is consistent with tlb_protect_code. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 358653391b0c0beaa0e3f9e28304e1918cd223b3 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 14:20:35 2015 +0200 translate-all: remove unnecessary argument to tb_invalidate_phys_range The is_cpu_write_access argument is always 0, remove it. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 1652b974766401743879d78f796f44b8929b0787 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 14:15:48 2015 +0200 exec: move functions to translate-all.h Remove them from the sundry exec-all.h header, since they are only used by the TCG runtime in exec.c and user-exec.c. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 845b6214a309fa58a4405050bf8313e19fde5c91 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 11:45:53 2015 +0100 exec: use memory_region_get_dirty_log_mask to optimize dirty tracking The memory API can now return the exact set of bitmaps that have to be tracked. Use it instead of the in_migration variable. In the next patches, we will also use it to set only DIRTY_MEMORY_VGA or DIRTY_MEMORY_MIGRATION if necessary. This can make a difference for dataplane, especially after the dirty bitmap is changed to use more expensive atomic operations. Of some interest is the change to stl_phys_notdirty. When migration was introduced, stl_phys_notdirty was changed to effectively behave as stl_phys during migration. In fact, if one looks at the function as it was in the beginning (commit 8df1cd0, physical memory access functions, 2005-01-28), at the time the dirty bitmap was the equivalent of DIRTY_MEMORY_CODE nowadays; hence, the function simply should not touch the dirty code bits. This patch changes it to do the intended thing. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 49dfcec40349245ad365964468b67e132c3cedc7 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 11:35:19 2015 +0100 ram_addr: tweaks to xen_modified_memory Invoke xen_modified_memory from cpu_physical_memory_set_dirty_range_nocode; it is akin to DIRTY_MEMORY_MIGRATION, so set it together with that bitmap. The remaining call from invalidate_and_set_dirty's "else" branch will go away soon. Second, fix the second argument to the function in the cpu_physical_memory_set_dirty_lebitmap call site. That function is only used by KVM, but it is better to be clean anyway. Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 1bfbac4ee16e2ea95d087e0926727d9a113b483e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:57:21 2015 +0100 kvm: remove special handling of DIRTY_MEMORY_MIGRATION in the dirty log mask One recent example is commit 4cc856f (kvm-all: Sync dirty-bitmap from kvm before kvm destroy the corresponding dirty_bitmap, 2015-04-02). Another performance problem is that KVM keeps tracking dirty pages after a failed live migration, which causes bad performance due to disallowing huge page mapping. Thanks to the previous patch, KVM can now stop hooking into log_global_start/stop. This simplifies the KVM code noticeably. Reported-by: Wanpeng Li <wanpeng.li@xxxxxxxxxxxxxxx> Reported-by: Xiao Guangrong <guangrong.xiao@xxxxxxxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6f6a5ef3e429f92f987678ea8c396aab4dc6aa19 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:57:21 2015 +0100 memory: include DIRTY_MEMORY_MIGRATION in the dirty log mask The separate handling of DIRTY_MEMORY_MIGRATION, which does not call log_start/log_stop callbacks when it changes in a region's dirty logging mask, has caused several bugs. One recent example is commit 4cc856f (kvm-all: Sync dirty-bitmap from kvm before kvm destroy the corresponding dirty_bitmap, 2015-04-02). Another performance problem is that KVM keeps tracking dirty pages after a failed live migration, which causes bad performance due to disallowing huge page mapping. This patch removes the root cause of the problem by reporting DIRTY_MEMORY_MIGRATION changes via log_start and log_stop. Note that we now have to rebuild the FlatView when global dirty logging is enabled or disabled; this ensures that log_start and log_stop callbacks are invoked. This will also be used to make the setting of bitmaps conditional. In general, this patch lets users of the memory API ignore the global state of dirty logging if they handle dirty logging generically per region. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit ea8cb1a8d98f5e3822a23a7cecdb4add0f29178b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Apr 27 14:51:31 2015 +0200 kvm: accept non-mapped memory in kvm_dirty_pages_log_change It is okay if memory is not mapped into the guest but has dirty logging enabled. When this happens, KVM will not do anything and only accesses from the host will be logged. This can be triggered by iofuzz. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 677e7805cf95f3b2bca8baf0888d1ebed7f0c606 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:53:21 2015 +0100 memory: track DIRTY_MEMORY_CODE in mr->dirty_log_mask DIRTY_MEMORY_CODE is only needed for TCG. By adding it directly to mr->dirty_log_mask, we avoid testing for TCG everywhere a region is checked for the enabled/disabled state of dirty logging. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 42af3e3a02f6d0c38c46465b7f0311eabf532f77 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 13:30:19 2015 +0200 ui/console: remove dpy_gfx_update_dirty dpy_gfx_update_dirty expects DIRTY_MEMORY_VGA logging to be always on, but that will not be the case soon. Because it computes the memory region on the fly for every update (with memory_region_find), it cannot enable/disable logging by itself. We could always treat updates as invalidations if dirty logging is not enabled, assuming that the board will enable logging on the RAM region that includes the framebuffer. However, the function is unused, so just drop it. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d55d42078bfb507743747b761673507b95a76620 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:46:52 2015 +0100 framebuffer: check memory_region_is_logging framebuffer.c expects DIRTY_MEMORY_VGA logging to be always on, but that will not be the case soon. Because framebuffer.c computes the memory region on the fly for every update (with memory_region_find), it cannot enable/disable logging by itself. Instead, always treat updates as invalidations if dirty logging is not enabled, assuming that the board will enable logging on the RAM region that includes the framebuffer. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b2dfd71c4843a762f2befe702adb249cf55baf66 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Sat Apr 25 14:38:30 2015 +0200 memory: prepare for multiple bits in the dirty log mask When the dirty log mask will also cover other bits than DIRTY_MEMORY_VGA, some listeners may be interested in the overall zero/non-zero value of the dirty log mask; others may be interested in the value of single bits. For this reason, always call log_start/log_stop if bits have respectively appeared or disappeared, and pass the old and new values of the dirty log mask so that listeners can distinguish the kinds of change. For example, KVM checks if dirty logging used to be completely disabled (in log_start) or is now completely disabled (in log_stop). On the other hand, Xen has to check manually if DIRTY_MEMORY_VGA changed, since that is the only bit it cares about. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2d1a35bef0ed96b3f23535e459c552414ccdbafd Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:50:57 2015 +0100 memory: differentiate memory_region_is_logging and memory_region_get_dirty_log_mask For now memory regions only track DIRTY_MEMORY_VGA individually, but this will change soon. To support this, split memory_region_is_logging in two functions: one that returns a given bit from dirty_log_mask, and one that returns the entire mask. memory_region_is_logging gets an extra parameter so that the compiler flags misuse. While VGA-specific users (including the Xen listener!) will want to keep checking that bit, KVM and vhost check for "any bit except migration" (because migration is handled via the global start/stop listener callbacks). Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 5299c0f2cf951c23ec681ff87e455d1cf4ec537b Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 13:12:40 2015 +0200 display: add memory_region_sync_dirty_bitmap calls These are strictly speaking only needed for KVM and Xen, but it's still nice to be consistent. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 74259ae55b15bff4ef7b26faa6431a3ff16d7c9d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:47:45 2015 +0100 display: enable DIRTY_MEMORY_VGA tracking explicitly This will be required soon by the memory core. Tested-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 086f90e890fb25e7f12fbe72fe5a8078792398aa Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 22 12:43:24 2015 +0200 g364fb: remove pointless call to memory_region_set_coalescing Coalescing work on MMIO, not RAM, thus this call has no effect. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit dbddac6da01a13c9d5d162994a0a265173acecab Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:31:53 2015 +0100 memory: the only dirty memory flag for users is DIRTY_MEMORY_VGA DIRTY_MEMORY_MIGRATION is triggered by memory_global_dirty_log_start and memory_global_dirty_log_stop, so it cannot be used with memory_region_set_log. Specify this in the documentation and assert it. Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 6b4ad3b28d4a70ad93f287b50200b04766aeb0de Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Mon May 25 22:38:06 2015 -0700 Makefile.target: set master BUILD_DIR make can be invoked in the individual build dirs to build an individual target or just a single file of a target. e.g. touch translate-all.c make -C microblazeel-softmmu translate-all.o There is however a small bug when using the pixman submodule. config-host.mak will ref BUILD_DIR for the pixman -I CFLAGS: grep BUILD_DIR config-host.mak QEMU_CFLAGS=-I$(SRC_PATH)/pixman/pixman -I$(BUILD_DIR)/pixman/pixman ... This causes a build failure as -I/pixman/pixman (BUILD_DIR=="") will not be found. BUILD_DIR is usually set by the top level Makefile. Just lazy-set it in Makefile.target to the parent directory. Granted, this will not work if the pixman submodule is not prebuilt, but it at least means you can do incremental partial builds once you have done your initial full build (or attempt) from the top level. The next step would be refactor make infrastructure to rebuild pixman on a submake like the one above. Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Message-Id: <1432618686-16077-1-git-send-email-crosthwaite.peter@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit db94604b20278c1dc227a04e4c564d80230e6c3f Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu May 21 15:12:29 2015 +0200 exec: optimize phys_page_set_level phys_page_set_level is writing zeroes to a struct that has just been filled in by phys_map_node_alloc. Instead, tell phys_map_node_alloc whether to fill in the page "as a leaf" or "as a non-leaf". memcpy is faster than struct assignment, which copies each bitfield individually. A compiler bug (https://gcc.gnu.org/PR66391), and small memcpys like this one are special-cased anyway, and optimized to a register move, so just use the memcpy. This cuts the cost of phys_page_set_level from 25% to 5% when booting qboot. Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e4afbf4fb4d026510700cb40bb72dea9aef14e3b Author: Fam Zheng <famz@xxxxxxxxxx> Date: Tue May 19 10:50:59 2015 +0000 qemu-nbd: Switch to qemu_set_fd_handler Achieved by: - Remembering the server fd with a global variable, in order to access it from nbd_client_closed. - Checking nbd_can_accept() and updating server_fd handler whenever client connects or disconnects. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1432032670-15124-3-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit dae02ba55a66cb3194a2410c7725734e5bc6166f Author: Laurent Vivier <lvivier@xxxxxxxxxx> Date: Mon May 18 21:06:47 2015 +0200 ppc: add helpful message when KVM fails to start VCPU On POWER8 systems, KVM checks if VCPU is running on primary threads, and that secondary threads are offline. If this is not the case, ioctl() fails with errno set to EBUSY. QEMU aborts with a non explicit error message: $ ./qemu-system-ppc64 --nographic -machine pseries,accel=kvm error: kvm run failed Device or resource busy To help user to diagnose the problem, this patch adds an informative error message. There is no easy way to check if SMT is enabled before starting the VCPU, and as this case is the only one setting errno to EBUSY, we just check the errno value to display a message. Signed-off-by: Laurent Vivier <lvivier@xxxxxxxxxx> Message-Id: <1431976007-20503-1-git-send-email-lvivier@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 9157eee1b1c076ff3316361b760e891dda13e9bf Author: Miroslav Rezanina <mrezanin@xxxxxxxxxx> Date: Wed May 13 11:39:30 2015 +0200 Move parallel_hds_isa_init to hw/isa/isa-bus.c Disabling CONFIG_PARALLEL cause removing parallel_hds_isa_init defined in parallel.c. This function is called during initialization of some boards so disabling CONFIG_PARALLEL cause build failure. This patch moves parallel_hds_isa_init to hw/isa/isa-bus.c so it is included in case of disabled CONFIG_PARALLEL. Build is successful but qemu will abort with "Unknown device" error when function is called. Signed-off-by: Miroslav Rezanina <mrezanin@xxxxxxxxxx> Message-Id: <1431509970-32154-1-git-send-email-mrezanin@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 00967f4e0bab246679d0ddc32fd31a7179345baf Merge: d6688ba 9814fed Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Jun 5 12:04:41 2015 +0100 Merge remote-tracking branch 'remotes/agraf/tags/signed-s390-for-upstream' into staging Patch queue for s390 - 2015-06-05 This time there are a lot of s390x TCG emulation bug fixes - almost all of them from Aurelien, who returned from nirvana :). # gpg: Signature made Fri Jun 5 00:39:27 2015 BST using RSA key ID 03FEDC60 # gpg: Good signature from "Alexander Graf <agraf@xxxxxxx>" # gpg: aka "Alexander Graf <alex@xxxxxxxxx>" * remotes/agraf/tags/signed-s390-for-upstream: (34 commits) target-s390x: Only access allocated storage keys target-s390x: fix MVC instruction when areas overlap target-s390x: use softmmu functions for mvcp/mvcs target-s390x: support non current ASC in s390_cpu_handle_mmu_fault target-s390x: add a cpu_mmu_idx_to_asc function target-s390x: implement high-word facility target-s390x: implement load-and-trap facility target-s390x: implement miscellaneous-instruction-extensions facility target-s390x: implement LPDFR and LNDFR instructions target-s390x: implement TRANSLATE EXTENDED instruction target-s390x: implement TRANSLATE AND TEST instruction target-s390x: implement LOAD FP INTEGER instructions target-s390x: move SET DFP ROUNDING MODE to the correct facility target-s390x: move STORE CLOCK FAST to the correct facility target-s390x: change CHRL and CGHRL format to RIL-b target-s390x: fix CLGIT instruction target-s390x: fix exception for invalid operation code target-s390x: implement LAY and LAEY instructions target-s390x: move a few instructions to the correct facility target-s390x: detect tininess before rounding for FP operations ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0ba98885a0e965a17df214ab12b819ef630d8a14 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Thu Jun 4 22:59:37 2015 +0100 macio: remove remainder_len DBDMA_io property Since the block alignment code is now effectively independent of the DMA implementation, this variable is no longer required and can be removed. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1433455177-21243-5-git-send-email-mark.cave-ayland@xxxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit b01d44cd0623dec66e583d6cd2438451443261df Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Thu Jun 4 22:59:36 2015 +0100 macio: update comment/constants to reflect the new code With the offset/len functions taking care of all of the alignment mapping in isolation from the DMA tranasaction, many comments are now unnecessary. Remove these and tidy up a few constants at the same time. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1433455177-21243-4-git-send-email-mark.cave-ayland@xxxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit ac58fe7b2c67a9be142beacd4c6ee51f3264d90f Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Thu Jun 4 22:59:35 2015 +0100 macio: switch pmac_dma_write() over to new offset/len implementation In particular, this fixes a bug whereby chains of overlapping head/tail chains would incorrectly write over each other's remainder cache. This is the access pattern used by OS X/Darwin and fixes an issue with a corrupt Darwin installation in my local tests. While we are here, rename the DBDMA_io struct property remainder to head_remainder for clarification. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1433455177-21243-3-git-send-email-mark.cave-ayland@xxxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 0389b8f8c7688fe512e16bdc00c5f35d2d8df12c Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Thu Jun 4 22:59:34 2015 +0100 macio: switch pmac_dma_read() over to new offset/len implementation For better handling of unaligned block device accesses. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1433455177-21243-2-git-send-email-mark.cave-ayland@xxxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 9814fed0afa73f5c37f04e02ec17c915a5d59303 Author: Alexander Graf <agraf@xxxxxxx> Date: Thu Jun 4 00:52:44 2015 +0200 target-s390x: Only access allocated storage keys We allocate ram_size / PAGE_SIZE storage keys, so we need to make sure that we only access that many. Unfortunately the code can overrun this array by one, potentially overwriting unrelated memory. Fix it by limiting storage keys to their scope. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> commit 068593deea6cc61b06243a33c7fcfadb1650b654 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:56 2015 +0200 target-s390x: fix MVC instruction when areas overlap The MVC instruction and the memmove C funtion do not have the same semantic when memory areas overlap: MVC: When the operands overlap, the result is obtained as if the operands were processed one byte at a time and each result byte were stored immediately after fetching the necessary operand byte. memmove: Copying takes place as though the bytes in src are first copied into a temporary array that does not overlap src or dest, and the bytes are then copied from the temporary array to dest. The behaviour is therefore the same when the destination is at a lower address than the source, but not in the other case. This is actually a trick for propagating a value to an area. While the current code detects that and call memset in that case, it only does for 1-byte value. This trick can and is used for propagating two or more bytes to an area. In the softmmu case, the call to mvc_fast_memmove is correct as the above tests verify that source and destination are each within a page, and both in a different page. The part doing the move 8 bytes by 8 bytes is wrong and we need to check that if the source and destination overlap, they do with a distance of minimum 8 bytes before copying 8 bytes at a time. In the user code, we should check check that the destination is at a lower address than source or than the end of the source is at a lower address than the destination before calling memmove. In the opposite case we fallback to the same code as the softmmu one. Note that l represents (length - 1). Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a3084e8055067b3fe8ed653a609021d2ab368564 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:55 2015 +0200 target-s390x: use softmmu functions for mvcp/mvcs mvcp and mvcs helper get access to the physical memory by a call to mmu_translate for the virtual to real conversion and then using ldb_phys and stb_phys to physically access the data. In practice this is quite slow because it bypasses the QEMU softmmu TLB and because stb_phys calls try to invalidate the corresponding memory for each access. Instead use cpu_ldb_{primary,secondary} for the loads and cpu_stb_{primary,secondary} for the stores. Ideally this should be further optimized by a call to memcpy, but that already improves the boot time of a guest by a factor 1.8. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit c255ac601231e8c53007e10d640722ac58eb77cc Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:54 2015 +0200 target-s390x: support non current ASC in s390_cpu_handle_mmu_fault s390_cpu_handle_mmu_fault currently looks at the current ASC mode defined in PSW mask instead of the MMU index. This prevent emulating easily instructions using a specific ASC mode. Fix that by using the MMU index converted back to ASC using the just added cpu_mmu_idx_to_asc function. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 4decd76d71d6972a59bf0a16d0dea0c83490d001 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:53 2015 +0200 target-s390x: add a cpu_mmu_idx_to_asc function Use constants to define the MMU indexes, and add a function to do the reverse conversion of cpu_mmu_index. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a1f12d855b6ec79a640fa6a74d12884f1646ecfe Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:52 2015 +0200 target-s390x: implement high-word facility Besides RISBHG and RISBLG, all high-word instructions are not implemented. Fix that. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 782a8479522f8e4a596f968e4acad5c10b77e061 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:51 2015 +0200 target-s390x: implement load-and-trap facility At the same time move the trap code from op_ct into gen_trap and use it for all new functions. The value needs to be stored back to register before the exception, but also before the brcond (as we don't use temp locals). That's why we can't use wout helper. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 375ee58bedcda359011fe7fa99e0647f66f9ffa0 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:50 2015 +0200 target-s390x: implement miscellaneous-instruction-extensions facility RISBGN is the same as RISBG, but without setting the condition code. CLT and CLGT are the same as CLRT and CLGRT, but using memory for the second operand. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit df46283ce7be962002a30140a91ffbb56832cc2d Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:49 2015 +0200 target-s390x: implement LPDFR and LNDFR instructions This complete the floating point support sign handling facility. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 3f4de6756cd87b508b37c7ffa93f7b827832c4eb Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:48 2015 +0200 target-s390x: implement TRANSLATE EXTENDED instruction It is part of the basic zArchitecture instructions. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 54f007750978ffbb98ce933077e0d1741e0202b0 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:47 2015 +0200 target-s390x: implement TRANSLATE AND TEST instruction It is part of the basic zArchitecture instructions. Allow it to be call from EXECUTE. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit ed0bcecec105137567f461e5b57834e72c851855 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:46 2015 +0200 target-s390x: implement LOAD FP INTEGER instructions This is needed to pass the gcc.c-torture/execute/ieee/20010114-2.c test in the gcc testsuite. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 9182886d797a20925d801a3378ca5330c0d91dfb Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:45 2015 +0200 target-s390x: move SET DFP ROUNDING MODE to the correct facility It belongs to the DFP rounding facility. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit f7c2114067cc32eb8d8f79b7374a641ec5f4eb72 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:44 2015 +0200 target-s390x: move STORE CLOCK FAST to the correct facility STORE CLOCK FAST should be in the SCF facility. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 74266b4a5837b46477034a39acc2be3a3afba431 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:43 2015 +0200 target-s390x: change CHRL and CGHRL format to RIL-b Change to match the PoP. In practice both format RIL-a and RIL-b have the same fields. They differ on the way we decode the fields, and it's done correctly in QEMU. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 1dedb9b76f061c8da730002f6c21a1fa2b76b106 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:42 2015 +0200 target-s390x: fix CLGIT instruction The COMPARE LOGICAL IMMEDIATE AND TRAP instruction should compare the numbers as unsigned, as its name implies. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 111d7f4a69751d333bac32526cd252add6b071d3 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Wed Jun 3 23:09:41 2015 +0200 target-s390x: fix exception for invalid operation code When an operation code is not recognized (ie invalid instruction) an operation exception should be generated instead of a specification exception. The latter is for valid opcode, with invalid operands or modifiers. This give a very basic GDB support in the guest, as it uses the invalid opcode 0x0001 to generate a trap. Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a1c7610a68795d66249c25166220324d4d0b9289 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:47:31 2015 +0200 target-s390x: implement LAY and LAEY instructions This complete the general-instructions-extension facility, enable it. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> [agraf: remove facility bit] Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 92892330e78ffca7bebf03f4f7161c5bbd6602d2 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:47:30 2015 +0200 target-s390x: move a few instructions to the correct facility LY is part of the long-displacement facility. RISBHG and RISBLG are part of the high-word facility. STCMH is part of the z/Architecture. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 4a33565f9f46145d8cc701ab623b18bf423c469e Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:47:26 2015 +0200 target-s390x: detect tininess before rounding for FP operations The s390x floating point unit detects tininess before rounding, so set the softfloat fp_status up appropriately. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit f821135cdd4df09b1362666ddfbdfd162b905b1f Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:47:25 2015 +0200 target-s390x: silence NaNs for LOAD LENGTHENED and LOAD ROUNDED LOAD LENGTHENED and LOAD ROUNDED are considered as FP operations and thus need to convert input sNaN into corresponding qNaN. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 2daea9c16ffe61377b6e5426d9c52014bf538df3 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:47:24 2015 +0200 target-s390x: define default NaN values Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 1f65958d9c21fd3b461f6b645e7884866313c1f3 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:47:23 2015 +0200 target-s390x: fix MMU index computation The cpu_mmu_index function wrongly looks at PSW P bit to determine the MMU index, while this bit actually only control the use of priviledge instructions. The addressing mode is detected by looking at the PSW ASC bits instead. This used to work more or less correctly up to kernel 3.6 as the kernel was running in primary space and userland in secondary space. Since kernel 3.7 the default is to run the kernel in home space and userland in primary space. While the current QEMU code seems to work it open some security issues, like accessing the lowcore memory in R/W mode from a userspace process once it has been accessed by the kernel (it is then cached by the QEMU TLB). At the same time change the MMU_USER_IDX value so that it matches the value used in recent kernels. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 9bebf9863bd16cc824231ad71959a338dc1819ac Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 25 01:47:22 2015 +0200 target-s390x: fix PSW value on dynamical exception from helpers runtime_exception computes the psw.addr value using the actual exception address and the instruction length computed by calling the get_ilen function. However as explained above the get_ilen code, it returns the actual instruction length, and not the ILC. Therefore there is no need to multiply the value by 2. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit aa752a4afc2a4b7ede58a960a9d553b3fd9e6882 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Tue May 26 11:09:44 2015 +0200 target-s390x: fix LOAD MULTIPLE instruction on page boundary When consecutive memory locations are on page boundary a page fault might occur when using the LOAD MULTIPLE instruction. In that case real hardware doesn't load any register. This is an important detail in case the base register is in the list of registers to be loaded. If a page fault occurs this register might be overwritten and when the instruction is later restarted the wrong base register value is useD. Fix this by first loading the first and last value from memory, hence triggering all possible page faults, and then the remaining registers. This fixes random segmentation faults seen in the guest. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit b8ae94bd398ff772f40fb232887ecbcbd244c3d4 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 18 23:42:29 2015 +0200 target-s390x: implement STPT helper Save the timer target value in the SPT helper, so that the STPT helper can compute the remaining time. This allow the Linux kernel to correctly do time accounting. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit aa9e14e684506e8ddf02bd5cff720520827bf244 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 18 23:42:28 2015 +0200 target-s390x: implement STCKC helper The STCKC instruction just returns the last written clock comparator value and KVM already provides the corresponding variable. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit d9d55f1108f45c866098731d95fef88409ff1e94 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 18 23:42:27 2015 +0200 target-s390x: streamline STCK helper Now that clock_value is only used in one place, we can inline it in the STCK helper. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit c941f07485e56e4b2653048e166b720428307acb Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 18 23:42:26 2015 +0200 target-s390x: simplify SCKC helper The clock comparator and the QEMU timer work the same way, triggering at a given time, they just differ by the origin and the scale. It is therefore possible to go from one to another without using the current clock value. This spares two calls to qemu_clock_get_ns, which probably return slightly different values, possibly reducing the accuracy. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 9cb32c442e11d16b747fa07e29dd29b5d8227b57 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 18 23:42:25 2015 +0200 target-s390x: add a tod2time function Add a tod2time function similar to the time2tod one, instead of open coding the conversion. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a91a1b20a23424412a3e7bb184422ec30ae64453 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 18 15:40:00 2015 +0200 target-s390x: remove unused helpers Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit d30107814c8d02f1896bd57249aef1b5aaed38c9 Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 18 15:39:59 2015 +0200 target-s390x: optimize (negative-) abs computation Now that movcond exists, it's easy to write (negative-) absolute value using TCG code instead of an helper. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 2aaa1940684a3bf2b381fd2a8ff26c287a05109d Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Mon May 18 15:39:58 2015 +0200 target-s390x: fix CC computation for LOAD POSITIVE instructions LOAD POSITIVE instructions (LPR, LPGR and LPGFR) set the following condition code: 0: Result zero; no overflow 1: -- 2: Result greater than zero; no overflow 3: Overflow The current code wrongly returns 1 instead of 2 in case of a result greater than 0. This patches fixes that. This fixes the marshalling of the value '0L' in Python. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit ee0d0be16819896cc6c8018cbe171a632b61489c Author: Aurelien Jarno <aurelien@xxxxxxxxxxx> Date: Sun May 17 01:28:03 2015 +0200 target-s390x: fix CC computation for EX instruction Commit 7a6c7067f optimized CC computation by only saving cc_op before calling helpers as they either don't touch the CC or generate a new static value. This however doesn't work for the EX instruction as the helper changes or not the CC value depending on the actual executed instruction (e.g. MVC vs CLC). This patches force a CC computation before calling the helper. This fixes random memory corruption occuring in guests. Signed-off-by: Aurelien Jarno <aurelien@xxxxxxxxxxx> [agraf: remove set_cc_static in op_ex as suggested by rth] Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit d6688ba17b934f20f5e8953dbaafc9408d8799c5 Merge: 3b730f5 309750f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 4 18:32:44 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging pc, acpi, virtio, tpm This includes pxb support by Marcel, as well as multiple enhancements all over the place. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Thu Jun 4 11:51:02 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: (28 commits) vhost: logs sharing hw/acpi: piix4_pm_init(): take fw_cfg object no more hw/acpi: move "etc/system-states" fw_cfg file from PIIX4 to core hw/acpi: acpi_pm1_cnt_init(): take "disable_s3" and "disable_s4" pc-dimm: don't assert if pc-dimm alignment != hotpluggable mem range size docs: Add PXB documentation apci: fix PXB behaviour if used with unsupported BIOS hw/pxb: add numa_node parameter hw/pci: add support for NUMA nodes hw/pxb: add map_irq func hw/pci: inform bios if the system has extra pci root buses hw/pci: introduce PCI Expander Bridge (PXB) hw/pci: removed 'rootbus nr is 0' assumption from qmp_pci_query hw/acpi: remove from root bus 0 the crs resources used by other buses. hw/acpi: add _CRS method for extra root busses hw/apci: add _PRT method for extra PCI root busses hw/acpi: add support for i440fx 'snooping' root busses hw/pci: extend PCI config access to support devices behind PXB hw/i386: query only for q35/pc when looking for pci host bridge hw/pci: made pci_bus_num a PCIBusClass method ... Conflicts: hw/i386/pc_piix.c Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3b730f570c5872ceea2137848f1d4554d4847441 Merge: 2700a97 1de29ae Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 4 14:04:14 2015 +0100 Merge remote-tracking branch 'remotes/agraf/tags/signed-ppc-for-upstream' into staging Patch queue for ppc - 2015-06-03 Highlights this time around: - sPAPR: endian fixes, speedups, bug fixes, hotplug basics - add default ram size capability for machines (sPAPR defaults to 512MB now) # gpg: Signature made Wed Jun 3 22:59:09 2015 BST using RSA key ID 03FEDC60 # gpg: Good signature from "Alexander Graf <agraf@xxxxxxx>" # gpg: aka "Alexander Graf <alex@xxxxxxxxx>" * remotes/agraf/tags/signed-ppc-for-upstream: (40 commits) softmmu: support up to 12 MMU modes tcg: add TCG_TARGET_TLB_DISPLACEMENT_BITS tci: do not use CPUArchState in tcg-target.h Add David Gibson for sPAPR in MAINTAINERS file pseries: Enable in-kernel H_LOGICAL_CI_{LOAD, STORE} implementations spapr: override default ram size to 512MB machine: add default_ram_size to machine class spapr_pci: emit hotplug add/remove events during hotplug spapr_pci: enable basic hotplug operations pci: make pci_bar useable outside pci.c spapr_pci: create DRConnectors for each PCI slot during PHB realize spapr_pci: add dynamic-reconfiguration option for spapr-pci-host-bridge spapr_drc: add spapr_drc_populate_dt() spapr_events: event-scan RTAS interface spapr_events: re-use EPOW event infrastructure for hotplug events spapr_rtas: add ibm, configure-connector RTAS interface spapr: add rtas_st_buffer_direct() helper spapr_rtas: add get-sensor-state RTAS interface spapr_rtas: add set-indicator RTAS interface spapr_rtas: add get/set-power-level RTAS interfaces ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2700a976dba6b107365aa9af7fd927ffb3dd3b21 Merge: 6fa6b31 de38528 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 4 12:49:15 2015 +0100 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-06-03' into staging trivial patches for 2015-06-03 # gpg: Signature made Wed Jun 3 14:07:47 2015 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-06-03: (30 commits) configure: postfix --extra-cflags to QEMU_CFLAGS cadence_gem: Fix Rx buffer size field mask slirp: use less predictable directory name in /tmp for smb config (CVE-2015-4037) translate-all: delete prototype for non-existent function Add -incoming help text hw/display/tc6393xb.c: Fix misusing qemu_allocate_irqs for single irq hw/arm/nseries.c: Fix misusing qemu_allocate_irqs for single irq hw/alpha/typhoon.c: Fix misusing qemu_allocate_irqs for single irq hw/unicore32/puv3.c: Fix misusing qemu_allocate_irqs for single irq hw/lm32/milkymist.c: Fix misusing qemu_allocate_irqs for single irq hw/lm32/lm32_boards.c: Fix misusing qemu_allocate_irqs for single irq hw/ppc/prep.c: Fix misusing qemu_allocate_irqs for single irq hw/sparc/sun4m.c: Fix misusing qemu_allocate_irqs for single irq hw/timer/arm_timer.c: Fix misusing qemu_allocate_irqs for single irq hw/isa/i82378.c: Fix misusing qemu_allocate_irqs for single irq hw/isa/lpc_ich9.c: Fix misusing qemu_allocate_irqs for single irq hw/i386/pc: Fix misusing qemu_allocate_irqs for single irq hw/intc/exynos4210_gic.c: Fix memory leak by adjusting order hw/arm/omap_sx1.c: Fix memory leak spotted by valgrind hw/ppc/e500.c: Fix memory leak ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 309750fad51f17d1ec6195c5d8ad7d741596ddb6 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Jun 4 05:28:46 2015 -0400 vhost: logs sharing Currently we allocate one vhost log per vhost device. This is sub optimal when: - Guest has several device with vhost as backend - Guest has multiqueue devices In the above cases, we can avoid the memory allocation by sharing a single vhost log among all the vhost devices. This is done through: - Introducing a new vhost_log structure with refcnt inside. - Using a global pointer to vhost_log structure that will be used. And introduce helper to get the log with expected log size and helper to - drop the refcnt to the old log. - Each vhost device still keep track of a pointer to the log that was used. With above, if no resize happens, all vhost device will share a single vhost log. During resize, a new vhost_log structure will be allocated and made for the global pointer. And each vhost devices will drop the refcnt to the old log. Tested by doing scp during migration for a 2 queues virtio-net-pci. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 6fa6b312765f698dc81b2c30e7eeb9683804a05b Merge: d2ceeb1 1b93c9a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 4 11:44:32 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 queue 2015-06-02 # gpg: Signature made Tue Jun 2 20:21:17 2015 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-pull-request: arch_init: Drop target-x86_64.conf target-i386: Register QOM properties for feature flags apic: convert ->busdev.qdev casts to C casts target-i386: Fix signedness of MSR_IA32_APICBASE_BASE pc: Ensure non-zero CPU ref count after attaching to ICC bus Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6e7d82497dc8da7d420c8fa6632d759e08a18bc3 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Wed Apr 29 15:20:16 2015 +0200 hw/acpi: piix4_pm_init(): take fw_cfg object no more This PIIX4 init function has no more reason to receive a pointer to the FwCfg object. Remove the parameter from the prototype, and update callers. As a result, the pc_init1() function no longer needs to save the return value of pc_memory_init() and xen_load_linux(), which makes it more similar to pc_q35_init(). The return type & value of pc_memory_init() and xen_load_linux() are not changed themselves; maybe we'll need their return values sometime later. RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1204696 Cc: Amit Shah <amit.shah@xxxxxxxxxx> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit e3845e7c47cc3eaf35305c9c0f9d55ca3840b49b Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Wed Apr 29 15:20:15 2015 +0200 hw/acpi: move "etc/system-states" fw_cfg file from PIIX4 to core The acpi_pm1_cnt_init() core function is responsible for setting up the register block that will ultimately react to S3 and S4 requests (see acpi_pm1_cnt_write()). It makes sense to advertise this configuration to the guest firmware via an easy to parse fw_cfg file (ACPI is too complex for firmware to parse), and indeed PIIX4 does that. However, since acpi_pm1_cnt_init() is not specific to PIIX4, neither should be the fw_cfg file. This patch makes "etc/system-states" appear on all chipsets modified in the previous patch, not just PIIX4 (assuming they have fw_cfg at all). RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1204696 Cc: Amit Shah <amit.shah@xxxxxxxxxx> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 9a10bbb4e83b184faef6fa744396a6775283c0aa Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Wed Apr 29 15:20:14 2015 +0200 hw/acpi: acpi_pm1_cnt_init(): take "disable_s3" and "disable_s4" This patch only modifies the function prototype and updates all chipset code that calls acpi_pm1_cnt_init() to pass in their own disable_s3 and disable_s4 settings. vt82c686 is assumed to be fixed "S3 and S4 enabled". RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1204696 Cc: Amit Shah <amit.shah@xxxxxxxxxx> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit d2ceeb1d68ed8b005892408fcdb533f578aae081 Merge: a67bfbb 94edf02 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Jun 4 10:21:52 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150602' into staging target-arm queue: * more EL2 preparation patches * revert a no-longer-necessary workaround for old glib versions * add GICv2m support to virt board (MSI support) * pl061: fix wrong calculation of GPIOMIS register * support MSI via irqfd * remove a confusing v8_ prefix from some variable names * add dynamic sysbus device support to the virt board # gpg: Signature made Tue Jun 2 17:30:38 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150602: (22 commits) hw/arm/virt: change indentation in a15memmap hw/arm/virt: add dynamic sysbus device support hw/arm/boot: arm_load_kernel implemented as a machine init done notifier hw/arm/sysbus-fdt: helpers for platform bus nodes addition target-arm: Remove v8_ prefix from names of non-v8-specific cpreg arrays arm_gicv2m: set kvm_gsi_direct_mapping and kvm_msi_via_irqfd_allowed kvm: introduce kvm_arch_msi_data_to_gsi pl061: fix wrong calculation of GPIOMIS register target-arm: Add the GICv2m to the virt board target-arm: Extend the gic node properties arm_gicv2m: Add GICv2m widget to support MSIs target-arm: Add GIC phandle to VirtBoardInfo Revert "target-arm: Avoid g_hash_table_get_keys()" target-arm: Add TLBI_VAE2{IS} target-arm: Add TLBI_ALLE2 target-arm: Add TLBI_ALLE1{IS} target-arm: Add TTBR0_EL2 target-arm: Add TPIDR_EL2 target-arm: Add SCTLR_EL2 target-arm: Add TCR_EL2 ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b5d3b039221f056befb3715471fee1f68214815c Author: Igor Mammedov <imammedo@xxxxxxxxxx> Date: Wed Jun 3 17:10:43 2015 +0200 pc-dimm: don't assert if pc-dimm alignment != hotpluggable mem range size Drop superfluous pc-dimm alignment on hot-pluggable mem range size assert, since it causes QEMU crash during hotplug when hotplugging pc-dimm with alignment bigger than an alignment of hot-pluggable mem range size. Instead allow pc_dimm_get_free_addr() find free address and bail out gracefully later in that function during checking if pc-dimm will fit in hot-pluggable mem range. Signed-off-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1de29aef17a7d70dbc04a7fe51e18942e3ebe313 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue May 5 09:18:23 2015 +0200 softmmu: support up to 12 MMU modes At 8k per TLB (for 64-bit host or target), 8 or more modes make the TLBs bigger than 64k, and some RISC TCG backends do not like that. On the affected hosts, cut the TLB size in half---there is still a measurable speedup on PPC with the next patch. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1424436345-37924-3-git-send-email-pbonzini@xxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 006f8638c62bca2b0caf609485f47fa5e14d8a3c Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue May 5 09:18:22 2015 +0200 tcg: add TCG_TARGET_TLB_DISPLACEMENT_BITS This will be used to size the TLB when more than 8 MMU modes are used by the target. Limitations come from the limited size of the immediate fields (which sometimes, as in the case of Aarch64, extend to instructions that shift the immediate). Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1424436345-37924-2-git-send-email-pbonzini@xxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 5a58e884d1d9905a835de2889c8cd73327fe2a94 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue May 19 09:59:34 2015 +0200 tci: do not use CPUArchState in tcg-target.h tcg-target.h does not use any QEMU-specific symbols, save for tci's usage of CPUArchState. Pull that up to tcg/tcg.h. This will make it possible to include tcg-target.h in cpu-defs.h. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 085eb217dfb3ee12e7985c11f71f8a038394735a Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Fri May 8 10:11:00 2015 +1000 Add David Gibson for sPAPR in MAINTAINERS file At Alex Graf's request I'm now acting as sub-maintainer for the sPAPR (-machine pseries) code. This updates MAINTAINERS accordingly. While we're at it, change the label to mention pseries since that's the actual name of the machine type, even if most of the C files use the sPAPR name. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 026bfd89cb896c8a3460cc551cc4836219bd7ff9 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:59 2015 +1000 pseries: Enable in-kernel H_LOGICAL_CI_{LOAD, STORE} implementations qemu currently implements the hypercalls H_LOGICAL_CI_LOAD and H_LOGICAL_CI_STORE as PAPR extensions. These are used by the SLOF firmware for IO, because performing cache inhibited MMIO accesses with the MMU off (real mode) is very awkward on POWER. This approach breaks when SLOF needs to access IO devices implemented within KVM instead of in qemu. The simplest example would be virtio-blk using an iothread, because the iothread / dataplane mechanism relies on an in-kernel implementation of the virtio queue notification MMIO. To fix this, an in-kernel implementation of these hypercalls has been made, (kernel commit 99342cf "kvmppc: Implement H_LOGICAL_CI_{LOAD,STORE} in KVM" however, the hypercalls still need to be enabled from qemu. This performs the necessary calls to do so. It would be nice to provide some warning if we encounter a problematic device with a kernel which doesn't support the new calls. Unfortunately, I can't see a way to detect this case which won't either warn in far too many cases that will probably work, or which is horribly invasive. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a34944fe2e2457309bde74c1ffe3a1c60c6da018 Author: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:58 2015 +1000 spapr: override default ram size to 512MB Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Acked-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 076b35b5a56bca57c4aa41044ed304fe9c45d6c5 Author: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:57 2015 +1000 machine: add default_ram_size to machine class Machines types can have different requirement for default ram size. Introduce a member in the machine class and set the current default_ram_size to 128MB. For QEMUMachine types override the value during the registration of the machine and for MachineClass introduce the generic class init setting the default_ram_size. Add helpers [K,M,G,T,P,E]_BYTE for better readability and easy usage Signed-off-by: Nikunj A Dadhania <nikunj@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit c5bc152bc399ae7ec8ac5227762e4320d0fd2d1c Author: Tyrel Datwyler <tyreld@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:56 2015 +1000 spapr_pci: emit hotplug add/remove events during hotplug This uses extension of existing EPOW interrupt/event mechanism to notify userspace tools like librtas/drmgr to handle in-guest configuration/cleanup operations in response to device_add/device_del. Userspace tools that don't implement this extension will need to be run manually in response/advance of device_add/device_del, respectively. Signed-off-by: Tyrel Datwyler <tyreld@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 7454c7af91bdd60216e2b6eead827c012bb4d0d0 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:55 2015 +1000 spapr_pci: enable basic hotplug operations This enables hotplug of PCI devices to a PHB. Upon hotplug we generate the OF-nodes required by PAPR specification and IEEE 1275-1994 "PCI Bus Binding to Open Firmware" for the device. We associate the corresponding FDT for these nodes with the DRC corresponding to the slot, which will be fetched via ibm,configure-connector RTAS calls by the guest as described by PAPR specification. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit cf8c704d5a06e7b8327c65d19d0c342dc23fff84 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:54 2015 +1000 pci: make pci_bar useable outside pci.c We need to work with PCI BARs to generate OF properties during PCI hotplug for sPAPR guests. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 62083979b0471ac07da6d94944bf12a9b18baa1f Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:53 2015 +1000 spapr_pci: create DRConnectors for each PCI slot during PHB realize These will be used to support hotplug/unplug of PCI devices to the PCI bus associated with a particular PHB. We also set up device-tree properties in each PHBs initial FDT to describe the DRCs associated with them. This advertises to guests that each PHB is DR-capable device with physical hotpluggable slots, each managed by the corresponding DRC. This is necessary for allowing hotplugging of devices to it later via bus rescan or guest rpaphp hotplug module. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 7619c7b00c90a39243f1229facde8c53a8fba921 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:52 2015 +1000 spapr_pci: add dynamic-reconfiguration option for spapr-pci-host-bridge This option enables/disables PCI hotplug for a particular PHB. Also add machine compatibility code to disable it by default for machine types prior to pseries-2.4. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> [agraf: move commas for compat fields] Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit e4b798bb53447ba4608fc7e6ed91927bdb1c3d5d Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:51 2015 +1000 spapr_drc: add spapr_drc_populate_dt() This function handles generation of ibm,drc-* array device tree properties to describe DRC topology to guests. This will by used by the guest to direct RTAS calls to manage any dynamic resources we associate with a particular DR Connector as part of hotplug/unplug. Since general management of boot-time device trees are handled outside of sPAPRDRConnector, we insert these values blindly given an FDT and offset. A mask of sPAPRDRConnector types is given to instruct us on what types of connectors entries should be generated for, since descriptions for different connectors may live in different parts of the device tree. Based on code originally written by Nathan Fontenot. Signed-off-by: Nathan Fontenot <nfont@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 79853e18d904b0a4bcef62701d48559688007c93 Author: Tyrel Datwyler <tyreld@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:50 2015 +1000 spapr_events: event-scan RTAS interface We don't actually rely on this interface to surface hotplug events, and instead rely on the similar-but-interrupt-driven check-exception RTAS interface used for EPOW events. However, the existence of this interface is needed to ensure guest kernels initialize the event-reporting interfaces which will in turn be used by userspace tools to handle these events, so we implement this interface here. Since events surfaced by this call are mutually exclusive to those surfaced via check-exception, we also update the RTAS event queue code to accept a boolean to mark/filter for events accordingly. Events of this sort are not currently generated by QEMU, but the interface has been tested by surfacing hotplug events via event-scan in place of check-exception. Signed-off-by: Tyrel Datwyler <tyreld@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 31fe14d15d08d613ff38abb249911e98c7966b86 Author: Nathan Fontenot <nfont@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:49 2015 +1000 spapr_events: re-use EPOW event infrastructure for hotplug events This extends the data structures currently used to report EPOW events to guests via the check-exception RTAS interfaces to also include event types for hotplug/unplug events. This is currently undocumented and being finalized for inclusion in PAPR specification, but we implement this here as an extension for guest userspace tools to implement (existing guest kernels simply log these events via a sysfs interface that's read by rtas_errd, and current versions of rtas_errd/powerpc-utils already support the use of this mechanism for initiating hotplug operations). We also add support for queues of pending RTAS events, since in the case of hotplug there's chance for multiple events being in-flight at any point in time. Signed-off-by: Nathan Fontenot <nfont@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 46503c2bc047bfe8c26440e17298fcbc59d7bbbe Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:48 2015 +1000 spapr_rtas: add ibm, configure-connector RTAS interface This interface is used to fetch an OF device-tree nodes that describes a newly-attached device to guest. It is called multiple times to walk the device-tree node and fetch individual properties into a 'workarea'/buffer provided by the guest. The device-tree is generated by QEMU and passed to an sPAPRDRConnector during the initial hotplug operation, and the state of these RTAS calls is tracked by the sPAPRDRConnector. When the last of these properties is successfully fetched, we report as special return value to the guest and transition the device to a 'configured' state on the QEMU/DRC side. See docs/specs/ppc-spapr-hotplug.txt for a complete description of this interface. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit ab316865db8ee97c53cd70c91b1b160c474102f8 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:47 2015 +1000 spapr: add rtas_st_buffer_direct() helper This is similar to the existing rtas_st_buffer(), but for cases where the guest is not expecting a length-encoded byte array. Namely, for calls where a "work area" buffer is used to pass around arbitrary fields/data. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 886445a6ee808ee06533f9ecdf0f169c9ea83fbb Author: Mike Day <ncmike@xxxxxxxxxxx> Date: Thu May 7 15:33:46 2015 +1000 spapr_rtas: add get-sensor-state RTAS interface This interface allows a guest to read various platform/device sensors. initially, we only implement support necessary to support hotplug: reading of the dr-entity-sense sensor, which communicates the state of a hotplugged resource/device to the guest (EMPTY/PRESENT/UNUSABLE). See docs/specs/ppc-spapr-hotplug.txt for a complete description of this interface. Signed-off-by: Mike Day <ncmike@xxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 8c8639df32f19d5ca9bf6a823ac83e298a188fd1 Author: Mike Day <ncmike@xxxxxxxxxxx> Date: Thu May 7 15:33:45 2015 +1000 spapr_rtas: add set-indicator RTAS interface This interface allows a guest to control various platform/device sensors. Initially, we only implement support necessary to control sensors that are required for hotplug: DR connector indicators/LEDs, resource allocation state, and resource isolation state. See docs/specs/ppc-spapr-hotplug.txt for a complete description of this interface. Signed-off-by: Mike Day <ncmike@xxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 094d20585ecdcd31959b1b88a390b4d2c4cfeab7 Author: Nathan Fontenot <nfont@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:44 2015 +1000 spapr_rtas: add get/set-power-level RTAS interfaces These interfaces manage the power domains that guest devices are assigned to and are used to power on/off devices. Currently we only utilize 1 power domain, the 'live-insertion' domain, which automates power management of plugged/unplugged devices, essentially making these calls no-ops, but the RTAS interfaces are still required by guest hotplug code and PAPR+. See docs/specs/ppc-spapr-hotplug.txt for a complete description of these interfaces. Signed-off-by: Nathan Fontenot <nfont@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit bbf5c878ab76a74f6277f99082c77bbdb1ad4c5b Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:43 2015 +1000 spapr_drc: initial implementation of sPAPRDRConnector device This device emulates a firmware abstraction used by pSeries guests to manage hotplug/dynamic-reconfiguration of host-bridges, PCI devices, memory, and CPUs. It is conceptually similar to an SHPC device, complete with LED indicators to identify individual slots to physical physical users and indicate when it is safe to remove a device. In some cases it is also used to manage virtualized resources, such a memory, CPUs, and physical-host bridges, which in the case of pSeries guests are virtualized resources where the physical components are managed by the host. Guests communicate with these DR Connectors using RTAS calls, generally by addressing the unique DRC index associated with a particular connector for a particular resource. For introspection purposes we expose this state initially as QOM properties, and in subsequent patches will introduce the RTAS calls that make use of it. This constitutes to the 'guest' interface. On the QEMU side we provide an attach/detach interface to associate or cleanup a DeviceState with a particular sPAPRDRConnector in response to hotplug/unplug, respectively. This constitutes the 'physical' interface to the DR Connector. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 11eec063f29733395846ba756ecd544876ef6839 Author: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:42 2015 +1000 docs: add sPAPR hotplug/dynamic-reconfiguration documentation This adds a general overview of hotplug/dynamic-reconfiguration for sPAPR/pSeries guest. As specified in PAPR+ v2.7. Signed-off-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 730fce593bbaa9240a0be860616ac4366113194d Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu May 7 15:33:41 2015 +1000 hw/ppc/spapr: Use error_report() instead of hw_error() hw_error() is designed for printing CPU-related error messages (e.g. it also prints a full CPU register dump). For error messages that are not directly related to CPU problems, a function like error_report() should be used instead. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 68fea5a0d7bac17fd74f0608ceed1d914eb0718e Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu May 7 15:33:40 2015 +1000 hw/ppc/spapr: Fix error message when firmware could not be loaded When specifying a non-existing file with the "-bios" parameter, QEMU complained that it "could not find LPAR rtas". That's obviously a copy-n-paste bug from the code which loads the spapr-rtas.bin, it should complain about a missing firmware file instead. Additionally the error message was printed with hw_error() - which also dumps the whole CPU state. However, this does not make much sense here since the CPU is not running yet and thus the registers only contain zeroes. So let's use error_report() here instead. And while we're at it, let's also bail out if the firmware file had zero length. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit a1a45612433edb0eb65c468f7ed579cd92358818 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu May 7 15:33:39 2015 +1000 pseries: Add pseries-2.4 machine type Now that 2.4 development has opened, create a new pseries machine type variant. For now it is identical to the pseries-2.3 machine type, but a number of new features are coming that will need to set backwards compatibility options. Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit f9ce8e0aa3fb55ae7a8ea34d3169e73e87feb337 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu May 7 15:33:38 2015 +1000 hw/ppc/spapr_iommu: Fix the check for invalid upper bits in liobn The check "liobn & 0xFFFFFFFF00000000ULL" in spapr_tce_find_by_liobn() is completely useless since liobn is only declared as an uint32_t parameter. Fix this by using target_ulong instead (this is what most of the callers of this function are using, too). Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit dea1b3ce756d7242d4212c22b7d6e6a896495154 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:37 2015 +1000 spapr_iommu: Give unique QOM name to TCE table Useful for debugging. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit ccf9ff8527a87ee485fbb6a0a73d28641cab5f60 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:36 2015 +1000 spapr_pci: Rework device-tree rendering This replaces object_child_foreach() and callback with existing SPAPR_PCI_LIOBN() and spapr_tce_find_by_liobn() to make the code easier to read. This is a mechanical patch so no behaviour change is expected. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit fae807a2b182a613798fe619f9069bd0bbe3dc6a Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:35 2015 +1000 spapr_iommu: Make spapr_tce_find_by_liobn() public At the moment spapr_tce_find_by_liobn() is used by H_PUT_TCE/... handlers to find an IOMMU by LIOBN. We are going to implement Dynamic DMA windows (DDW), new code will go to a new file and we will use spapr_tce_find_by_liobn() there too so let's make it public. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 46c5874e9cd752ed8ded31af03472edd8fc3efc1 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:34 2015 +1000 spapr_pci: Make find_phb()/find_dev() public This makes find_phb()/find_dev() public and changed its names to spapr_pci_find_phb()/spapr_pci_find_dev() as they are going to be used from other parts of QEMU such as VFIO DDW (dynamic DMA window) or VFIO PCI error injection or VFIO EEH handling - in all these cases there are RTAS calls which are addressed to BUID+config_addr in IEEE1275 format. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit d9d96a3cc7267880fbccb6bc4018fc31909fc930 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:33 2015 +1000 spapr_iommu: Add separate trace points for PCI DMA operations This is to reduce VIO noise while debugging PCI DMA. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 3e1a01cb554412e8a9c25573126356596dc0c50f Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:32 2015 +1000 spapr_pci: Define default DMA window size as a macro This gets rid of a magic constant describing the default DMA window size for an emulated PHB. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 4290ca49eed5e239695ce85c925a770e4a7317a6 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:31 2015 +1000 spapr_vio: Introduce a liobn number generating macros This introduces a macro which makes up a LIOBN from fixed prefix and VIO device address (@reg property). This is to keep LIOBN macros rendering consistent - the same macro for PCI has been added by the previous patch. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit c8545818b331e9a32e5dd47f0aefbcf2b93e41da Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:30 2015 +1000 spapr_pci: Introduce a liobn number generating macros We are going to have multiple DMA windows per PHB and we want them to migrate so we need a predictable way of assigning LIOBNs. This introduces a macro which makes up a LIOBN from fixed prefix, PHB index (unique PHB id) and window number. This introduces a SPAPR_PCI_DMA_WINDOW_NUM() to know the window number from LIOBN. It is used to distinguish the default 32bit windows from dynamic windows and avoid picking default DMA window properties from a wrong TCE table. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit f1215ea702e6e6cb3876221cf1f7f60133e08c30 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:29 2015 +1000 spapr_iommu: Make H_PUT_TCE_INDIRECT endian-safe PAPR is defined as big endian so TCEs need an adjustment so does this patch. This changes code to have ldq_be_phys() in one place. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 12fd28535891572be7aaf862a03019257dafa425 Author: Alexey Kardashevskiy <aik@xxxxxxxxx> Date: Thu May 7 15:33:28 2015 +1000 spapr_iommu: Disable in-kernel IOMMU tables for >4GB windows The existing KVM_CREATE_SPAPR_TCE ioctl only support 4G windows max as the window size parameter to the kernel ioctl() is 32-bit so there's no way of expressing a TCE window > 4GB. We are going to add huge DMA windows support so this will create small window and unexpectedly fail later. This disables KVM_CREATE_SPAPR_TCE for windows bigger that 4GB. Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 421b1b27f6e9135ac8f01db219e0d8c0cefd7e71 Author: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Date: Thu Mar 19 15:14:18 2015 +1100 spapr_pci: Fix unsafe signed/unsigned comparisons spapr_pci.c contains a number of expressions of the form (uval == -1) or (uval != -1), where 'uval' is an unsigned value. This mostly works in practice, because as long as the width of uval is greater or equal than that of (int), the -1 will be promoted to the unsigned type, which is the expected outcome. However, at least for the cases where uval is uint32_t, this would break on platforms where sizeof(int) > 4 (and a few such do exist), because then the uint32_t value would be promoted to the larger int type, and never be equal to -1. This patch fixes these errors. The fixes for the (uint32_t) cases are necessary as described above. I've made similar fixes to (uint64_t) and (hwaddr) cases. Those are strictly theoretical, since I don't know of any platforms where sizeof(int) > 8, but hey, it's not that hard so we might as well be strictly C standard compliant. Reported-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 31ce0adb79655003465070fa90d7d20a5b8c2ff5 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Mon May 18 12:59:49 2015 +0200 configure: Check for libfdt version 1.4.0 Some recent patches require a function from libfdt version 1.4.0, so we should check for this version during the configure step already. Unfortunately, there does not seem to be a proper #define for the version number in the libfdt headers. So alternatively, we check for the availability of the required function fdt_get_property_by_offset() instead instead. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 28f490b24af83a007937daacb9ea8bf7537f9084 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Mon May 18 12:59:48 2015 +0200 dtc: Update dtc / libfdt submodule to version 1.4.0 Since some recent patches require libfdt version 1.4.0, let's update the dtc submodule to this version. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 62e9cd771cc368a8fd0f152832b78c43557897a9 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Mar 17 08:46:15 2015 +0100 macio: Convert to realize() Convert device models "macio-oldworld" and "macio-newworld". Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Alexander Graf <agraf@xxxxxxx> commit 814550d73a94dcf9f2c9f8d2ee280226f1145388 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:12 2015 +0300 docs: Add PXB documentation Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 0f6dd8e1d514b8c24689499ed72ea89fd0d967f3 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:11 2015 +0300 apci: fix PXB behaviour if used with unsupported BIOS PXB does not work with unsupported bioses, but should not interfere with normal OS operation. We don't ship them anymore, but it's reasonable to keep the work-around until we update the bios in qemu. Fix this by not adding PXB mem/IO chunks to _CRS if they weren't configured by BIOS. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 0e79e51a7dcbd4fde5738d713b60f0fb0321f1af Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:10 2015 +0300 hw/pxb: add numa_node parameter The pxb can be attach to and existing numa node by specifying numa_node option that equals the desired numa nodeid. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 6a3042b23bbb1fa92c00ea9267c830e7f2e99313 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:09 2015 +0300 hw/pci: add support for NUMA nodes PCI root buses can be attached to a specific NUMA node. PCI buses are not attached by default to a NUMA node. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 0639b00d055b313930c23c4d6c9ebfb4af61c00c Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:08 2015 +0300 hw/pxb: add map_irq func The bios does not index the pxb slot number when it computes the IRQ because it resides on bus 0 and not on the current bus. However Qemu routes the irq through bus 0 and adds the pxb slot to the IRQ computation of the PXB device. Synchronize between bios and Qemu by canceling pxb's effect. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 2118196bb3795a43bf708c37bdcf4b3c33778ccb Author: Marcel Apfelbaum <marcel.a@xxxxxxxxxx> Date: Tue Jun 2 14:23:07 2015 +0300 hw/pci: inform bios if the system has extra pci root buses The bios looks for 'etc/extra-pci-roots' to decide if is going to scan further buses after bus 0 tree. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 40d14bef8012087ade60f254487d31db822a1a44 Author: Marcel Apfelbaum <marcel.a@xxxxxxxxxx> Date: Tue Jun 2 14:23:06 2015 +0300 hw/pci: introduce PCI Expander Bridge (PXB) PXB is a "light-weight" host bridge whose purpose is to enable the main host bridge to support multiple PCI root buses for pc machines. As oposed to PCI-2-PCI bridge's secondary bus, PXB's bus is a primary bus and can be associated with a NUMA node (different from the main host bridge) allowing the guest OS to recognize the proximity of a pass-through device to other resources as RAM and CPUs. The PXB is composed from: - A primary PCI bus (can be associated with a NUMA node) Acts like a normal pci bus and from the functionality point of view is an "expansion" of the bus behind the main host bridge. - A pci-2-pci bridge behind the primary PCI bus where the actual devices will be attached. - A host-bridge PCI device Situated on the bus behind the main host bridge, allows the BIOS to configure the bus number and IO/mem resources. It does not have its own config/data register for configuration cycles, this being handled by the main host bridge. - A host-bridge sysbus to comply with QEMU current design. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit cb2ed8b3c66284f226c523231e2c09e60bbb34bb Author: Marcel Apfelbaum <marcel.a@xxxxxxxxxx> Date: Tue Jun 2 14:23:05 2015 +0300 hw/pci: removed 'rootbus nr is 0' assumption from qmp_pci_query Use the newer pci_bus_num to correctly get the root bus number. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit dcdca29655f774568f30a82b7fe0190b4bd38802 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:04 2015 +0300 hw/acpi: remove from root bus 0 the crs resources used by other buses. If multiple root buses are used, root bus 0 cannot use all the pci holes ranges. Remove the IO/mem ranges used by the other primary buses. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit a43c6e276231e8040203940cb07be00387686e87 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:03 2015 +0300 hw/acpi: add _CRS method for extra root busses Save the IO/mem/bus numbers ranges assigned to the extra root busses to be removed from the root bus 0 range. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 0d8935e3370e07f57651e43d2de9011d75c2a066 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:02 2015 +0300 hw/apci: add _PRT method for extra PCI root busses Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit a4894206e3672f8a5e5443d72b705495e022b638 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:01 2015 +0300 hw/acpi: add support for i440fx 'snooping' root busses If the machine has extra root busses that are snooping to the i440fx host bridge, we need to add them to acpi in order to be properly detected by guests. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 09e5b81922179b6c52b42fd27587e64b474036c7 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:23:00 2015 +0300 hw/pci: extend PCI config access to support devices behind PXB PXB buses are assumed to be children of bus 0. Look for them while scanning the buses. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit ca6c18556c5e9c4aac12489b960c3e4601e183bf Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:22:59 2015 +0300 hw/i386: query only for q35/pc when looking for pci host bridge Because of the PXB hosts we cannot simply query TYPE_PCI_HOST_BRIDGE anymore. On i386 arch we only have two pci hosts, so we can look only for them. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 602141d9974d726063907851528c89d617730156 Author: Marcel Apfelbaum <marcel.a@xxxxxxxxxx> Date: Tue Jun 2 14:22:58 2015 +0300 hw/pci: made pci_bus_num a PCIBusClass method Refactoring it as a method of PCIBusClass will allow different implementations for subclasses. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit ce6a28ee057da3e4a587dada369e33a8486b0066 Author: Marcel Apfelbaum <marcel.a@xxxxxxxxxx> Date: Tue Jun 2 14:22:57 2015 +0300 hw/pci: made pci_bus_is_root a PCIBusClass method Refactoring it as a method of PCIBusClass will allow different implementations for subclasses. Removed the assumption that the root bus does not have a parent device because is specific only to the default class implementation. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit 32d9ca15bac63e8a7bad6dc1a4ab624e6d6d3b0f Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Tue Jun 2 14:22:56 2015 +0300 acpi: add implementation of aml_while() term Commit 68e6b0af7 (acpi: add aml_while() term) added the definition of aml_while without the actual implementation. Implement the term. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Acked-by: Laszlo Ersek <lersek@xxxxxxxxxx> commit ca9b46bcecc0f06882eec1b152b71f93a066da79 Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Wed May 13 17:21:36 2015 +0800 acpi: add acpi_send_gpe_event() to rise sci for hotplug Add a new API named acpi_send_gpe_event() to send hotplug SCI. This API can be used by pci, cpu and memory hotplug. This patch is rebased on master. Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit d5aaa1b0456033fc9ff723ac881ebe1b61360cca Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Jun 3 14:47:19 2015 +0200 virtio: 64bit features fixups. Commit "019a3ed virtio: make features 64bit wide" missed a few changes, as I've noticed while trying to rebase the virtio-1 branch to latest master. This patch adds them. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 977ad992f14b29a7d4f18eaba42a705004545a64 Author: Juan Quintela <quintela@xxxxxxxxxx> Date: Tue Jun 2 15:47:20 2015 +0200 TPM: fix build with tpm disabled Failure was included on commit Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 6652d0811c9463fbfb2d2d1cb2ec03f388145c5f Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Wed May 27 16:26:07 2015 +0800 virtio-pci: don't try to mask or unmask vqs without notifiers We should validate the vq index against nvqs_with_notifiers. Otherwise we may try to mask or unmask vector for vqs without notifiers (e.g control vq). This will lead qemu abort on kvm_irqchip_commit_routes() when trying to boot win8.1 guest. Fixes 851c2a75a6e80c8aa5e713864d98cfb512e7229b ("virtio-pci: speedup MSI-X masking and unmasking") Reported-by: Alex Williamson <alex.williamson@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 557772f26b361ade84acecb366fe6fdd2d55a6d9 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Mon Jun 1 17:09:12 2015 +0300 hw/q35: fix floppy controller definition in ich9 In DSDT FDC0 declares the IO region as IO(Decode16, 0x03F2, 0x03F2, 0x00, 0x04). Use the same in lpc_ich9 initialization code. Now the floppy drive is detected correctly on Windows. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit cb3d37a93cc59da400d27361fcda024d49210abd Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Jun 1 21:03:59 2015 +0200 acpi: add missing ssdt commit 5cb18b3d7bff2a83275ee98af2a14eb9e21c93ab TPM2 ACPI table support was missing a file, so build with iasl fails (build without iasl works since it uses the generated hex files). Reported-by: "Daniel P. Berrange" <berrange@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b853d4cbf2062813e84f9bb880feff8daf467e05 Author: Sascha Silbe <silbe@xxxxxxxxxxxxxxxxxx> Date: Tue Jun 2 18:51:00 2015 +0200 s390x/kvm: always ignore empty vcpu interrupt state kvm_s390_vcpu_interrupt_pre_save() and kvm_s390_vcpu_interrupt_post_load() are essentially no-ops on hosts without KVM_CAP_S390_IRQ_STATE. Move the capability check after the check for saved IRQ state in kvm_s390_vcpu_interrupt_post_load() so that migration between hosts without KVM_CAP_S390_IRQ_STATE (including save / restore on the same host) continues to work. Fixes: 3cda44f7bae5 ("s390x/kvm: migrate vcpu interrupt state") Signed-off-by: Sascha Silbe <silbe@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Reviewed-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit 2a72ea5f66b3b87a975475bdc1cabacbbb402937 Author: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Date: Wed Jun 3 11:04:03 2015 -0400 virtio-ccw/migration: Migrate config vector for virtio devices virtio_ccw_{save|load}_config are missing code to save and restore a vdev's config_vector value. This causes some virtio devices to become disabled following a migration. This patch fixes a bug whereby the qmp/hmp balloon command (virsh setmem) silently fails to update the guest's available memory because the device was not properly migrated. This will break compatibility, but vmstate_s390_cpu was bumped from version 2 to version 4 between v2.3.0 and v2.4.0 without a compat handler. Furthermore, there is no production environment yet so migration is fenced anyway between any relevant version of 2.3 and 2.4. Signed-off-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx> Message-Id: <1433343843-803-1-git-send-email-jjherne@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit de6a92185e3ac25ba7d37f03e579b1fc72e70162 Author: Pierre Morel <pmorel@xxxxxxxxxxxxxxxxxx> Date: Wed May 27 13:11:59 2015 +0200 virtio-ccw: add support for 9pfs This patch adds 9pfs support for virtio-ccw by registering the virtio_ccw_9p_info type and adding associated callbacks. Signed-off-by: Pierre Morel <pmorel@xxxxxxxxxxxxxxxxxx> Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> commit de3852877f1e452321352fdb7e678f079876a41b Author: Alex Bennée <alex.bennee@xxxxxxxxxx> Date: Wed Jun 3 09:56:37 2015 +0100 configure: postfix --extra-cflags to QEMU_CFLAGS It makes sense that extra-cflags should be appended after the normal CFLAGS so they don't get overridden by default behaviour. This way if you specify something like: ./configure --extra-cflags="-O0" You will see the requested behaviour. Signed-off-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 2801339f2fb2534ccf01561d274398328bdd446d Author: Sai Pavan Boddu <sai.pavan.boddu@xxxxxxxxxx> Date: Fri May 29 11:52:35 2015 +0530 cadence_gem: Fix Rx buffer size field mask This patch corrects the Rx buffer size field mask to mask bits 23 to 16 to match Xilinx UG585 documentation. Signed-off-by: Sai Pavan Boddu <saipava@xxxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 8b8f1c7e9ddb2e88a144638f6527bf70e32343e3 Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Thu May 28 14:12:26 2015 +0300 slirp: use less predictable directory name in /tmp for smb config (CVE-2015-4037) In this version I used mkdtemp(3) which is: _BSD_SOURCE || /* Since glibc 2.10: */ (_POSIX_C_SOURCE >= 200809L || _XOPEN_SOURCE >= 700) (POSIX.1-2008), so should be available on systems we care about. While at it, reset the resulting directory name within smb structure on error so cleanup function wont try to remove directory which we failed to create. Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> commit b6b099541d6cf3c50b0fb5af916fff0db6508805 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Jun 1 09:53:55 2015 +0200 translate-all: delete prototype for non-existent function Missed in commit 3a808cc40 Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 1597051b84b816c9608e1ee0947f8e6dc9876b56 Author: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Date: Fri May 29 19:52:52 2015 +0100 Add -incoming help text The help/man text for -incoming defer didn't make it through the merge of the code that implemented it. Signed-off-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 26c8acb3f326166bf9dc60c3e8184f4b862e8451 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:11 2015 +0800 hw/display/tc6393xb.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 294972ce546107f2215b3b162994b47f08aab7a4 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:10 2015 +0800 hw/arm/nseries.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 5429273615e7b412402a7b22738737c09ab9f488 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:09 2015 +0800 hw/alpha/typhoon.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 2c85fad022a5c23b835d7c78b653763ae1e3f6eb Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:08 2015 +0800 hw/unicore32/puv3.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a9c8a0d8d4217754648decc5921e4b0fcd00ce7f Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:07 2015 +0800 hw/lm32/milkymist.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit d4ef00af2598fef06affbd42608e570237a7b276 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:06 2015 +0800 hw/lm32/lm32_boards.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit aaaee0b273082ee2836dcc2f61a878ee291a8d9b Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:05 2015 +0800 hw/ppc/prep.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ca43b97b5f6fa57e79adc7f167b12d3e0545c7e1 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:04 2015 +0800 hw/sparc/sun4m.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b64127244d669c33a4ffdcc47e076559497785af Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:02 2015 +0800 hw/timer/arm_timer.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 5105505e65ba6bc3e1dc549bcd0d1d33f3546e60 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:01 2015 +0800 hw/isa/i82378.c: Fix misusing qemu_allocate_irqs for single irq Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit aff0d5e57a71260885d54c07cef5f4a486c8336b Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:00 2015 +0800 hw/isa/lpc_ich9.c: Fix misusing qemu_allocate_irqs for single irq Since ich9_lpc_pm_init only requests one irq, so let it just call qemu_allocate_irq. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 0b0cc076b78976b30360dd7c6ed994f864424779 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:26:59 2015 +0800 hw/i386/pc: Fix misusing qemu_allocate_irqs for single irq Since pc_allocate_cpu_irq only requests one irq, so let it just call qemu_allocate_irq. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 9ff7f5bddbe5814bafe5e798d2cf1087b58dc7b6 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:27:03 2015 +0800 hw/intc/exynos4210_gic.c: Fix memory leak by adjusting order Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 9f9b026dc60398224fb035eb27ae0ed083d2d66f Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 13:38:34 2015 +0800 hw/arm/omap_sx1.c: Fix memory leak spotted by valgrind Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f19377bf234a3359b0a03844822e97de80ad4f30 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Thu May 28 20:39:43 2015 +0800 hw/ppc/e500.c: Fix memory leak Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit c18f855697ab6b64a895f37cf47fd7061ce9e798 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Thu May 28 20:39:42 2015 +0800 hw/alpha/dp264.c: Fix memory leak spotted by valgrind valgrind complains about: ==7055== 58 bytes in 1 blocks are definitely lost in loss record 1,471 of 2,192 ==7055== at 0x4C2845D: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==7055== by 0x24410F: malloc_and_trace (vl.c:2556) ==7055== by 0x64C770E: g_malloc (in /usr/lib64/libglib-2.0.so.0.3600.3) ==7055== by 0x64DEFD7: g_strndup (in /usr/lib64/libglib-2.0.so.0.3600.3) ==7055== by 0x650181A: g_vasprintf (in /usr/lib64/libglib-2.0.so.0.3600.3) ==7055== by 0x64DF0CC: g_strdup_vprintf (in /usr/lib64/libglib-2.0.so.0.3600.3) ==7055== by 0x64DF188: g_strdup_printf (in /usr/lib64/libglib-2.0.so.0.3600.3) ==7055== by 0x242F81: qemu_find_file (vl.c:2121) ==7055== by 0x217A32: clipper_init (dp264.c:105) ==7055== by 0x2484DA: main (vl.c:4249) Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit bd4baf6eebff75c7e0c67a729d1bdb5b0b36fe72 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Mon May 25 14:47:25 2015 +0800 vl: fix memory leak spotted by valgrind valgrind complains about: ==9276== 13 bytes in 1 blocks are definitely lost in loss record 1,046 of 3,673 ==9276== at 0x4C2845D: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==9276== by 0x2EAFBB: malloc_and_trace (vl.c:2556) ==9276== by 0x64C770E: g_malloc (in /usr/lib64/libglib-2.0.so.0.3600.3) ==9276== by 0x4A28BD: addr_to_string (vnc.c:123) ==9276== by 0x4A29AD: vnc_socket_local_addr (vnc.c:139) ==9276== by 0x4A9AFE: vnc_display_local_addr (vnc.c:3240) ==9276== by 0x2EF4FE: main (vl.c:4321) Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 7df057bac3734ee3c2c052fd0807479602ab5583 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun May 24 13:20:14 2015 -0700 device-tree: Make a common-obj There is no reason for device tree API to be built per-target. common-obj it. There is an extraneous inclusion of config.h that needs to be removed. Cc: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit d370dfa9f3703cf0af07d96d50ed567413e8ec65 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue May 26 09:46:07 2015 +0800 hw/i386/acpi-build: decref after use valgrind complains about: ==16447== 48 bytes in 2 blocks are definitely lost in loss record 2,033 of 3,310 ==16447== at 0x4C2845D: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==16447== by 0x2E4FD7: malloc_and_trace (vl.c:2546) ==16447== by 0x64C770E: g_malloc (in /usr/lib64/libglib-2.0.so.0.3600.3) ==16447== by 0x53EC3F: qint_from_int (qint.c:33) ==16447== by 0x53B426: qmp_output_type_int (qmp-output-visitor.c:162) ==16447== by 0x539257: visit_type_uint32 (qapi-visit-core.c:147) ==16447== by 0x471D07: property_get_uint32_ptr (object.c:1651) ==16447== by 0x47000C: object_property_get (object.c:822) ==16447== by 0x472428: object_property_get_qobject (qom-qobject.c:37) ==16447== by 0x25701A: build_append_pci_bus_devices (acpi-build.c:520) ==16447== by 0x25902E: build_ssdt (acpi-build.c:1004) ==16447== by 0x25A0A8: acpi_build (acpi-build.c:1420) Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 6e38a4ba7889083b65729db2144cdbcefbaa303a Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue May 26 09:46:06 2015 +0800 hw/ide/pci: Fix memory leak valgrind complains about: ==16447== 16 bytes in 2 blocks are definitely lost in loss record 1,304 of 3,310 ==16447== at 0x4C2845D: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==16447== by 0x2E4FD7: malloc_and_trace (vl.c:2546) ==16447== by 0x64C770E: g_malloc (in /usr/lib64/libglib-2.0.so.0.3600.3) ==16447== by 0x36FB47: qemu_extend_irqs (irq.c:55) ==16447== by 0x36FBD3: qemu_allocate_irqs (irq.c:64) ==16447== by 0x3B4B44: bmdma_init (pci.c:464) ==16447== by 0x3B547B: pci_piix_init_ports (piix.c:144) ==16447== by 0x3B55D2: pci_piix_ide_realize (piix.c:164) ==16447== by 0x3EAEC6: pci_qdev_realize (pci.c:1790) ==16447== by 0x36C685: device_set_realized (qdev.c:1058) ==16447== by 0x47179E: property_set_bool (object.c:1514) ==16447== by 0x470098: object_property_set (object.c:837) Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 2ba154cf4eb8636cdd3aa90f392ca9e77206ca39 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue May 26 09:46:05 2015 +0800 hw/i386/pc_piix: Fix memory leak valgrind complains about: ==16447== 8 bytes in 1 blocks are definitely lost in loss record 552 of 3,310 ==16447== at 0x4C2845D: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==16447== by 0x2E4FD7: malloc_and_trace (vl.c:2546) ==16447== by 0x64C770E: g_malloc (in /usr/lib64/libglib-2.0.so.0.3600.3) ==16447== by 0x36FB47: qemu_extend_irqs (irq.c:55) ==16447== by 0x36FBD3: qemu_allocate_irqs (irq.c:64) ==16447== by 0x24E622: pc_init1 (pc_piix.c:287) ==16447== by 0x24E76A: pc_init_pci (pc_piix.c:310) ==16447== by 0x2E9360: main (vl.c:4226) ==16447== 128 bytes in 1 blocks are definitely lost in loss record 2,569 of 3,310 ==16447== at 0x4C2845D: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==16447== by 0x2E4FD7: malloc_and_trace (vl.c:2546) ==16447== by 0x64C770E: g_malloc (in /usr/lib64/libglib-2.0.so.0.3600.3) ==16447== by 0x36FB47: qemu_extend_irqs (irq.c:55) ==16447== by 0x36FBD3: qemu_allocate_irqs (irq.c:64) ==16447== by 0x25BEB2: kvm_i8259_init (i8259.c:133) ==16447== by 0x24E1F1: pc_init1 (pc_piix.c:219) ==16447== by 0x24E76A: pc_init_pci (pc_piix.c:310) ==16447== by 0x2E9360: main (vl.c:4226) Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 5708b2b736ebec6e3af04b9b249faadf896791cd Author: Chen Hanxiao <chenhanxiao@xxxxxxxxxxxxxx> Date: Tue May 26 05:25:41 2015 -0400 docs/writing-qmp-commands: fix a typo s/interation/iteration Signed-off-by: Chen Hanxiao <chenhanxiao@xxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b8981dc9aae25fa79e5f35609e63f50f078a572d Author: Peter Krempa <pkrempa@xxxxxxxxxx> Date: Fri May 15 11:31:43 2015 +0200 util: socket: Add missing localaddr and localport option for DGRAM socket The 'socket_optslist' structure does not contain the 'localaddr' and 'localport' options that are parsed in case you are creating a 'connect' type UDP character device. I've noticed it happening after commit f43e47dbf6de24db20ec9b588bb6cc762 made qemu abort() after seeing the invalid option. A minimal reproducer for the case is: $ qemu-system-x86_64 -chardev udp,id=charrng0,host=127.0.0.1,port=1234,localaddr=,localport=1234 qemu-system-x86_64: -chardev udp,id=charrng0,host=127.0.0.1,port=1234,localaddr=,localport=1234: Invalid parameter 'localaddr' Aborted (core dumped) Prior to the commit mentioned above the error would be printed but the value for localaddr and localport was simply ignored. I did not go through the code to find out when it was broken. Add the two fields so that the options can again be parsed correctly and qemu doesn't abort(). Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1220252 Signed-off-by: Peter Krempa <pkrempa@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a2f533da00f7278788afcf10f325f636805077dc Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu May 14 22:33:39 2015 -0700 microblaze: cpu: Delete MMAP_SHIFT definition Just fallback on the default of 12 like other architectures. This allows changing the system-mode-affecting definition of TARGET_PAGE_BITS without affecting microblaze linux-user. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 44f192f364b71683379e104157b15b0685d24394 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed May 13 13:15:28 2015 +0000 iscsi: Remove pointless runtime check of macro value raw_bsd already has QEMU_BUILD_BUG_ON(BDRV_SECTOR_SIZE != 512), so iscsi should relax. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 1b93c9a1040b3c12320cf55c6284882a2e6e8ff3 Author: Ikey Doherty <michael.i.doherty@xxxxxxxxx> Date: Tue May 26 13:54:06 2015 +0100 arch_init: Drop target-x86_64.conf The target-x86_64.conf sysconfig file has been empty and essentially ignored now for several years. This change removes the unused file to enable moving towards a stateless configuration. Signed-off-by: Ikey Doherty <michael.i.doherty@xxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 38e5c119c2925812bd441450ab9e5e00fc79e662 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Mon Mar 23 17:29:32 2015 -0300 target-i386: Register QOM properties for feature flags This uses the feature name arrays to register QOM properties for feature flags. This simply adds properties that can be configured using -global, but doesn't change x86_cpu_parse_featurestr() to use them yet. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit be9f8a08727e46c790adb8caa8a4525a1e8e9e73 Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Wed May 20 10:40:47 2015 +0800 apic: convert ->busdev.qdev casts to C casts Use C casts to avoid accessing ICCDevice's qdev field directly. Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Acked-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 458cf469f4a1cb520b07092f5537c5a6d2389d23 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 29 16:31:12 2015 -0300 target-i386: Fix signedness of MSR_IA32_APICBASE_BASE Existing definition triggers the following when using clang -fsanitize=undefined: hw/intc/apic_common.c:314:55: runtime error: left shift of 1048575 by 12 places cannot be represented in type 'int' Fix it so we won't try to shift a 1 to the sign bit of a signed integer. Suggested-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 0e3bd56294230ad0ee20fce587879c29a83a0d8b Author: Andreas Färber <afaerber@xxxxxxx> Date: Tue Mar 17 17:46:36 2015 +0100 pc: Ensure non-zero CPU ref count after attaching to ICC bus Setting the parent bus of a device increases its ref count, which we ultimately want to level out. However it is only safe to do so after the last reference to the device in local code, as qom-set or similar operations might decrease the ref count. Therefore move the object_unref() from pc_new_cpu() into its callers. The APIC operations on the last CPU in pc_cpus_init() are still potentially insecure, but that is beyond the scope of this code movement. Signed-off-by: Andreas Färber <afaerber@xxxxxxx> Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 4964e18e490f3ecad35c9e4cc9b613316a98755e Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 21 15:19:38 2015 +0200 fdc-test: Test state for existing cases more thoroughly This just adds a few additional checks of the MSR and interrupt pin to the already existing test cases. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1432214378-31891-9-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 6cc8a11c84ddc18c64fc88d54c8e9dca24ada489 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 21 15:19:37 2015 +0200 fdc: Fix MSR.RQM flag The RQM bit in MSR should be set whenever the guest is supposed to access the FIFO, and it should be cleared in all other cases. This is important so the guest can't continue writing/reading the FIFO beyond the length that it's suppossed to access (see CVE-2015-3456). Commit e9077462 fixed the CVE by adding code that avoids the buffer overflow; however it doesn't correct the wrong behaviour of the floppy controller which should already have cleared RQM. Currently, RQM stays set all the time and during all phases while a command is being processed. This is error-prone because the command has to explicitly clear the flag if it doesn't need data (and indeed, the two buggy commands that are the culprits for the CVE just forgot to do that). This patch clears RQM immediately as soon as all bytes that are expected have been received. If the the FIFO is used in the next phase, the flag has to be set explicitly there. It also clear RQM after receiving all bytes even if the phase transition immediately sets it again. While it's technically not necessary at the moment because the state between clearing and setting RQM is not observable by the guest, this is more explicit and matches how real hardware works. It will actually become necessary in qemu once asynchronous code paths are introduced. This alone should have been enough to fix the CVE, but now we have two lines of defense - even better. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1432214378-31891-8-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit f6c2d1d8425fd0ca450d515b06821e2224d4b43c Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 21 15:19:36 2015 +0200 fdc: Disentangle phases in fdctrl_read_data() This commit makes similar improvements as have already been made to the write function: Instead of relying on a flag in the MSR to distinguish controller phases, use the explicit phase that we store now. Assertions of the right MSR flags are added. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1432214378-31891-7-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit d275b33d76c8ed9d5a3dca22ea0fdec8d5a5c8e6 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 21 15:19:35 2015 +0200 fdc: Code cleanup in fdctrl_write_data() Factor out a few common lines of code, reformat, improve comments. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1432214378-31891-6-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 5b0a25e8d2f15f89255c745c71d297b5b24d138c Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 21 15:19:34 2015 +0200 fdc: Use phase in fdctrl_write_data() Instead of relying on a flag in the MSR to distinguish controller phases, use the explicit phase that we store now. Assertions of the right MSR flags are added. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1432214378-31891-5-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 85d291a08c91c07927bbbd29f72a27d3ad7478f3 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 21 15:19:33 2015 +0200 fdc: Introduce fdctrl->phase The floppy controller spec describes three different controller phases, which are currently not explicitly modelled in our emulation. Instead, each phase is represented by a combination of flags in registers. This patch makes explicit in which phase the controller currently is. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Acked-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1432214378-31891-4-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 83a260135f13db8b5d7df72090864a5ebcef2845 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 21 15:19:32 2015 +0200 fdc: Rename fdctrl_set_fifo() to fdctrl_to_result_phase() What callers really do with this function is to switch from execution phase (including data transfers) to result phase where the guest can read out one or more status bytes from the FIFO (the number depends on the command). Rename the function accordingly. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1432214378-31891-3-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 07e415f2398d9cfb21cdd5ef902445032ba54556 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu May 21 15:19:31 2015 +0200 fdc: Rename fdctrl_reset_fifo() to fdctrl_to_command_phase() What all callers of fdctrl_reset_fifo() really want to do is to start the command phase, where writes to the data port initiate a new command. The function doesn't only clear the FIFO, but also sets up the state so that a new command can be received. Rename it to reflect this. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1432214378-31891-2-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit a67bfbb9e41e089caec61384c625e8a61a5f270f Merge: 42d58e7 489653b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 2 18:23:28 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-06-02' into staging Monitor patches # gpg: Signature made Tue Jun 2 09:16:07 2015 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-monitor-2015-06-02: (21 commits) monitor: Change return type of monitor_cur_is_qmp() to bool monitor: Rename monitor_ctrl_mode() to monitor_is_qmp() monitor: Turn int command_mode into bool in_command_mode monitor: Drop do_qmp_capabilities()'s superfluous QMP check monitor: Unbox Monitor member mc and rename to qmp monitor: Rename monitor_control_read(), monitor_control_event() monitor: Rename handle_user_command() to handle_hmp_command() monitor: Limit QError use to command handlers monitor: Inline monitor_has_error() into its only caller monitor: Wean monitor_protocol_emitter() off mon->error monitor: Propagate errors through invalid_qmp_mode() monitor: Propagate errors through qmp_check_input_obj() monitor: Propagate errors through qmp_check_client_args() monitor: Drop unused "new" HMP command interface monitor: Use trad. command interface for HMP pcie_aer_inject_error monitor: Use traditional command interface for HMP device_add monitor: Use traditional command interface for HMP drive_del monitor: Convert client_migrate_info to QAPI monitor: Improve and document client_migrate_info protocol error monitor: Clean up after previous commit ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 42d58e7c6760cb9c55627c28ae538e27dcf2f144 Merge: 3fc827d c25bbf1 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 2 16:47:31 2015 +0100 Merge remote-tracking branch 'remotes/sstabellini/tags/xen-15-06-02-tag' into staging XSA 128 129 130 131 # gpg: Signature made Tue Jun 2 16:46:38 2015 BST using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>" * remotes/sstabellini/tags/xen-15-06-02-tag: xen/pt: unknown PCI config space fields should be read-only xen/pt: add a few PCI config space field descriptions xen/pt: mark reserved bits in PCI config space fields xen/pt: mark all PCIe capability bits read-only xen/pt: split out calculation of throughable mask in PCI config space handling xen/pt: correctly handle PM status bit xen/pt: consolidate PM capability emu_mask xen/MSI: don't open-code pass-through of enable bit modifications xen/MSI-X: limit error messages xen: don't allow guest to control MSI mask register xen: properly gate host writes of modified PCI CFG contents Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 94edf02c4c94781fa777c459fe86b52131b83cb6 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Tue Jun 2 12:29:14 2015 +0100 hw/arm/virt: change indentation in a15memmap Re-indent in a15memmap after VIRT_PLATFORM_BUS introduction Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Message-id: 1433244554-12898-5-git-send-email-eric.auger@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5f7a5a0edc4a2f65293658eb540290ddf9a1988a Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Tue Jun 2 12:29:13 2015 +0100 hw/arm/virt: add dynamic sysbus device support Allows sysbus devices to be instantiated from command line by using -device option. Machvirt creates a platform bus at init. The dynamic sysbus devices are attached to this platform bus device. The platform bus device registers a machine init done notifier whose role will be to bind the dynamic sysbus devices. Indeed dynamic sysbus devices are created after machine init. machvirt also registers a notifier that will build the device tree nodes for the platform bus and its children dynamic sysbus devices. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1433244554-12898-4-git-send-email-eric.auger@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ac9d32e39664e060cd1b538ff190980d57ad69e4 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Tue Jun 2 12:29:12 2015 +0100 hw/arm/boot: arm_load_kernel implemented as a machine init done notifier Device tree nodes for the platform bus and its children dynamic sysbus devices are added in a machine init done notifier. To load the dtb once, after those latter nodes are built and before ROM freeze, the actual arm_load_kernel existing code is moved into a notifier notify function, arm_load_kernel_notify. arm_load_kernel now only registers the corresponding notifier. Machine files that do not support platform bus stay unchanged. Machine files willing to support dynamic sysbus devices must call arm_load_kernel before sysbus-fdt arm_register_platform_bus_fdt_creator to make sure dynamic sysbus device nodes are integrated in the dtb. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Reviewed-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1433244554-12898-3-git-send-email-eric.auger@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c25bbf1545a53ac051f9e51d4140e397660c10ae Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:01 2015 +0000 xen/pt: unknown PCI config space fields should be read-only ... by default. Add a per-device "permissive" mode similar to pciback's to allow restoring previous behavior (and hence break security again, i.e. should be used only for trusted guests). This is part of XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Reviewed-by: Anthony PERARD <anthony.perard@xxxxxxxxxx>) commit a88a3f887181605f4487a22bdfb7d87ffafde5d9 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:01 2015 +0000 xen/pt: add a few PCI config space field descriptions Since the next patch will turn all not explicitly described fields read-only by default, those fields that have guest writable bits need to be given explicit descriptors. This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> commit 0ad3393ad032f76e88b4dbd04d36ad84dff75dd6 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:01 2015 +0000 xen/pt: mark reserved bits in PCI config space fields The adjustments are solely to make the subsequent patches work right (and hence make the patch set consistent), namely if permissive mode (introduced by the last patch) gets used (as both reserved registers and reserved fields must be similarly protected from guest access in default mode, but the guest should be allowed access to them in permissive mode). This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> commit 45ebe3916ab16f859ed930e92fbd52d84d5dcdaf Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:01 2015 +0000 xen/pt: mark all PCIe capability bits read-only xen_pt_emu_reg_pcie[]'s PCI_EXP_DEVCAP needs to cover all bits as read- only to avoid unintended write-back (just a precaution, the field ought to be read-only in hardware). This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 0e7ef22136955169a0fd03c4e41af95662352733 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:01 2015 +0000 xen/pt: split out calculation of throughable mask in PCI config space handling This is just to avoid having to adjust that calculation later in multiple places. Note that including ->ro_mask in get_throughable_mask()'s calculation is only an apparent (i.e. benign) behavioral change: For r/o fields it doesn't matter > whether they get passed through - either the same flag is also set in emu_mask (then there's no change at all) or the field is r/o in hardware (and hence a write won't change it anyway). This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Reviewed-by: Anthony PERARD <anthony.perard@xxxxxxxxxx> commit c4ff1e68c621928abc680266cad0a451686c403b Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:01 2015 +0000 xen/pt: correctly handle PM status bit xen_pt_pmcsr_reg_write() needs an adjustment to deal with the RW1C nature of the not passed through bit 15 (PCI_PM_CTRL_PME_STATUS). This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit d61bb2482dc0c7426f451f23ba7e2748ae2cc06d Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:01 2015 +0000 xen/pt: consolidate PM capability emu_mask There's no point in xen_pt_pmcsr_reg_{read,write}() each ORing PCI_PM_CTRL_STATE_MASK and PCI_PM_CTRL_NO_SOFT_RESET into a local emu_mask variable - we can have the same effect by setting the field descriptor's emu_mask member suitably right away. Note that xen_pt_pmcsr_reg_write() is being retained in order to allow later patches to be less intrusive. This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx> commit d1d35cf4ffb6a60a356193397919e83306d0bb74 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:01 2015 +0000 xen/MSI: don't open-code pass-through of enable bit modifications Without this the actual XSA-131 fix would cause the enable bit to not get set anymore (due to the write back getting suppressed there based on the OR of emu_mask, ro_mask, and res_mask). Note that the fiddling with the enable bit shouldn't really be done by qemu, but making this work right (via libxc and the hypervisor) will require more extensive changes, which can be postponed until after the security issue got addressed. This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit b38ec5ee7a581776bbce0bdaecb397632c3c4791 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:00 2015 +0000 xen/MSI-X: limit error messages Limit error messages resulting from bad guest behavior to avoid allowing the guest to cause the control domain's disk to fill. The first message in pci_msix_write() can simply be deleted, as this is indeed bad guest behavior, but such out of bounds writes don't really need to be logged. The second one is more problematic, as there guest behavior may only appear to be wrong: For one, the old logic didn't take the mask-all bit into account. And then this shouldn't depend on host device state (i.e. the host may have masked the entry without the guest having done so). Plus these writes shouldn't be dropped even when an entry is unmasked. Instead, if they can't be made take effect right away, they should take effect on the next unmasking or enabling operation - the specification explicitly describes such caching behavior. Until we can validly drop the message (implementing such caching/latching behavior), issue the message just once per MSI-X table entry. Note that the log message in pci_msix_read() similar to the one being removed here is not an issue: "addr" being of unsigned type, and the maximum size of the MSI-X table being 32k, entry_nr simply can't be negative and hence the conditonal guarding issuing of the message will never be true. This is XSA-130. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 7611dae8a69f0f1775ba1a9a942961c2aa10d88e Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:00 2015 +0000 xen: don't allow guest to control MSI mask register It's being used by the hypervisor. For now simply mimic a device not capable of masking, and fully emulate any accesses a guest may issue nevertheless as simple reads/writes without side effects. This is XSA-129. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 5c83b2f5b4b956e91dd6e5711f14df7ab800aefb Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:07:00 2015 +0000 xen: properly gate host writes of modified PCI CFG contents The old logic didn't work as intended when an access spanned multiple fields (for example a 32-bit access to the location of the MSI Message Data field with the high 16 bits not being covered by any known field). Remove it and derive which fields not to write to from the accessed fields' emulation masks: When they're all ones, there's no point in doing any host write. This fixes a secondary issue at once: We obviously shouldn't make any host write attempt when already the host read failed. This is XSA-128. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 11d306b9df172faeeb3409deba4083dbe479b23c Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Tue Jun 2 12:29:11 2015 +0100 hw/arm/sysbus-fdt: helpers for platform bus nodes addition This new C module will be used by ARM machine files to generate platform bus node and their dynamic sysbus device tree nodes. Dynamic sysbus device node addition is done in a machine init done notifier. arm_register_platform_bus_fdt_creator does the registration of this latter and is supposed to be called by ARM machine files that support platform bus and their dynamic sysbus. Addition of dynamic sysbus nodes is done only if the user did not provide any dtb. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Reviewed-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1433244554-12898-2-git-send-email-eric.auger@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4771cd01daaccb2a8929fa04c88c608e378cf814 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 1 19:18:36 2015 +0100 target-arm: Remove v8_ prefix from names of non-v8-specific cpreg arrays The ARMCPRegInfo arrays v8_el3_no_el2_cp_reginfo and v8_el2_cp_reginfo are actually used on non-v8 CPUs as well. Remove the incorrect v8_ prefix from their names. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1433182716-6400-1-git-send-email-peter.maydell@xxxxxxxxxx commit 9718e4ae362d2f221ec028cdacefafc593ef1357 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Tue Jun 2 14:56:23 2015 +0100 arm_gicv2m: set kvm_gsi_direct_mapping and kvm_msi_via_irqfd_allowed After introduction of kvm_arch_msi_data_to_gsi, kvm_gsi_direct_mapping now can be set on ARM. Also kvm_msi_via_irqfd_allowed can be set, depending on kernel irqfd support, hence enabling VIRTIO-PCI with vhost back-end. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1850b6b7d027bb4b45010a7d1da919267fff2cd4 Author: Eric Auger <eric.auger@xxxxxxxxxx> Date: Tue Jun 2 14:56:23 2015 +0100 kvm: introduce kvm_arch_msi_data_to_gsi On ARM the MSI data corresponds to the shared peripheral interrupt (SPI) ID. This latter equals to the SPI index + 32. to retrieve the SPI index, matching the gsi, an architecture specific function is introduced. Signed-off-by: Eric Auger <eric.auger@xxxxxxxxxx> Acked-by: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0b2ff2ceb8a45cbe51ca13a1a32fc5bdeec71815 Author: Victor CLEMENT <victor.clement@xxxxxxxxxxx> Date: Tue Jun 2 14:56:23 2015 +0100 pl061: fix wrong calculation of GPIOMIS register The masked interrupt status register should be the state of the interrupt after masking. There should be a logical AND instead of a logical OR between the interrupt status and the interrupt mask. Signed-off-by: Victor CLEMENT <victor.clement@xxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1433154824-6927-1-git-send-email-victor.clement@xxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bd204e63a7ce9d1b5c5903c9033863b179194989 Author: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Date: Tue Jun 2 14:56:23 2015 +0100 target-arm: Add the GICv2m to the virt board Add a GICv2m device to the virt board to enable MSIs on the generic PCI host controller. We allocate 64 SPIs in the IRQ space for now (this can be increased/decreased later) and map the GICv2m right after the GIC in the memory map. Reviewed-by: Eric Auger <eric.auger@xxxxxxxxxx> Signed-off-by: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Message-id: 1432897270-7780-5-git-send-email-christoffer.dall@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dfd90a87155882d92a3efa6da9afc773fd8c6796 Author: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Date: Tue Jun 2 14:56:23 2015 +0100 target-arm: Extend the gic node properties In preparation for adding the GICv2m which requires address specifiers and is a subnode of the gic, we extend the gic DT definition to specify the #address-cells and #size-cells properties and add an empty ranges property properties of the DT node, since this is required to add the v2m node as a child of the gic node. Note that we must also expand the irq-map to reference the gic with the right address-cells as a consequence of this change. Reviewed-by: Eric Auger <eric.auger@xxxxxxxxxx> Signed-off-by: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Message-id: 1432897270-7780-4-git-send-email-christoffer.dall@xxxxxxxxxx Suggested-by: Shanker Donthineni <shankerd@xxxxxxxxxxxxxx> Signed-off-by: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 770c58f8d10b61e80a211d87df83670711631530 Author: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Date: Tue Jun 2 14:56:23 2015 +0100 arm_gicv2m: Add GICv2m widget to support MSIs The ARM GICv2m widget is a little device that handles MSI interrupt writes to a trigger register and ties them to a range of interrupt lines wires to the GIC. It has a few status/id registers and the interrupt wires, and that's about it. A board instantiates the device by setting the base SPI number and number SPIs for the frame. The base-spi parameter is indexed in the SPI number space only, so base-spi == 0, means IRQ number 32. When a device (the PCI host controller) writes to the trigger register, the payload is the GIC IRQ number, so we have to subtract 32 from that and then index into our frame of SPIs. When instantiating a GICv2m device, tell PCI that we have instantiated something that can deal with MSIs. We rely on the board actually wiring up the GICv2m to the PCI host controller. Reviewed-by: Eric Auger <eric.auger@xxxxxxxxxx> Signed-off-by: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Message-id: 1432897270-7780-3-git-send-email-christoffer.dall@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 747d009dcac37ce7372b58b21c168f0ad66cf7be Author: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Date: Tue Jun 2 14:56:22 2015 +0100 target-arm: Add GIC phandle to VirtBoardInfo Instead of passing the GIC phandle around between functions, add it to the VirtBoardInfo just like we do for the clock_phandle. We are about to add the v2m phandle as well, and it's easier not having to pass around a bunch of phandles, return multiple values from functions, etc. Reviewed-by: Eric Auger <eric.auger@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Christoffer Dall <christoffer.dall@xxxxxxxxxx> Message-id: 1432897270-7780-2-git-send-email-christoffer.dall@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 57b6d95eb480d66c5bfa4e416d1fbcad0f84fdd2 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Tue Jun 2 14:56:22 2015 +0100 Revert "target-arm: Avoid g_hash_table_get_keys()" Since we now require GLib 2.22+ (commit f40685c), we don't have to work around lack of g_hash_table_get_keys() anymore. This reverts commit 82a3a11897308b606120f7235001e87809708f85. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-id: 1432749090-4698-1-git-send-email-armbru@xxxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8742d49d6f2278d353a1623dfa8a5e237dbfd906 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:22 2015 +0100 target-arm: Add TLBI_VAE2{IS} Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-11-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 51da90140bba4333eeb9c1d8d8d8afc2ca790628 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:22 2015 +0100 target-arm: Add TLBI_ALLE2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-10-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bdb9e2d66afbe0571dce48a9430c35ae4d6bbd32 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:22 2015 +0100 target-arm: Add TLBI_ALLE1{IS} Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-9-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a57633c08fa861807a0713505785bd4d441d7df8 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:21 2015 +0100 target-arm: Add TTBR0_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-8-git-send-email-edgar.iglesias@xxxxxxxxx [PMM: Switch to preferred opc1/crm order for 64-bit AArch32 cpregs; drop unneeded use of vmsa_ttbr_writefn] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ff05f37babe7874f28dcead6e9e4f1904d35a13a Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:21 2015 +0100 target-arm: Add TPIDR_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-7-git-send-email-edgar.iglesias@xxxxxxxxx [PMM: reordered fields into preferred opc0/opc1/crn/crm/opc2 order] Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b9cb5323bb671a0f2bfecc36168d3a3763e90261 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:21 2015 +0100 target-arm: Add SCTLR_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-6-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 06ec4c8c9f9e21b7671c79296f3a47ab63d50067 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:21 2015 +0100 target-arm: Add TCR_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-5-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 95f949ac3dc7d4a6ebee512a9d122db18210df64 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:21 2015 +0100 target-arm: Add MAIR_EL2 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-4-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a903c449b41f105aadd5f762a7aede531b4950f0 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Tue Jun 2 14:56:21 2015 +0100 target-arm: Break down TLB_LOCKDOWN Break down the overly broad wildcard definition of TLB_LOCKDOWN down to v7 level. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-3-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3fc827d591679f3e262b9d1f8b34528eabfca8c0 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Fri May 29 16:43:13 2015 +1000 target-arm: Correct check for non-EL3 This fixes a compile warning from clang 3.5 (the assertion could never fire). Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1432881807-18164-2-git-send-email-edgar.iglesias@xxxxxxxxx Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> [PMM: added note in commit message that this is fixing a build warning] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 25611aa12b4155937d076dbe7445daed62ee6043 Merge: ef99b3e e63d114 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 2 11:25:12 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20150602-1' into staging virtio-input: two small fixups # gpg: Signature made Tue Jun 2 09:32:51 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-input-20150602-1: virtio-input: make virtio devices follow usual naming convention virtio-input: const_le16 and const_le32 not build time constant Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ef99b3ee065d5c817fa0a50d95293e569bfb47fb Merge: b821cbe 9e47226 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Jun 2 10:20:03 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging pc build fix My last pull breaks build on systems with iasl. Fix this up. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Mon Jun 1 20:41:08 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: acpi: add missing ssdt Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e63d114b8a81e22ff9295674ba64b21255d589ee Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Jun 2 10:31:29 2015 +0200 virtio-input: make virtio devices follow usual naming convention Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 16c9d46d32b39b147774ddd948dd2f9ad9049d02 Author: Michael Mueller <mimu@xxxxxxxxxxxxxxxxxx> Date: Mon Jun 1 15:51:56 2015 +0200 virtio-input: const_le16 and const_le32 not build time constant As the implementation of const_le16 and const_le32 is not build time constant on big endian systems this need to be fixed. CC hw/input/virtio-input-hid.o hw/input/virtio-input-hid.c:340:13: error: initializer element is not constant hw/input/virtio-input-hid.c:340:13: error: (near initialization for â??virtio_keyboard_config[1].u.ids.bustypeâ??) ... Signed-off-by: Michael Mueller <mimu@xxxxxxxxxxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 489653b5db17679fd61b740dd289c798bb25d7b9 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 20:01:05 2015 +0100 monitor: Change return type of monitor_cur_is_qmp() to bool Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 9f3982f2dcd96753d57d0ac64bd1ae3b37a90eb3 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 19:56:38 2015 +0100 monitor: Rename monitor_ctrl_mode() to monitor_is_qmp() ... and change return type to bool. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit f994b2587f081693b017ebd03b362d162d3108b3 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 19:51:51 2015 +0100 monitor: Turn int command_mode into bool in_command_mode While there, inline the pointless qmp_cmd_mode() wrapper. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 6a50636f35ba677c747f2f6127b0dba994b039ca Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 19:49:41 2015 +0100 monitor: Drop do_qmp_capabilities()'s superfluous QMP check Superfluous since commit 30f5041 removed it from HMP. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 74358f2a1647b239d87340ea0024f9d2efa266ca Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 19:35:59 2015 +0100 monitor: Unbox Monitor member mc and rename to qmp While there, rename its type as well, from MonitorControl to MonitorQMP. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit c83fe23b58199a6d4a938305cb0fc45fe7729b61 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 19:20:51 2015 +0100 monitor: Rename monitor_control_read(), monitor_control_event() ... to monitor_qmp_read(), monitor_qmp_event(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 7ef6cf6341c453021939c909adf2d62d9dc25fd5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 19:12:36 2015 +0100 monitor: Rename handle_user_command() to handle_hmp_command() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 710aec915d208246891b68e2ba61b54951edc508 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 11:28:00 2015 +0100 monitor: Limit QError use to command handlers The previous commits narrowed use of QError to handle_qmp_command() and its helpers monitor_protocol_emitter(), build_qmp_error_dict(). Narrow it further to just the command handler call: instead of converting Error to QError throughout handle_qmp_command(), convert the QError gotten from the command handler to Error, and switch the helpers from QError to Error. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 452e0300a3521f13b6c4ba0b99a8cea3a29209f1 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 19:11:13 2015 +0100 monitor: Inline monitor_has_error() into its only caller Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 70ea0c58991ae44b5a1e67d9c189d79029168cb1 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri Mar 6 10:47:08 2015 +0100 monitor: Wean monitor_protocol_emitter() off mon->error Move mon->error handling to its caller handle_qmp_command(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 4086182fcd9b106345b5cc535d78bcc6d13a7683 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 29 10:27:16 2015 +0200 monitor: Propagate errors through invalid_qmp_mode() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit ba0510aad43148e5284cb52fcc7a0103b5e0af4d Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Mar 2 18:41:43 2015 +0100 monitor: Propagate errors through qmp_check_input_obj() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 326283aa5d4d51d576185af4cbbdc29f648cd766 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Mon Mar 2 18:39:09 2015 +0100 monitor: Propagate errors through qmp_check_client_args() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 8a4f501c09bcb8b5a220699e378aa8fb7ec178e4 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 18:50:05 2015 +0100 monitor: Drop unused "new" HMP command interface Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 04e00c92ef75629a241ebc50537f75de0867928d Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 17:48:49 2015 +0100 monitor: Use trad. command interface for HMP pcie_aer_inject_error All QMP commands use the "new" handler interface (mhandler.cmd_new). Most HMP commands still use the traditional interface (mhandler.cmd), but a few use the "new" one. Complicates handle_user_command() for no gain, so I'm converting these to the traditional interface. pcie_aer_inject_error's implementation is split into the hmp_pcie_aer_inject_error() and pcie_aer_inject_error_print(). The former is a peculiar crossbreed between HMP and QMP handler. On success, it works like a QMP handler: store QDict through ret_data parameter, return 0. Printing the QDict is left to pcie_aer_inject_error_print(). On failure, it works more like an HMP handler: print error to monitor, return negative number. To convert to the traditional interface, turn pcie_aer_inject_error_print() into a command handler wrapping around hmp_pcie_aer_inject_error(). By convention, this command handler should be called hmp_pcie_aer_inject_error(), so rename the existing hmp_pcie_aer_inject_error() to do_pcie_aer_inject_error(). Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 318660f84a0a26451750aee68ab7dcf88731637d Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 17:24:48 2015 +0100 monitor: Use traditional command interface for HMP device_add All QMP commands use the "new" handler interface (mhandler.cmd_new). Most HMP commands still use the traditional interface (mhandler.cmd), but a few use the "new" one. Complicates handle_user_command() for no gain, so I'm converting these to the traditional interface. For device_add, that's easy: just wrap the obvious hmp_device_add() around do_device_add(). monitor_user_noop() is now unused, drop it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 072ebe6b0351060b33287454fdef625fe79c858f Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 17:00:56 2015 +0100 monitor: Use traditional command interface for HMP drive_del All QMP commands use the "new" handler interface (mhandler.cmd_new). Most HMP commands still use the traditional interface (mhandler.cmd), but a few use the "new" one. Complicates handle_user_command() for no gain, so I'm converting these to the traditional interface. For drive_del, that's easy: hmp_drive_del() sheds its unused last parameter, and its return value, which the caller ignored anyway. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit b8a185bc9a8ecbdc74fd64672e4abdd09a558e1c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 17:29:02 2015 +0100 monitor: Convert client_migrate_info to QAPI Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 13cadefbda71e119db79fe0b7a4efd26a6d005bd Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 19:16:58 2015 +0100 monitor: Improve and document client_migrate_info protocol error Protocol must be spice, vnc isn't implemented. Fix up documentation. Attempts to use vnc or any other unknown protocol yield the misleading error message "Invalid parameter 'protocol'". Improve it to "Parameter 'protocol' expects spice". Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by. Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 84add864ebd2e6f3c645948ab595d8454165ebc5 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 16:45:15 2015 +0100 monitor: Clean up after previous commit Inline qmp_call_cmd() along with its helper handler_audit() into its only caller handle_qmp_command(), and simplify the result. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 65207c59d99f2260c5f1d3b9c491146616a522aa Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 14:35:26 2015 +0100 monitor: Drop broken, unused asynchronous command interface The asynchronous monitor command interface goes back to commit 940cc30 (Jan 2010). Added a third case to command execution. The hope back then according to the commit message was that all commands get converted to the asynchronous interface, killing off the other two cases. Didn't happen. The initial asynchronous commands balloon and info balloon were converted back to synchronous long ago (commit 96637bc and d72f32), with commit messages calling the asynchronous interface "not fully working" and "deprecated". The only other user went away in commit 3b5704b. New code generally uses synchronous commands and asynchronous events. What exactly is still "not fully working" with asynchronous commands? Well, here's a bug that defeats actual asynchronous use pretty reliably: the reply's ID is wrong (and has always been wrong) unless you use the command synchronously! To reproduce, we need an asynchronous command, so we have to go back before commit 3b5704b. Run QEMU with spice: $ qemu-system-x86_64 -nodefaults -S -spice port=5900,disable-ticketing -qmp stdio {"QMP": {"version": {"qemu": {"micro": 94, "minor": 2, "major": 2}, "package": ""}, "capabilities": []}} Connect a spice client in another terminal: $ remote-viewer spice://localhost:5900 Set up a migration destination dummy in a third terminal: $ socat TCP-LISTEN:12345 STDIO Now paste the following into the QMP monitor: { "execute": "qmp_capabilities", "id": "i0" } { "execute": "client_migrate_info", "id": "i1", "arguments": { "protocol": "spice", "hostname": "localhost", "port": 12345 } } { "execute": "query-kvm", "id": "i2" } Produces two replies immediately, one to qmp_capabilities, and one to query-kvm: {"return": {}, "id": "i0"} {"return": {"enabled": false, "present": true}, "id": "i2"} Both are correct. Two lines of debug output from libspice-server not shown. Now EOF socat's standard input to make it close the connection. This makes the asynchronous client_migrate_info complete. It replies: {"return": {}} Bug: "id": "i1" is missing. Two lines of debug output from libspice-server not shown. Cherry on top: storage for the missing ID is leaked. Get rid of this stuff before somebody hurts himself with it. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 9e472263b07d53cb3401ee49ef1b45ef195ddb84 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Jun 1 21:03:59 2015 +0200 acpi: add missing ssdt commit 5cb18b3d7bff2a83275ee98af2a14eb9e21c93ab TPM2 ACPI table support was missing a file, so build with iasl fails (build without iasl works since it uses the generated hex files). Reported-by: "Daniel P. Berrange" <berrange@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b821cbe274c5a5cacf1a7b28360d869ae1e6e0c3 Merge: 9657caf 830d70d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 1 15:22:46 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging pc, pci, tpm, virtio, vhost enhancements and fixes A bunch of cleanups and fixes all over the place, enhancements in TPM, virtio and vhost. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Mon Jun 1 13:19:48 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: (60 commits) vhost-user: add multi queue support virtio: make features 64bit wide qdev: add 64bit properties virtio-mmio: ioeventfd support hw/acpi/aml-build: Fix memory leak acpi: add aml_while() term acpi: add aml_increment() term acpi: add aml_shiftright() term acpi: add aml_shiftleft() term acpi: add aml_index() term acpi: add aml_lless() term acpi: add aml_add() term TPM2 ACPI table support tpm: Probe for connected TPM 1.2 or TPM 2 Extend TPM TIS interface to support TPM 2 Add stream ID to MSI write acpi: Simplify printing to dynamic string i386: drop FDC in pc-q35-2.4+ if neither it nor floppy drives are wanted i386/pc_q35: don't insist on board FDC if there's no default floppy i386/pc: '-drive if=floppy' should imply a board-default FDC ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 830d70db692e374b55555f4407f96a1ceefdcc97 Author: Ouyang Changchun <changchun.ouyang@xxxxxxxxx> Date: Thu May 28 09:23:06 2015 +0800 vhost-user: add multi queue support Based on patch by Nikolay Nikolaev: Vhost-user will implement the multi queue support in a similar way to what vhost already has - a separate thread for each queue. To enable the multi queue functionality - a new command line parameter "queues" is introduced for the vhost-user netdev. Signed-off-by: Nikolay Nikolaev <n.nikolaev@xxxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Changchun Ouyang <changchun.ouyang@xxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 019a3edbb25f1571e876f8af1ce4c55412939e5d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Mon Jun 1 10:45:40 2015 +0200 virtio: make features 64bit wide Make features 64bit wide everywhere. On migration a full 64bit guest_features field is sent if one of the high bits is set, in addition to the lower 32bit guest_features field which must stay for compatibility reasons. That way we send the lower 32 feature bits twice, but the code is simpler because we don't have to split and compose the 64bit features into two 32bit fields. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fdba6d967e00864edd21275a6ee1d23a383510e8 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Mon Jun 1 10:45:39 2015 +0200 qdev: add 64bit properties Needed for virtio features which go from 32bit to 64bit with virtio 1.0 Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 434027badb421863b85ffdb4769966533c001cfa Author: Ying-Shiuan Pan <yingshiuan.pan@xxxxxxxxx> Date: Tue May 12 11:10:50 2015 +0300 virtio-mmio: ioeventfd support set_host_notifier and set_guest_notifiers supported by virtio-mmio now. Most code copied from virtio-pci. This makes it possible to use vhost-net with virtio-mmio, improving performance by about 30%. The kvm-arm does not yet support irqfd, need to fix the hard-coded part after kvm-arm gets irqfd support. Signed-off-by: Ying-Shiuan Pan <yingshiuan.pan@xxxxxxxxx> Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit afcf905cff7971324c2706600ead35a1f41f417a Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Mon May 25 15:14:37 2015 +0800 hw/acpi/aml-build: Fix memory leak Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit 68e6b0af784dda4efd9d4e2e9d3b03a31ca1408c Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Mon May 25 18:33:46 2015 +0300 acpi: add aml_while() term Add encoding for ACPI DefWhile Opcode. Reviewed-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit af39d5363f373e6c1168a0e84658d6e4ef57fa8c Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Mon May 25 18:33:45 2015 +0300 acpi: add aml_increment() term Add encoding for ACPI DefIncrement Opcode. Reviewed-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit f7bd7b8eb6573ed22bfc51e148455a1c0a1e36d0 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Mon May 25 18:33:44 2015 +0300 acpi: add aml_shiftright() term Add encoding for ACPI DefShiftRight Opcode. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> commit a57dddddd2f93b87852fac2ed41a31c45e6d192a Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Mon May 25 18:33:43 2015 +0300 acpi: add aml_shiftleft() term Add encoding for ACPI DefShiftLeft Opcode. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> commit 928b8996576875f9364f77c5a41f12cd55c7b9f7 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Mon May 25 18:33:42 2015 +0300 acpi: add aml_index() term Add encoding for ACPI DefIndex Opcode. Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> commit 96396e2858fd8a0b4ee218c9894b5a67d22d97d9 Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Mon May 25 18:33:41 2015 +0300 acpi: add aml_lless() term Add encoding for ACPI DefLLess Opcode. Reviewed-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c08cf0704247aa55e9b0bb14cf34d845629e0e3e Author: Marcel Apfelbaum <marcel@xxxxxxxxxx> Date: Mon May 25 18:33:40 2015 +0300 acpi: add aml_add() term Add encoding for ACPI DefAdd Opcode. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Marcel Apfelbaum <marcel@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> commit 5cb18b3d7bff2a83275ee98af2a14eb9e21c93ab Author: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Date: Tue May 26 16:51:07 2015 -0400 TPM2 ACPI table support Add a TPM2 ACPI table if a TPM 2 is used in the backend. Also add an SSDT for the TPM 2. Rename tpm_find() to tpm_get_version() and have this function return the version of the TPM found, TPMVersion_Unspec if no TPM is found. Use the version number to build version specific ACPI tables. Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 9657cafceb90accedd574a3accb3d344def8e764 Merge: 97af820 07e1548 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Jun 1 11:29:37 2015 +0100 Merge remote-tracking branch 'remotes/bkoppelmann/tags/pull-tricore-20150530' into staging TriCore bugfixes # gpg: Signature made Sat May 30 15:50:49 2015 BST using RSA key ID 6B69CA14 # gpg: Good signature from "Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx>" * remotes/bkoppelmann/tags/pull-tricore-20150530: target-tricore: fix BOL_ST_H_LONGOFF using ld target-tricore: fix msub32_q producing the wrong overflow bit target-tricore: fix OPC2_32_RR_DVINIT_HU having write before use on the result Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 56a3c24ffc11955ddc7bb21362ca8069a3fc8c55 Author: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Date: Tue May 26 16:51:06 2015 -0400 tpm: Probe for connected TPM 1.2 or TPM 2 In the TPM passthrough backend driver, modify the probing code so that we can check whether a TPM 1.2 or TPM 2 is being used and adapt the behavior of the TPM TIS accordingly. Move the code that tested for a TPM 1.2 into tpm_utils.c and extend it with test for probing for TPM 2. Have the function return the version of TPM found. Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 116694c34aa794a994051fce55bfee418fe1521d Author: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Date: Tue May 26 16:51:05 2015 -0400 Extend TPM TIS interface to support TPM 2 Following the recent upgrade to version 1.3, extend the TPM TIS interface with capabilities introduced for support of a TPM 2. TPM TIS for TPM 2 introduced the following extensions beyond the TPM TIS 1.3 (used for TPM 1.2): - A new 32bit interface Id register was introduced. - New flags for the status (STS) register were defined. - New flags for the capability flags were defined. Support the above if a TPM TIS 1.3 for TPM 2 is used with a TPM 2 on the backend side. Support the old TPM TIS 1.3 configuration if a TPM 1.2 is being used. A subsequent patch will then determine which TPM version is being used in the backend. Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 38d40ff10f71657ea913a63d1f8477be368b92c1 Author: Pavel Fedin <p.fedin@xxxxxxxxxxx> Date: Wed May 27 15:59:59 2015 +0300 Add stream ID to MSI write GICv3 ITS distinguishes between devices by using hardwired device IDs passed on the bus. This patch implements passing these IDs in qemu. SMMU is also known to use stream IDs, therefore this addition can also be useful for implementing platforms with SMMU. Signed-off-by: Pavel Fedin <p.fedin@xxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Changes from v1: - Added bus number to the stream ID - Added stream ID not only to MSI-X, but also to plain MSI. Some common code was made into msi_send_message() function. Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c3bdc56c183f6ca6baa502bd7861583ca98b333b Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed May 27 19:55:55 2015 +0200 acpi: Simplify printing to dynamic string build_append_namestringv() and aml_string() first calculate the resulting string's length with vsnprintf(NULL, ...), then allocate, then print for real. Simply use g_strdup_vprintf() or g_vasprintf() instead. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit ea96bc629cbd52be98b2967a4b4f72e91dfc3ee4 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu May 28 22:04:11 2015 +0200 i386: drop FDC in pc-q35-2.4+ if neither it nor floppy drives are wanted It is Very annoying to carry forward an outdatEd coNtroller with a mOdern Machine type. Hence, let us not instantiate the FDC when all of the following apply: - the machine type is pc-q35-2.4 or later, - "-device isa-fdc" is not passed on the command line (nor in the config file), - no "-drive if=floppy,..." is requested. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Cc: "Gabriel L. Somlo" <gsomlo@xxxxxxxxx> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: qemu-block@xxxxxxxxxx Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 6cd2234ccbacf2825372142a2658bf318ce2f848 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu May 28 22:04:10 2015 +0200 i386/pc_q35: don't insist on board FDC if there's no default floppy The "no_floppy = 1" machine class setting causes "default_floppy" in main() to become zero. Consequently, default_drive() will not call drive_add() and drive_new() for IF_FLOPPY, index=0, meaning that no default floppy drive will be created for the virtual machine. In that case, board code should also not insist on the creation of the board-default FDC. The board-default FDC will still be created if the user requests a floppy drive with "-drive if=floppy". Additionally, separate FDCs can be specified manually with "-device isa-fdc". They allow the -device isa-fdc,driveA=... syntax that is more flexible than the one required by the board-default FDC: -global isa-fdc.driveA=... This patch doesn't change the behavior observably, as all Q35 machine types have "no_floppy = 0". Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Cc: "Gabriel L. Somlo" <gsomlo@xxxxxxxxx> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: qemu-block@xxxxxxxxxx Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 936a7c1cf7410a3bab97c98301054921d47a8918 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu May 28 22:04:09 2015 +0200 i386/pc: '-drive if=floppy' should imply a board-default FDC Even if board code decides not to request the creation of the FDC (keyed off board-level factors, to be determined later), we should create the FDC nevertheless if the user passes '-drive if=floppy' on the command line. Otherwise '-drive if=floppy' would break without explicit '-device isa-fdc' on such boards. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Cc: "Gabriel L. Somlo" <gsomlo@xxxxxxxxx> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: qemu-block@xxxxxxxxxx Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> commit fd53c87cf6651b0dfe9f5107cfe77d2f697bd4f6 Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Thu May 28 22:04:08 2015 +0200 i386/pc: pc_basic_device_init(): delegate FDC creation request This patch introduces no observable change, but it allows the callers of pc_basic_device_init(), ie. pc_init1() and pc_q35_init(), to request (or not request) the creation of the FDC explicitly. At the moment both callers pass constant create_fdctrl=true (hence no observable change). Assuming a board passes create_fdctrl=false, "floppy" will be NULL on output, and (beyond the FDC not being created) that NULL will be passed on to pc_cmos_init(). Luckily, pc_cmos_init() already handles that case. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Cc: John Snow <jsnow@xxxxxxxxxx> Cc: "Gabriel L. Somlo" <gsomlo@xxxxxxxxx> Cc: "Michael S. Tsirkin" <mst@xxxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: qemu-block@xxxxxxxxxx Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> commit b829c2a98f1f67308eb02fcddb52d8fa67775f18 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:32 2015 +0800 virtio: increase the queue limit to 1024 Increase the queue limit to 1024. But virtio-ccw and s390-virtio won't support this, this is done through failing device_plugged() for those two transports if the number of virtqueues is greater than 64. Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 87b3bd1c858e6cacac4d403da9109ec3a04fe9d0 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:31 2015 +0800 virtio: rename VIRTIO_PCI_QUEUE_MAX to VIRTIO_QUEUE_MAX VIRTIO_PCI_QUEUE_MAX is not only used for pci, so rename it be generic. Cc: Amit Shah <amit.shah@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d820331a0b47cbbdc409b435545aea25e19b57ad Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:30 2015 +0800 virtio-s390: introduce virtio_s390_device_plugged() This patch introduce a virtio-s390 specific device_plugged() function and doing the number of virtqueue validation inside. Cc: Alexander Graf <agraf@xxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 74c85296dc880568005b8e7572e08a39d66bcdca Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:29 2015 +0800 virtio-s390: introduce virito s390 queue limit Cc: Alexander Graf <agraf@xxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 10ceaa1e8f9f74c917df1fe5db856817a8b26fe7 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:28 2015 +0800 virtio-ccw: validate the number of queues against bus limitation Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8dfbaa6ac450c4ec2646b1ca08a4017052a90c1d Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:27 2015 +0800 virtio-ccw: introduce ccw specific queue limit Cc: Alexander Graf <agraf@xxxxxxx> Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 8ad176aaed24535f535e0fdb03c538c23017535d Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:26 2015 +0800 virtio: introduce virtio_get_num_queues() This patch introduces virtio_get_num_queues() which iterates the vqs array and return the number of virtqueues used by device. Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit e83980455c8c7eb066405de512be7c4bace3ac4d Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:25 2015 +0800 virtio: device_plugged() can fail This patch passes error pointer to transport specific device_plugged() callback. Through this way, device_plugged() can do some transport specific check and fail. This will be uesd by following patches that check the number of virtqueues against the transport limitation. Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit da51a335aa61ec0e45879d80f3c5e2ee4f87cd2f Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Fri May 29 14:15:24 2015 +0800 virtio-net: adding all queues in .realize() Instead of adding queues for multiqueue during feature set. This patch did this in .realize(), this will help the following patches that count the number of virtqueues used in .device_plugged() callback. Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit cf34f533a161f8ced7322321d70ca00414d47473 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri May 29 11:29:40 2015 +0200 virtio: move VIRTIO_F_NOTIFY_ON_EMPTY into core Nearly all transports have been offering VIRTIO_F_NOTIFY_ON_EMPTY, s390-virtio being the exception. There's no reason why it shouldn't offer it as well, though (handling is done in core anyway), so let's move it to the common virtio features. While we're changing it anyway, fix the indentation for the DEFINE_VIRTIO_COMMON_FEATURES macro. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 13644819c5bf322ae4c2a415aca77d5dbde95fe8 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri May 29 11:29:39 2015 +0200 virtio-ccw: Don't advertise VIRTIO_F_BAD_FEATURE This was copied from virtio-pci, but it doesn't make much sense for ccw, as it doesn't have to handle the broken implementations this bit is supposed to deal with. Remove it. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 6b8f1020540c27246277377aa2c3331ad2bfb160 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue May 26 16:34:47 2015 +0200 virtio: move host_features Move host_features from the individual transport proxies into the virtio device. Transports may continue to add feature bits during device plugging. This should it make easier to offer different sets of host features for virtio-1/transitional support. Tested-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 2332333c9738b442fbbd5b83a1eaa6be656ab9b5 Author: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Date: Fri May 29 21:57:32 2015 +0200 pc: acpi: fix pvpanic for buggy guests In the old times, we always had pvpanic in ACPI and a _STA method told the guest not to use it. Automatic generation dropped the _STA method as the specification says that missing _STA means enabled and working. Some guests (Linux) had buggy drivers and this change made them unable to utilize pvpanic. A Linux patch is posted as well, but I think it's worth to make pvpanic useable on old guests at the price of three lines and few bytes of SSDT. The old _STA method was Method (_STA, 0, NotSerialized) { Store (PEST, Local0) If (LEqual (Local0, Zero)) { Return (Zero) } Else { Return (0x0F) }} Igor pointed out that we don't need to use a method to return a constant and that 0xB (don't show in UI) is the common definition now. Also, the device used to be PEVT. (PEVT as in "panic event"?) Signed-off-by: Radim KrÄ?máÅ? <rkrcmar@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 99fbeafee8b568e796863980365080abdb8d675e Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:19:01 2015 -0300 pc: Generate init functions with a macro All pc-i440fx and pc-q35 init functions simply call the corresponding compat function and then call the main init function. Use a macro to generate that code. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 211b5b1d0a31f2f7593d6858a0b10487fb7b7fac Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:19:00 2015 -0300 piix: Eliminate pc_init_pci() The function is not needed anymore, we can simply call pc_init1() directly. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 72d164aa73b7c8d22a63b8ee789f97e4a8d2aa5c Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:18:59 2015 -0300 piix: Add kvmclock_enabled, pci_enabled globals This looks like a step backwards, but it will allow pc-0.1[0123] and isapc to follow the same compat+init pattern used by the other machine-types, allowing us to generate all init function using the same macro later. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d48f4fa69eb3efb03a2efe2e4606a97a17cf222f Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:18:58 2015 -0300 machine: Remove unused fields from QEMUMachine This removes the following fields from QEMUMachine: family, alias, reset, hot_add_cpu, units_per_default_bus, no_serial, no_parallel, use_virtcon, use_sclp, no_floppy, no_cdrom, default_display, compat_props, and hw_version. The only users of those fields were already converted to use QOM and MachineClass directly, so they are not needed anymore. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d644b11657ae047d50d8ea9ce285ecd6dae04ca2 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:18:57 2015 -0300 pc: Remove qemu_register_pc_machine() function The helper is not needed anymore, as the PC machine classes are registered using QOM directly. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 865906f7fdadd2732441ab158787f81f6a212bfe Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:18:56 2015 -0300 pc: Don't use QEMUMachine anymore Now that we have a DEFINE_PC_MACHINE helper macro that just requires an initialization function, it is trivial to convert them to register a QOM machine class directly, instead of using QEMUMachine. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 25519b062c70f2afe2d2f0c262f3838a41e8bc7c Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:18:55 2015 -0300 pc: Move compat_props setting inside *_machine_options() functions This will simplify the DEFINE_PC_MACHINE macro, and will help us to implement reuse of PC_COMPAT_* macros through class_init function reuse, in the future. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fddd179ab962f6f78a8493742e1068d6a620e059 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:18:54 2015 -0300 pc: Convert *_MACHINE_OPTIONS macros into functions By now the new functions will get QEMUMachine as argument, but they will be later converted to initialize a MachineClass struct directly. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 61f219dfb093c0df91926928c780299cdf429619 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:18:53 2015 -0300 pc: Define machines using a DEFINE_PC_MACHINE macro This will automatically generate the existing QEMUMachine structs based on the *_MACHINE_OPTIONS macros, and automatically add registration code for them. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit b6b5c8e492ae7b71a16fe702b7409bff0feebfa7 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 15 14:18:52 2015 -0300 pc: Define MACHINE_OPTIONS macros consistently for all machines Define a MACHINE_OPTIONS macro for each PC machine, and move every field inside the QEMUMachine structs to the macros, except for name, init, and compat_props. This also ensures that all MACHINE_OPTIONS inherit the fields from the next version, so their definitions carry only the changes that exist between one version and the next one. Comments about specific cases: pc-*-2.1: Existing PC_*_2_1_MACHINE_OPTIONS macros were defined as: PC_*_MACHINE_OPTIONS, .default_machine_opts = "firmware=bios-256k.bin" PC_*_2_2_MACHINE_OPTIONS is: PC_*_2_3_MACHINE_OPTIONS which is expanded to: PC_*_MACHINE_OPTIONS, .default_machine_opts = "firmware=bios-256k.bin", .default_display = "std" The only difference between 2_1 and 2_2 is .default_display, that's why we didn't reuse PC_*_2_2_MACHINE_OPTIONS. The good news is that having multiple initializers for a field is allowed by C99, and the last initializer overrides the previous ones. So we can reuse the 2_2 macro in 2_1 and define PC_*_2_1_MACHINE_OPTIONS as: PC_*_2_2_MACHINE_OPTIONS, .default_display = NULL pc-*-1.7: PC_*_1_7_MACHINE_OPTIONS was defined as: PC_*_MACHINE_OPTIONS PC_*_2_0_MACHINE_OPTIONS is defined as: PC_*_2_1_MACHINE_OPTIONS which is expanded to: PC_*_2_2_MACHINE_OPTIONS, .default_display = NULL which is expanded to: PC_*_2_3_MACHINE_OPTIONS, .default_display = NULL which is expanded to: PC_*_MACHINE_OPTIONS, .default_machine_opts = "firmware=bios-256k.bin", .default_display = "std", .default_display = NULL /* overrides the previous line */ So, the only difference between PC_*_1_7_MACHINE_OPTIONS and PC_*_2_0_MACHINE_OPTIONS is .default_machine_opts (as .default_display is not explicitly set by PC_*_MACHINE_OPTIONS so it is NULL). So we can keep the macro reuse pattern and define PC_*_2_0_MACHINE_OPTIONS as: PC_*_2_0_MACHINE_OPTIONS, .default_machine_opts = NULL pc-*-2.4 (alias and is_default fields): Set alias and is_default fields inside the 2.4 MACHINE_OPTIONS macro, and clear it in the 2.3 macro (that reuses the 2.4 macro). hw_machine: As all the machines older than v1.0 set hw_version explicitly, we can safely move the field to the MACHINE_OPTIONS macros without affecting the other versions that reuse them. init function: Some machines had the init function set inside the MACHINE_OPTIONS macro. Move it to the QEMUMachine declaration, to keep it consistent with the other machines. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit f6d5a0bad276ea97fac4e0efb0f41f54a3f1ac84 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:10 2015 -0300 piix: Define PC_COMPAT_0_10 Move compat_props from pc-0.10 to the macro, to make it consistent with the other machines. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit faf7e4254fa33a13805a34a1ffeeb9dcc0a36a5e Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:09 2015 -0300 piix: Move pc-0.1[23] rombar compat props to PC_COMPAT_0_13 The VGA and vmware-svga rombar compat properties were added by commit 281a26b15b4adcecb8604216738975abd754bea8, but only to pc-0.13 and pc-0.12. This breaks the PC_COMPAT_* nesting pattern we currently follow. The new variables will now be inherited by pc-0.11 and older, but pc-0.11 and pc-0.10 already have PCI.rombar=0 on compat_props, so they shouldn't be affected at all. Cc: Stefan Weil <sw@xxxxxxxxxxx> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d765519bef48bd95f2139314a5354144387523eb Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:08 2015 -0300 piix: Move pc-0.13 virtio-9p-pci compat to PC_COMPAT_0_13 The compat property was added by commit 9dbcca5aa13cb9ab40788ac4c56bc227d94ca920, and the pc-0.12 and older machine-types were not changed because virtio-9p-pci was introduced on QEMU 0.13 (commit 9f10751365b26b13b8a9b67e0e90536ae3d282df). The only problem is that this breaks the PC_COMPAT_* nesting pattern we currently use. So, move the property to PC_COMPAT_0_13. This make pc-0.12 and older inherit it, but that shouldn't be an issue as QEMU 0.12 didn't have virtio-9p-pci. Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Cc: Aneesh Kumar K.V <aneesh.kumar@xxxxxxxxxxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d5303df71073da70e0ad29a6dfb304ec7b747f5c Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:07 2015 -0300 piix: Move pc-0.11 drive version compat props to PC_COMPAT_0_11 The current code setting ide-drive.ver and scsi-disk.ver on pc-0.11 breaks the PC_COMPAT_* nesting pattern we currently use. As those variables are overwritten in pc-0.10 too, they can be inherited by pc-0.10 with no side-effects at all. Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit bb08d8829b5bec6af619e4532a397ef12727516c Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:06 2015 -0300 piix: Move pc-0.14 qxl compat properties to PC_COMPAT_0_14 Those properties were introduced by commit 3827cdb1c3aa17a792d1658161195b9d7173c26b. They were not duplicated into pc-0.13 and older because 0.14 was the first QEMU version supporting qxl. The only problem is that this breaks the PC_COMPAT_* nesting pattern we currently use. So, move the properties to PC_COMPAT_0_14. This makes pc-0.13 and older inherit them, but that shouldn't be an issue as QEMU 0.13 didn't support qxl. Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 38ff32c6e6fd966c5adb9cde4d393a8cca9ef093 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:05 2015 -0300 spapr: define SPAPR_COMPAT_2_3 Don't add the pseries-2.3 machine yet, but define the corresponding SPAPR_COMPAT macro to make sure both pseries-2.2 and pseries-2.1 will inherit HW_COMPAT_2_3. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4dfd8eaa19c90087f19b56da5d04d9c468109a65 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:04 2015 -0300 spapr: Use HW_COMPAT_* inside SPAPR_COMPAT_* macros SPAPR_COMPAT_2_1 will need to include both HW_COMPAT_2_2 and HW_COMPAT_2_1, so include HW_COMPAT_2_1 inside SPAPR_COMPAT_2_1 and HW_COMPAT_2_2 inside SPAPR_COMPAT_2_2. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 42134ac9d74799cf2f70257798b72a2988b75d31 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:03 2015 -0300 pc: Define PC_COMPAT_2_[123] macros Once we start adding compat code for pc-2.3, the usage of HW_COMPAT_2_1 in pc-*-2.2 won't be enough, as it also has to include PC_COMPAT_2_3 inside it. To ensure that, define PC_COMPAT_2_3, PC_COMPAT_2_2, and PC_COMPAT_2_1 macros. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 1edbde82b809f80b973978886d8232fbf280cb03 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:02 2015 -0300 hw: Define empty HW_COMPAT_2_[23] macros Now we can make everything consistent and define the macros even if they are still empty. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit dd754baf46b6479a02521f671a0b58ffc799810e Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:01 2015 -0300 spapr: Move commas inside SPAPR_COMPAT_* macros Changing the convention to include commas inside the macros will allow macros containing empty lists to be defined and used without compilation errors. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit a7cde24dc2f104c8e5861df0e2938e79264e9d58 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:53:00 2015 -0300 pc: Move commas inside PC_COMPAT_* macros Changing the convention to include commas inside the macros will allow macros containing empty lists to be defined and used without compilation errors. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit f27086a731bbd0141646702c95f6dc5fce3e8575 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:52:59 2015 -0300 hw: Move commas inside HW_COMPAT_2_1 macro Changing the convention to include commas inside the macros will allow macros containing empty lists to be defined and used without compilation errors. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4974920ab8fc8cf05687f1f764650dbc7c821004 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu May 14 15:52:58 2015 -0300 pc: Replace tab with spaces Coding style change only. Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit ecfa60e37439c870d08a90a845b061a53aa26f74 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Mon May 11 17:34:07 2015 +0800 hw/s390x/virtio-ccw: use alias property for virtio-balloon-ccw Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 39b87c7b9f8bf3618e0357699d29615e521264d8 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Mon May 11 17:34:06 2015 +0800 hw/virtio/virtio-pci: use alias property for virtio-balloon-pci Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 1190044ea5a1c9a871664c4e2013072e51e56d5a Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Mon May 11 17:34:05 2015 +0800 hw/virtio/virtio-balloon: move adding property to virtio_balloon_instance_init This is in preparation for using alias property in virtio-balloon-pci and virtio-balloon-ccw. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 07e15486faf353260431f10e85185372c5036baa Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Fri May 22 12:15:58 2015 +0200 target-tricore: fix BOL_ST_H_LONGOFF using ld Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Message-Id: <1432289758-6250-4-git-send-email-kbastian@xxxxxxxxxxxxxxxxxxxxx> commit 9bbd4843c052a0a467c7a3363046b0c95c0e5fc0 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Fri May 22 12:15:57 2015 +0200 target-tricore: fix msub32_q producing the wrong overflow bit The inversion of the overflow bit as a special case, which was needed for the madd32_q instructions, does not apply for msub32_q instructions. So remove it. Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Message-Id: <1432289758-6250-3-git-send-email-kbastian@xxxxxxxxxxxxxxxxxxxxx> commit 05b6ca9bbcaede74120050aa8e6684300c09257c Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Fri May 22 12:15:56 2015 +0200 target-tricore: fix OPC2_32_RR_DVINIT_HU having write before use on the result If the argument r1 was the same as the extended result register r3+1, we would overwrite r1 and then use it. Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Message-Id: <1432289758-6250-2-git-send-email-kbastian@xxxxxxxxxxxxxxxxxxxxx> commit 97af820f539efe80b87615a04f9de11ea585f725 Merge: 2cc3bdb 3960c33 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 17:10:57 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150529' into staging target-arm: * Support ACPI for ARMv8 systems using the 'virt' board (and a UEFI boot image, typically) * avoid buffer overrun in some UNPREDICTABLE ldrd/strd cases * further work preparing for 64-bit EL2/EL3 support # gpg: Signature made Fri May 29 12:14:06 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150529: (39 commits) target-arm: Avoid buffer overrun on UNPREDICTABLE ldrd/strd hw/arm/virt: Enable dynamic generation of ACPI v5.1 tables ACPI: split CONFIG_ACPI into 4 pieces hw/arm/virt-acpi-build: Add PCIe controller in ACPI DSDT table hw/acpi/aml-build: Add Unicode macro hw/acpi/aml-build: Add aml_dword_io() term hw/acpi/aml-build: Add aml_create_dword_field() term hw/acpi/aml-build: Add aml_else() term hw/acpi/aml-build: Add aml_lnot() term hw/acpi/aml-build: Add aml_or() term hw/acpi/aml-build: Add ToUUID macro hw/acpi/aml-build: Make aml_buffer() definition consistent with the spec hw/arm/virt-acpi-build: Generate MCFG table hw/arm/virt-acpi-build: Generate RSDP table hw/arm/virt-acpi-build: Generate RSDT table hw/arm/virt-acpi-build: Generate GTDT table hw/arm/virt-acpi-build: Generate MADT table hw/arm/virt-acpi-build: Generate FADT table and update ACPI headers hw/arm/virt-acpi-build: Generation of DSDT table for virt devices hw/acpi/aml-build: Add aml_interrupt() term ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2cc3bdbe2d3908f7a813d1c2d774cc2bf07746cd Merge: 2a90c45 9abe3bd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 15:32:15 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-block-2015-05-29' into staging Block QAPI, monitor, command line patches # gpg: Signature made Fri May 29 12:02:32 2015 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-block-2015-05-29: qapi: add dirty bitmap status Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2a90c454a1b90ace56ed908cd064f2fd483d1231 Merge: 9441aa2 63c67b6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 14:24:35 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-gtk-20150529-1' into staging gtk: add opengl rendering support. small bugfixes for gtk and opengl ui code. # gpg: Signature made Fri May 29 10:44:54 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-gtk-20150529-1: gtk: Replace gdk_cursor_new() gtk: add opengl support, using egl ui: add egl-helpers ui: shader.h protect against double inclusion ui: use libexpoxy Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9abe3bdc45ced367fe034c0fdd7c686212389767 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue May 12 15:53:01 2015 -0400 qapi: add dirty bitmap status Bitmaps can be in a handful of different states with potentially more to come as we tool around with migration and persistence patches. Management applications may need to know why certain bitmaps are unavailable for various commands, e.g. busy in another operation, busy being migrated, etc. Right now, all we offer is BlockDirtyInfo's boolean member 'frozen'. Instead of adding more booleans, replace it by an enumeration member 'status' with values 'active' and 'frozen'. Then add new value 'disabled'. Incompatible change. Fine because the changed part hasn't been released so far. Suggested-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> [Commit message tweaked] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 3960c336ad96c2183549c8bf32bbff93ecda7ea4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:29:00 2015 +0100 target-arm: Avoid buffer overrun on UNPREDICTABLE ldrd/strd A LDRD or STRD where rd is not an even number is UNPREDICTABLE. We were letting this fall through, which is OK unless rd is 15, in which case we would attempt to do a load_reg or store_reg to a nonexistent r16 for the second half of the double-word. Catch the odd-numbered-rd cases and UNDEF them instead. To do this we rearrange the structure of the code a little so we can put the UNDEF catches at the top before we've allocated TCG temporaries. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1431348973-21315-1-git-send-email-peter.maydell@xxxxxxxxxx commit d7c2e2db28eb7e8f2ed7467fa2f2c59026b206d1 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:59 2015 +0100 hw/arm/virt: Enable dynamic generation of ACPI v5.1 tables Initialize VirtGuestInfoState and register a machine_init_done notify to call virt_acpi_build(). Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Message-id: 1432522520-8068-25-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 135a67a692bedb952ea720351026247104da8645 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:59 2015 +0100 ACPI: split CONFIG_ACPI into 4 pieces As core.c, piix4.c, ich9.c and pcihp.c are for x86, add CONFIG_ACPI_X86 to make it only for x86. ARM doesn't support cpu and memory hotplug, add CONFIG_ACPI_CPU_HOTPLUG and CONFIG_ACPI_MEMORY_HOTPLUG to exclude them for target-arm. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1432522520-8068-24-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d4e5de1ae02f6b47eb088531d3d4d047b4db6cfa Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:59 2015 +0100 hw/arm/virt-acpi-build: Add PCIe controller in ACPI DSDT table Add PCIe controller in ACPI DSDT table, so the guest can detect the PCIe. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Message-id: 1432522520-8068-23-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e1f776c434f8f18079b82d8121c166fb53a63451 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:59 2015 +0100 hw/acpi/aml-build: Add Unicode macro Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-22-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 616ef329adbb671be783a1dba96d881b9218ff80 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:58 2015 +0100 hw/acpi/aml-build: Add aml_dword_io() term Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-21-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ed8176a37a8f227e61daddbcf92dc5d1cad45818 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:58 2015 +0100 hw/acpi/aml-build: Add aml_create_dword_field() term Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-20-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 467b07dfae6087381d0993ab910253a6c1850457 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:58 2015 +0100 hw/acpi/aml-build: Add aml_else() term Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-19-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ea7df04a0217fe6314a1520dde1883c45fefcaaa Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:58 2015 +0100 hw/acpi/aml-build: Add aml_lnot() term Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-18-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 922cc8823e484733021a7be5b0e876eba2218623 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:58 2015 +0100 hw/acpi/aml-build: Add aml_or() term Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-17-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b930fb9db4aa07abb8f3871eb7379242edbdf2a5 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:57 2015 +0100 hw/acpi/aml-build: Add ToUUID macro Add ToUUID macro, this is useful for generating PCIe ACPI table. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-16-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ed8b5847e46c24d6e9c286892a00a34bee9b0835 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:57 2015 +0100 hw/acpi/aml-build: Make aml_buffer() definition consistent with the spec According to ACPI spec, DefBuffer can take two parameters: BufferSize and ByteList. Make it consistent with the spec. Uninitialized buffer could be requested by passing ByteList as NULL to reserve space. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-15-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8434488400971c6793893b8c9547bc6b97e076ce Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:57 2015 +0100 hw/arm/virt-acpi-build: Generate MCFG table Generate MCFG table for PCIe controller. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1432522520-8068-14-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d4bec5d876b694f7f13ad3fcfe510ff46e9748d0 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:56 2015 +0100 hw/arm/virt-acpi-build: Generate RSDP table RSDP points to RSDT which in turn points to other tables. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1432522520-8068-13-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 243bdb79fb0b2eda176cdef37700f29068a71d43 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:56 2015 +0100 hw/arm/virt-acpi-build: Generate RSDT table RSDT points to other tables FADT, MADT, GTDT. This code is shared with x86. Here we still use RSDT as UEFI puts ACPI tables below 4G address space, and UEFI ignore the RSDT or XSDT. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1432522520-8068-12-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ee246400c1ceef2014e120b718388d5f4aea8a2a Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:56 2015 +0100 hw/arm/virt-acpi-build: Generate GTDT table ACPI v5.1 defines GTDT for ARM devices as a place to describe timer related information in the system. The Arch Timer interrupts must be provided for GTDT. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1432522520-8068-11-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 982d06c561a62cf7d2a8d31e8a8c107fb3477419 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:56 2015 +0100 hw/arm/virt-acpi-build: Generate MADT table MADT describes GIC enabled ARM platforms. The GICC and GICD subtables are used to define the GIC regions. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1432522520-8068-10-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c2f7c0c306dcd56725b506d3743eed421e6d0994 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:55 2015 +0100 hw/arm/virt-acpi-build: Generate FADT table and update ACPI headers In the case of mach virt, it is used to set the Hardware Reduced bit and enable PSCI SMP booting through HVC. So ignore FACS and FADT points to DSDT. Update the header definitions for FADT taking into account the new additions of ACPI v5.1 in `include/hw/acpi/acpi-defs.h` Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Message-id: 1432522520-8068-9-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dfccd8cfd7c5d1b6740463821d84106bbaced44c Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:55 2015 +0100 hw/arm/virt-acpi-build: Generation of DSDT table for virt devices DSDT consists of the usual common table header plus a definition block in AML encoding which describes all devices in the platform. After initializing DSDT with header information the namespace is created which is followed by the device encodings. The devices are described using the Resource Template for the 32-Bit Fixed Memory Range and the Extended Interrupt Descriptors. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1432522520-8068-8-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 205d1d1c04033b1be4c925e687b6865d1fc1b26b Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:55 2015 +0100 hw/acpi/aml-build: Add aml_interrupt() term Add aml_interrupt() for describing device interrupt in resource template. These can be used to generating DSDT table for ACPI on ARM. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Message-id: 1432522520-8068-7-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dc17ab1de53d37ddcca81b16dfeae839322fbe5a Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:55 2015 +0100 hw/acpi/aml-build: Add aml_memory32_fixed() term Add aml_memory32_fixed() for describing device mmio region in resource template. These can be used to generating DSDT table for ACPI on ARM. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1432522520-8068-6-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f5d8c8cd792b3712f85a1f9a3a9a719015691975 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:54 2015 +0100 hw/arm/virt-acpi-build: Basic framework for building ACPI tables on ARM Introduce a preliminary framework in virt-acpi-build.c with the main ACPI build functions. It exposes the generated ACPI contents to guest over fw_cfg. The required ACPI v5.1 tables for ARM are: - RSDP: Initial table that points to XSDT - RSDT: Points to FADT GTDT MADT tables - FADT: Generic information about the machine - GTDT: Generic timer description table - MADT: Multiple APIC description table - DSDT: Holds all information about system devices/peripherals, pointed by FADT Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Message-id: 1432522520-8068-5-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6a1f001be3ea7478cac803d03149cfcfc1fa2094 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:54 2015 +0100 hw/arm/virt: Record PCIe ranges in MemMapEntry array To generate ACPI table for PCIe controller, we need the base and size of the PCIe ranges. Record these ranges in MemMapEntry array, then we could share and use them for generating ACPI table. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Message-id: 1432522520-8068-4-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit afe0b3803f1a5fffe618af5a483d4c9567b5c5b7 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:54 2015 +0100 hw/arm/virt: Move common definitions to virt.h Move some common definitions to virt.h. These will be used by generating ACPI tables. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1432522520-8068-3-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ff80dc7fa8045e2b2531888d965424d2b0e1d1b6 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri May 29 11:28:54 2015 +0100 hw/acpi/aml-build: Make enum values to be upper case to match coding style Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Message-id: 1432522520-8068-2-git-send-email-zhaoshenglong@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b1eced713d9913a5c58ba9daa795f10e4c856c49 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Fri May 29 11:28:53 2015 +0100 target-arm: Add WFx instruction trap support Add support for trapping WFI and WFE instructions to the proper EL when SCTLR/SCR/HCR settings apply. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> [PMM: removed unnecessary tweaking of syn_wfx() prototype; use raise_exception(); don't trap on WFE (and add comment explaining why not); remove unnecessary ARM_FEATURE checks; trap to EL3, not EL1, if in S-EL0 and SCTLR check fires] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 84549b6dcf9147559ec08b066de673587be6b763 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:28:53 2015 +0100 target-arm: Don't halt on WFI unless we don't have any work Just NOP the WFI instruction if we have work to do. This doesn't make much difference currently (though it does avoid jumping out to the top level loop and immediately restarting), but the distinction between "halt" and "don't halt" will become more important when the decision to halt requires us to trap to a higher exception level instead. Suggested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 647f767ba3b37fb229275086187e96242248a4ac Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:28:53 2015 +0100 target-arm: Move TB flags down to fill gap Deleting the now-unused ARM_TBFLAG_CPACR_FPEN left a gap in the bit usage; move the following ARM_TBFLAG_XSCALE_CPAR and ARM_TBFLAG_NS_SHIFT down 3 bits to fill the gap. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 9dbbc748d671c70599101836cd1c2719d92f3017 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Fri May 29 11:28:53 2015 +0100 target-arm: Extend FP checks to use an EL Extend the ARM disassemble context to take a target exception EL instead of a boolean enable. This change reverses the polarity of the check making a value of 0 indicate floating point enabled (no exception). Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> [PMM: Use a common TB flag field for AArch32 and AArch64; CPTR_EL2 exists in v7; CPTR_EL2 should trap for EL2 accesses; CPTR_EL2 should not trap for secure accesses; CPTR_EL3 should trap for EL3 accesses; CPACR traps for secure accesses should trap to EL3 if EL3 is AArch32] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 3cf6a0fcedd429693d439556543400d5f0e31e1d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:28:52 2015 +0100 target-arm: Make singlestate TB flags common between AArch32/64 Currently we keep the TB flags PSTATE_SS and SS_ACTIVE in different bit positions for AArch64 and AArch32. Replace these separate definitions with a single common flag in the upper part of the flags word. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit c6f191642a4027909813b4e6e288411f8371e951 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Fri May 29 11:28:52 2015 +0100 target-arm: Add AArch64 CPTR registers Adds CPTR_EL2/3 system registers definitions and access function. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> [PMM: merge CPTR_EL2 and HCPTR definitions into a single def using STATE_BOTH; don't use readfn/writefn to implement RAZ/WI registers; don't use accessfn for the no-EL2 CPTR_EL2; fix cpacr_access logic to catch EL2 accesses to CPACR being trapped to EL3; use new CP_ACCESS_TRAP_EL[23] rather than setting exception.target_el directly] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 38836a2cd47c20daaaa84873e3d6020f19e4bfca Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:28:52 2015 +0100 target-arm: Allow cp access functions to indicate traps to EL2 or EL3 Some coprocessor access functions will need to indicate that the instruction should trap to EL2 or EL3 rather than the default target exception level; add corresponding CPAccessResult enum entries and handling code. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 012a906b19e99b126403ff4a257617dab9b34163 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Fri May 29 11:28:51 2015 +0100 target-arm: Update interrupt handling to use target EL Updated the interrupt handling to utilize and report through the target EL exception field. This includes consolidating and cleaning up code where needed. Target EL is now calculated once in arm_cpu_exec_interrupt() and do_interrupt was updated to use the target_el exception field. The necessary code from arm_excp_target_el() was merged in where needed and the function removed. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Acked-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1429722561-12651-4-git-send-email-greg.bellows@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c63285991b371c031147ad620dd7671662a90303 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:28:51 2015 +0100 target-arm: Make raise_exception() take syndrome and target EL Rather than making every caller of raise_exception set the syndrome and target EL by hand, make these arguments to raise_exception() and have that do the job. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 863b6589d738d0b4c8b283297b0ff228f3d3fb14 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:28:51 2015 +0100 target-arm: Set exception target EL in tlb_fill Set the exception target EL for MMU faults in tlb_fill. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 8c6084bf10fe721929ca94cf16acd6687e61d3ec Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:28:51 2015 +0100 target-arm: Move setting of exception info into tlb_fill Move the code which sets exception information out of arm_cpu_handle_mmu_fault and into tlb_fill. tlb_fill is the only caller which wants to raise_exception() so it makes more sense for it to handle the whole of the exception setup. As part of this cleanup, move the user-mode-only implementation function for the handle_mmu_fault CPU method into cpu.c so we don't need to make it globally visible, and rename the softmmu-only utility function arm_cpu_handle_mmu_fault to arm_tlb_fill so it's clear that it's not the same thing. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit f2932df777dace044719dc2f394f5a5a8aa1b1cd Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:28:50 2015 +0100 target-arm: Set correct syndrome for faults on MSR DAIF*, imm If the SCTLR.UMA trap bit is set then attempts by EL0 to update the PSTATE DAIF bits via "MSR DAIFSet, imm" and "MSR DAIFClr, imm" instructions will raise an exception. We were failing to set the syndrome information for this exception, which meant that it would be reported as a repeat of whatever the previous exception was. Set the correct syndrome information. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit e3b1d480995f6e2e86ef062038e618c1234dbcf1 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Fri May 29 11:28:50 2015 +0100 target-arm: Extend helpers to route exceptions Updated the various helper routines to set the target EL as needed using a dedicated function. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Acked-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1429722561-12651-3-git-send-email-greg.bellows@xxxxxxxxxx [PMM: Also set target_el in fault cases in access_check_cp_reg()] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 737103619869600668cc7e8700e4f6eab3943896 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Fri May 29 11:28:50 2015 +0100 target-arm: Add exception target el infrastructure Add a CPU state exception target EL field that will be used for communicating the EL to which an exception should be routed. Add a disassembly context field for tracking the EL3 architecture needed for determining the target exception EL. Add a target EL argument to the generic exception helper for callers to specify the EL to which the exception should be routed. Extended the helper to set the newly added CPU state exception target el. Added a function for setting the target exception EL and updated calls to helpers to call it. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Acked-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1429722561-12651-2-git-send-email-greg.bellows@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9441aa282bc3213ef0530cab86f318b877bac25c Merge: ba7c388 55a1d80 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 11:23:07 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20150529-1' into staging kbd: add support for brazilian keyboard (two extra keys). input: add virtio-input devices. # gpg: Signature made Fri May 29 10:09:02 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-input-20150529-1: virtio-input: emulated devices [device] virtio-input: core code & base class [device] virtio-input: add linux/input.h kbd: add brazil kbd keys to x11 evdev map kbd: add brazil kbd keys to qemu Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 63c67b6d4462b6589b371d55e3740e9f0dba3281 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Wed May 20 15:35:31 2015 +0200 gtk: Replace gdk_cursor_new() gdk_cursor_new() has been deprecated in GTK 3.16, it is recommended to use gdk_cursor_new_for_display() instead, so do that. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Cole Robinson <crobinso@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 97edf3bd5eab8952d475de66ede77307c12b8c48 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Jan 20 12:43:28 2015 +0100 gtk: add opengl support, using egl This adds opengl rendering support to the gtk ui, using egl. It's off by default for now, use 'qemu -display gtk,gl=on' to play with this. Note that gtk got native opengl support with release 3.16. There most likely will be a separate implementation for 3.16+, using the native gtk opengl support. This patch covers older versions (and for the time being 3.16 too, hopefully without rendering quirks). Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit ba7c388963e099c0d2cedb7f048e30747ffff25d Merge: ce0274f f7a8beb Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 29 10:17:48 2015 +0100 Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20150529-1' into staging spice: misc fixes. # gpg: Signature made Fri May 29 09:16:29 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/spice/tags/pull-spice-20150529-1: spice: fix spice_chr_add_watch() pre-condition spice: don't update mm_time when spice-server is stopped. spice-char: notify the server when chardev is writable virtio-console: notify chardev when writable Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7ced9e9f6da2257224591b91727cfeee4f3977fb Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Jan 6 15:40:00 2015 +0100 ui: add egl-helpers Add helper functions to initialize OpenGL using egl. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 896e1a050a0d333b1f0ec0768cc64e26c5d0d104 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Mon May 11 12:25:23 2015 +0200 ui: shader.h protect against double inclusion Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit dcf30025c3e3d43140a687240433de1920adf8b0 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Mon May 11 12:24:43 2015 +0200 ui: use libexpoxy libepoxy does the opengl extension handling for us. It also is helpful for trouble-shooting as it prints nice error messages instead of silently failing or segfaulting in case we do something wrong, like using gl commands not supported by the current context. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 55a1d80a41032d6133adec041c0096820beaa1b7 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Apr 1 10:06:29 2014 +0200 virtio-input: emulated devices [device] This patch adds the virtio-input-hid base class and virtio-{keyboard,mouse,tablet} subclasses building on the base class. They are hooked up to the qemu input core and deliver input events to the guest like all other hid devices (ps/2 kbd, usb tablet, ...). Using them is as simple as adding "-device virtio-tablet-device" to your command line, for use all transports except pci. virtio-pci support comes as separate patch, once virtio-pci got virtio 1.0 support. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f73ddbad397f98c1d476ffbf93d65af1cfa796e6 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Mar 14 14:39:20 2014 +0100 virtio-input: core code & base class [device] This patch adds virtio-input support to qemu. It brings a abstract base class providing core support, other classes can build on it to actually implement input devices. virtio-input basically sends linux input layer events (evdev) over virtio. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2fe7c31832a345cdc34314cdcd5478d06b884842 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Mar 19 11:55:24 2015 +0100 virtio-input: add linux/input.h Linux input layer (evdev) header file. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 33aa30cafcce053b833f9fe09fbb88e2f54b93aa Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue May 26 13:12:54 2015 +0200 kbd: add brazil kbd keys to x11 evdev map This patch adds the two extra brazilian keys to the evdev keymap for X11. This patch gets the two keys going with the vnc, gtk and sdl1 UIs. The SDL2 library complains it doesn't know these keys, so the SDL2 library must be fixed before we can update ui/sdl2-keymap.h Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b771f470f3e2f99f585eaae68147f0c849fd1f8d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue May 26 10:39:10 2015 +0200 kbd: add brazil kbd keys to qemu The brazilian computer keyboard layout has two extra keys (compared to the usual 105-key intl ps/2 keyboard). This patch makes these two keys known to qemu. For historic reasons qemu has two ways to specify a key: A QKeyCode (name-based) or a number (ps/2 scancode based). Therefore we have to update multiple places to make new keys known to qemu: (1) The QKeyCode definition in qapi-schema.json (2) The QKeyCode <-> number mapping table in ui/input-keymap.c This patch does just that. With this patch applied you can send those two keys to the guest using the send-key monitor command. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f7a8beb5e6a13dc924895244777d9ef08b23b367 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Date: Thu May 28 15:04:58 2015 +0200 spice: fix spice_chr_add_watch() pre-condition Since e02bc6de30c44fd668dc0d6e1cd1804f2eed3ed3, add_watch() is called with G_IO_HUP. Even if spice-qemu-char ignores this flag, the precondition must be changed. https://bugzilla.redhat.com/show_bug.cgi?id=1128992 Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 641381c1fcd66ea8de07ecfcd733089da26cbba9 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue May 12 11:54:34 2015 +0200 spice: don't update mm_time when spice-server is stopped. Skip mm_time updates (in qxl device memory) in case the guest is stopped. Guest isn't able to look anyway, and it causes problems with migration. Also make sure the initial state for spice server is stopped. Reported-by: Dr. David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e95e203c085b7731746e39c9b9f8bd2f6eaa0cd6 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Date: Tue May 5 16:58:56 2015 +0200 spice-char: notify the server when chardev is writable The spice server is polling on write, unless SPICE_CHAR_DEVICE_NOTIFY_WRITABLE flag is set. In this case, qemu must call spice_server_char_device_wakeup() when the frontend is writable. Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 246ca55faff625f4c15e21f3424781e215a254ea Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Date: Tue May 5 16:58:55 2015 +0200 virtio-console: notify chardev when writable When the virtio serial is writable, notify the chardev backend with qemu_chr_accept_input(). Signed-off-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit ce0274f730eacbd24c706523ddbbabb6b95d0659 Author: Fabien Chouteau <chouteau@xxxxxxxxxxx> Date: Sat Feb 7 09:38:45 2015 +0100 Revert "gdbstub: Do not kill target in system emulation mode" The requirements described in this patch are implemented by "Add GDB qAttached support". This reverts commit 00e94dbc7fd0110b0555d59592b004333adfb4b8. Signed-off-by: Fabien Chouteau <chouteau@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a3919386eab91b56e40fb4faead980f57a664b2e Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Sat Feb 7 09:38:44 2015 +0100 Add GDB qAttached support With this patch QEMU handles qAttached request from gdb. When QEMU replies 1, GDB sends a "detach" command at the end of a debugging session otherwise GDB sends "kill". The default value for qAttached is 1 on system emulation and 0 on user emulation. Based on original version by Fabien Chouteau. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4dabe747af0a6bd66a86c2c7879f1882bec43c33 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Sat Feb 7 09:38:43 2015 +0100 gdbstub: Introduce an is is_query_packet helper This helper supports parsing of query packets with optional extensions. The separator can be specified so that we can use it already for both qqemu.sstep[=] and qSupported[:feature]. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 070949f39ee96bd16654e6623ab4ff627d918ba6 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Sat Feb 7 09:38:42 2015 +0100 gdbstub: Fix qOffsets packet detection qOffsets has no additional optional parameters. So match the complete string to avoid stumbling over possible future commands with identical prefix. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a84904737277c2f07c8fbcb69db27451d844f12b Merge: bc3004f 46ca6b3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu May 28 14:57:34 2015 +0100 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20150528' into staging A set of patches add support for vector registers on s390x. Notable: Floating point registers and vector registers overlap, so extra care is needed so that we end up with a consistent state in all cases. # gpg: Signature made Thu May 28 09:37:27 2015 BST using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20150528: s390x: Enable vector processing capability s390x: Migrate vector registers s390x: Add vector registers to ELF dump linux/elf.h update s390x: Add vector registers to HMP output s390x: gdb updates for vector registers gdb-xml: Include XML for s390 vector registers s390x: Store Additional Status SIGP order s390x: Vector Register IOCTLs s390x: Common access to floating point registers Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bc3004f0bb28d36b97eea5ff48922d16b4df7a1f Merge: 0915aed 2bc22a5 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu May 28 11:03:02 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Wed May 27 11:02:55 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: net/net: Record usage status of mac address tap: Improve -netdev/netdev_add/-net/... tap error reporting tap: Finish conversion of tap_open() to Error tap-solaris: Convert tap_open() to Error tap-bsd: Convert tap_open() to Error tap-linux: Convert tap_open() to Error tap: Permit incremental conversion of tap_open() to Error tap: Convert launch_script() to Error tap: Convert net_init_tap_one() to Error tap: Convert tap_set_sndbuf() to Error tap: Improve -netdev/netdev_add/-net/... bridge error reporting tap: net_tap_fd_init() can't fail, drop dead error handling net/dump: Improve -net/host_net_add dump error reporting net: Improve -net nic error reporting net: Permit incremental conversion of init functions to Error net: Improve error message for -net hubport a bit net: Change help text to list -netdev instead of -net by default Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 46ca6b3bc99ebf9205e28ed14c023ebf84d39bb7 Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Thu Oct 30 09:23:06 2014 -0400 s390x: Enable vector processing capability Everything is finally in place, inform the kernel that user space supports vector registers. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit b2ac0ff5d9478907cfd5b204c9179f77d0cb943f Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 10:52:16 2015 -0400 s390x: Migrate vector registers When migrating a guest, be sure to include the vector registers. The vector registers are defined in a subsection, similar to the existing subsection for floating point registers. Since the floating point registers are always present (and thus migrated), we can skip them when performing the migration of the vector registers which may or may not be present. Suggested-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 3ceeb2930faf1116ee4bb22c8a7794bb2337e8a9 Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Thu May 29 14:54:26 2014 -0400 s390x: Add vector registers to ELF dump Create ELF notes for the vector registers where applicable, so that their contents can be examined by utilities such as crash or readelf. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit eeef559ab4a80753b7bf31728780692a3a4e3ec1 Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Wed Nov 12 14:22:55 2014 -0500 linux/elf.h update Sync with kernel elf.h updates to get s390x vector register definitions. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 56c42271495fc5f6c5bd70c4309a74b425c5cbda Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Thu May 29 13:50:37 2014 -0400 s390x: Add vector registers to HMP output There are mechanisms to dump registers via the qemu HMP interface, such as the "info registers" command. Expand this output to dump the new vector registers. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit ca343c7a84fbe457dd442d26d5a01f31e8a8d308 Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Tue Jun 3 08:42:18 2014 -0400 s390x: gdb updates for vector registers gdb allows registers to be displayed/modified, and is being updated to account for the new vector registers. Mirror these changes in the gdb stub in qemu so that this can be performed when gdb is attached to the qemu gdbserver. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 773d4ebc9a31a5e0efbaf83f76715ab40c355384 Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Tue Nov 18 17:03:02 2014 -0500 gdb-xml: Include XML for s390 vector registers Include the vector registers XML file that is provided by gdb, and can be used by the qemu gdbserver interface. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit abec53565dce5ed56bff4968d3bed88f6cf68c3c Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Wed Jan 14 09:57:16 2015 -0500 s390x: Store Additional Status SIGP order Add handling for the Store Additional Status at Address order that exists for the Signal Processor (SIGP) instruction. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit fcb79802e07fe06fe24ba97a027d8a1c3a714fa7 Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Mon Aug 18 15:33:39 2014 -0400 s390x: Vector Register IOCTLs Handle the actual syncing of the vector registers with kernel space, via the get/put register IOCTLs. The vector registers that were introduced with the z13 overlay the existing floating point registers. FP registers 0-15 are the high-halves of vector registers 0-15. Thus, remove the freg fields and replace them with the equivalent vector field to avoid errors in duplication. Moreover, synchronize either the vector registers via kvm_sync_regs, or floating point registers via the GET/SET FPU IOCTLs. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit c498d8e36e2998fb67de21a34ece633d356a4834 Author: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Date: Thu May 7 14:35:44 2015 -0400 s390x: Common access to floating point registers Provide a routine to access the correct floating point register, to simplify future expansion. Suggested-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 2bc22a58e16f0650e56dccfac9495e5aef58e2ef Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Thu May 21 17:44:48 2015 +0800 net/net: Record usage status of mac address Currently QEMU dynamically generates mac address for the NIC which doesn't specify the mac address. But when we hotplug a NIC without specifying mac address, the mac address will increase for the same NIC along with hotplug and hot-unplug, and at last it will overflow. And if we codeplug one NIC with mac address e.g. "52:54:00:12:34:56", then hotplug one NIC without specifying mac address and the mac address of the hotplugged NIC is duplicate of "52:54:00:12:34:56". This patch add a mac_table to record the usage status and free the mac address when the NIC is unrealized. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a308817743be5cc051d3379477f54027deb0befb Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:59:03 2015 +0200 tap: Improve -netdev/netdev_add/-net/... tap error reporting When -netdev tap fails, it first reports a specific error, then a generic one, like this: $ qemu-system-x86_64 -netdev tap,id=foo qemu-system-x86_64: -netdev tap,id=foo: could not configure /dev/net/tun: Operation not permitted qemu-system-x86_64: -netdev tap,id=foo: Device 'tap' could not be initialized With the command line, the messages go to stderr. In HMP, they go to the monitor. In QMP, the second one becomes the error reply, and the first one goes to stderr. Convert net_init_tap() to Error. This suppresses the unwanted second message, and makes the specific error the QMP error reply. [Dropped duplicate "and" from error message as suggested by Eric Blake: "ifname=, script=, downscript=, and vnet_hdr=, " "queues=, and vhostfds= are invalid with helper=" --Stefan] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-16-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 95c35a74fea51e307f6a3967e465a22776056b7e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:59:02 2015 +0200 tap: Finish conversion of tap_open() to Error Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-15-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 576c6eb6700d241c9d4a6883d25720c7bbaaeccd Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:59:01 2015 +0200 tap-solaris: Convert tap_open() to Error Fixes inappropriate use of syslog(). Not fixed: leaks on error paths, suspicious non-fatal errors. FIXMEs added instead. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-14-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 4bce487e14bf8949a91883a3213c2b7fa9d668bc Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:59:00 2015 +0200 tap-bsd: Convert tap_open() to Error Fixes inappropriate use of stderr in monitor command handler. While there, improve some of the messages a bit. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-13-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 47896e2fd3dd80685434b320cb0e10164995e31c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:59 2015 +0200 tap-linux: Convert tap_open() to Error Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-12-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 468dd82408e950d48def28f87e4cffabfd592ace Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:58 2015 +0200 tap: Permit incremental conversion of tap_open() to Error Convert the trivial ones immediately: tap-aix and tap-haiku. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-11-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit ac4fcf5639f44f7d863a35eaa2ad07ff31aabc01 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:57 2015 +0200 tap: Convert launch_script() to Error Fixes inappropriate use of stderr in monitor command handler. While there, improve the messages some. [Fixed Error **err -> Error *err local variable that broke the build. --Stefan] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-10-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 445f116cabe0c4435590244741ac3d0b8f08d91d Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:56 2015 +0200 tap: Convert net_init_tap_one() to Error [Dropped %s from "tap: open vhost char device failed: %s" since error_setg_errno() already prints a human-readable error string and there is no format string argument. --Stefan] Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-9-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 80b832c300c2fc39c68e0ab095d408cb9199cfa0 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:55 2015 +0200 tap: Convert tap_set_sndbuf() to Error Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-8-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a8a21be9855e0bb0947a7325d0d1741a8814f21e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:54 2015 +0200 tap: Improve -netdev/netdev_add/-net/... bridge error reporting When -netdev bridge fails, it first reports a specific error, then a generic one, like this: $ qemu-system-x86_64 -netdev bridge,id=foo failed to launch bridge helper qemu-system-x86_64: -netdev bridge,id=foo: Device 'bridge' could not be initialized The first message goes to stderr. Wrong for HMP, because errors need to go to the monitor there. The second message goes to stderr for -netdev, to the monitor for HMP netdev_add, and becomes the error reply for QMP netdev_add. Convert net_bridge_run_helper() to Error, and propagate its errors through net_init_bridge(). This ensures the error gets reported where the user is, and suppresses the unwanted second message. While there, improve the error messages a bit. The above example becomes: $ qemu-system-x86_64 -netdev bridge,id=foo qemu-system-x86_64: -netdev bridge,id=foo: bridge helper failed net_init_tap() also uses net_bridge_run_helper(). Propagate its errors there as well. Improves reporting these errors with -netdev tap & friends. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-7-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit da4a4eac26381c7fce3f147f3c8a7e7bb483be1e Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:53 2015 +0200 tap: net_tap_fd_init() can't fail, drop dead error handling Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-6-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 3791f83ca999edc2d11eb2006ccc1091cd712c15 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:52 2015 +0200 net/dump: Improve -net/host_net_add dump error reporting When -net dump fails, it first reports a specific error, then a generic one, like this: $ qemu-system-x86_64 -net dump,id=foo,file=/eperm qemu-system-x86_64: -net dump,id=foo,file=/eperm: -net dump: can't open /eperm qemu-system-x86_64: -net dump,id=foo,file=/eperm: Device 'dump' could not be initialized Convert net_init_tap() to Error. This suppresses the unwanted second message. Improve the error messages to include strerror(errno) where appropriate. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-5-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6630886863d4a9b3b7bcb3b0e2895d83eb269c75 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:51 2015 +0200 net: Improve -net nic error reporting When -net nic fails, it first reports a specific error, then a generic one, like this: $ qemu-system-x86_64 -net nic,netdev=nonexistent qemu-system-x86_64: -net nic,netdev=nonexistent: netdev 'nonexistent' not found qemu-system-x86_64: -net nic,netdev=nonexistent: Device 'nic' could not be initialized Convert net_init_nic() to Error to get rid of the unwanted second error message. While there, tidy up an Overcapitalized Error Message. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-4-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a30ecde6e795682d1473c45acae66a60a76fca2f Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:50 2015 +0200 net: Permit incremental conversion of init functions to Error Error reporting for netdev_add is broken: the net_client_init_fun[] report the actual errors with (at best) error_report(), and their caller net_client_init1() makes up a generic error on top. For command line and HMP, this produces an mildly ugly error cascade. In QMP, the actual errors go to stderr, and the generic error becomes the command's error reply. To fix this, we need to convert the net_client_init_fun[] to Error. To permit fixing them one by one, add an Error ** parameter to the net_client_init_fun[]. If the call fails without returning an Error, make up the same generic Error as before. But if it returns one, use that instead. Since none of them does so far, no functional change. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-3-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit ca7eb1848bb06d9b75784d7760b83c7b0beb1102 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Fri May 15 13:58:49 2015 +0200 net: Improve error message for -net hubport a bit Type "hubport" is valid only with -netdev. Unfortunately, that's detected late and the error message doesn't explain why: $ qemu-system-i386 -net hubport,id=foo,hubid=0 qemu-system-i386: -net hubport,id=foo,hubid=0: Device 'hubport' could not be initialized Improve the error message to "Parameter 'type' expects a net type". Not fixed: -net hubport without the parameters required by -netdev hubport still asks for those parameters: $ qemu-system-i386 -net hubport qemu-system-i386: -net hubport: Parameter 'hubid' is missing Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1431691143-1015-2-git-send-email-armbru@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6a8b4a5be21ad4941c8a6a5db1d355a522aea2fb Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Fri May 15 16:58:24 2015 +0200 net: Change help text to list -netdev instead of -net by default Looking at the output of "qemu-system-xxx -help", you easily get the impression that "-net" is the preferred way instead of "-netdev" to specify host network interface, since the "-net" option is omnipresent but the "-netdev" option is only listed as a one-liner at the end. This is ugly since "-net" is considered as legacy and even might be removed one day. Thus, this patch switches the output to explain the host network interfaces with the "-netdev" option instead, moving the old "-net" option into some few lines at the end. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Message-id: 1431701904-12230-1-git-send-email-thuth@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 0915aed5842bd4dbe396b92d4f3b846ae29ad663 Merge: 0d2ed60 cd6cb73 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 26 11:31:03 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Fri May 22 20:58:44 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/ide-pull-request: ahci: do not remap clb/fis unconditionally macio: move unaligned DMA write code into separate pmac_dma_write() function macio: move unaligned DMA read code into separate pmac_dma_read() function qtest: pre-buffer hex nibs libqos/ahci: Swap memread/write with bufread/write qtest: add memset to qtest protocol qtest: Add base64 encoded read/write qtest: allow arbitrarily long sends qtest/ahci: add migrate halted dma test qtest/ahci: add halted dma test qtest/ahci: add flush migrate test qtest/ahci: add migrate dma test qtest/ahci: Add migration test ich9/ahci: Enable Migration libqos: Add migration helpers libqos/ahci: Fix sector set method libqos/ahci: Add halted command helpers glib: remove stale compat functions configure: require glib 2.22 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cd6cb73beb63e5fa62ca8ed540b9d54063b15c44 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:44 2015 -0400 ahci: do not remap clb/fis unconditionally This continues the IOMMU fix from 2.3, where we should not attempt to remap the CLB or FIS RX buffers if the AHCI device is currently running. The same applies to migration: keep our mitts off these registers unless the device is supposed to be on. Does not impact backwards compatibility for the AHCI device. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1431470173-30847-2-git-send-email-jsnow@xxxxxxxxxx commit bd4214fc92090694aefa17882815c6109f0fd70c Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Fri May 22 14:13:44 2015 -0400 macio: move unaligned DMA write code into separate pmac_dma_write() function Similarly switch the macio IDE routines over to use the new function and tidy-up the remaining code as required. [Maintainer edit: printf format codes adjusted for 32/64bit. --js] Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Acked-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1425939893-14404-3-git-send-email-mark.cave-ayland@xxxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 4827ac1e8f8306b24e61b44ea1f2082ea08099bb Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Fri May 22 14:13:44 2015 -0400 macio: move unaligned DMA read code into separate pmac_dma_read() function This considerably helps simplify the complexity of the macio read routines and by switching macio CDROM accesses to use the new code, fixes the issue with the CDROM device being detected intermittently by Darwin/OS X. [Maintainer edit: printf format codes adjusted for 32/64bit. --js] Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxxx> Acked-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1425939893-14404-2-git-send-email-mark.cave-ayland@xxxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 5560b85a31e6f15a8841b66620d9497943094ee4 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:44 2015 -0400 qtest: pre-buffer hex nibs Instead of converting each byte one-at-a-time and then sending each byte over the wire, use sprintf() to pre-compute all of the hex nibs into a single buffer, then send the entire buffer all at once. This gives a moderate speed boost to memread() and memwrite() functions. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-id: 1431021095-7558-2-git-send-email-jsnow@xxxxxxxxxx commit 91d0374a7ffbd6a9cd0ba159c9160d9f26220cf5 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:44 2015 -0400 libqos/ahci: Swap memread/write with bufread/write Where it makes sense, use the new faster primitives. For generally small reads/writes such as for the PRDT and FIS packets, stick with the more wasteful but easier to debug memread/memwrite. For ahci-test (before migration tests): With this patch: real 0m3.675s user 0m2.582s sys 0m1.718s Without any qtest protocol improvements: real 0m14.171s user 0m12.072s sys 0m12.527s Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1430864578-22072-6-git-send-email-jsnow@xxxxxxxxxx commit 4d00796364ec4edab86b08abc38fd644d5e3c0ad Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:44 2015 -0400 qtest: add memset to qtest protocol Previously, memset was just a frontend to write() and only stupidly sent the pattern many times across the wire. Let's not discuss who stupidly wrote it like that in the first place. (Hint: It was me.) Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1430864578-22072-4-git-send-email-jsnow@xxxxxxxxxx commit 7a6a740d8dcc02f5693315d7935b5de9b963bb96 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:44 2015 -0400 qtest: Add base64 encoded read/write For larger pieces of data that won't need to be debugged and viewing the hex nibbles is unlikely to be useful, we can encode data using base64 instead of encoding each byte as %02x, which leads to some space savings and faster reads/writes. For now, the default is left as hex nibbles in memwrite() and memread(). For the purposes of making qtest io easier to read and debug, some callers may want to specify using the old encoding format for small patches of data where the savings from base64 wouldn't be that profound. memwrite/memread use a data encoding that takes 2x the size of the original buffer, but base64 uses "only" (4/3)x, so for larger buffers we can save a decent amount of time and space. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1430864578-22072-3-git-send-email-jsnow@xxxxxxxxxx commit 332cc7e9b39ddb2feacb4c71dcd18c3e5b0c3147 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:43 2015 -0400 qtest: allow arbitrarily long sends qtest currently has a static buffer of size 1024 that if we overflow, ignores the additional data silently which leads to hangs or stream failures. Use glib's string facilities to allow arbitrarily long data, but split this off into a new function, qtest_sendf. Static data can still be sent using qtest_send, which avoids the malloc/copy overhead. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1430864578-22072-2-git-send-email-jsnow@xxxxxxxxxx commit 5d1cf0917b4f1282ac81bb72697713d14c98a876 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:43 2015 -0400 qtest/ahci: add migrate halted dma test Test migrating a halted DMA transaction. Resume, then test data integrity. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-10-git-send-email-jsnow@xxxxxxxxxx commit 189d1b6126625212fbb50ed3a30a3e9e7ba7ca37 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:43 2015 -0400 qtest/ahci: add halted dma test If we're going to test the migration of halted DMA jobs, we should probably check to make sure we can resume them locally as a first step. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-9-git-send-email-jsnow@xxxxxxxxxx commit a606ce50c29561b567995ab663cbb40067623e82 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:43 2015 -0400 qtest/ahci: add flush migrate test Use blkdebug to inject an error on first flush, then attempt to flush on the first guest. When the error halts the VM, migrate to the second VM, and attempt to resume the command. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-8-git-send-email-jsnow@xxxxxxxxxx commit 88e21f9485f0a41603f0af3483ff3f11c95979ab Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:43 2015 -0400 qtest/ahci: add migrate dma test Write to one guest, migrate, and then read from the other. adjust ahci_io to clear any buffers it creates, so that we can use ahci_io safely on both guests knowing we are using empty buffers and not accidentally re-using data. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-7-git-send-email-jsnow@xxxxxxxxxx commit 278128ab06c36341edb2c8b0bfcfd92760f4db52 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:43 2015 -0400 qtest/ahci: Add migration test Notes: * The migration is performed on QOSState objects. * The migration is performed in such a way that it does not assume consistency between the allocators attached to each. That is to say, you can use each QOSState object completely independently and then at an arbitrary point decide to migrate, and the destination object will now be consistent with the memory within the source guest. The source object that was migrated from will have a completely blank allocator. ahci-test.c: - verify_state is added - ahci_migrate is added as a frontend to migrate - test_migrate_sanity test case is added. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-6-git-send-email-jsnow@xxxxxxxxxx commit 04329029a8c539eb5f75dcb6d8b016f0c53a031a Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:43 2015 -0400 ich9/ahci: Enable Migration Lift the flag preventing the migration of the ICH9/AHCI devices. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-5-git-send-email-jsnow@xxxxxxxxxx commit 085248ae87704f1c1e4e1f929f58beca3ba294a2 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:43 2015 -0400 libqos: Add migration helpers libqos.c: -set_context for addressing which commands go where -migrate performs the actual migration malloc.c: - Structure of the allocator is adjusted slightly with a second-tier malloc to make swapping around the allocators easy when we "migrate" the lists from the source to the destination. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-4-git-send-email-jsnow@xxxxxxxxxx commit 455e861cc625891baacf74e66c31a914883b80ca Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:42 2015 -0400 libqos/ahci: Fix sector set method || probably does not mean the same thing as |. Additionally, allow users to submit a prd_size of 0 to indicate that they'd like to continue using the default. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-3-git-send-email-jsnow@xxxxxxxxxx commit 008b6e123ff2ee421112768e838b0b44bc7f6c45 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:42 2015 -0400 libqos/ahci: Add halted command helpers Sometimes we want a command to halt the VM instead of complete successfully, so it'd be nice to let the libqos/ahci functions cope with such scenarios. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1430417242-11859-2-git-send-email-jsnow@xxxxxxxxxx commit 62754b157156c2cd26a00ce534aeec9e74619d95 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:42 2015 -0400 glib: remove stale compat functions Since we're bumping the version to 2.22+, remove the now-stale compat functions. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1431469140-22208-2-git-send-email-jsnow@xxxxxxxxxx commit f40685c62b802c8c3f5c914e8d357dd5c4d4f9cc Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri May 22 14:13:42 2015 -0400 configure: require glib 2.22 This provides g_ptr_array_new_with_free_func, as well as a few other functions that we've been hacking around in glib-compat.h. Cleaning up the compatibility headers will come later. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1431469140-22208-2-git-send-email-jsnow@xxxxxxxxxx commit 0d2ed6039cf86fe3a78671e32b5e3eb17d725762 Merge: bb2fa17 4120201 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 22 17:20:09 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer core and image format patches # gpg: Signature made Fri May 22 16:21:03 2015 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: (22 commits) MAINTAINERS: Split "Block QAPI, monitor, command line" off core MAINTAINERS: Add header files to Block Layer Core section tests: add test case for encrypted qcow2 read/write qemu-io: prompt for encryption keys when required util: allow \n to terminate password input util: move read_password method out of qemu-img into osdep/oslib qcow2/qcow: protect against uninitialized encryption key qemu-iotests: Make debugging python tests easier qemu-iotests: qemu-img info on afl VMDK image with a huge capacity block: Detect multiplication overflow in bdrv_getlength qemu-io: Use getopt() correctly qcow2: style fixes in qcow2-cache.c qcow2: make qcow2_cache_put() a void function qcow2: use a hash to look for entries in the L2 cache qcow2: remove qcow2_cache_find_entry_to_replace() qcow2: use an LRU algorithm to replace entries from the L2 cache qcow2: simplify qcow2_cache_put() and qcow2_cache_entry_mark_dirty() qcow2: use one single memory block for the L2/refcount cache tables vmdk: Fix overflow if l1_size is 0x20000000 vmdk: Fix next_cluster_sector for compressed write ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bb2fa17f182ee0b45b53474f76679944fc891f04 Merge: 8b6db32 9371557 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 22 16:22:42 2015 +0100 Merge remote-tracking branch 'remotes/bkoppelmann/tags/pull-tricore-20150522' into staging TriCore v1.6.1 ISA and missing v1.6 instructions # gpg: Signature made Fri May 22 16:02:45 2015 BST using RSA key ID 6B69CA14 # gpg: Good signature from "Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx>" * remotes/bkoppelmann/tags/pull-tricore-20150522: target-tricore: add RR_DIV and RR_DIV_U instructions of the v1.6 ISA target-tricore: add FRET instructions of the v1.6 ISA target-tricore: add FCALL instructions of the v1.6 ISA target-tricore: add SYS_RESTORE instruction of the v1.6 ISA target-tricore: add RR_CRC32 instruction of the v1.6.1 ISA target-tricore: add SWAPMSK instructions of the v1.6.1 ISA target-tricore: add CMPSWP instructions of the v1.6.1 ISA target-tricore: Add SRC_MOV_E instruction of the v1.6 ISA target-tricore: introduce ISA v1.6.1 feature target-tricore: Add ISA v1.3.1 cpu and fix tc1796 to using v1.3 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4120201d2fcfc24404fe6eb6b761b66bc35bca16 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed May 20 13:23:46 2015 +0200 MAINTAINERS: Split "Block QAPI, monitor, command line" off core Kevin and Stefan asked me to take care of this part. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4c346e0bb9300afe3036560c21baa7fdfb253d9b Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed May 20 12:03:17 2015 +0200 MAINTAINERS: Add header files to Block Layer Core section Suggested-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit f7ac119cfac735b24412db8d53b9be13e5ff23b0 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue May 12 17:09:22 2015 +0100 tests: add test case for encrypted qcow2 read/write Add a simple test case for qemu-iotests that covers read/write with encrypted qcow2 files. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8caf02127e92939fff39b63a7ff1a5834d320191 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue May 12 17:09:21 2015 +0100 qemu-io: prompt for encryption keys when required The qemu-io tool does not check if the image is encrypted so historically would silently corrupt the sectors by writing plain text data into them instead of cipher text. The earlier commit turns this mistake into a fatal abort, so check for encryption and prompt for key when required. This enables us to add unit tests to ensure we don't break the ability of qemu-img to convert existing encrypted qcow2 files into a non-encrypted format. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 6a11d5183fb7564a3d32007b46846312fd61a1c5 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue May 12 17:09:20 2015 +0100 util: allow \n to terminate password input The qemu_read_password() method looks for \r to terminate the reading of the a password. This is what will be seen when reading the password from a TTY. When scripting though, it is useful to be able to send the password via a pipe, in which case we must look for \n to terminate password input. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d57e4e482e3997b1382625c84149ad0b69155fc0 Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue May 12 17:09:19 2015 +0100 util: move read_password method out of qemu-img into osdep/oslib The qemu-img.c file has a read_password() method impl that is used to prompt for passwords on the console, with impls for POSIX and Windows. This will be needed by qemu-io.c too, so move it into the QEMU osdep/oslib files where it can be shared without code duplication Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8336aafae1451d54c81dd2b187b45f7c45d2428e Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Tue May 12 17:09:18 2015 +0100 qcow2/qcow: protect against uninitialized encryption key When a qcow[2] file is opened, if the header reports an encryption method, this is used to set the 'crypt_method_header' field on the BDRVQcow[2]State struct, and the 'encrypted' flag in the BDRVState struct. When doing I/O operations, the 'crypt_method' field on the BDRVQcow[2]State struct is checked to determine if encryption needs to be applied. The crypt_method_header value is copied into crypt_method when the bdrv_set_key() method is called. The QEMU code which opens a block device is expected to always do a check if (bdrv_is_encrypted(bs)) { bdrv_set_key(bs, ....key...); } If code forgets to do this, then 'crypt_method' is never set and so when I/O is performed, QEMU writes plain text data into a sector which is expected to contain cipher text, or when reading, will return cipher text instead of plain text. Change the qcow[2] code to consult bs->encrypted when deciding whether encryption is required, and assert(s->crypt_method) to protect against cases where the caller forgets to set the encryption key. Also put an assert in the set_key methods to protect against the case where the caller sets an encryption key on a block device that does not have encryption Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit aa4f592a1dd9aea5f5c36f6ff4b22b5bd208162a Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon May 18 09:39:12 2015 +0800 qemu-iotests: Make debugging python tests easier Adding "-d" option. The output goes to "tee" so it appears in your console. Also, raise the verbosity of unnitest runner. When testing a topic branch, it's possible that a bug introduced by a code change makes the python test case hang, with debug output, it is much easier to locate the problem. This can also be helpful if you want to watch the progress of a python test, it offers you a way to sense the speed of each test case method you're writing. Note: because there is no easy way to get *both* the verbose output and the output expected by ./check comparison, the case would always fail with an "output mismatch". The sole purpose of using this option is giving developers a quick way to debug when things go wrong. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b93bbf4ee9035ae077679482305d5beb38df4d7d Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri May 15 16:36:06 2015 +0800 qemu-iotests: qemu-img info on afl VMDK image with a huge capacity The image is contributed by Richard W.M. Jones. Cc: Richard W.M. Jones <rjones@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4a9c9ea0d318bec2f67848c5ceaf4ad5bcb91d09 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri May 15 16:36:05 2015 +0800 block: Detect multiplication overflow in bdrv_getlength Bogus image may have a large total_sectors that will overflow the multiplication. For cleanness, fix the return code so the error message will be meaningful. Reported-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b062ad86dcd33ab39be5060b0655d8e13834b167 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Tue May 12 09:10:56 2015 -0600 qemu-io: Use getopt() correctly POSIX says getopt() returns -1 on completion. While Linux happens to define EOF as -1, this definition is not required by POSIX, and there may be platforms where checking for EOF instead of -1 would lead to an infinite loop. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d1b4efe5c4088fd2289e39b95bbdf73b3dcb7432 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon May 11 15:54:59 2015 +0300 qcow2: style fixes in qcow2-cache.c Fix pointer declaration to make it consistent with the rest of the code. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a3f1afb43a09e4577571c044c48f2ba9e6e4ad06 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon May 11 15:54:58 2015 +0300 qcow2: make qcow2_cache_put() a void function This function never receives an invalid table pointer, so we can make it void and remove all the error checking code. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 812e4082cae73e12fd425cace4fd3a715a7c1d32 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon May 11 15:54:57 2015 +0300 qcow2: use a hash to look for entries in the L2 cache The current cache algorithm traverses the array starting always from the beginning, so the average number of comparisons needed to perform a lookup is proportional to the size of the array. By using a hash of the offset as the starting point, lookups are faster and independent from the array size. The hash is computed using the cluster number of the table, multiplied by 4 to make it perform better when there are collisions. In my tests, using a cache with 2048 entries, this reduces the average number of comparisons per lookup from 430 to 2.5. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit fdfbca82a0874916007ca76323cd35f2af8a2ef3 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon May 11 15:54:56 2015 +0300 qcow2: remove qcow2_cache_find_entry_to_replace() A cache miss means that the whole array was traversed and the entry we were looking for was not found, so there's no need to traverse it again in order to select an entry to replace. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 2693310eccccf8351678ddd6f3b050163e51dba0 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon May 11 15:54:55 2015 +0300 qcow2: use an LRU algorithm to replace entries from the L2 cache The current algorithm to evict entries from the cache gives always preference to those in the lowest positions. As the size of the cache increases, the chances of the later elements of being removed decrease exponentially. In a scenario with random I/O and lots of cache misses, entries in positions 8 and higher are rarely (if ever) evicted. This can be seen even with the default cache size, but with larger caches the problem becomes more obvious. Using an LRU algorithm makes the chances of being removed from the cache independent from the position. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit baf07d60f5c5d5d0f0c9e844cde75691f1ceb3d1 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon May 11 15:54:54 2015 +0300 qcow2: simplify qcow2_cache_put() and qcow2_cache_entry_mark_dirty() Since all tables are now stored together, it is possible to obtain the position of a particular table directly from its address, so the operation becomes O(1). Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 72e80b89015bab196f0f0e83b12b0eee75fa0574 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon May 11 15:54:53 2015 +0300 qcow2: use one single memory block for the L2/refcount cache tables The qcow2 L2/refcount cache contains one separate table for each cache entry. Doing one allocation per table adds unnecessary overhead and it also requires us to store the address of each table separately. Since the size of the cache is constant during its lifetime, it's better to have an array that contains all the tables using one single allocation. In my tests measuring freshly created caches with sizes 128MB (L2) and 32MB (refcount) this uses around 10MB of RAM less. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 13c4941cdd8685d28c7e3a09e393a5579b58db46 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Tue May 5 17:28:13 2015 +0800 vmdk: Fix overflow if l1_size is 0x20000000 Richard Jones caught this bug with afl fuzzer. In fact, that's the only possible value to overflow (extent->l1_size = 0x20000000) l1_size: l1_size = extent->l1_size * sizeof(long) => 0x80000000; g_try_malloc returns NULL because l1_size is interpreted as negative during type casting from 'int' to 'gsize', which yields a enormous value. Hence, by coincidence, we get a "not too bad" behavior: qemu-img: Could not open '/tmp/afl6.img': Could not open '/tmp/afl6.img': Cannot allocate memory Values larger than 0x20000000 will be refused by the validation in vmdk_add_extent. Values smaller than 0x20000000 will not overflow l1_size. Cc: qemu-stable@xxxxxxxxxx Reported-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Tested-by: Richard W.M. Jones <rjones@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5e82a31eb967db135fc4e688b134fb0972d62de3 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed May 6 20:23:46 2015 +0800 vmdk: Fix next_cluster_sector for compressed write This fixes the bug introduced by commit c6ac36e (vmdk: Optimize cluster allocation). Sometimes, write_len could be larger than cluster size, because it contains both data and marker. We must advance next_cluster_sector in this case, otherwise the image gets corrupted. Cc: qemu-stable@xxxxxxxxxx Reported-by: Antoni Villalonga <qemu-list@xxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit aacd5650c68ef2e9e19079ba60cb0df51e15880c Author: Christoph Hellwig <hch@xxxxxx> Date: Thu Apr 30 11:44:17 2015 +0200 nvme: support NVME_VOLATILE_WRITE_CACHE feature The SCSI emulation in the Linux NVMe driver really wants to know if a device has a volatile write cache. Given that qemu has moved away from a model where we report the backing store WCE bit to one where the WCE bit is supposed to be part of the migratable guest-visible state we always return 1 here. Signed-off-by: Christoph Hellwig <hch@xxxxxx> Acked-by: Keith Busch <keith.busch@xxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ecbda7a22576591a84f44de1be0150faf6001f1c Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Wed May 6 13:21:51 2015 +0200 qcow2: Flush pending discards before allocating cluster Before a freed cluster can be reused, pending discards for this cluster must be processed. The original assumption was that this was not a problem because discards are only cached during discard/write zeroes operations, which are synchronous so that no concurrent write requests can cause cluster allocations. However, the discard/write zeroes operation itself can allocate a new L2 table (and it has to in order to put zero flags there), so make sure we can cope with the situation. This fixes https://bugs.launchpad.net/bugs/1349972. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 9371557115a734412974f8d4096cbe8a62ca2731 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Mon May 11 14:59:55 2015 +0200 target-tricore: add RR_DIV and RR_DIV_U instructions of the v1.6 ISA Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit 0e045f43c45f675711c3f6836118dc7eabcc2411 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Thu May 7 22:46:50 2015 +0200 target-tricore: add FRET instructions of the v1.6 ISA Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9e14a7b24f4cff93da664fdcfecad41fbd229e2b Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Thu May 7 22:38:16 2015 +0200 target-tricore: add FCALL instructions of the v1.6 ISA Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit bc3551c43308dd77bc1cc9a4e39962b2afd4dffc Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Thu May 7 21:25:42 2015 +0200 target-tricore: add SYS_RESTORE instruction of the v1.6 ISA Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit e5c96c82bc529674b61eacd221734abc2674e264 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Thu May 7 19:55:37 2015 +0200 target-tricore: add RR_CRC32 instruction of the v1.6.1 ISA This instruction was introduced by the new Aurix platform. Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit ddd8cebe3106bdfb2681d8d283296199fd6c7417 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Wed May 6 20:57:10 2015 +0200 target-tricore: add SWAPMSK instructions of the v1.6.1 ISA Those instruction were introduced in the new Aurix platform. Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit 62872ebc38d700ea30b0cd861e40703dccdcae2a Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Wed May 6 20:47:39 2015 +0200 target-tricore: add CMPSWP instructions of the v1.6.1 ISA Those instruction were introduced in the new Aurix platform. Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit fcecf12684e1169653df72ed307ec2a82ca69b18 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Wed May 6 20:22:45 2015 +0200 target-tricore: Add SRC_MOV_E instruction of the v1.6 ISA Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit 6d2afc8a5edc042e4e7c2ceb49f7cabe02aae793 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Wed May 6 20:18:41 2015 +0200 target-tricore: introduce ISA v1.6.1 feature The aurix platform contains of several different cpu models and uses the 1.6.1 ISA. This patch changes the generic aurix model to the more specific tc27x cpu model and sets specific features. Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit fd5ecf31d4c48651de97c1aaf8771762753de9a7 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Sun Mar 22 12:49:12 2015 +0000 target-tricore: Add ISA v1.3.1 cpu and fix tc1796 to using v1.3 Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit 8b6db32a4ec47d1171ccfa21d557096b99f4eef0 Merge: f5790c3 a53f1a9 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 22 13:25:40 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Fri May 22 10:00:53 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: (38 commits) block: get_block_status: use "else" when testing the opposite condition qemu-iotests: Test unaligned sub-block zero write block: Fix NULL deference for unaligned write if qiov is NULL Revert "block: Fix unaligned zero write" block: align bounce buffers to page block: minimal bounce buffer alignment block: return EPERM on writes or discards to read-only devices configure: Add workaround for ccache and clang configure: silence glib unknown attribute __alloc_size__ configure: factor out supported flag check configure: handle clang -nopie argument warning block/parallels: improve image writing performance further block/parallels: optimize linear image expansion block/parallels: add prealloc-mode and prealloc-size open paramemets block/parallels: delay writing to BAT till bdrv_co_flush_to_os block/parallels: create bat_entry_off helper block/parallels: improve image reading performance iotests, parallels: check for incorrectly closed image in tests block/parallels: implement incorrect close detection block/parallels: implement parallels_check method of block driver ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f5790c3bc81702c98c7ddadedb274758cff8cbe7 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 22 12:30:13 2015 +0100 Revert "target-alpha: Add vector implementation for CMPBGE" This reverts commit 32ad48abd74a997220b841e4e913edeb267aa362. Unfortunately the SSE2 code here fails to compile on some versions of gcc: target-alpha/int_helper.c:77:24: error: invalid operands to binary >= (have '__vector(16) unsigned char' and '__vector(16) unsigned char') Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 27e1259a69c49ee2dd53385f4ca4ca14b822191d Merge: 9e549d3 32ad48a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 22 10:06:33 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-axp-20150521' into staging Rewrite fp exceptions # gpg: Signature made Thu May 21 18:35:52 2015 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-axp-20150521: target-alpha: Add vector implementation for CMPBGE target-alpha: Rewrite helper_zapnot target-alpha: Raise IOV from CVTQL target-alpha: Suppress underflow from CVTTQ if DNZ target-alpha: Raise EXC_M_INV properly for fp inputs target-alpha: Disallow literal operand to 1C.30 to 1C.37 target-alpha: Implement WH64EN target-alpha: Fix integer overflow checking insns target-alpha: Fix cvttq vs inf target-alpha: Fix cvttq vs large integers target-alpha: Raise IOV from CVTTQ target-alpha: Set EXC_M_SWC for exceptions from /S insns target-alpha: Set fpcr_exc_status even for disabled exceptions target-alpha: Tidy FPCR representation target-alpha: Set PC correctly for floating-point exceptions target-alpha: Forget installed round mode after MT_FPCR target-alpha: Rename floating-point subroutines target-alpha: Move VAX helpers to a new file Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a53f1a95f9605f300fbafbc8b60b8a8c67e9c4b4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu May 14 12:35:02 2015 +0200 block: get_block_status: use "else" when testing the opposite condition A bit of Boolean algebra (and common sense) tells us that the second "if" here is looking for blocks that are not allocated. This is the opposite of the "if" that sets BDRV_BLOCK_ALLOCATED, and thus it can use an "else". Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1431599702-10431-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit ab53c44718305d3fde3d9d2251889f1cab694be2 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed May 13 13:12:01 2015 +0000 qemu-iotests: Test unaligned sub-block zero write Test zero write in byte range 512~1024 for 4k alignment. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1431522721-3266-4-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 9eeb6dd1b27bd57eb4e3869290e87feac8e8b226 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed May 13 13:12:00 2015 +0000 block: Fix NULL deference for unaligned write if qiov is NULL For zero write, callers pass in NULL qiov (qemu-io "write -z" or scsi-disk "write same"). Commit fc3959e466 fixed bdrv_co_write_zeroes which is the common case for this bug, but it still exists in bdrv_aio_write_zeroes. A simpler fix would be in bdrv_co_do_pwritev which is the NULL dereference point and covers both cases. So don't access it in bdrv_co_do_pwritev in this case, use three aligned writes. [Initialize ret to 0 in bdrv_co_do_zero_pwritev() to avoid uninitialized variable warning with gcc 4.9.2. --Stefan] Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1431522721-3266-3-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d01c07f2221ca39ab2dd9e55932d99db98103b30 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed May 13 13:11:59 2015 +0000 Revert "block: Fix unaligned zero write" This reverts commit fc3959e4669a1c2149b91ccb05101cfc7ae1fc05. The core write code already handles the case, so remove this duplication. Because commit 61007b316 moved the touched code from block.c to block/io.c, the change is manually reverted. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1431522721-3266-2-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 459b4e66129d091a11e9886ecc15a8bf9f7f3d92 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue May 12 17:30:56 2015 +0300 block: align bounce buffers to page The following sequence int fd = open(argv[1], O_RDWR | O_CREAT | O_DIRECT, 0644); for (i = 0; i < 100000; i++) write(fd, buf, 4096); performs 5% better if buf is aligned to 4096 bytes. The difference is quite reliable. On the other hand we do not want at the moment to enforce bounce buffering if guest request is aligned to 512 bytes. The patch changes default bounce buffer optimal alignment to MAX(page size, 4k). 4k is chosen as maximal known sector size on real HDD. The justification of the performance improve is quite interesting. From the kernel point of view each request to the disk was split by two. This could be seen by blktrace like this: 9,0 11 1 0.000000000 11151 Q WS 312737792 + 1023 [qemu-img] 9,0 11 2 0.000007938 11151 Q WS 312738815 + 8 [qemu-img] 9,0 11 3 0.000030735 11151 Q WS 312738823 + 1016 [qemu-img] 9,0 11 4 0.000032482 11151 Q WS 312739839 + 8 [qemu-img] 9,0 11 5 0.000041379 11151 Q WS 312739847 + 1016 [qemu-img] 9,0 11 6 0.000042818 11151 Q WS 312740863 + 8 [qemu-img] 9,0 11 7 0.000051236 11151 Q WS 312740871 + 1017 [qemu-img] 9,0 5 1 0.169071519 11151 Q WS 312741888 + 1023 [qemu-img] After the patch the pattern becomes normal: 9,0 6 1 0.000000000 12422 Q WS 314834944 + 1024 [qemu-img] 9,0 6 2 0.000038527 12422 Q WS 314835968 + 1024 [qemu-img] 9,0 6 3 0.000072849 12422 Q WS 314836992 + 1024 [qemu-img] 9,0 6 4 0.000106276 12422 Q WS 314838016 + 1024 [qemu-img] and the amount of requests sent to disk (could be calculated counting number of lines in the output of blktrace) is reduced about 2 times. Both qemu-img and qemu-io are affected while qemu-kvm is not. The guest does his job well and real requests comes properly aligned (to page). Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1431441056-26198-3-git-send-email-den@xxxxxxxxxx CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 4196d2f0308cb1ae13ed450424ab7dfe154acda9 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue May 12 17:30:55 2015 +0300 block: minimal bounce buffer alignment The patch introduces new concept: minimal memory alignment for bounce buffers. Original so called "optimal" value is actually minimal required value for aligment. It should be used for validation that the IOVec is properly aligned and bounce buffer is not required. Though, from the performance point of view, it would be better if bounce buffer or IOVec allocated by QEMU will be aligned stricter. The patch does not change any alignment value yet. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> Message-id: 1431441056-26198-2-git-send-email-den@xxxxxxxxxx CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit eaf5fe2dd4ec001d645ff3b343f466457badaa64 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu May 7 17:45:48 2015 +0200 block: return EPERM on writes or discards to read-only devices This is the behavior in the operating system, for example Linux's blkdev_write_iter has the following: if (bdev_read_only(I_BDEV(bd_inode))) return -EPERM; This does not apply to opening a device for read/write, when the device only supports read-only operation. In this case any of EACCES, EPERM or EROFS is acceptable depending on why writing is not possible. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1431013548-22492-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit fd0e60530f10078f488fa3e9591cc7db5732989c Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Mar 25 18:57:39 2015 -0400 configure: Add workaround for ccache and clang Test if ccache is interfering with semantic analysis of macros, disable its habit of trying to compile already pre-processed versions of code if so. ccache attempts to save time by compiling pre-processed versions of code, but this disturbs clang's static analysis enough to produce false positives. ccache allows us to disable this feature, opting instead to compile the original version instead of its preprocessed version. This makes ccache much slower for cache misses, but at least it becomes usable with QEMU/clang. This workaround only activates for users using ccache AND clang, and only if their configuration is observed to be producing warnings. You may need to clear your ccache for builds started without -Werror, as those may continue to produce warnings from the cache. Thanks to Peter Eisentraut for his writeup on the issue: http://peter.eisentraut.org/blog/2014/12/01/ccache-and-clang-part-3/ Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427324259-1481-5-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit bbbf2e04e5ea347d877c7fa8ee02e4bb647a48fc Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Mar 25 18:57:38 2015 -0400 configure: silence glib unknown attribute __alloc_size__ The glib headers use GCC attributes. Unfortunately the __GNUC__ and __GNUC_MINOR__ version macros are also defined by clang, but clang doesn't support the same attributes as GCC. clang 3.5.0 does not support the __alloc_size__ attribute: https://github.com/llvm-mirror/clang/commit/c047507a9a79e89fc8339e074fa72822a7e7ea73 The following warning is produced: gstrfuncs.h:257:44: warning: unknown attribute '__alloc_size__' ignored [-Wunknown-attributes] G_GNUC_MALLOC G_GNUC_ALLOC_SIZE(2); gmacros.h:67:45: note: expanded from macro 'G_GNUC_ALLOC_SIZE' #define G_GNUC_ALLOC_SIZE(x) __attribute__((__alloc_size__(x))) This patch checks whether glib headers cause warnings and disables -Wunknown-attributes if it is able to. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427324259-1481-4-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 93b25869228a3c0c632a6aa66624cc4e549ba14a Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Mar 25 18:57:37 2015 -0400 configure: factor out supported flag check Factor out the function that checks if a compiler flag is supported or not. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427324259-1481-3-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e4a7b344df40b1f4b2e732ddb0d68079ce658d89 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Mar 25 18:57:36 2015 -0400 configure: handle clang -nopie argument warning gcc 4.9.2 treats -nopie as an error: cc: error: unrecognized command line option â??-nopieâ?? clang 3.5.0 treats -nopie as a warning: clang: warning: argument unused during compilation: '-nopie' The causes ./configure to fail with clang: ERROR: configure test passed without -Werror but failed with -Werror. Make the -nopie test use -Werror so that compile_prog works for both gcc and clang. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427324259-1481-2-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit ddd2ef2ce8d693b6e2635a0c20f65744641ff8df Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:47:00 2015 +0300 block/parallels: improve image writing performance further Try to perform IO for the biggest continuous block possible. All blocks abscent in the image are accounted in the same type and preallocation is made for all of them at once. The performance for sequential write is increased from 200 Mb/sec to 235 Mb/sec on my SSD HDD. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-28-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 19f5dc15912dfb6af06c97e4975023e545e85c72 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:59 2015 +0300 block/parallels: optimize linear image expansion Plain image expansion spends a lot of time to update image file size. This seriously affects the performance. The following simple test qemu_img create -f parallels -o cluster_size=64k ./1.hds 64G qemu_io -n -c "write -P 0x11 0 1024M" ./1.hds could be improved if the format driver will pre-allocate some space in the image file with a reasonable chunk. This patch preallocates 128 Mb using bdrv_write_zeroes, which should normally use fallocate() call inside. Fallback to older truncate() could be used as a fallback using image open options thanks to the previous patch. The benefit is around 15%. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Karan <rkagan@xxxxxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-27-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d61790112fa861fbbbb02b53f9c3beb9ca7f8419 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:58 2015 +0300 block/parallels: add prealloc-mode and prealloc-size open paramemets This is preparational commit for tweaks in Parallels image expansion. The idea is that enlarge via truncate by one data block is slow. It would be much better to use fallocate via bdrv_write_zeroes and expand by some significant amount at once. Original idea with sequential file writing to the end of the file without fallocate/truncate would be slower than this approach if the image is expanded with several operations: - each image expanding means file metadata update, i.e. filesystem journal write. Truncate/write to newly truncated space update file metadata twice thus truncate removal helps. With fallocate call inside bdrv_write_zeroes file metadata is updated only once and this should happen infrequently thus this approach is the best one for the image expansion - tail writes are ordered, i.e. the guest IO queue could not be sent immediately to the host introducing additional IO delays This patch just adds proper parameters into BDRVParallelsState and performs options parsing in parallels_open. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-26-git-send-email-den@xxxxxxxxxx CC: Roman Kagan <rkagan@xxxxxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 0d31c7c200b3dca2aeeaa6f74ff3fd539aad803a Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:57 2015 +0300 block/parallels: delay writing to BAT till bdrv_co_flush_to_os The idea is that we do not need to immediately sync BAT to the image as from the guest point of view there is a possibility that IO is lost even in the physical controller until flush command was finished. bdrv_co_flush_to_os is exactly the right place for this purpose. Technically the patch uses loaded BAT data as a cache and performs actual on-disk metadata updates in parallels_co_flush_to_os callback. This patch speed ups qemu-img create -f parallels -o cluster_size=64k ./1.hds 64G qemu-io -f parallels -c "write -P 0x11 0 1024k" 1.hds writing from 50-60 Mb/sec to 80-90 Mb/sec on rotational media and from 160 Mb/sec to 190 Mb/sec on SSD disk. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-25-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 2d68e22e94e8bc5a0d32a38b53c592c320db8261 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:56 2015 +0300 block/parallels: create bat_entry_off helper calculate offset of the BAT entry in the image file. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-24-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6953d920784466dfaea77f7cfd23df2ad8b772a0 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:55 2015 +0300 block/parallels: improve image reading performance Try to perform IO for the biggest continuous block possible. The performance for sequential read is increased from 220 Mb/sec to 360 Mb/sec for continous image on my SSD HDD. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-23-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit a6be831e99f89d72a8c4a114347d5512c326af29 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:54 2015 +0300 iotests, parallels: check for incorrectly closed image in tests Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-22-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 6dd6b9f1440c37811ad963b49a48bf80a8bde377 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:53 2015 +0300 block/parallels: implement incorrect close detection The software driver must set inuse field in Parallels header to 0x746F6E59 when the image is opened in read-write mode. The presence of this magic in the header on open forces image consistency check. There is an unfortunate trick here. We can not check for inuse in parallels_check as this will happen too late. It is possible to do that for simple check, but during the fix this would always report an error as the image was opened in BDRV_O_RDWR mode. Thus we save the flag in BDRVParallelsState for this. On the other hand, nothing should be done to clear inuse in parallels_check. Generic close will do the job right. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-21-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 49ad6467313d17486af9029413debb709dc971a8 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:52 2015 +0300 block/parallels: implement parallels_check method of block driver The check is very simple at the moment. It calculates necessary stats and fix only the following errors: - space leak at the end of the image. This would happens due to preallocation - clusters outside the image are zeroed. Nothing else could be done here Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-20-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 23d6bd3bd1225e8c8ade6ed829eabcf90ddfa6f7 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:51 2015 +0300 block/parallels: move parallels_open/probe to the very end of the file This will help to avoid forward declarations for upcoming parallels_check Some very obvious formatting fixes were made to the moved code to make checkpatch happy. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-19-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 9eae9cca95e76afc2f2288a665e08a64953f2820 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:50 2015 +0300 block/parallels: read parallels image header and BAT into single buffer This metadata cache would allow to properly batch BAT updates to disk in next patches. These updates will be properly aligned to avoid read-modify-write transactions on block level. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-18-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit dd97cdc064f24484a2ebc141a4ec6bba35f56007 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:49 2015 +0300 block/parallels: keep BAT bitmap data in little endian in memory This will allow to use this data as buffer to BAT update directly without any intermediate buffers. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-17-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 555cc9d9fc5c71be6bd3f288eaf1e5628732088f Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:48 2015 +0300 block/parallels: create bat2sect helper deduplicate copy/paste arithmetcs Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-16-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 369f7de9d57e4dd2f312255fc12271d5749c0a4e Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:47 2015 +0300 block/parallels: rename catalog_ names to bat_ BAT means 'block allocation table'. Thus this name is clean and shorter on writing. Some obvious formatting fixes in the old code were made to make checkpatch happy. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-15-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit cc5690f20fcc075940a213380b362ae2054c03ba Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:46 2015 +0300 parallels: change copyright information in the image header Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-14-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit ca9c4e0675f9cb98138e1069605114f45746d985 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:45 2015 +0300 iotests, parallels: test for newly created parallels image via qemu-img Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-13-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 74cf6c5026fef6e327f09786445f626df02cbdf0 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:44 2015 +0300 block/parallels: support parallels image creation Do not even care to create WithoutFreeSpace image, it is obsolete. Always create WithouFreSpacExt one. The code also does not spend a lot of efforts to fill cylinders and heads fields, they are not used actually in a real life neither in QEMU nor in Parallels products. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-12-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 50ffd8fd3cfceede87cec1f7f9a04cd7b9147271 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:43 2015 +0300 iotests, parallels: test for write into Parallels image Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-11-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5a41e1fa95f379e236883f38dacda292f6c48e6f Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:42 2015 +0300 block/parallels: _co_writev callback for Parallels format Support write on Parallels images. The code is almost the same as one in the previous patch implemented scatter-gather IO for read. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-10-git-send-email-den@xxxxxxxxxx CC: Roman Kagan <rkagan@xxxxxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d0e61ce56d1520cade573eb344fdb136993d2279 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:41 2015 +0300 block/parallels: mark parallels format driver as zero inited From the guest point of view unallocated blocks are zeroed. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-9-git-send-email-den@xxxxxxxxxx CC: Roman Kagan <rkagan@xxxxxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 912f31281a683a24b552a8cc6c293ab389b62013 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:40 2015 +0300 block/parallels: replace magic constants 4, 64 with proper sizeofs simple purification.. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-8-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 481fb9cf18925eab19e4af8a44bd86b82eb897ad Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:39 2015 +0300 block/parallels: provide _co_readv routine for parallels format driver Main approach is taken from qcow2_co_readv. The patch drops coroutine lock for the duration of IO operation and peforms normal scatter-gather IO using standard QEMU backend. The patch also adds comment about locking considerations in the driver. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Message-id: 1430207220-24458-7-git-send-email-den@xxxxxxxxxx CC: Roman Kagan <rkagan@xxxxxxxxxxxxx> CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit dd3bed16ff229496b30cc77224b0c0ae645c4dae Author: Roman Kagan <rkagan@xxxxxxxxxxxxx> Date: Tue Apr 28 10:46:38 2015 +0300 block/parallels: add get_block_status Implement VFS method for get_block_status to Parallels format driver. qemu_co_mutex_lock is not necessary yet (the driver is read-only) but will be necessary very soon when write will be supported. Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Message-id: 1430207220-24458-6-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 9de9da17d8304576e8402697bcee72c88ce499b8 Author: Roman Kagan <rkagan@xxxxxxxxxxxxx> Date: Tue Apr 28 10:46:37 2015 +0300 block/parallels: read up to cluster end in one go Teach parallels_read() to do reads in coarser granularity than just a single sector: if requested, read up to the cluster end in one go. Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1430207220-24458-5-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 2944256997dd8b080f8b0cc062e4b663cb2ec09c Author: Roman Kagan <rkagan@xxxxxxxxxxxxx> Date: Tue Apr 28 10:46:36 2015 +0300 block/parallels: switch to bdrv_read Switch the .bdrv_read method implementation from using bdrv_pread() to bdrv_read() on the underlying file, since the latter is subject to i/o throttling while the former is not. Besides, since bdrv_read() operates in sectors rather than bytes, adjust the helper functions to do so too. Signed-off-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Denis V. Lunev <den@xxxxxxxxxx> Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Message-id: 1430207220-24458-4-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> CC: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 0789890467d30e2ab10d84b5398bdc903db8cb91 Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:35 2015 +0300 block/parallels: rename parallels_header to ParallelsHeader this follows QEMU coding convention Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1430207220-24458-3-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit d134cf73b10e9d0283e1d2531299c8f9ab13b5eb Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 28 10:46:34 2015 +0300 iotests, parallels: quote TEST_IMG in 076 test to be path-safe suggested by Jeff Cody Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> Reviewed-by: Roman Kagan <rkagan@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1430207220-24458-2-git-send-email-den@xxxxxxxxxx CC: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 32ad48abd74a997220b841e4e913edeb267aa362 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Aug 18 10:19:06 2014 -0700 target-alpha: Add vector implementation for CMPBGE While conditionalized on SSE2, it's a "portable" gcc generic vector implementation, which could be enabled on other hosts. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 8d8d324e3424bf891d41e9c7758dcc09cf3c38b9 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Jul 15 12:07:05 2014 -0700 target-alpha: Rewrite helper_zapnot This form produces significantly smaller code on x86_64. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9e549d36e989b14423279fb991b71728a2a4ae7c Merge: eba05e9 0ef705a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu May 21 09:07:19 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-20150520-1' into staging vnc: misc fixes. # gpg: Signature made Wed May 20 09:32:45 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vnc-20150520-1: qemu-sockets: Report explicit error if unlink fails vnc: Tweak error when init fails vnc: Don't assert if opening unix socket fails ui: remove check for failure of qemu_acl_init() Strip brackets from vnc host Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0ef705a2653f09c15e44a644a98b6febc761431e Author: Cole Robinson <crobinso@xxxxxxxxxx> Date: Tue May 5 11:07:19 2015 -0400 qemu-sockets: Report explicit error if unlink fails Consider this case: $ ls -ld ~/root-owned/ drwx--x--x. 2 root root 4096 Apr 29 12:55 /home/crobinso/root-owned/ $ ls -l ~/root-owned/foo.sock -rwxrwxrwx. 1 crobinso crobinso 0 Apr 29 12:55 /home/crobinso/root-owned/foo.sock $ qemu-system-x86_64 -vnc unix:~/root-owned/foo.sock qemu-system-x86_64: -vnc unix:/home/crobinso/root-owned/foo.sock: Failed to start VNC server: Failed to bind socket to /home/crobinso/root-owned/foo.sock: Address already in use ...which is techinically true, but the real error is that we failed to unlink. So report it. This may seem pathological but it's a real possibility via libvirt. Signed-off-by: Cole Robinson <crobinso@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit bc119048d7377ec8335ecde5946df629a1b72b46 Author: Cole Robinson <crobinso@xxxxxxxxxx> Date: Tue May 5 11:07:18 2015 -0400 vnc: Tweak error when init fails Before: qemu-system-x86_64: -display vnc=unix:/root/foo.sock: Failed to start VNC server on `(null)': Failed to bind socket to /root/foo.sock: Permission denied After: qemu-system-x86_64: -display vnc=unix:/root/foo.sock: Failed to start VNC server: Failed to bind socket to /root/foo.sock: Permission denied Rather than tweak the string possibly show unix: value as well, just drop the explicit display reporting. We already get the cli string in the error message, that should be sufficient. Signed-off-by: Cole Robinson <crobinso@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 3d00ac1a2ee0294fc3d460e6013a5cdd9c73ea6c Author: Cole Robinson <crobinso@xxxxxxxxxx> Date: Tue May 5 11:07:17 2015 -0400 vnc: Don't assert if opening unix socket fails Reproducer: $ qemu-system-x86_64 -display vnc=unix:/root/i-cant-access-you.sock qemu-system-x86_64: iohandler.c:60: qemu_set_fd_handler2: Assertion `fd >= 0' failed. Aborted (core dumped) Signed-off-by: Cole Robinson <crobinso@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2b2c1a38eeaba5d8bfe92281e9e680361e09ee3b Author: Daniel P. Berrange <berrange@xxxxxxxxxx> Date: Fri May 1 11:44:46 2015 +0100 ui: remove check for failure of qemu_acl_init() The qemu_acl_init() function has long since stopped being able to return NULL, since g_malloc will abort on OOM. As such the checks for NULL were unreachable code. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 274c3b52e10466a4771d591f6298ef61e8354ce0 Author: Ján Tomko <jtomko@xxxxxxxxxx> Date: Mon Apr 27 17:03:14 2015 +0200 Strip brackets from vnc host Commit v2.2.0-1530-ge556032 vnc: switch to inet_listen_opts bypassed the use of inet_parse in inet_listen, making literal IPv6 addresses enclosed in brackets fail: qemu-kvm: -vnc [::1]:0: Failed to start VNC server on `(null)': address resolution failed for [::1]:5900: Name or service not known Strip the brackets to make it work again. Signed-off-by: Ján Tomko <jtomko@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit eba05e922e8e7f307bc5d4104a78797e55124e97 Merge: fdbe454 a48da7b Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 14:10:33 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-serial-20150519-1' into staging serial: fix multi-pci card error cleanup. # gpg: Signature made Tue May 19 11:47:29 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-serial-20150519-1: serial: fix multi-pci card error cleanup. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a48da7b5bc1f0c98e7a124337140efd47049066c Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed May 6 12:58:19 2015 +0200 serial: fix multi-pci card error cleanup. Put the number of serial ports into a local variable in multi_serial_pci_realize, then increment the port count (pci->ports) as we initialize the serial port cores. Now pci->ports always holds the number of successfully initialized ports and we can use multi_serial_pci_exit to properly cleanup the already initialized bits in case of a init failure. https://bugzilla.redhat.com/show_bug.cgi?id=970551 Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit fdbe454a242105fcfe48b9c44b5499b80ff84160 Merge: faa261a 176c324 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 11:47:03 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20150519-1' into staging hw/display: qomify vga cards # gpg: Signature made Tue May 19 11:23:09 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-vga-20150519-1: vga-pci: QOMify qxl: QOMify cirrus_vga: QOMify Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 176c324febd76d6f164347583f5af35b3cb4e5fb Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue May 12 17:27:08 2015 +0800 vga-pci: QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit c69f6c7dcf6164ee0ee3b00bec27dfdec4e8b661 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue May 12 17:27:10 2015 +0800 qxl: QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit d338bae33a76d02678ea706622dfcc26b8b8325c Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue May 12 17:27:09 2015 +0800 cirrus_vga: QOMify QOMify pci-cirrus-vga like isa-cirrus-vga device. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit faa261a7fb254866bdd5b6a25ad94677945f21b4 Merge: 62bf3df b4c6a11 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 10:25:59 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20150519' into staging cocoa queue: * fix various issues with full screen in the OSX UI * set an icon for our binary file * add entries to the View menu for QEMU consoles * fix various warnings that are produced when building on 10.10 (largely deprecated interfaces) # gpg: Signature made Tue May 19 09:17:23 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-cocoa-20150519: ui/cocoa: Add console items to the View menu ui/cocoa: Avoid deprecated NSOKButton/NSCancelButton constants ui/cocoa: Don't use NSWindow useOptimizedDrawing on OSX 10.10 and up ui/cocoa: Declare that QemuCocoaAppController implements NSApplicationDelegate ui/cocoa: openPanelDidEnd returnCode should be NSInteger, not int ui/cocoa: Remove compatibility ifdefs for OSX 10.4 ui/cocoa: Drop tests for CGImageCreateWithImageInRect support Makefile.target: set icon for binary file on Mac OS X ui/cocoa: Make -full-screen option work on Mac OS X ui/cocoa: Fix several full screen issues on Mac OS X Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b4c6a112dcfa1d24b905e6cccc763e02000937f1 Author: Programmingkid <programmingkidx@xxxxxxxxx> Date: Tue May 19 09:11:18 2015 +0100 ui/cocoa: Add console items to the View menu Add any console that is available to the current emulator as a menu item under the View menu. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> [PMM: Adjusted to apply after zoom-to-fit menu item was added; create the View menu at the same time as all the others, and only add the dynamically-determined items to it later] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8617989eae7398e9e782a73857fc53a548692b31 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 09:11:18 2015 +0100 ui/cocoa: Avoid deprecated NSOKButton/NSCancelButton constants In OSX 10.10, the NSOKButton and NSCancelButton constants are deprecated and provoke compiler warnings. Avoid them by using the NSFileHandlingPanelCancelButton and NSFileHandlingPanelOKButton constants instead. These are the documented correct constants for the 10.6-and-up beginSheetModalForWindow API we use. We also use the same method for the pre-10.6 compatibility code path, but conveniently the constant values are the same and the constant names have been present since 10.0. Preferring the constant names that match the non-legacy API makes more sense anyway. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1431296361-16981-7-git-send-email-peter.maydell@xxxxxxxxxx commit 81801ae21333d81a8e7887bc6b11c601b6ecbee6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 09:11:18 2015 +0100 ui/cocoa: Don't use NSWindow useOptimizedDrawing on OSX 10.10 and up Starting in OSX 10.10, NSWindow useOptimizedDrawing is deprecated, so don't use it there. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1431296361-16981-6-git-send-email-peter.maydell@xxxxxxxxxx commit 2a4c8c53dabf564142d5329b9ff8a82468324fd6 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 09:11:18 2015 +0100 ui/cocoa: Declare that QemuCocoaAppController implements NSApplicationDelegate Our class QemuCocoaAppController implements the NSApplicationDelegate interface, and we pass an object of this class to [NSApp setDelegate]. However, we weren't declaring in the class definition that we implemented this interface; in OSX 10.10 this provokes the following (slighly misleading) warning: ui/cocoa.m:1031:24: warning: sending 'QemuCocoaAppController *' to parameter of incompatible type 'id<NSFileManagerDelegate>' [NSApp setDelegate:appController]; ^~~~~~~~~~~~~ /System/Library/Frameworks/Foundation.framework/Headers/NSFileManager.h:109:47: note: passing argument to parameter 'delegate' here @property (assign) id <NSFileManagerDelegate> delegate NS_AVAILABLE(10_5, 2_0); ^ Annoyingly, this interface wasn't formally defined until OSX 10.6, so we have to surround the relevant part of the @interface line with an ifdef. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1431296361-16981-5-git-send-email-peter.maydell@xxxxxxxxxx commit de1aadee289722478c19f211f0fa3a38e7e66b6f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 09:11:18 2015 +0100 ui/cocoa: openPanelDidEnd returnCode should be NSInteger, not int The type for openPanelDidEnd's returnCode argument should be NSInteger, not int. This only matters for the OSX 10.5 code path where we pass the method directly to an OSX function to call. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1431296361-16981-4-git-send-email-peter.maydell@xxxxxxxxxx commit 89424ff32f5c106f90627c7abe019c81c716fd13 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 09:11:17 2015 +0100 ui/cocoa: Remove compatibility ifdefs for OSX 10.4 Remove compatibility ifdefs that work around OSX 10.4 not providing various typedefs and functions. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1431296361-16981-3-git-send-email-peter.maydell@xxxxxxxxxx commit b63901d84cc22a06f82900620fdbe01ff16511ec Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 19 09:11:17 2015 +0100 ui/cocoa: Drop tests for CGImageCreateWithImageInRect support The code that tries to test at both compiletime and runtime for whether CGImageCreateWithImageInRect is supported provokes a compile warning on OSX 10.3: ui/cocoa.m:378:13: warning: comparison of function 'CGImageCreateWithImageInRect' equal to a null pointer is always false[-Wtautological-pointer-compare] if (CGImageCreateWithImageInRect == NULL) { // test if "CGImageCreateWithImageInRect" is supported on host at runtime ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~ The simplest way to deal with this is just to drop this code, since we don't in practice support OSX 10.4 anyway. (10.5 was released in 2007 and is the last PPC version, so is the earliest we really need to continue to support at all.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1431296361-16981-2-git-send-email-peter.maydell@xxxxxxxxxx commit 4e34017c21485e5606beda7e6218c36d3568b363 Author: Programmingkid <programmingkidx@xxxxxxxxx> Date: Tue May 19 09:11:17 2015 +0100 Makefile.target: set icon for binary file on Mac OS X Implements setting the icon for the binary file in Mac OS X. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> [PMM: tweaked makefile to use $@ and quiet-command] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 43227af88a36faed50cedb0c7cef71a49c0be9d2 Author: Programmingkid <programmingkidx@xxxxxxxxx> Date: Tue May 19 09:11:17 2015 +0100 ui/cocoa: Make -full-screen option work on Mac OS X This patch makes the -full-screen option actually instruct QEMU to enter fullscreen at startup, on Mac OS X. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5d1b2eef58632974494b4b94f8970846aa0bffb9 Author: Programmingkid <programmingkidx@xxxxxxxxx> Date: Tue May 19 09:11:17 2015 +0100 ui/cocoa: Fix several full screen issues on Mac OS X This patch makes several changes: - Minimizes distorted full screen display by respecting aspect ratios. - Makes full screen mode available on Mac OS 10.7 and higher. - Allows user to decide if video should be stretched to fill the screen, using a menu item called "Zoom To Fit". - Hides the normalWindow so it won't show up in full screen mode. - Allows user to exit full screen mode. Signed-off-by: John Arbuckle <programmingkidx@xxxxxxxxx> [PMM: minor whitespace tweaks, remove incorrectly duplicated use of 'f' menu accelerator key] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 57a808b6d7f52a62111f6070933dfca6cd88a0fd Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Jul 8 10:42:55 2014 -0700 target-alpha: Raise IOV from CVTQL Even if an exception isn't taken, the status flags need updating and the result should be written to the destination. Move the body of cvtql out of line, since we now always need a call. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 4ed069ab5334a495b49d0704795524fa34e8dbfc Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Jul 8 10:14:09 2014 -0700 target-alpha: Suppress underflow from CVTTQ if DNZ I.e. respect flush_inputs_to_zero. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit b99e80694cc635aa6ed5a3716e89645a8afa261c Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue Jul 8 10:11:06 2014 -0700 target-alpha: Raise EXC_M_INV properly for fp inputs Ignore DNZ if software completion isn't used. Raise INV for denormals in system mode so the OS completion handler sees them. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit ed0851380c8ed181ddd6ed3542b14fcb0bca6700 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Jul 7 06:18:20 2014 -0700 target-alpha: Disallow literal operand to 1C.30 to 1C.37 Before 64f45e49 we used to have literal checks for 4 of these 8 opcodes. Confirmed that real hardware doesn't allow them. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 2517def6f82bec9eba9333a37f85a6f368ba52ee Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Jul 3 21:04:26 2014 -0700 target-alpha: Implement WH64EN Backward compatible cache insn introduced for EV7. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 4d1628e832dfc6ec02b0d196f6cc250aaa7bf3b3 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Jul 3 13:18:26 2014 -0700 target-alpha: Fix integer overflow checking insns We need to write the result to the destination register before raising any exception. Thus inline the code for each insn, and check for any exception after we're done. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 7b4dde839e86ca6c254d4e3cd28260e9d668afb5 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Jul 3 12:37:59 2014 -0700 target-alpha: Fix cvttq vs inf We should raise INV for infinities as well, not OVR+INE. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 7f2e40020cfc827f7e59670f8c400b0b9a704481 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Thu Jul 3 12:36:34 2014 -0700 target-alpha: Fix cvttq vs large integers The range +- 2**63 - 2**64 was returning the wrong truncated result. We also incorrectly signaled overflow for -2**63. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit c24a8a0b6dad5a33d84f5fb846edb28c43312c71 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Jun 28 12:57:03 2014 -0700 target-alpha: Raise IOV from CVTTQ Floating-point overflow is a different bit from integer overflow. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit f6b6b7b8a775f97edab43eb672d5991f534c2e61 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Mon Jun 30 09:53:46 2014 -0700 target-alpha: Set EXC_M_SWC for exceptions from /S insns Previously forgotten, the kernel needs the software completion bit to know that it needs to emulate software completion qualified insns. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 471d4930470aee38dffe6fc4890ede3d8eaf23c4 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Jun 28 11:08:28 2014 -0700 target-alpha: Set fpcr_exc_status even for disabled exceptions The qualifiers can suppress the raising of exceptions, but real hardware still records that the exceptions occurred. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit f3d3aad4a920a4436a9f5397d7a2963aefe141a9 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 8 12:17:07 2014 -1000 target-alpha: Tidy FPCR representation Store the fpcr as the hardware represents it. Convert the softfpu representation of exceptions into the fpcr representation. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit ba9c5de5f2d33d468a07a8794121472ea031a0b5 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Jun 28 13:06:19 2014 -0700 target-alpha: Set PC correctly for floating-point exceptions PC should be one past the faulting insn. Add better commentary for the machine-check exception path. Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9d5a626b2c3fa98761b35b5e2ac86f7adb231002 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Sat Jun 28 10:25:36 2014 -0700 target-alpha: Forget installed round mode after MT_FPCR When we use QUAL_RM_D, we copy fpcr_dyn_round to float_status. When we install a new FPCR value, we update fpcr_dyn_round. Reset the status of the cache so that we re-copy for the next fp insn that requires dynamic rounding. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 3da653fa05579579b0ba55a02ffa2aa3d466f01b Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 8 10:54:35 2014 -1000 target-alpha: Rename floating-point subroutines ... to match the instructions, which have no leading "f". Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 9354452c39fef1ab2491da5989e6944d8bb2e16a Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Fri Aug 8 10:42:45 2014 -1000 target-alpha: Move VAX helpers to a new file Keep the IEEE and VAX floating point emulation separate. Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 62bf3df432d93fa6eb0f355c460d6d784b7cbc1a Merge: 385057c 18084b2 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon May 18 20:23:16 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150518-3' into staging target-arm: * New board model: xlnx-ep108 * Some more preparation for AArch64 EL2/EL3 * Fix bugs in access checking for generic counter registers * Remove a stray '+' sign # gpg: Signature made Mon May 18 20:13:05 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150518-3: (21 commits) target-arm: Remove unneeded '+' target-arm: Correct accessfn for CNTV_TVAL_EL0 target-arm: Correct accessfn for CNTP_{CT}VAL_EL0 target-arm: Add WFx syndrome function target-arm: Add EL3 and EL2 TCR checking target-arm: Add TTBR regime function and use linux-user/arm: Correct TARGET_NR_timerfd to TARGET_NR_timerfd_create arm: xlnx-ep108: Add bootloading arm: xlnx-ep108: Add external RAM arm: Add xlnx-ep108 machine arm: xlnx-zynqmp: Add UART support char: cadence_uart: Split state struct and type into header char: cadence_uart: Clean up variable names arm: xlnx-zynqmp: Add GEM support net: cadence_gem: Split state struct and type into header net: cadence_gem: Clean up variable names arm: xlnx-zynqmp: Connect CPU Timers to GIC arm: xlnx-zynqmp: Add GIC arm: Introduce Xilinx ZynqMP SoC target-arm: cpu64: Add support for Cortex-A53 ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 18084b2f71b22b3ec3bf4828b8cb83d1d39e8502 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Wed May 13 16:52:28 2015 +1000 target-arm: Remove unneeded '+' Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Message-id: 1431499963-1019-4-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b65c08ee1a05760c1c5a786a6cedf240f924c53e Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Wed May 13 16:52:27 2015 +1000 target-arm: Correct accessfn for CNTV_TVAL_EL0 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1431499963-1019-3-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 12cde08aaf571de65d3fbbdf93c83f0a4321267f Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Wed May 13 16:52:26 2015 +1000 target-arm: Correct accessfn for CNTP_{CT}VAL_EL0 Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1431499963-1019-2-git-send-email-edgar.iglesias@xxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 06fbb2fdf7a7ac468d62c66cfe4537d3c71f7bb9 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Wed Apr 22 12:09:20 2015 -0500 target-arm: Add WFx syndrome function Adds a utility function for creating a WFx exception syndrome Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Acked-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1429722561-12651-9-git-send-email-greg.bellows@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 88e8add8b6656c349a96b447b074688d02dc5415 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Wed Apr 22 12:09:19 2015 -0500 target-arm: Add EL3 and EL2 TCR checking Updated get_phys_addr_lpae to check the appropriate TTBCR/TCR depending on the current EL. Support includes using the different TCR format as well as checks to insure TTBR1 is not used when in EL2 or EL3. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Acked-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1429722561-12651-8-git-send-email-greg.bellows@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit aef878be4e7ab1bdb30b408007320400b0a29c83 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Wed Apr 22 12:09:18 2015 -0500 target-arm: Add TTBR regime function and use Add a utility function for choosing the correct TTBR system register based on the specified MMU index. Add use of function on physical address lookup. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Acked-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1429722561-12651-7-git-send-email-greg.bellows@xxxxxxxxxx [PMM: fixed regime_ttbr() return type to be uint64_t] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d82322e175d58c0c8951cbc905da1ca9ee2e008c Author: Timothy Baldwin <T.E.Baldwin99@xxxxxxxxxxxxxxxxxxx> Date: Wed Apr 8 21:40:52 2015 +0100 linux-user/arm: Correct TARGET_NR_timerfd to TARGET_NR_timerfd_create Misspelled system call name in macro was causing timerfd_create not to be supported for the ARM target. Signed-off-by: Timothy Edward Baldwin <T.E.Baldwin99@xxxxxxxxxxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 082587b741efc5329380b4a156d86f2bdbfa2d70 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:30 2015 -0700 arm: xlnx-ep108: Add bootloading Add bootloader support using standard ARM bootloader. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: b829abaf2b70d02b28e79301553cbd74afc416a1.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b79b9d28f6b8f7879c50b6c053b4e3796de5b7d0 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:27 2015 -0700 arm: xlnx-ep108: Add external RAM Zynq MPSoC supports external DDR RAM. Add a RAM at 0 to the model. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 2c25e2a4198402a6477aef2975d5df7c415dd341.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 859a0c5b5fb8be0c1ed78d96695a162c9210e1e6 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:24 2015 -0700 arm: Add xlnx-ep108 machine Add a machine model for the Xilinx ZynqMP SoC EP108 board. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 3896b34c862f370dc0679e4428bf3848d1f9f83c.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3bade2a9e6336e0eb7cc5ad7425994f1143c5cfa Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:21 2015 -0700 arm: xlnx-zynqmp: Add UART support There are 2x Cadence UARTs in Zynq MP. Add them. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: e30795536f77599fabc1052278d846ccd52322e2.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8ae57b2fa35dae9aa4b50db5e632156eded9bec0 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:18 2015 -0700 char: cadence_uart: Split state struct and type into header Create a new header for Cadence UART to allow using the device with modern SoC programming conventions. The state struct needs to be visible to embed the device in SoC containers. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 46a0fbd45b6b205f54c4a8c778deb75c77f8abdf.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e86da3cb40d6f70ce99d8e64952c49df8ad78848 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:15 2015 -0700 char: cadence_uart: Clean up variable names Clean up some variable names in preparation for migrating the state struct and type cast macro to a public header. The acronym "UART" on it's own is not specific enough to be used in a more global namespace so preface with "cadence". Fix the capitalisation of "uart" in the state type while touching the typename. Preface macros used by the state struct itself with CADENCE_UART so they don't conflict in namespace either. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 3812b7426c338beae9e082557f3524a99310ddc6.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 14ca2e462ee137974d81729b1d88d9d39cf2f22c Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:12 2015 -0700 arm: xlnx-zynqmp: Add GEM support There are 4x Cadence GEMs in ZynqMP. Add them. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 7d3e68e5495d145255f0ee567046415e3a26d67e.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f49856d4e65703e347ee3e2277a87282ce601bcd Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:09 2015 -0700 net: cadence_gem: Split state struct and type into header Create a new header for Cadence GEM to allow using the device with modern SoC programming conventions. The state struct needs to be visible to embed the device in SoC containers. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: a98b5df6440c5bff8f813a26bb53ce1cfefb4c4c.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 448f19e23155021e42878e7effc3da895921ad4e Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:07 2015 -0700 net: cadence_gem: Clean up variable names Cleanup some variable names in preparation for migrating the state struct and type cast macro to a public header. The acronym "GEM" on its own is not specific enough to be used in a more global namespace so preface with "cadence". Fix the capitalisation of "gem" in the state type while touching the typename. Also preface the GEM_MAXREG macro as this will need to migrate to public header. Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 8e2b0687b3a7b7a3fde5ba2f3bee6f3b911e84ef.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bf4cb10966a7685bba3aeaf14434902889ef535d Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:04 2015 -0700 arm: xlnx-zynqmp: Connect CPU Timers to GIC Connect the GPIO outputs from the individual CPUs for the timers to the GIC. Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: a7866a4f0c903c91fa3034210b4d2879aa4bfcb9.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7729e1f4b3c670eca38cc0ee0d96c1177efbc1e3 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:23:01 2015 -0700 arm: xlnx-zynqmp: Add GIC Add the GIC and connect IRQ outputs to the CPUs. The GIC regions are under-decoded through a 64k address region so implement aliases accordingly. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 5853189965728d676106d9e94e76b9bb87981cb5.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f0a902f76452211cadbdf1d25ef9b94732b096e8 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:22:58 2015 -0700 arm: Introduce Xilinx ZynqMP SoC With quad Cortex-A53 CPUs. Use SMC PSCI, with the standard policy of secondaries starting in power-off. Tested-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Alistair Francis <alistair.francis@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: a16202a6c7b79e446e5289d38cb18d2ee4b897a0.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e35310260ec57d20301c65a5714ca55369e971cc Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:22:55 2015 -0700 target-arm: cpu64: Add support for Cortex-A53 Add the ARM Cortex-A53 processor definition. Similar to A57, but with different L1 I cache policy, phys addr size and different cache geometries. The cache sizes is implementation configurable, but use these values (from Xilinx Zynq MPSoC) as a default until cache size configurability is added. Acked-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: db439ff834cf0431bc192b05272a3b28fe2045d0.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ee804264ddc4d3cd36a5183a09847e391da0fc66 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Thu May 14 19:22:52 2015 -0700 target-arm: cpu64: generalise name of A57 regs Rename some A57 CP register variables in preparation for support for Cortex A53. Use "a57_a53" to describe the shareable features. Some of the CP15 registers (such as ACTLR) are specific to implementation, but we currently just RAZ them so continue with that as the policy for both A57 and A53 processors under a shared definition. Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 5a5f957994677d91435190b3be1cefa6f657e274.1431381507.git.peter.crosthwaite@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 385057cbec9b4a0eb6150330c572e875ed714965 Merge: 99e7627 4180978 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 15 17:51:20 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-05-15' into staging qapi: Fix qapi mangling of downstream names, and more # gpg: Signature made Fri May 15 17:41:31 2015 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qapi-2015-05-15: (26 commits) qapi: Inline gen_command_decl_prologue(), gen_command_def_prologue() qapi: Drop pointless flush() before close() qapi: Factor open_output(), close_output() out of generators qapi: Turn generators' mandatory option -i into an argument qapi: Fix generators to report command line errors decently qapi: Factor parse_command_line() out of the generators qapi: qapi-commands.py option --type is unused, drop it qapi: qapi-event.py option -b does nothing, drop it tests: Add missing dependencies on $(qapi-py) qapi: Support downstream events and commands qapi: Support downstream alternates qapi: Support downstream flat unions qapi: Support downstream simple unions qapi: Support downstream structs qapi: Support downstream enums qapi: Make c_type() consistently convert qapi names qapi: Tidy c_type() logic qapi: Move camel_to_upper(), c_enum_const() to closely related code qapi: Use c_enum_const() in generate_alternate_qtypes() qapi: Simplify c_enum_const() ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 99e7627a70d1a23e30a514e5a4798005cf4eb3aa Merge: 1eeace9 dfb3630 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri May 15 16:02:08 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20150514' into staging Per-memop alignment # gpg: Signature made Thu May 14 20:17:27 2015 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/pull-tcg-20150514: tcg: Add MO_ALIGN, MO_UNALN tcg: Push merged memop+mmu_idx parameter to softmmu routines tcg: Merge memop and mmu_idx parameters to qemu_ld/st Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dfb36305626636e2e07e0c5acd3a002a5419399e Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed May 13 11:25:20 2015 -0700 tcg: Add MO_ALIGN, MO_UNALN These modifiers control, on a per-memory-op basis, whether unaligned memory accesses are allowed. The default setting reflects the target's definition of ALIGNED_ONLY. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 3972ef6f830d65e9bacbd31257abedc055fd6dc8 Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Wed May 13 09:10:33 2015 -0700 tcg: Push merged memop+mmu_idx parameter to softmmu routines The extra information is not yet used but it is now available. This requires minor changes through all of the tcg backends. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 59227d5d45bb3c31dc2118011691c35b3c00879c Author: Richard Henderson <rth@xxxxxxxxxxx> Date: Tue May 12 11:51:44 2015 -0700 tcg: Merge memop and mmu_idx parameters to qemu_ld/st At the tcg opcode level, not at the tcg-op.h generator level. This requires minor changes through all of the tcg backends, but none of the cpu translators. Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 4180978c9205c50acd2d6c385def9b3e81911696 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 14:52:55 2015 +0200 qapi: Inline gen_command_decl_prologue(), gen_command_def_prologue() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 09896d3f48078a93e3d2dbd8ef86436b85ebda7c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 14:49:29 2015 +0200 qapi: Drop pointless flush() before close() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 12f8e1b9ff57e99dafbb13f89cd5a99ad5c28527 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 14:46:39 2015 +0200 qapi: Factor open_output(), close_output() out of generators Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 16d80f61814745bd3f5bb9f47ae3b00edf9e1e45 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 13:32:16 2015 +0200 qapi: Turn generators' mandatory option -i into an argument Mandatory option is silly, and the error handling is missing: the programs crash when -i isn't supplied. Make it an argument, and check it properly. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit b45409683e829770000a4560ed21e704f87df74c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 13:17:34 2015 +0200 qapi: Fix generators to report command line errors decently Report to stderr, prefix with the program name. Also reject extra arguments. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 2114f5a98d0d80774306279e1694de074ca86aa0 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 13:12:21 2015 +0200 qapi: Factor parse_command_line() out of the generators Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit 72aaa73a4acef06bfaed750064c40a597f0cf745 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 11:41:22 2015 +0200 qapi: qapi-commands.py option --type is unused, drop it Anything but --type sync (which is the default) suppresses output entirely, which makes no sense. Dates back to the initial commit c17d990. Commit message says "Currently only generators for synchronous qapi/qmp functions are supported", so maybe output other than "synchronous qapi/qmp" was planned at the time, to be selected with --type. Should other kinds of output ever materialize, we can put the option back. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit c70cef5bd48c7be603f75a7b5346db032a31b470 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 11:40:21 2015 +0200 qapi: qapi-event.py option -b does nothing, drop it Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit df3e21a0e0edd30ea2e7c9b09b05feaaa297c718 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Apr 2 13:38:48 2015 +0200 tests: Add missing dependencies on $(qapi-py) Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit e3c4c3d796c1147d32f66fa1413d5d7c49d5aa37 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:51:01 2015 -0600 qapi: Support downstream events and commands Enhance the testsuite to cover downstream events and commands. Events worked without more tweaks, but commands needed a few final updates in the generator to mangle names in the appropriate places. In making those tweaks, it was easier to drop type_visitor() and inline its actions instead. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit d1f07c86c05706facf950b0b0dba370f71fd5ef6 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:51:00 2015 -0600 qapi: Support downstream alternates Enhance the testsuite to cover downstream alternates, including whether the branch name or type is downstream. Update the generator to mangle alternate names in the appropriate places. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 857af5f06c3fb097d1bb6bc8a23b9992aac99e75 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:50:59 2015 -0600 qapi: Support downstream flat unions Enhance the testsuite to cover downstream flat unions, including the base type, discriminator name and type, and branch name and type. Update the generator to mangle the union names in the appropriate places. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit bb33729043ceda56b4068db13bdc17786ebd0ed0 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:50:58 2015 -0600 qapi: Support downstream simple unions Enhance the testsuite to cover downstream simple unions, including when a union branch is a downstream name. Update the generator to mangle the union names in the appropriate places. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 83a02706bb1fd31c93eab755de543dfe228682d4 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:50:57 2015 -0600 qapi: Support downstream structs Enhance the testsuite to cover downstream structs, including struct members and base structs. Update the generator to mangle the struct names in the appropriate places. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit fce384b8e5193e02421f6b2c2880f3684abcbdc0 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:50:56 2015 -0600 qapi: Support downstream enums Enhance the testsuite to cover a downstream enum type and enum string. Update the generator to mangle the enum name in the appropriate places. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit c6405b54b7b09a876f2f2fba2aa6f8ac87189cb9 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:50:55 2015 -0600 qapi: Make c_type() consistently convert qapi names Continuing the string of cleanups for supporting downstream names containing '.', this patch focuses on ensuring c_type() can handle a downstream name. This patch alone does not fix the places where generator output should be calling this function but was open-coding things instead, but it gets us a step closer. In particular, the changes to c_list_type() and type_name() mean that type_name(FOO) now handles the case when FOO contains '.', '-', or is a ticklish identifier other than a builtin (builtins are exempted because ['int'] must remain mapped to 'intList' and not 'q_intList'). Meanwhile, ['unix'] now maps to 'q_unixList' rather than 'unixList', to match the fact that 'unix' is ticklish; however, our naming conventions state that complex types should start with a capital, so no type name following conventions will ever have the 'q_' prepended. Likewise, changes to c_type() mean that c_type(FOO) properly handles an enum or complex type FOO with '.' or '-' in the name, or is a ticklish identifier (again, a ticklish identifier as a type name violates conventions). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit d557344628e32771f07e5b6a2a818ee3d8e7a65f Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:50:54 2015 -0600 qapi: Tidy c_type() logic c_type() is designed to be called on both string names and on array designations, so 'name' is a bit misleading because it operates on more than strings. Also, no caller ever passes an empty string. Finally, + notation is a bit nicer to read than '%s' % value for string concatenation. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 849bc5382e42b3b9590c6a50ba30c2fd2450308c Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu May 14 06:50:53 2015 -0600 qapi: Move camel_to_upper(), c_enum_const() to closely related code Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> commit b42e91484df9772bb0c26aa0f05390a92d564d6f Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu May 14 06:50:52 2015 -0600 qapi: Use c_enum_const() in generate_alternate_qtypes() Missed in commit b0b5819. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> commit 02e20c7e593363c564aae96e3c5bdc58630ce584 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu May 14 06:50:51 2015 -0600 qapi: Simplify c_enum_const() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> commit 7c81c61f9c2274f66ba947eafd9618d60da838a6 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu May 14 06:50:50 2015 -0600 qapi: Rename generate_enum_full_value() to c_enum_const() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> commit fa6068a1e8ef3c878ac9ee2399bb01eeaf61c366 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu May 14 06:50:49 2015 -0600 qapi: Rename _generate_enum_string() to camel_to_upper() Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> commit 18df515ebbefa9f13474b128b8050d5fa346ea1e Author: Eric Blake <eblake@xxxxxxxxxx> Date: Thu May 14 06:50:48 2015 -0600 qapi: Rename identical c_fun()/c_var() into c_name() Now that the two functions are identical, we only need one of them, and we might as well give it a more descriptive name. Basically, the function serves as the translation from a QAPI name into a (portion of a) C identifier, without regards to whether it is a variable or function name. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 47299262de424af0cb69965d082e5e70b2314183 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu May 14 06:50:47 2015 -0600 qapi: Fix C identifiers generated for names containing '.' c_fun() maps '.' to '_', c_var() doesn't. Nothing prevents '.' in QAPI names that get passed to c_var(). Which QAPI names get passed to c_fun(), to c_var(), or to both is not obvious. Names of command parameters and struct type members get passed to c_var(). c_var() strips a leading '*', but this cannot happen. c_fun() doesn't. Fix c_var() to work exactly like c_fun(). Perhaps they should be replaced by a single mapping function. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> [add 'import string'] Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> commit 777abdfe7bb47e582c8eb87dd6cecdf3fd9f86fc Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon May 11 17:17:49 2015 +0200 doc: fix qmp event type Event name for hot unplug errors was wrong. Make doc match code. Cc: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reported-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 58f88d4b7e9e5578b8dd2c5acfe555b85b35af88 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri May 8 16:04:22 2015 -0300 qmp: Add qom_path field to query-cpus command This will allow clients to query additional information directly using qom-get on the CPU objects. Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 1eeace9c237a729d11c7acd7c0338ab4562af637 Merge: 4d2d2d8 57af728 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed May 13 16:06:07 2015 +0100 Merge remote-tracking branch 'remotes/agraf/tags/signed-s390-for-upstream' into staging Patch queue for s390 - 2015-05-13 A few TCG fixes for the s390x target. Nothing special, but with these applied I can run most of the SLE12 binaries in Linux-user emulation. # gpg: Signature made Wed May 13 13:49:25 2015 BST using RSA key ID 03FEDC60 # gpg: Good signature from "Alexander Graf <agraf@xxxxxxx>" # gpg: aka "Alexander Graf <alex@xxxxxxxxx>" * remotes/agraf/tags/signed-s390-for-upstream: s390x: Add interlocked access facility 1 instructions s390x: Add some documentation in opcode list s390x: Fix stoc direction Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4d2d2d8b21779d7becbdffd7cd7983a7ccb55b54 Merge: 968bb75 e907746 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed May 13 13:57:44 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-cve-pull-request' into staging # gpg: Signature made Wed May 13 12:52:19 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/ide-cve-pull-request: fdc: force the fifo access to be in bounds of the allocated buffer Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 57af7289f276ce70b65f2fbb4981833f04264aac Author: Alexander Graf <agraf@xxxxxxx> Date: Fri May 8 03:07:53 2015 +0200 s390x: Add interlocked access facility 1 instructions We're currently missing all instructions defined by the "interlocked-access facility 1" which is part of zEC12. This patch implements all of them except for LPD and LPDG. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit 13f67dd5825a7dfd7a4904a5fb0cf0a3f95d2d45 Author: Alexander Graf <agraf@xxxxxxx> Date: Fri May 8 03:06:41 2015 +0200 s390x: Add some documentation in opcode list I find it really hard to grasp what each field in the opcode list means. Slowly walking through its semantics myself, I figured I'd write a small summary at the top of the file to make life easier for me and whoever looks at the file next. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit c095ed731ce4fecf166e4ac02ddc606b408f5e1f Author: Alexander Graf <agraf@xxxxxxx> Date: Wed Apr 15 03:45:41 2015 +0200 s390x: Fix stoc direction The store conditional instruction wants to store when the condition is fulfilled, so we should branch out when it's not true. The code today branches out when the condition is true, clearly reversing the logic. Fix it up by negating the condition. Signed-off-by: Alexander Graf <agraf@xxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> commit e907746266721f305d67bc0718795fedee2e824c Author: Petr Matousek <pmatouse@xxxxxxxxxx> Date: Wed May 6 09:48:59 2015 +0200 fdc: force the fifo access to be in bounds of the allocated buffer During processing of certain commands such as FD_CMD_READ_ID and FD_CMD_DRIVE_SPECIFICATION_COMMAND the fifo memory access could get out of bounds leading to memory corruption with values coming from the guest. Fix this by making sure that the index is always bounded by the allocated memory. This is CVE-2015-3456. Signed-off-by: Petr Matousek <pmatouse@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 968bb75c348a401b85e08d5eb1887a3e6c3185f5 Merge: 19fbe50 5ae79fe Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 12 12:11:32 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150512' into staging target-arm queue: * Support TZ and grouping in the GIC * hw/sd: sd_reset cleanup * armv7m_nvic: fix bug in systick device # gpg: Signature made Tue May 12 12:02:26 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150512: hw/arm/highbank.c: Wire FIQ between CPU <> GIC hw/arm/vexpress.c: Wire FIQ between CPU <> GIC hw/arm/virt.c: Wire FIQ between CPU <> GIC hw/intc/arm_gic: Add grouping support to gic_update() hw/intc/arm_gic: Change behavior of IAR writes hw/intc/arm_gic: Change behavior of EOIR writes hw/intc/arm_gic: Handle grouping for GICC_HPPIR hw/intc/arm_gic: Restrict priority view hw/intc/arm_gic: Implement Non-secure view of RPR hw/intc/arm_gic: Make ICCICR/GICC_CTLR banked hw/intc/arm_gic: Make ICCBPR/GICC_BPR banked hw/intc/arm_gic: Make ICDDCR/GICD_CTLR banked hw/intc/arm_gic_kvm.c: Save and restore GICD_IGROUPRn state hw/intc/arm_gic: Add Interrupt Group Registers hw/intc/arm_gic: Switch to read/write callbacks with tx attributes hw/intc/arm_gic: Add Security Extensions property hw/intc/arm_gic: Create outbound FIQ lines hw/sd: Don't pass BlockBackend to sd_reset() armv7m_nvic: systick: Reload the RELOAD value and count down only if ENABLE bit is set Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5ae79fe825bedc89db8b6bde9d0ed0bb5d59558c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 12 11:57:19 2015 +0100 hw/arm/highbank.c: Wire FIQ between CPU <> GIC Connect FIQ output of the GIC CPU interfaces to the CPUs. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-18-git-send-email-peter.maydell@xxxxxxxxxx commit 27192e390d064489dcb23d5fcceb21cabf86d789 Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:18 2015 +0100 hw/arm/vexpress.c: Wire FIQ between CPU <> GIC Connect FIQ output of the GIC CPU interfaces to the CPUs. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-17-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-3-git-send-email-greg.bellows@xxxxxxxxxx [PMM: minor format tweak] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8e7b4ca08b968c9e195bcae9c6cb827c8564871a Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Tue May 12 11:57:18 2015 +0100 hw/arm/virt.c: Wire FIQ between CPU <> GIC Connect FIQ output of the GIC CPU interfaces to the CPUs. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-16-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-4-git-send-email-greg.bellows@xxxxxxxxxx [PMM: minor format tweak] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit dadbb58f5955053c5f5dc2252a4b183f90d7bfce Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 12 11:57:18 2015 +0100 hw/intc/arm_gic: Add grouping support to gic_update() Add support to gic_update() for determining the current IRQ and FIQ status when interrupt grouping is supported. This simply requires that instead of always raising IRQ we check the group of the highest priority pending interrupt and the GICC_CTLR.FIQEn bit to see whether we should raise IRQ or FIQ. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1430502643-25909-15-git-send-email-peter.maydell@xxxxxxxxxx commit c5619bf9e8935aeb972c0bd935549e9ee0a739f2 Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:18 2015 +0100 hw/intc/arm_gic: Change behavior of IAR writes Grouping (GICv2) and Security Extensions change the behavior of IAR reads. Acknowledging Group0 interrupts is only allowed from Secure state and acknowledging Group1 interrupts from Secure state is only allowed if AckCtl bit is set. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-14-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-14-git-send-email-greg.bellows@xxxxxxxxxx [PMM: simplify significantly by reusing the existing gic_get_current_pending_irq() rather than reimplementing the same logic here] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit f9c6a7f1395c6d88a3bb1a0cb48811994709966e Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:18 2015 +0100 hw/intc/arm_gic: Change behavior of EOIR writes Grouping (GICv2) and Security Extensions change the behavior of EOIR writes. Completing Group0 interrupts is only allowed from Secure state. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-13-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-13-git-send-email-greg.bellows@xxxxxxxxxx [PMM: Rather than go to great lengths to ignore the UNPREDICTABLE case of a Secure EOI of a Group1 (NS) irq with AckCtl == 0, we just let it fall through; add a comment about it.] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7c0fa108d918ab818e49c4588ab290004d6b532e Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:18 2015 +0100 hw/intc/arm_gic: Handle grouping for GICC_HPPIR Grouping (GICv2) and Security Extensions change the behaviour of reads of the highest priority pending interrupt register (ICCHPIR/GICC_HPPIR). Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-12-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-12-git-send-email-greg.bellows@xxxxxxxxxx [PMM: make utility fn static; coding style fixes; AckCtl has an effect for GICv2 without security extensions as well; removed checks on enable bits because these are done when we set current_pending[cpu]] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 8150847061f8d2606101bfff77cc6ec86b081ab0 Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:17 2015 +0100 hw/intc/arm_gic: Restrict priority view GICs with Security Extensions restrict the non-secure view of the interrupt priority and priority mask registers. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-11-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-15-git-send-email-greg.bellows@xxxxxxxxxx [PMM: minor code tweaks; fixed missing masking in gic_set_priority_mask and gic_set_priority] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 08efa9f2d1bb27d64fbedcc2879ca45ae6832c20 Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:17 2015 +0100 hw/intc/arm_gic: Implement Non-secure view of RPR For GICs with Security Extensions Non-secure reads have a restricted view on the current running priority. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-10-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-11-git-send-email-greg.bellows@xxxxxxxxxx [PMM: make function static, minor comment tweak] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 32951860834f09d1c1a0b81d8d7d5529e2d0e074 Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:17 2015 +0100 hw/intc/arm_gic: Make ICCICR/GICC_CTLR banked ICCICR/GICC_CTLR is banked in GICv1 implementations with Security Extensions or in GICv2 in independent from Security Extensions. This makes it possible to enable forwarding of interrupts from the CPU interfaces to the connected processors for Group0 and Group1. We also allow to set additional bits like AckCtl and FIQEn by changing the type from bool to uint32. Since the field does not only store the enable bit anymore and since we are touching the vmstate, we use the opportunity to rename the field to cpu_ctlr. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-9-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-9-git-send-email-greg.bellows@xxxxxxxxxx [PMM: rewrote to store state in a single uint32_t rather than keeping the NS and S banked variants separate; this considerably simplifies the get/set functions] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 822e9cc310484f77e0b1c16fbef763a5d0eec80a Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:17 2015 +0100 hw/intc/arm_gic: Make ICCBPR/GICC_BPR banked This register is banked in GICs with Security Extensions. Storing the non-secure copy of BPR in the abpr, which is an alias to the non-secure copy for secure access. ABPR itself is only accessible from secure state if the GIC implements Security Extensions. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-8-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-10-git-send-email-greg.bellows@xxxxxxxxxx [PMM: rewrote to fix style issues and correct handling of GICv2 without security extensions] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 679aa175e84f5f80b32b307fce5a6b92729e0e61 Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:17 2015 +0100 hw/intc/arm_gic: Make ICDDCR/GICD_CTLR banked ICDDCR/GICD_CTLR is banked if the GIC has the security extensions, and the S (or only) copy has separate enable bits for Group0 and Group1 enable if the GIC implements interrupt groups. EnableGroup0 (Bit [1]) in GICv1 is architecturally IMPDEF. Since this bit (Enable Non-secure) is present in the integrated GIC of the Cortex-A9 MPCore, we support this bit in our GICv1 implementation too. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-7-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-8-git-send-email-greg.bellows@xxxxxxxxxx [PMM: rewritten to store the state in a single s->ctlr uint32, with the NS register handled as an alias of bit 1 in that value; added vmstate version bump] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit eb8b9530b0c618d4f2e728eae10d89239d35b0c0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 12 11:57:17 2015 +0100 hw/intc/arm_gic_kvm.c: Save and restore GICD_IGROUPRn state Now that the GIC base class has state fields for the GICD_IGROUPRn registers, make kvm_arm_gic_get() and kvm_arm_gic_put() write and read them. This allows us to remove the check that made us fail migration if the guest had set any of the group register bits. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-6-git-send-email-peter.maydell@xxxxxxxxxx commit c27a5ba94874cb3a29e21b3ad4bd5e504aea93b2 Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:17 2015 +0100 hw/intc/arm_gic: Add Interrupt Group Registers The Interrupt Group Registers allow the guest to configure interrupts into one of two groups, where Group0 are higher priority and may be routed to IRQ or FIQ, and Group1 are lower priority and always routed to IRQ. (In a GIC with the security extensions Group0 is Secure interrupts and Group 1 is NonSecure.) The GICv2 always supports interrupt grouping; the GICv1 does only if it implements the security extensions. This patch implements the ability to read and write the registers; the actual functionality the bits control will be added in a subsequent patch. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-5-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-7-git-send-email-greg.bellows@xxxxxxxxxx [PMM: bring GIC_*_GROUP macros into line with the others, ie a simple SET/CLEAR/TEST rather than GROUP0/GROUP1; utility gic_has_groups() function; minor style fixes; bump vmstate version] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a9d853533cc1a27dc09b10c7ab89677f9c5dd8f4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 12 11:57:16 2015 +0100 hw/intc/arm_gic: Switch to read/write callbacks with tx attributes Switch the GIC's MMIO callback functions to the read_with_attrs and write_with_attrs functions which provide MemTxAttrs. This will allow the GIC to correctly handle secure and nonsecure register accesses. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Message-id: 1430502643-25909-4-git-send-email-peter.maydell@xxxxxxxxxx commit 5543d1abb6e218a9d3b8887b777fd3947c86c4cf Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:16 2015 +0100 hw/intc/arm_gic: Add Security Extensions property Add a QOM property which allows the GIC Security Extensions to be enabled. These are an optional part of the GICv1 and GICv2 architecture. This commit just adds the property and some sanity checks that it is only enabled on GIC revisions that support it. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-3-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-5-git-send-email-greg.bellows@xxxxxxxxxx [PMM: changed property name, added checks that it isn't set for older GIC revisions or if using the KVM VGIC; reworded commit message] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 44f552964714a41ccd41b5e8ac4cbd2478249db1 Author: Fabian Aggeler <aggelerf@xxxxxxx> Date: Tue May 12 11:57:16 2015 +0100 hw/intc/arm_gic: Create outbound FIQ lines Create the outbound FIQ lines from the GIC to the CPUs; these are used if the GIC has security extensions or grouping support. Signed-off-by: Fabian Aggeler <aggelerf@xxxxxxx> Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1430502643-25909-2-git-send-email-peter.maydell@xxxxxxxxxx Message-id: 1429113742-8371-2-git-send-email-greg.bellows@xxxxxxxxxx [PMM: added FIQ lines to kvm-arm-gic so its interface is the same; tweaked commit message] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 16b781aaef69c90d5f4f5456615f0c26a4f45740 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 12 11:57:16 2015 +0100 hw/sd: Don't pass BlockBackend to sd_reset() The only valid BlockBackend to pass to sd_reset() is the one for the SD card, which is sd->blk. Drop the second argument from this function in favour of having it just use sd->blk. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Message-id: 1430683444-9797-1-git-send-email-peter.maydell@xxxxxxxxxx commit 165cdaf857dc850f676fff0b5b873a51865baa9c Author: Adrian Huang <adrianhuang0701@xxxxxxxxx> Date: Tue May 12 11:57:16 2015 +0100 armv7m_nvic: systick: Reload the RELOAD value and count down only if ENABLE bit is set Consider the following pseudo code to configure SYSTICK (The recommended programming sequence from "the definitive guide to the arm cortex-m3"): SYSTICK Reload Value Register = 0xffff SYSTICK Current Value Register = 0 SYSTICK Control and Status Register = 0x7 The pseudo code "SYSTICK Current Value Register = 0" leads to invoking systick_reload(). As a consequence, the systick.tick member is updated and the systick timer starts to count down when the ENABLE bit of SYSTICK Control and Status Register is cleared. The worst case is that: during the system initialization, the reset value of the SYSTICK Control and Status Register is 0x00000000. When the code "SYSTICK Current Value Register = 0" is executed, the systick.tick member is accumulated with "(s->systick.reload + 1) * systick_scale(s)". The systick_scale() gets the external_ref_clock scale because the CLKSOURCE bit of the SYSTICK Control and Status Register is cleared. This is the incorrect behavior because of the code "SYSTICK Control and Status Register = 0x7". Actually, we want the processor clock instead of the external reference clock. This incorrect behavior defers the generation of the first interrupt. The patch fixes the above-mentioned issue by setting the systick.tick member and modifying the systick timer only if the ENABLE bit of the SYSTICK Control and Status Register is set. In addition, the Cortex-M3 Devices Generic User Guide mentioned that "When ENABLE is set to 1, the counter loads the RELOAD value from the SYST RVR register and then counts down". This patch adheres to the statement of the user guide. Signed-off-by: Adrian Huang <adrianhuang0701@xxxxxxxxx> Reviewed-by: Jim Huang <jserv.tw@xxxxxxxxx> [PMM: minor tweak to comment text] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 19fbe5084c1da6af95177c86e4cab64241d479a8 Merge: 704eb1c 7db161f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 12 10:40:31 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/net-pull-request' into staging # gpg: Signature made Mon May 11 16:25:58 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/net-pull-request: rocker: timestamp on the debug logs helps correlate with events in the VM MAINTAINERS: add rocker rocker: add tests rocker: add new rocker switch device pci: add network device class 'other' for network switches pci: add rocker device ID rocker: add register programming guide virtio-net: use qemu_mac_strdup_printf net: add MAC address string printer Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 704eb1c09963149db4a3407d5ba173ba2a9244bb Merge: 0403b0f 1ceca07 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 12 09:01:51 2015 +0100 Merge remote-tracking branch 'remotes/qmp-unstable/tags/for-upstream' into staging QMP pull request # gpg: Signature made Mon May 11 14:15:19 2015 BST using RSA key ID E24ED5A7 # gpg: Good signature from "Luiz Capitulino <lcapitulino@xxxxxxxxx>" * remotes/qmp-unstable/tags/for-upstream: scripts: qmp-shell: Add verbose flag scripts: qmp-shell: add transaction subshell scripts: qmp-shell: Expand support for QMP expressions scripts: qmp-shell: refactor helpers MAINTAINERS: New maintainer for QMP and QAPI json-parser: Accept 'null' in QMP qobject: Add a special null QObject qobject: Clean up around qtype_code QJSON: Use OBJECT_CHECK Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0403b0f539f40a21da60409b825b4653b273ab39 Merge: 266745c bc1f7c4 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon May 11 16:21:50 2015 +0100 Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging pc, virtio enhancements Memory hot-unplug support for pc, MSI-X mapping update speedup for virtio-pci, misc refactorings and bugfixes. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> # gpg: Signature made Mon May 11 08:23:43 2015 BST using RSA key ID D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@xxxxxxxxxx>" # gpg: aka "Michael S. Tsirkin <mst@xxxxxxxxxx>" * remotes/mst/tags/for_upstream: (28 commits) acpi: update expected files for memory unplug virtio-scsi: Move DEFINE_VIRTIO_SCSI_FEATURES to virtio-scsi virtio-net: Move DEFINE_VIRTIO_NET_FEATURES to virtio-net pci: Merge pci_nic_init() into pci_nic_init_nofail() acpi: add a missing backslash to the \_SB scope. qmp-event: add event notification for memory hot unplug error acpi: add hardware implementation for memory hot unplug acpi: fix "Memory device control fields" register acpi: extend aml_field() to support UpdateRule acpi, mem-hotplug: add unplug cb for memory device acpi, mem-hotplug: add unplug request cb for memory device acpi, mem-hotplug: add acpi_memory_slot_status() to get MemStatus docs: update documentation for memory hot unplug virtio: coding style tweak pci: remove hard-coded bar size in msix_init_exclusive_bar() virtio-pci: speedup MSI-X masking and unmasking virtio: introduce vector to virtqueues mapping virtio-ccw: using VIRTIO_NO_VECTOR instead of 0 for invalid virtqueue monitor: check return value of qemu_find_net_clients_except() monitor: replace the magic number 255 with MAX_QUEUE_NUM ... Conflicts: hw/s390x/s390-virtio-bus.c [PMM: fixed conflict in s390_virtio_scsi_properties and s390_virtio_net_properties arrays; since the result of the two conflicting patches is to empty the property arrays completely, the conflict resolution is to remove them entirely.] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 266745cacb848d7cd0ae8889ae262e8718ace4d4 Merge: 9ad2c8c 3446a11 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon May 11 15:07:12 2015 +0100 Merge remote-tracking branch 'remotes/bkoppelmann/tags/pull-tricore-20150511' into staging TriCore bugfixes # gpg: Signature made Mon May 11 13:26:40 2015 BST using RSA key ID 6B69CA14 # gpg: Good signature from "Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx>" * remotes/bkoppelmann/tags/pull-tricore-20150511: target-tricore: fix rfe not restoring the PC target-tricore: fix rslcx restoring the upper context instead of the lower target-tricore: fix BO_OFF10_SEXT calculating the wrong offset target-tricore: fix SLR_LD_W and SLR_LD_W_POSTINC insn being a 2 byte memory access insted of 4 target-tricore: Fix LOOP using wrong register for compare Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7db161f6dd144760b2912026d992837ef80ca7e7 Author: David Ahern <dsahern@xxxxxxxxx> Date: Fri Mar 13 21:09:33 2015 -0700 rocker: timestamp on the debug logs helps correlate with events in the VM Signed-off-by: David Ahern <dsahern@xxxxxxxxx> Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: Jiri Pirko <jiri@xxxxxxxxxxx> Message-id: 1426306173-24884-10-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit de24d3f1013dbee65b42f34cb825f056647861a5 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Fri Mar 13 21:09:32 2015 -0700 MAINTAINERS: add rocker Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: Jiri Pirko <jiri@xxxxxxxxxxx> Message-id: 1426306173-24884-9-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 63d2ada2f55a85c3143ecf69a5aeecf6b3f3ffc9 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Fri Mar 13 21:09:31 2015 -0700 rocker: add tests Add some basic test for rocker to test L2/L3/L4 functionality. Requires an external test environment, simp, located here: https://github.com/scottfeldman/simp To run tests, simp environment must be installed and a suitable VM image built and installed with a Linux 3.18 (or greater) kernel with rocker driver support enabled. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Message-id: 1426306173-24884-8-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit dc488f888060afdc129e0cc8812cf50c4c083423 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Fri Mar 13 21:09:30 2015 -0700 rocker: add new rocker switch device Rocker is a simulated ethernet switch device. The device supports up to 62 front-panel ports and supports L2 switching and L3 routing functions, as well as L2/L3/L4 ACLs. The device presents a single PCI device for each switch, with a memory-mapped register space for device driver access. Rocker device is invoked with -device, for example a 4-port switch: -device rocker,name=sw1,len-ports=4,ports[0]=dev0,ports[1]=dev1, \ ports[2]=dev2,ports[3]=dev3 Each port is a netdev and can be paired with using -netdev id=<port name>. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: Jiri Pirko <jiri@xxxxxxxxxxx> Acked-by: Scott Feldman <sfeldma@xxxxxxxxx> Acked-by: Jiri Pirko <jiri@xxxxxxxxxxx> Signed-off-by: David Ahern <dsahern@xxxxxxxxx> Message-id: 1426306173-24884-7-git-send-email-sfeldma@xxxxxxxxx rocker: fix clang compiler errors Consolidate all forward typedef declarations to rocker.h. Signed-off-by: David Ahern <dsahern@xxxxxxxxx> Acked-by: Scott Feldman <sfeldma@xxxxxxxxx> Acked-by: Jiri Pirko <jiri@xxxxxxxxxxx> rocker: add support for flow modification We had support for flow add/del. This adds support for flow mod. I needed this for L3 support where an existing route is modified using NLM_F_REPLACE. For example: ip route add 12.0.0.0/30 nexthop via 11.0.0.1 dev swp1 ip route change 12.0.0.0/30 nexthop via 11.0.0.9 dev swp2 The first cmd adds the route. The second cmd changes the existing route by changing its nexthop info. In the device, a mod operation results in the matching flow enty being modified with the new settings. This is atomic to the device. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit dc407ae8a75d03cf48e114d3812d077fa29a8bd9 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Fri Mar 13 21:09:29 2015 -0700 pci: add network device class 'other' for network switches Rocker is an ethernet switch device, so add 'other' network device class as defined by PCI to cover these types of devices. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: Jiri Pirko <jiri@xxxxxxxxxxx> Message-id: 1426306173-24884-6-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5dcc26371dcc72976777c51f0251127716a59ed8 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Fri Mar 13 21:09:28 2015 -0700 pci: add rocker device ID Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: Jiri Pirko <jiri@xxxxxxxxxxx> Message-id: 1426306173-24884-5-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit bbc53c7e2580264fe2b6ea84bd8f3480bcc7c845 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Fri Mar 13 21:09:27 2015 -0700 rocker: add register programming guide This is the register programming guide for the Rocker device. It's intended for driver writers and device writers. It covers the device's PCI space, the register set, DMA interface, and interrupts. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Signed-off-by: Jiri Pirko <jiri@xxxxxxxxxxx> Message-id: 1426306173-24884-4-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit b0575ba4a52c9259357af29d842950e978306fa4 Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Fri Mar 13 21:09:26 2015 -0700 virtio-net: use qemu_mac_strdup_printf Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1426306173-24884-3-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 890ee6abb385d6508bba7f5273c74a8e43bea6af Author: Scott Feldman <sfeldma@xxxxxxxxx> Date: Fri Mar 13 21:09:25 2015 -0700 net: add MAC address string printer We can use this in virtio-net code as well as new Rocker driver code, so up-level this. Signed-off-by: Scott Feldman <sfeldma@xxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1426306173-24884-2-git-send-email-sfeldma@xxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 1ceca07e48ead0dd2e41576c81d40e6a91cafefd Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Apr 29 15:14:04 2015 -0400 scripts: qmp-shell: Add verbose flag Add a verbose flag that shows the QMP command that was constructed, to allow for later copy/pasting, reference, debugging, etc. The QMP is converted from a Python literal to JSON first, to ensure that it is viable input to the actual QMP parser. As a side-effect, this JSON output will helpfully show all the necessary conversions that were performed on the input, illustrating that "True" was transformed back into "true", literal values are now escaped with "" instead of '', and so on. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Tested-by: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 30bd6815efbaf5bae70885feac9a35e149e2f1ad Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Apr 29 15:14:03 2015 -0400 scripts: qmp-shell: add transaction subshell Add a special processing mode to craft transactions. By entering "transaction(" the shell will enter a special mode where each subsequent command will be saved as a transaction instead of executed as an individual command. The transaction can be submitted by entering ")" on a line by itself. Examples: Separate lines: (QEMU) transaction( TRANS> block-dirty-bitmap-add node=drive0 name=bitmap1 TRANS> block-dirty-bitmap-clear node=drive0 name=bitmap0 TRANS> ) With a transaction action included on the first line: (QEMU) transaction( block-dirty-bitmap-add node=drive0 name=bitmap2 TRANS> block-dirty-bitmap-add node=drive0 name=bitmap3 TRANS> ) As a one-liner, with just one transaction action: (QEMU) transaction( block-dirty-bitmap-add node=drive0 name=bitmap0 ) As a side-effect of this patch, blank lines are now parsed as no-ops, regardless of which shell mode you are in. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Tested-by: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 6092c3ecc4bdafee5bf07061be78a4a2cc5a5088 Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Apr 29 15:14:02 2015 -0400 scripts: qmp-shell: Expand support for QMP expressions This includes support for [] expressions, single-quotes in QMP expressions (which is not strictly a part of JSON), and the ability to use "True", "False" and "None" literals instead of JSON's equivalent true, false, and null literals. qmp-shell currently allows you to describe values as JSON expressions: key={"key":{"key2":"val"}} But it does not currently support arrays, which are needed for serializing and deserializing transactions: key=[{"type":"drive-backup","data":{...}}] qmp-shell also only currently accepts doubly quoted strings as-per JSON spec, but QMP allows single quotes. Lastly, python allows you to utilize "True" or "False" as boolean literals, but JSON expects "true" or "false". Expand qmp-shell to allow the user to type either, converting to the correct type. As a consequence of the above, the key=val parsing is also improved to give better error messages if a key=val token is not provided. CAVEAT: The parser is still extremely rudimentary and does not expect to find spaces in {} nor [] expressions. This patch does not improve this functionality. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Tested-by: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit a7430a0badc59bd6295936e06c1869e8fe32649d Author: John Snow <jsnow@xxxxxxxxxx> Date: Wed Apr 29 15:14:01 2015 -0400 scripts: qmp-shell: refactor helpers Refactor the qmp-shell command line processing function into two components. This will be used to allow sub-expressions, which will assist us in adding transactional support to qmp-shell. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Tested-by: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 9740618cd2a0ed85b9c1648f05f3066f525f4b2e Author: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Date: Tue May 5 10:39:15 2015 -0400 MAINTAINERS: New maintainer for QMP and QAPI Markus is taking over maintership of QMP and the QAPI from me. Markus has always been a great reviewer and contributor to those subsystems. In the last few months he's also doing pull requests that are a lot more relevant than the ones I was able to do. So, this is a natural move. I'm still the maintainer of HMP and QObjects, but I'm looking for someone to take over those too. PS: This commit also fixes the file listing for the QMP entry. Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Reviewed-by: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit e549e7161f37416ff66971d77d021d30057045ca Author: Eric Blake <eblake@xxxxxxxxxx> Date: Wed Apr 29 15:35:06 2015 -0600 json-parser: Accept 'null' in QMP We document that in QMP, the client may send any json-value for the optional "id" key, and then return that same value on reply (both success and failures, insofar as the failure happened after parsing the id). [Note that the output may not be identical to the input, as whitespace may change and since we may reorder keys within a json-object, but that this still constitutes the same json-value]. However, we were not handling the JSON literal null, which counts as a json-value per RFC 7159. Also, down the road, given the QAPI schema of {'*foo':'str'} or {'*foo':'ComplexType'}, we could decide to allow the QMP client to pass { "foo":null } instead of the current representation of { } where omitting the key is the only way to get at the default NULL value. Such a change might be useful for argument introspection (if a type in older qemu lacks 'foo' altogether, then an explicit "foo":null probe will force an easily distinguished error message for whether the optional "foo" key is even understood in newer qemu). And if we add default values to optional arguments, allowing an explicit null would be required for getting a NULL value associated with an optional string that has a non-null default. But all that can come at a later day. The 'check-unit' testsuite is enhanced to test that parsing produces the same object as explicitly requesting a reference to the special qnull object. In addition, I tested with: $ ./x86_64-softmmu/qemu-system-x86_64 -qmp stdio -nodefaults {"QMP": {"version": {"qemu": {"micro": 91, "minor": 2, "major": 2}, "package": ""}, "capabilities": []}} {"execute":"qmp_capabilities","id":null} {"return": {}, "id": null} {"id":{"a":null,"b":[1,null]},"execute":"quit"} {"return": {}, "id": {"a": null, "b": [1, null]}} {"timestamp": {"seconds": 1427742379, "microseconds": 423128}, "event": "SHUTDOWN"} Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 481b002cc81ed7fc7b06e32e9d4d495d81739d14 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Apr 29 15:35:05 2015 -0600 qobject: Add a special null QObject I'm going to fix the JSON parser to recognize null. The obvious representation of JSON null as (QObject *)NULL doesn't work, because the parser already uses it as an error value. Perhaps we should change it to free NULL for null, but that's more than I can do right now. Create a special null QObject instead. The existing QDict, QList, and QString all represent something that is a pointer in C and could therefore be associated with NULL. But right now, all three of these sub-types are always non-null once created, so the new null sentinel object is intentionally unrelated to them. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit a7c31816288a8f20fc387d69d441413e7a8c9ff1 Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Wed Apr 29 15:35:04 2015 -0600 qobject: Clean up around qtype_code QTYPE_NONE is a sentinel value. No QObject has this type code. Document it properly. Fix dump_qobject() to abort() on QTYPE_NONE, just like for any other invalid type code. Fix to_json() to abort() on all invalid type codes, not just QTYPE_MAX. Clean up Property member qtype's type: it's a qtype_code. Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 4cf2d837340589155acfda993c51e66eb5800416 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Sat Apr 25 12:28:06 2015 -0300 QJSON: Use OBJECT_CHECK The QJSON code used casts to (QJSON*) directly, instead of OBJECT_CHECK. There were even some functions using object_dynamic_cast() calls followed by assert(), which is exactly what OBJECT_CHECK does (by calling object_dynamic_cast_assert()). Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 9ad2c8cd41a086020e21aa6d616b73bd5e2a800b Merge: b951cda 0caef8f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon May 11 13:54:00 2015 +0100 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-05-09' into staging trivial patches for 2015-05-09 # gpg: Signature made Fri May 8 22:58:42 2015 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-05-09: docs: update BLOCK_IMAGE_CORRUPTED documentation glib-compat.h: change assert to g_assert Remove various unused functions sheepdog: fix resource leak with sd_snapshot_create xhci: remove unused code Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3446a11181c6e8263dbd9c13c28986df4317099e Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Tue May 5 19:41:10 2015 +0200 target-tricore: fix rfe not restoring the PC Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> commit bc72f8aaf23fa11833e0e04c10b5c0e1036c2609 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Tue May 5 19:39:18 2015 +0200 target-tricore: fix rslcx restoring the upper context instead of the lower Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> commit 4959d6b3662d94a5add5811ba1ff5243116b8987 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Tue May 5 19:36:55 2015 +0200 target-tricore: fix BO_OFF10_SEXT calculating the wrong offset The lower part of the combined offset was sign extended and could lead to wrong results. Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> commit 7bd0eaec311d188412123a034abb44595deb7dae Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Fri Apr 3 14:29:22 2015 +0200 target-tricore: fix SLR_LD_W and SLR_LD_W_POSTINC insn being a 2 byte memory access insted of 4 Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> commit 250ef8c76861c756354ed1c67f0a4524e5339369 Author: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Date: Tue Dec 9 16:04:46 2014 +0000 target-tricore: Fix LOOP using wrong register for compare Signed-off-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> commit b951cda21d6b232f138ccf008e12bce8ddc95465 Merge: ec62ad1 ca44148 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon May 11 12:01:09 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging - build bugfix from Fam and new configure check from Emilio - two improvements to "info mtere" from Gerd - KVM support for memory transaction attributes - one more small step towards unlocked MMIO dispatch - one piece of the qemu-nbd errno fixes - trivial-ish patches from Denis and Thomas # gpg: Signature made Fri May 8 13:47:29 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: qemu-nbd: only send a limited number of errno codes on the wire rules.mak: Force CFLAGS for all objects in DSO configure: require __thread support exec: move rcu_read_lock/unlock to address_space_translate callers kvm: add support for memory transaction attributes mtree: also print disabled regions mtree: tag & indent a bit better apic_common: improve readability of apic_reset_common kvm: Silence warning from valgrind Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ec62ad1e27ffd1f7ff2172a916d161cc385e73bd Merge: 4ae740c 1271f7f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon May 11 10:43:08 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-gtk-20150508-1' into staging gtk: add ui_info support, cleanups + fixes. # gpg: Signature made Fri May 8 12:47:04 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-gtk-20150508-1: gtk: update mouse position in mouse_set() gtk: create gtk.h gtk: add ui_info support console: add dpy_ui_info_supported console: delayed ui_info guest notification Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4ae740cc0e4a123047b40c373e699e28031d420e Merge: fc85cf4 ca5a21c Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon May 11 09:42:20 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-usb-20150508-1' into staging usb: qomify, bugfixes for xhci & uhci. # gpg: Signature made Fri May 8 12:39:28 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-usb-20150508-1: uhci: controller is halted after reset usb: usb-serial QOMify usb: usb-redir QOMify usb: usb-wacom-tablet QOMify usb: usb-uas QOMify usb: usb-storage QOMify usb: usb-ccid QOMify usb: usb-net QOMify usb-mtp: fix segmentation fault usb: usb-mtp QOMify usb: usb-hub QOMify usb: usb-hid QOMify usb: usb-bt QOMify usb: usb-audio QOMify uhci: QOMify xhci: fix events for setup trb. Revert "xhci: generate a Transfer Event for each Transfer TRB with the IOC bit set" xhci: set timer to retry xfers usb: fix usb-net segfault Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit bc1f7c4c915a7c727741c4d27a2795e1039eacd3 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon May 11 09:21:37 2015 +0200 acpi: update expected files for memory unplug commit c06b2ffb02bfcc642c67300d2c4dffd5aa54932b acpi: add hardware implementation for memory hot unplug Changed both the DSDT and the SSDT. Update the expected files accordingly. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit fc85cf4a8199a657fdfd5fb902f1835973406454 Merge: f8340b3 3cda44f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun May 10 21:40:54 2015 +0100 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20150508' into staging Assorted s390x patches: - updates for virtio-ccw and s390-virtio, making them more similar to virtio-pci - improvements regarding per-vcpu interrupts and migration # gpg: Signature made Fri May 8 09:45:09 2015 BST using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20150508: s390x/kvm: migrate vcpu interrupt state s390x: move fpu regs into a subsection of the vmstate s390x/kvm: use ioctl KVM_S390_IRQ for vcpu interrupts virtio-ccw: implement ->device_plugged virtio-ccw: change realization sequence s390-virtio: clear {used,avail}_event_idx on reset as well s390-virtio: use common features s390-virtio: Accommodate guests using virtqueues too early Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ca4414804114fd0095b317785bc0b51862e62ebb Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu May 7 17:25:10 2015 +0200 qemu-nbd: only send a limited number of errno codes on the wire Right now, NBD includes potentially platform-specific error values in the wire protocol. Luckily, most common error values are more or less universal: in particular, of all errno values <= 34 (up to ERANGE), they are all the same on supported platforms except for 11 (which is EAGAIN on Windows and Linux, but EDEADLK on Darwin and the *BSDs). So, in order to guarantee some portability, only keep a handful of possible error codes and squash everything else to EINVAL. This patch defines a limited set of errno values that are valid for the NBD protocol, and specifies recommendations for what error to return in specific corner cases. The set of errno values is roughly based on the errors listed in the read(2) and write(2) man pages, with some exceptions: - ENOMEM is added for servers that implement copy-on-write or other formats that require dynamic allocation. - EDQUOT is not part of the universal set of errors; it can be changed to ENOSPC on the wire format. - EFBIG is part of the universal set of errors, but it is also changed to ENOSPC because it is pretty similar to ENOSPC or EDQUOT. Incoming values will in general match system errno values, but not on the Hurd which has different errno values (they have a "subsystem code" equal to 0x10 in bits 24-31). The Hurd is probably not something to which QEMU has been ported, but still do the right thing and reverse-map the NBD errno values to the system errno values. The corresponding patch to the NBD protocol description can be found at http://article.gmane.org/gmane.linux.drivers.nbd.general/3154. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit d24697e1824467f3921c84a94f011f43d6466403 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu May 7 14:55:15 2015 +0800 rules.mak: Force CFLAGS for all objects in DSO Because of the trick of process-archive-undefs, all .mo objects, even with --enable-modules, are dependencies of executables. This breaks CFLAGS propogation because the compiling of module object will happen too early before building for DSO. With GCC 5, the linking would fail because .o doesn't have -fPIC. Also, BUILD_DSO will be missed. (module-common.o will have it, so the stamp symbol was still liked in .so). Fix the problem by forcing the CFLAGS on individual .o-cflags during unnest-vars. Reported-by: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx # 2.3 Message-Id: <1430981715-31465-1-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0caef8f6df4a9426bd6333ab843ce51ce005d7d0 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Thu May 7 17:58:26 2015 +0300 docs: update BLOCK_IMAGE_CORRUPTED documentation Label the "size" and "offset" fields in BLOCK_IMAGE_CORRUPTED as optional, and clarify that the latter refers to the host's offset into the image. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f20f2a1f339b99f5b840367236ddce9d9736247c Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Thu May 7 13:38:02 2015 +0300 glib-compat.h: change assert to g_assert include/glib-compat.h defines a bunch of functions based on glib primitives, and uses assert() without including assert.h. Replace assert() with g_assert() to make the file more self-contained, and to fix compilation breakage after 28507a415a9b1e. Reported-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> Tested-by: Laurent Desnogues <laurent.desnogues@xxxxxxxxx> commit ac9541579eb95b0b8c93ca58d0a074e1f22cd55a Author: Thomas Huth <huth@xxxxxxxxxxxxx> Date: Sun May 3 10:47:22 2015 +0200 Remove various unused functions The functions tpm_backend_thread_tpm_reset() and iothread_find() are completely unused, let's remove them. Signed-off-by: Thomas Huth <huth@xxxxxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 973a8529c54f9e4410a0e4a18ca1dcb2b085ca7e Author: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Date: Tue May 5 09:48:03 2015 +0800 sheepdog: fix resource leak with sd_snapshot_create Signed-off-by: zhanghailiang <zhang.zhanghailiang@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit e5a88b0cf3c902d6e9b342a90f0a4a4d5d954f7a Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue Apr 28 17:11:03 2015 +0800 xhci: remove unused code Value from xfer->packet.ep is assigned to ep here, but that stored value is not used before it is overwritten. Remove it. Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ca5a21c40d95d7a4e26ea0a304fd2cd8ad4e6ae1 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu May 7 09:24:00 2015 +0200 uhci: controller is halted after reset ... and the status register should say so. Fixes "usbus0: controller did not stop" error printed by freebsd. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit cdf0d7694d877f19936d7404fd10b580f6e9a9b1 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:36 2015 +0800 usb: usb-serial QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit d371cbc778e1868b18faa8d6764602b1f4806100 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:35 2015 +0800 usb: usb-redir QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 924e567e1e6641f4af7e927f9c420cc7b4464073 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:34 2015 +0800 usb: usb-wacom-tablet QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 0b06d099b0ab9b055414508ca55133b200d675f8 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:33 2015 +0800 usb: usb-uas QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 79e2590cbf9887a99a65d2aa62da78c6dfd9cdb8 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:32 2015 +0800 usb: usb-storage QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 61b4887b41b270bc837ead57bc502d904af023bb Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:31 2015 +0800 usb: usb-ccid QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit fe47db72210dc17b794954f978ef1d1236cbeb72 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:30 2015 +0800 usb: usb-net QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e60baebd409d547292c778d599111ea1623dd4b5 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:29 2015 +0800 usb-mtp: fix segmentation fault When x-root property not be configured, will cause segfault because of null pointer accessing. Add a check for s->root property avoid segfault. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 7c03a899e6e4030a88bd42c4d494e3a7521806ea Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:28 2015 +0800 usb: usb-mtp QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit e81b13ad94803bf13491bb71c8a76a5d7db9ddf1 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:27 2015 +0800 usb: usb-hub QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f56691295e38429bbfe476d57676c53bcb1fd437 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:26 2015 +0800 usb: usb-hid QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit a293e82bbef666f66be733993e276998319568e1 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:25 2015 +0800 usb: usb-bt QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 0389a0b10967b639ac7444453274b910a4b6f2ed Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:24 2015 +0800 usb: usb-audio QOMify Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 49184b6253a50385c5e934cc4eb813b79cc956f2 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Wed May 6 20:55:23 2015 +0800 uhci: QOMify Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit df0f1692db9236a469496cc09fc7bd5faf31efad Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Apr 28 09:31:44 2015 +0200 xhci: fix events for setup trb. When we find a IOC bit set on a setup trb and therefore queue an event, that should not stop events being generated for following data trbs. So clear the 'reported' flag. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 88dbed3f5946b74cf02c1bb0082b8c50037720ea Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Apr 28 09:19:35 2015 +0200 Revert "xhci: generate a Transfer Event for each Transfer TRB with the IOC bit set" This makes xhci generate multiple short packet events in case of multi-trb transfers. Which is wrong. We need to fix this in a different way. This reverts commit aa6857891df614c620e6e9fc4bc4af6e0e49cafd. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 4e8cfbe1143d8384387595b500212d7a7f11aeae Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Apr 28 09:19:14 2015 +0200 xhci: set timer to retry xfers Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 278412d0e710e2e848c6e510f8308e5b1ed4d03e Author: Michal Kazior <michal.kazior@xxxxxxxxx> Date: Wed Apr 29 11:34:59 2015 +0000 usb: fix usb-net segfault The dev->config pointer isn't set until guest system initializes usb devices (via usb_desc_set_config). However qemu networking can go through some motions prior to that, e.g.: #0 is_rndis (s=0x555557261970) at hw/usb/dev-network.c:653 #1 0x000055555585f723 in usbnet_can_receive (nc=0x55555641e820) at hw/usb/dev-network.c:1315 #2 0x000055555587635e in qemu_can_send_packet (sender=0x5555572660a0) at net/net.c:470 #3 0x0000555555878e34 in net_hub_port_can_receive (nc=0x5555562d7800) at net/hub.c:101 #4 0x000055555587635e in qemu_can_send_packet (sender=0x5555562d7980) at net/net.c:470 #5 0x000055555587dbca in tap_can_send (opaque=0x5555562d7980) at net/tap.c:172 The command to reproduce most reliably was: qemu-system-i386 -usb -device usb-net,vlan=0 -net tap,vlan=0 This wasn't strictly a problem with tap. Other networking endpoints (vde, user) could trigger this problem as well. Fixes: https://bugs.launchpad.net/qemu/+bug/1050823 Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Michal Kazior <michal.kazior@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 768b7855c86c4f46b605183ae9451e9af64ca288 Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Wed Apr 29 13:09:02 2015 +0200 configure: require __thread support The codebase doesn't build without __thread support. Formalise this requirement by adding a check for it in the configure script. Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3cda44f7bae5c9feddc11630ba6eecb2e3bed425 Author: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Date: Mon Mar 2 17:44:24 2015 +0100 s390x/kvm: migrate vcpu interrupt state This patch adds support to migrate vcpu interrupts. We use ioctl KVM_S390_GET_IRQ_STATE and _SET_IRQ_STATE to get/set the complete interrupt state for a vcpu. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 46c804def4bda2491c546e8e33b86fe4981e4b68 Author: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Date: Mon Mar 30 13:22:47 2015 +0200 s390x: move fpu regs into a subsection of the vmstate Let's move the floating point registers into a seperate subsection and bump up the version id. This cleans up the current vmstate and will allow for a future extension with vector registers in a compatible way. This patch is based on a patch from Eric Farman. Reviewed-by: Eric Farman <farman@xxxxxxxxxxxxxxxxxx> Signed-off-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 1191c94963f36b3f9631fcd1ec2e9296631b407e Author: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Date: Thu Dec 18 17:38:05 2014 +0100 s390x/kvm: use ioctl KVM_S390_IRQ for vcpu interrupts KVM_S390_INT uses only two parameter fields. This is not enough to pass all required information for certain interrupts. A new ioctl KVM_S390_IRQ is available which allows us to inject all local interrupts as defined in the Principles of Operation. It takes a struct kvm_s390_irq as a parameter which can store interrupt payload data for all interrupts. Let's use the new ioctl for injecting vcpu interrupts. Tested-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit fb846a094fdee7bb6a88b48aeed0d97a8080a20d Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Apr 21 16:36:56 2015 +0200 virtio-ccw: implement ->device_plugged Let's move operations that are only valid after the backend has been realized to a ->device_plugged callback, just as virtio-pci does. Also reorder setting up the host feature bits to the sequence used by virtio-pci. While we're at it, also add a ->device_unplugged callback to stop ioeventfd, just to be on the safe side. Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Message-Id: <1429627016-30656-3-git-send-email-cornelia.huck@xxxxxxxxxx> commit 1fa755234e24697cc76f326782edbb09bd0a3a53 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Apr 21 16:36:55 2015 +0200 virtio-ccw: change realization sequence virtio-ccw has an odd sequence of realizing devices: first the device-specific relization (net, block, ...), then the generic realization. It feels less odd to have the generic realization callback trigger the device-specific realization instead (and this also matches what virtio-pci does). One thing to note: We need to defer initializing the cu model in the sense id data until after the device-specific realization has been performed, as we need to refer to the virtio device's device_id. Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Message-Id: <1429627016-30656-2-git-send-email-cornelia.huck@xxxxxxxxxx> commit 77ae0b2a6e731ab7b97e9fae401c579397edb31c Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Mon May 4 15:27:25 2015 +0200 s390-virtio: clear {used,avail}_event_idx on reset as well The old s390-virtio transport clears the vring used/avail indices in the shared area on reset. When we enabled event_idx for virtio-blk, we noticed that this is not enough: We also need to clear the published used/avail event indices, or reboot will fail. Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit f50616a81b7f88a9adac16f3ea0236311a748eca Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Wed Apr 29 15:30:58 2015 +0200 s390-virtio: use common features We used to avoid enabling event_idx for virtio-blk devices via s390-virtio, but we now have a workaround in place for guests trying to use the device before setting DRIVER_OK. Therefore, let's add DEFINE_VIRTIO_COMMON_FEATURES to the base device so all devices get those common features - and make s390-virtio use the same mechanism as the other transports do. Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit cb927b8aee7c3993a43cb829f7341071f873857b Author: Christian Borntraeger <borntraeger@xxxxxxxxxx> Date: Thu Apr 30 17:53:13 2015 +0200 s390-virtio: Accommodate guests using virtqueues too early Feature updates are not a synchronuous operation for the legacy s390-virtio transport. This transport syncs the guest feature bits (those from finalize) on the set_status hypercall. Before that qemu thinks that features are zero, which means QEMU will misbehave, e.g. it will not write the event index, even if the guest asks for it. Let's detect the case where a kick happens before the driver is ready and force sync the features. With this workaround, it is now safe to switch to the common feature bit handling code as used by all other transports. Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit f8340b360b9bc29d48716ba8aca79df2b9544979 Author: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Date: Wed Sep 10 18:33:58 2014 +1000 hw/ptimer: Do not artificially limit timers when using icount Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 838686357b1a175e9a32569700a153b207a9e10f Merge: 38003ae 362ba4e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu May 7 18:22:03 2015 +0100 Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20150507-1' into staging migration/next for 20150507 # gpg: Signature made Thu May 7 17:42:19 2015 BST using RSA key ID 5872D723 # gpg: Good signature from "Juan Quintela <quintela@xxxxxxxxxx>" # gpg: aka "Juan Quintela <quintela@xxxxxxxxxx>" * remotes/juanquintela/tags/migration/20150507-1: migration: Fix migration state update issue migration: avoid divide by zero in xbzrle cache miss rate migration: Add hmp interface to set and query parameters migration: Add qmp commands to set and query parameters migration: Use an array instead of 3 parameters migration: Add interface to control compression migration: Add the core code for decompression migration: Make compression co-work with xbzrle migration: Add the core code of multi-thread compression migration: Split save_zero_page from ram_save_page arch_init: Add and free data struct for decompression arch_init: Alloc and free data struct for compression qemu-file: Add compression functions to QEMUFile migration: Add the framework of multi-thread decompression migration: Add the framework of multi-thread compression docs: Add a doc about multiple thread compression Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 362ba4e3ee801e8f5e28d72d0009547384222927 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Fri May 8 02:31:22 2015 +0800 migration: Fix migration state update issue If live migration is very fast and can be completed in 1 second, the dirty_sync_count of MigrationState will not be updated. Then you will see "dirty sync count: 0" in qemu monitor even if the actual dirty sync count is not 0. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Reviewed-by: Dr.David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 27ff42e29a1d12e9d9dbc473bbca36a50baf278b Author: Michael Chapman <mike@xxxxxxxxxxxxxxxxx> Date: Wed Apr 15 13:59:14 2015 +1000 migration: avoid divide by zero in xbzrle cache miss rate This bug manifested itself as a VM that could not be resumed by libvirt following a migration: # virsh resume example error: Failed to resume domain example error: internal error: cannot parse json {"return": {"xbzrle-cache": {..., "cache-miss-rate": -nan, ...}, ... } }: lexical error: malformed number, a digit is required after the minus sign. This patch also ensures xbzrle_cache_miss_prev and iterations_prev are cleared at the start of the migration. Signed-off-by: Michael Chapman <mike@xxxxxxxxxxxxxxxxx> Reviewed-by: Amit Shah <amit.shah@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 50e9a629c6c92e73260cd3d7c2e3f5bfd84e47e2 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:29 2015 +0800 migration: Add hmp interface to set and query parameters Add the hmp interface to tune and query the parameters used in live migration. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 85de83231ecde075c6b25897f2e74cd1767880e3 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:28 2015 +0800 migration: Add qmp commands to set and query parameters Add the qmp commands to tune and query the parameters used in live migration. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 43c60a81ba15ea040709be5809a279a4ca59b26b Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:27 2015 +0800 migration: Use an array instead of 3 parameters Put the three parameters related to multiple thread (de)compression into an int array, and use an enum type to index the parameter. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit dde4e694ae576462990b2ce711e62565e085c261 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:26 2015 +0800 migration: Add interface to control compression The multiple compression threads can be turned on/off through qmp and hmp interface before doing live migration. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Dr.David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 68ae113646dc84637359472e89669e5547dc5ee3 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:25 2015 +0800 migration: Add the core code for decompression Implement the core logic of multiple thread decompression, the decompression can work now. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 98f1138902195bd9ab8a753d0ee2cf2a0a88b6e8 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:24 2015 +0800 migration: Make compression co-work with xbzrle Now, multiple thread compression can co-work with xbzrle. when xbzrle is on, multiple thread compression will only work at the first round of RAM data sync. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Dr.David Alan Gilbert <dgilbert@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 20eb617eacf7a0ce76d9dd10ff246d6ae7f0b4e1 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:23 2015 +0800 migration: Add the core code of multi-thread compression Implement the core logic of the multiple thread compression. At this point, multiple thread compression can't co-work with xbzrle yet. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit e2102428c09901788a5e585f32f9e805137f5967 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:22 2015 +0800 migration: Split save_zero_page from ram_save_page Split the function save_zero_page from ram_save_page so that we can reuse it later. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 3caf633dbde8a347cff49e960691c7fa6a82afa1 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:21 2015 +0800 arch_init: Add and free data struct for decompression Define the data structure and variables used to do multiple thread decompression, and add the code to initialize and free them. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Dr.David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 474ddaf6e3aebc470f4665ef4f7ce6578448c6d1 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:20 2015 +0800 arch_init: Alloc and free data struct for compression Define the data structure and variables used to do multiple thread compression, and add the code to initialize and free them. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Dr.David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 44f0eadc338f55d3bffe4fccefb1d4241defa418 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:19 2015 +0800 qemu-file: Add compression functions to QEMUFile qemu_put_compression_data() compress the data and put it to QEMUFile. qemu_put_qemu_file() put the data in the buffer of source QEMUFile to destination QEMUFile. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 3fcb38c223510cf88c6101f5d218ce0840d1354c Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:18 2015 +0800 migration: Add the framework of multi-thread decompression Add the code to create and destroy the multiple threads those will be used to do data decompression. Left some functions empty just to keep clearness, and the code will be added later. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Dr.David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 8706d2d566cbf4bad2c5597bb57358e3d5f5caf0 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:17 2015 +0800 migration: Add the framework of multi-thread compression Add the code to create and destroy the multiple threads those will be used to do data compression. Left some functions empty to keep clearness, and the code will be added later. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Dr.David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 263170e679dfb456f8812a0100073990586cecb5 Author: Liang Li <liang.z.li@xxxxxxxxx> Date: Mon Mar 23 16:32:16 2015 +0800 docs: Add a doc about multiple thread compression Give some details about the multiple thread (de)compression and how to use it in live migration. Signed-off-by: Liang Li <liang.z.li@xxxxxxxxx> Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> Reviewed-by: Dr.David Alan Gilbert <dgilbert@xxxxxxxxxx> Reviewed-by: Juan Quintela <quintela@xxxxxxxxxx> Signed-off-by: Juan Quintela <quintela@xxxxxxxxxx> commit 38003aee196a96edccd4d64471beb1b67e9b2b17 Merge: 233353e 00c8fa9 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed May 6 11:16:35 2015 +0100 Merge remote-tracking branch 'remotes/rth/tags/tcg-next-20150505' into staging size reduction merge # gpg: Signature made Wed May 6 00:21:43 2015 BST using RSA key ID 4DD0279B # gpg: Good signature from "Richard Henderson <rth7680@xxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxx>" # gpg: aka "Richard Henderson <rth@xxxxxxxxxxx>" * remotes/rth/tags/tcg-next-20150505: tcg: optimise memory layout of TCGTemp Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 1271f7f7c60e0b0a3cc031921008a69dfd53bd34 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Jul 1 19:12:45 2014 +0200 gtk: update mouse position in mouse_set() Without that the next mouse motion event uses the old position as base for relative move calculation, giving wrong results and making your mouse pointer jump around. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit dc7ff344187db6a94294a87d63cf8332e8ed0e6f Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Mar 4 15:37:27 2015 +0100 gtk: create gtk.h Move various gtk bits (includes, data structures) to a header file. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 1301e515eff267d4b8684e74a5b2c1b5cf03f103 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Mar 13 12:47:00 2015 +0100 gtk: add ui_info support Pass new display size to the guest after window resizes. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit b7fb49f0c709a406f79372be397367ff2550373b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Mar 13 12:21:14 2015 +0100 console: add dpy_ui_info_supported Allow ui code to check whenever the emulated display supports display change notifications. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit cf1ecc82ab84dbfb4b6eea02c329bf9c2aa856ec Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu Mar 12 12:51:13 2015 +0100 console: delayed ui_info guest notification So we don't flood the guest with display change notifications while the user resizes the window. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 233353ec93e4541fa7ab1c53a922a6d5c2bfce7a Merge: 874e9ae ff55d72 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 5 18:22:12 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-qmp-2015-05-05' into staging drop qapi nested structs # gpg: Signature made Tue May 5 17:40:40 2015 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-qmp-2015-05-05: (40 commits) qapi: Check for member name conflicts with a base class qapi: Support (subset of) \u escapes in strings qapi: Tweak doc references to QMP when QGA is also meant qapi: Drop dead visitor code related to nested structs qapi: Drop support for inline nested types qapi: Drop inline nested structs in query-pci qapi: Drop inline nested struct in query-version qapi: Drop tests for inline nested structs qapi: Merge UserDefTwo and UserDefNested in tests qapi: Forbid 'type' in schema qapi: Use 'struct' instead of 'type' in schema qapi: Document 'struct' metatype qapi: Prefer 'struct' over 'type' in generator qapi: More rigorous checking for type safety bypass qapi: Whitelist commands that don't return dictionary qapi: Require valid names qapi: More rigourous checking of types qapi: Add some type check tests qapi: Unify type bypass and add tests qapi: Allow true, false and null in schema json ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ff55d72eaf9628e7d58e7b067b361cdbf789c9f4 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:37 2015 -0600 qapi: Check for member name conflicts with a base class Our type inheritance for both 'struct' and for flat 'union' merges key/value pairs from the base class with those from the type in question. Although the C code currently boxes things so that there is a distinction between which member is referred to, the QMP wire format does not allow passing a key more than once in a single object. Besides, if we ever change the generated C code to not be quite so boxy, we'd want to avoid duplicate member names there, too. Fix a testsuite entry added in an earlier patch, as well as adding a couple more tests to ensure we have appropriate coverage. Ensure that collisions are detected, regardless of whether there is a difference in opinion on whether the member name is optional. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit a7f5966b297330f6492020019544ae87c45d699b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:36 2015 -0600 qapi: Support (subset of) \u escapes in strings The handling of \ inside QAPI strings was less than ideal, and really only worked JSON's \/, \\, \", and our extension of \' (an obvious extension, when you realize we use '' instead of "" for strings). For other things, like '\n', it resulted in a literal 'n' instead of a newline. Of course, at the moment, we really have no use for escaped characters, as QAPI has to map to C identifiers, and we currently support ASCII only for that. But down the road, we may add support for default values for string parameters to a command or struct; if that happens, it would be nice to correctly support all JSON escape sequences, such as \n or \uXXXX. This gets us closer, by supporting Unicode escapes in the ASCII range. Since JSON does not require \OCTAL or \xXX escapes, and our QMP implementation does not understand them either, I intentionally reject it here, but it would be an easy addition if we desired it. Likewise, intentionally refusing the NUL byte means we don't have to worry about C strings being shorter than the qapi input. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 363b4262a10a52f6d7ac1073bab5e6648da4051b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:35 2015 -0600 qapi: Tweak doc references to QMP when QGA is also meant We have more than one qapi schema in use by more than one protocol. Add a new term 'Client JSON Protocol' for use throughout the document, to avoid confusion on whether something refers only to QMP and not QGA. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit a82b982e2bddf7cd7cb490f83643e952e17d4523 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:34 2015 -0600 qapi: Drop dead visitor code related to nested structs Now that we no longer have nested structs to visit, the use of prefix strings is no longer required. Remove the code that is no longer reachable. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 6b5abc7df7ef9aadb3ff0eba6ccf4f1f0181e2e1 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:33 2015 -0600 qapi: Drop support for inline nested types A future patch will be using a 'name':{dictionary} entry in the QAPI schema to specify a default value for an optional argument (see previous commit messages for more details why); but existing use of inline nested structs conflicts with that goal. Now that all commands have been changed to avoid inline nested structs, nuke support for them, and turn it into a hard error. Update the testsuite to reflect tighter parsing rules. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 9fa02cd194a131aca75ab646ece975b6835400e1 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:32 2015 -0600 qapi: Drop inline nested structs in query-pci A future patch will be using a 'name':{dictionary} entry in the QAPI schema to specify a default value for an optional argument (see previous commit message for more details why); but existing use of inline nested structs conflicts with that goal. This patch fixes one of only two commands relying on nested types, by breaking the nesting into an explicit type; it means that the type is now boxed instead of unboxed in C code, but the QMP wire format is unaffected by this change. Prefer the safer g_new0() while making the conversion, and reduce some long lines. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 4752cdbbf330ac7c593a6f337b97a79648f3f878 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:31 2015 -0600 qapi: Drop inline nested struct in query-version A future patch will be using a 'name':{dictionary} entry in the QAPI schema to specify a default value for an optional argument (see previous commit message for more details why); but existing use of inline nested structs conflicts with that goal. This patch fixes one of only two commands relying on nested types, by breaking the nesting into an explicit type; it means that the type is now boxed instead of unboxed in C code, but the QMP wire format is unaffected by this change. Prefer the safer g_new0() while making the conversion. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 6446a592760155bb3e2e248d56bab97a34af0336 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:30 2015 -0600 qapi: Drop tests for inline nested structs A future patch will be using a 'name':{dictionary} entry in the QAPI schema to specify a default value for an optional argument; but existing use of inline nested structs conflicts with that goal. More precisely, a definition in the QAPI schema associates a name with a set of properties: Example 1: { 'struct': 'Foo', 'data': { MEMBERS... } } associates the global name 'Foo' with properties (meta-type struct) and MEMBERS... Example 2: 'mumble': TYPE within MEMBERS... above associates 'mumble' with properties (type TYPE) and (optional false) within type Foo The syntax of example 1 is extensible; if we need another property, we add another name/value pair to the dictionary (such as 'base':TYPE). The syntax of example 2 is not extensible, because the right hand side can only be a type. We have used name encoding to add a property: "'*mumble': 'int'" associates 'mumble' with (type int) and (optional true). Nice, but doesn't scale. So the solution is to change our existing uses to be syntactic sugar to an extensible form: NAME: TYPE --> NAME: { 'type': TYPE, 'optional': false } *ONAME: TYPE --> ONAME: { 'type': TYPE, 'optional': true } This patch fixes the testsuite to avoid inline nested types, by breaking the nesting into explicit types; it means that the type is now boxed instead of unboxed in C code, but makes no difference on the wire (and if desired, a later patch could change the generator to not do so much boxing in C). When touching code to add new allocations, also convert existing allocations to consistently prefer typesafe g_new0 over g_malloc0 when a type name is involved. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit b6fcf32d9b851a83dedcb609091236b97cc4a985 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:29 2015 -0600 qapi: Merge UserDefTwo and UserDefNested in tests In the testsuite, UserDefTwo and UserDefNested were identical structs other than the member names. Reduce code duplication by having just one type, and choose names that also favor reuse. This will also make it easier for a later patch to get rid of inline nested types in QAPI. When touching code related to allocations, convert g_malloc0(sizeof(Type)) to the more typesafe g_new0(Type, 1). Ensure that 'make check-qapi-schema check-unit' still passes. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 3e391d355644b2bff7c9f187759aadb46c6e051f Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:28 2015 -0600 qapi: Forbid 'type' in schema Referring to "type" as both a meta-type (built-in, enum, union, alternate, or struct) and a specific type (the name that the schema uses for declaring structs) is confusing. Finish up the conversion to using "struct" in qapi schema by removing the hack in the generator that allowed 'type'. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 895a2a80e0e054f0d5d3715aa93d10d15e49f9f7 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:27 2015 -0600 qapi: Use 'struct' instead of 'type' in schema Referring to "type" as both a meta-type (built-in, enum, union, alternate, or struct) and a specific type (the name that the schema uses for declaring structs) is confusing. Do the bulk of the conversion to "struct" in qapi schema, with a fairly mechanical: for f in `find -name '*.json'; do sed -i "s/'type'/'struct'/"; done followed by manually filtering out the places where we have a 'type' embedded in 'data'. Then tweak a couple of tests whose output changes slightly due to longer lines. I also verified that the generated files for QMP and QGA (such as qmp-commands.h) are the same before and after, as assurance that I didn't leave in any accidental member name changes. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 3b2a8b85322f3677525a65c0b35deadf45fb704b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:26 2015 -0600 qapi: Document 'struct' metatype Referring to "type" as both a meta-type (built-in, enum, union, alternate, or struct) and a specific type (the name that the schema uses for declaring structs) is confusing. Now that the generator accepts 'struct' as a synonym for 'type', update all documentation to use saner wording. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit fd41dd4eae5f7ea92f10c04cb3f217727fcee91f Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:25 2015 -0600 qapi: Prefer 'struct' over 'type' in generator Referring to "type" as both a meta-type (built-in, enum, union, alternate, or struct) and a specific type (the name that the schema uses for declaring structs) is confusing. The confusion is only made worse by the fact that the generator mostly already refers to struct even when dealing with expr['type']. This commit changes the generator to consistently refer to it as struct everywhere, plus a single back-compat tweak that allows accepting the existing .json files as-is, so that the meat of this change is separate from the mindless churn of that change. Fix the testsuite fallout for error messages that change, and in some cases, become more legible. Improve comments to better match our intentions where a struct (rather than any complex type) is required. Note that in some cases, an error message now refers to 'struct' while the schema still refers to 'type'; that will be cleaned up in the later commit to the schema. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 2cbf09925ad45401673a79ab77f67de2f04a826c Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:24 2015 -0600 qapi: More rigorous checking for type safety bypass Now that we have a way to validate every type, we can also be stricter about enforcing that callers that want to bypass type safety in generated code. Prior to this patch, it didn't matter what value was associated with the key 'gen', but it looked odd that 'gen':'yes' could result in bypassing the generated code. These changes also enforce the changes made earlier in the series for documentation and consolidation of using '**' as the wildcard type, as well as 'gen':false as the canonical spelling for requesting type bypass. Note that 'gen':false is a one-way switch away from the default; we do not support 'gen':true (similar for 'success-response'). In practice, this doesn't matter. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 10d4d997f86cf2a4ce89145df5658952d5722e56 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:23 2015 -0600 qapi: Whitelist commands that don't return dictionary ...or an array of dictionaries. Although we have to cater to existing commands, returning a non-dictionary means the command is not extensible (no new name/value pairs can be added if more information must be returned in parallel). By making the whitelist explicit, any new command that falls foul of this practice will have to be self-documenting, which will encourage developers to either justify the action or rework the design to use a dictionary after all. It's a little bit sloppy that we share a single whitelist among three clients (it's too permissive for each). If this is a problem, a future patch could tighten things by having the generator take the whitelist as an argument (as in scripts/qapi-commands.py --legacy-returns=...), or by having the generator output C code that requires explicit use of the whitelist (as in: #ifndef FROBNICATE_LEGACY_RETURN_OK # error Command 'frobnicate' should return a dictionary #endif then having the callers define appropriate macros). But until we need such fine-grained separation (if ever), this patch does the job just fine. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit c9e0a798691d8c45747b082206e789c8f50523c9 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:22 2015 -0600 qapi: Require valid names Previous commits demonstrated that the generator overlooked various bad naming situations: - types, commands, and events need a valid name - enum members must be valid names, when combined with prefix - union and alternate branches cannot be marked optional Valid upstream names match [a-zA-Z][a-zA-Z0-9_-]*; valid downstream names match __[a-zA-Z][a-zA-Z0-9._-]*. Enumerations match the weaker [a-zA-Z0-9._-]+ (in part thanks to QKeyCode picking an enum that starts with a digit, which we can't change now due to backwards compatibility). Rather than call out three separate regex, this patch just uses a broader combination that allows both upstream and downstream names, as well as a small hack that realizes that any enum name is merely a suffix to an already valid name prefix (that is, any enum name is valid if prepending _ fits the normal rules). We could reject new enumeration names beginning with a digit by whitelisting existing exceptions. We could also be stricter about the distinction between upstream names (no leading underscore, no use of dot) and downstream (mandatory leading double underscore), but it is probably not worth the bother. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit dd883c6f0547f02ae805d02852ff3691f6d08f85 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:21 2015 -0600 qapi: More rigourous checking of types Now that we know every expression is valid with regards to its keys, we can add further tests that those keys refer to valid types. With this patch, all uses of a type (the 'data': of command, type, union, alternate, and event; the 'returns': of command; the 'base': of type and union) must resolve to an appropriate subset of metatypes declared by the current qapi parse; this includes recursing into each member of a data dictionary. Dealing with '**' and nested anonymous structs will be done in later patches. Update the testsuite to match improved output. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 0d8b9fb5f296a96723d98a45a6a00bfd4e45e1b9 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:20 2015 -0600 qapi: Add some type check tests Demonstrate that the qapi generator silently parses confusing types, which may cause other errors later on. Later patches will update the expected results as the generator is made stricter. Most of the new tests focus on blatant errors. But returns-whitelist is a case where we have historically allowed returning something other than a JSON object from particular commands; we have to keep that behavior to avoid breaking clients, but it would be nicer to avoid adding such commands in the future, because any return that is not an (array of) object cannot be easily extended if future qemu wants to return additional information. The QMP protocol already documents that clients should ignore unknown dictionary keys, but does not require clients to have to handle more than one type of JSON object. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit d708cdbe8792a55f53e90c1c787e871d527e8d4b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:19 2015 -0600 qapi: Unify type bypass and add tests For a few QMP commands, we are forced to pass an arbitrary type without tracking it properly in QAPI. Among the existing clients, this unnamed type was spelled 'dict', 'visitor', and '**'; this patch standardizes on '**', matching the documentation changes earlier in the series. Meanwhile, for the 'gen' key, we have been ignoring the value, although the schema consistently used "'no'" ('success-response' was hard-coded to checking for 'no'). But now that we can support a literal "false" in the schema, we might as well use that rather than ignoring the value or special-casing a random string. Note that these are one-way switches (use of 'gen':true is not the same as omitting 'gen'). Also, the use of '**' requires 'gen':false, but the use of 'gen':false does not mandate the use of '**'. There is no difference to the generated code. Add some tests on what we'd like to guarantee, although it will take later patches to clean up test results and actually enforce the use of a bool parameter. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit e53188ada516c814a729551be2448684d6d8ce08 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon May 4 09:05:18 2015 -0600 qapi: Allow true, false and null in schema json In the near term, we will use it for a sensible-looking 'gen':false inside command declarations, instead of the current ugly 'gen':'no'. In the long term, it will allow conversion from shorthand with defaults mentioned only in side-band documentation: 'data':{'*flag':'bool', '*string':'str'} into an explicit default value documentation, as in: 'data':{'flag':{'type':'bool', 'optional':true, 'default':true}, 'string':{'type':'str', 'optional':true, 'default':null}} We still don't parse integer values (also necessary before we can allow explicit defaults), but that can come in a later series. Update the testsuite to match an improved error message. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 4dc2e6906e1084fdd37bf67385c5dcd2c72ae22b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:17 2015 -0600 qapi: Better error messages for duplicated expressions The previous commit demonstrated that the generator overlooked duplicate expressions: - a complex type or command reusing a built-in type name - redeclaration of a type name, whether by the same or different metatype - redeclaration of a command or event - collision of a type with implicit 'Kind' enum for a union - collision with an implicit MAX enum constant Since the c_type() function in the generator treats all names as being in the same namespace, this patch adds a global array to track all known names and their source, to prevent collisions before it can cause further problems. While valid .json files won't trigger any of these cases, we might as well be nicer to developers that make a typo while trying to add new QAPI code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit cfdd5bcad515a8371af59dba9625e31a6f6f733e Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:16 2015 -0600 qapi: Add tests of redefined expressions Demonstrate that the qapi generator doesn't deal very well with redefined expressions. At the parse level, they are silently accepted; and while the testsuite just stops at parsing, I've further tested that many of them cause generator crashes or invalid C code if they were appended to qapi-schema-test.json. A later patch will tighten things up and adjust the testsuite to match. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 0545f6b8874c28d97369f2c83e5077e0461d4f12 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:15 2015 -0600 qapi: Better error messages for bad expressions The previous commit demonstrated that the generator overlooked some fairly basic broken expressions: - missing metataype - metatype key has a non-string value - unknown key in relation to the metatype - conflicting metatype (this patch treats the second metatype as an unknown key of the first key visited, which is not necessarily the first key the user typed) Add check_keys to cover these situations, and update testcases to match. A couple other tests (enum-missing-data, indented-expr) had to change since the validation added here occurs so early. Conversely, changes to ident-with-escape results show that we still have problems where our handling of escape sequences differs from true JSON, which will matter down the road if we allow arbitrary default string values for optional parameters (but for now is not too bad, as we currently can avoid unicode escaping as we don't need to represent anything beyond C identifier material). While valid .json files won't trigger any of these cases, we might as well be nicer to developers that make a typo while trying to add new QAPI code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 9050c65b71ac1d197330e6db221f63189e21bad5 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:14 2015 -0600 qapi: Add some expr tests Demonstrate that the qapi generator doesn't deal well with expressions that aren't up to par. Later patches will improve the expected results as the generator is made stricter. Only a few of the the added tests actually behave sanely at rejecting obvious problems or demonstrating success. Note that in some cases, we reject bad QAPI merely because our pseudo-JSON parser does not yet know how to parse numbers. This series does not address that, but when a later series adds support for numeric defaults of integer fields, the testsuite will ensure that we don't lose the error (and hopefully that the error message quality is improved). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ab916faddd16f0165e9cc2551f90699be8efde53 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:13 2015 -0600 qapi: Use 'alternate' to replace anonymous union Previous patches have led up to the point where I create the new meta-type "'alternate':'Foo'". See the previous patches for documentation; I intentionally split as much work into earlier patches to minimize the size of this patch, but a lot of it is churn due to testsuite fallout after updating to the new type. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 7b1b98c420355ccea98d8bd55c9193ee6b7cef97 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:12 2015 -0600 qapi: Document new 'alternate' meta-type The next patch will quit special-casing "'union':'Foo', 'discriminator':{}" and instead use "'alternate':'Foo'". Separating docs from implementation makes it easier to focus on wording without holding up code. In particular, making alternate a separate type makes for a nice type hierarchy: /-------- meta-type ------\ / | \ simple types alternate complex types | | | | built-in enum type(struct) union | \ / / \ numeric string simple flat A later patch will then clean up 'type' vs. 'struct' confusion. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ab045267447d52e63a79c0e18f89ae4411f5420b Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:11 2015 -0600 qapi: Rename anonymous union type in test Reduce churn in the future patch that replaces anonymous unions with a new metatype 'alternate' by changing 'AnonUnion' to 'Alternate'. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 811d04fd0cff1229480d3f5b2e349f646ab6e3c1 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:10 2015 -0600 qapi: Segregate anonymous unions into alternates in generator Special-casing 'discriminator == {}' for handling anonymous unions is getting awkward; since this particular type is not always a dictionary on the wire, it is easier to treat it as a completely different class of type, "alternate", so that if a type is listed in the union_types array, we know it is not an anonymous union. This patch just further segregates union handling, to make sure that anonymous unions are not stored in union_types, and splitting up check_union() into separate functions. A future patch will change the qapi grammar, and having the segregation already in place will make it easier to deal with the distinct meta-type. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 268a1c5eb10832c2e4476d3fe199ea547dabecb7 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:09 2015 -0600 qapi: Prepare for catching more semantic parse errors This patch widens the scope of a try block (with the attending reindentation required by Python) in preparation for a future patch adding more instances of QAPIExprError inside the block. It's easier to separate indentation from semantic changes, so this patch has no real behavior change. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 44bd1276a7dea747c41f250cb71ab65965343a7f Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:08 2015 -0600 qapi: Tighten checking of unions Previous commits demonstrated that the generator had several flaws with less-than-perfect unions: - a simple union that listed the same branch twice (or two variant names that map to the same C enumerator, including the implicit MAX sentinel) ended up generating invalid C code - an anonymous union that listed two branches with the same qtype ended up generating invalid C code - the generator crashed on anonymous union attempts to use an array type - the generator was silently ignoring a base type for anonymous unions - the generator allowed unknown types or nested anonymous unions as a branch in an anonymous union Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit a8d4a2e4d7e1a0207699de47142c9bdbf2cc8675 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:07 2015 -0600 qapi: Forbid base without discriminator in unions None of the existing QMP or QGA interfaces uses a union with a base type but no discriminator; it is easier to avoid this in the generator to save room for other future extensions more likely to be useful. An earlier commit added a union-base-no-discriminator test to ensure that we eventually give a decent error message; likewise, removing UserDefUnion outright is okay, because we moved all the tests we wish to keep into the tests of the simple union UserDefNativeListUnion in the previous commit. Now is the time to actually forbid simple union with base, and remove the last vestiges from the testsuite. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 805017b7791200f1b72deef17dc98fd272b941eb Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:06 2015 -0600 qapi: Clean up test coverage of simple unions The tests of UserDefNativeListUnion serve to validate code generation of simple unions without a base type, except that it did not have full coverage in the strict test. The next commits will remove tests and support for simple unions with a base type, so there is no real loss at repurposing that test here as opposed to churn of adding a new test then deleting the old one. Fix some indentation and long lines while at it. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 3d0c48292633260269cb21551d9bab006b2f2781 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:05 2015 -0600 qapi: Add some union tests Demonstrate that the qapi generator doesn't deal well with unions that aren't up to par. Later patches will update the expected reseults as the generator is made stricter. A few tests work as planned, but most show poor or missing error messages. Of particular note, qapi-code-gen.txt documents 'base' only for flat unions, but the tests here demonstrate that we currently allow a 'base' to a simple union, although it is exercised only in the testsuite. Later patches will remove this undocumented feature, to give us more flexibility in adding other future extensions to union types. For example, one possible extension is the idea of a type-safe simple enum, where added fields tie the discriminator to a user-defined enum type rather than creating an implicit enum from the names in 'data'. But adding such safety on top of a simple enum with a base type could look ambiguous with a flat enum; besides, the documentation also mentions how any simple union can be represented by an equivalent flat union. So it will be simpler to just outlaw support for something we aren't using. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit cf3935907b5df16f667d54ad6761c7e937dcf425 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:04 2015 -0600 qapi: Better error messages for bad enums The previous commit demonstrated that the generator had several flaws with less-than-perfect enums: - an enum that listed the same string twice (or two variant strings that map to the same C enumerator) ended up generating an invalid C enum - because the generator adds a _MAX terminator to each enum, the use of an enum member 'max' can also cause this clash - if an enum omits 'data', the generator left a python stack trace rather than a graceful message - an enum that used a non-array 'data' was silently accepted by the parser - an enum that used non-string members in the 'data' member was silently accepted by the parser Add check_enum to cover these situations, and update testcases to match. While valid .json files won't trigger any of these cases, we might as well be nicer to developers that make a typo while trying to add new QAPI code. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit ad11dbb93752ffd4bd1d5f31da7e2d9c40a68e8a Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:03 2015 -0600 qapi: Add some enum tests Demonstrate that the qapi generator doesn't deal well with enums that aren't up to par. Later patches will update the expected results as the generator is made stricter. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit fe2a9303c9e511462f662a415c2e9d2defe9b7ca Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:02 2015 -0600 qapi: Require ASCII in schema Python 2 and Python 3 have a wild history of whether strings default to ascii or unicode, where Python 3 requires checking isinstance(foo, basestr) to cover all strings, but where that code is not portable to Python 2. It's simpler to just state that we don't care about Unicode strings, and to just always use the simpler isinstance(foo, str) everywhere. I'm no python expert, so I'm basing it on this conversation: https://lists.gnu.org/archive/html/qemu-devel/2014-09/msg05278.html Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit cb17f79eef0d161e81ac457e4c1f124405be2a18 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:01 2015 -0600 qapi: Fix generation of 'size' builtin type We were missing the 'size' builtin type (which means that QAPI using [ 'size' ] would fail to compile). Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit b52c4b9cf0bbafdf8cede4ea1f62770d86815718 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:05:00 2015 -0600 qapi: Simplify builtin type handling There was some redundancy between builtin_types[] and builtin_type_qtypes{}. Merge them into one. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit e790e666518e68134ca0570b6b4a707169ea3cb1 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:04:59 2015 -0600 qapi: Document type-safety considerations Go into more details about the various types of valid expressions in a qapi schema, including tweaks to document fixes being done later in the current patch series. Also fix some stale and missing documentation in the QMP specification. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 6fb55451728e6dc74ae4e67e4f5ab557468f084e Author: Eric Blake <eblake@xxxxxxxxxx> Date: Mon May 4 09:04:58 2015 -0600 qapi: Add copyright declaration on docs While our top-level COPYING with its GPLv2+ license applies to any documentation file that omits explicit instructions, these days it's better to be a good example of calling out our intentions. Correct use of GPL requires the use of a copyright statement, so I'm adding notice to two QAPI documents, by attributing these files to the initial authors and major contributors. I used: $ git blame --line-porcelain $file \ | sed -n 's/^author //p' | sort | uniq -c | sort -rn to determine authorship of these two files. qmp-spec.txt blames entirely to Red Hat (easy, since my contribution falls in that category); while qapi-code-gen.txt has multiple contributors representing multiple entities. But since it was originally supplied by Michael Roth, the notice I added there copies the notice he has used in other files. As there is no intended change in license from the implicit one previously present from the top level, I have not bothered to CC other contributors; if we want to weaken things to something looser (such as LGPL) so that there is no question that someone re-implementing the spec is not forced to use GPL, that would be a different commit. CC: Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 00c8fa9ffeee7458e5ed62c962faf638156c18da Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Thu Apr 2 20:07:53 2015 -0400 tcg: optimise memory layout of TCGTemp This brings down the size of the struct from 56 to 32 bytes on 64-bit, and to 20 bytes on 32-bit. This leads to memory savings: Before: $ find . -name 'tcg.o' | xargs size text data bss dec hex filename 41131 29800 88 71019 1156b ./aarch64-softmmu/tcg/tcg.o 37969 29416 96 67481 10799 ./x86_64-linux-user/tcg/tcg.o 39354 28816 96 68266 10aaa ./arm-linux-user/tcg/tcg.o 40802 29096 88 69986 11162 ./arm-softmmu/tcg/tcg.o 39417 29672 88 69177 10e39 ./x86_64-softmmu/tcg/tcg.o After: $ find . -name 'tcg.o' | xargs size text data bss dec hex filename 40883 29800 88 70771 11473 ./aarch64-softmmu/tcg/tcg.o 37473 29416 96 66985 105a9 ./x86_64-linux-user/tcg/tcg.o 38858 28816 96 67770 108ba ./arm-linux-user/tcg/tcg.o 40554 29096 88 69738 1106a ./arm-softmmu/tcg/tcg.o 39169 29672 88 68929 10d41 ./x86_64-softmmu/tcg/tcg.o Note that using an entire byte for some enums that need less than that wastes a few bits (noticeable in 32 bits, where we use 20 bytes instead of 16) but avoids extraction code, which overall is a win--I've tested several variations of the patch, and the appended is the best performer for OpenSSL's bntest by a very small margin: Before: $ taskset -c 0 perf stat -r 15 -- x86_64-linux-user/qemu-x86_64 img/bntest-x86_64 >/dev/null [...] Performance counter stats for 'x86_64-linux-user/qemu-x86_64 img/bntest-x86_64' (15 runs): 10538.479833 task-clock (msec) # 0.999 CPUs utilized ( +- 0.38% ) 772 context-switches # 0.073 K/sec ( +- 2.03% ) 0 cpu-migrations # 0.000 K/sec ( +-100.00% ) 2,207 page-faults # 0.209 K/sec ( +- 0.08% ) 10.552871687 seconds time elapsed ( +- 0.39% ) After: $ taskset -c 0 perf stat -r 15 -- x86_64-linux-user/qemu-x86_64 img/bntest-x86_64 >/dev/null Performance counter stats for 'x86_64-linux-user/qemu-x86_64 img/bntest-x86_64' (15 runs): 10459.968847 task-clock (msec) # 0.999 CPUs utilized ( +- 0.30% ) 739 context-switches # 0.071 K/sec ( +- 1.71% ) 0 cpu-migrations # 0.000 K/sec ( +- 68.14% ) 2,204 page-faults # 0.211 K/sec ( +- 0.10% ) 10.473900411 seconds time elapsed ( +- 0.30% ) Suggested-by: Stefan Weil <sw@xxxxxxxxxxx> Suggested-by: Richard Henderson <rth@xxxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Richard Henderson <rth@xxxxxxxxxxx> commit 874e9aeeeb74c5459639a93439a502d262847e68 Merge: b4c5df7 e444ea3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 5 14:06:12 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-sdl-20150505-1' into staging sdl2: add opengl support # gpg: Signature made Tue May 5 10:36:25 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-sdl-20150505-1: sdl2: Fix RGB555 sdl2: add support for display rendering using opengl. sdl2: move SDL_* includes to sdl2.h console-gl: add opengl rendering helper functions opengl: add shader helper functions. opengl: add shader build infrastructure Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b4c5df7a15dad2417bc05d08a470b82ab89d56ea Merge: 5bccbb0 2e1c92d Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue May 5 10:23:22 2015 +0100 Merge remote-tracking branch 'remotes/armbru/tags/pull-cov-model-2015-05-05' into staging coverity: fix address_space_rw model # gpg: Signature made Tue May 5 09:44:26 2015 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@xxxxxxxxxx>" # gpg: aka "Markus Armbruster <armbru@xxxxxxxxxxxx>" * remotes/armbru/tags/pull-cov-model-2015-05-05: coverity: fix address_space_rw model Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e444ea34f8ec27acfa9ead7eaa9904238c831e69 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Tue Mar 3 12:25:27 2015 -0500 sdl2: Fix RGB555 Reproducable with: $ x86_64-softmmu/qemu-system-x86_64 \ -kernel $vmlinuz_of_your_choice \ -append vga=0x313 -sdl Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 0b71a5d5caa4f709d37fa1d7786dffc2c94f8414 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Nov 11 16:54:45 2014 +0100 sdl2: add support for display rendering using opengl. Add new sdl2-gl.c file, with display rendering functions using opengl. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 19dadfccd0124804e2790e7cb075c9df7cd3154f Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Nov 19 14:19:49 2014 +0100 sdl2: move SDL_* includes to sdl2.h Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit cd2bc889e5b30c69926fc1511b6522e7cb4c705d Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jan 9 11:40:23 2015 +0100 console-gl: add opengl rendering helper functions Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 985e1c9b008e5e8b6eac41546266d3abcfa6282a Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Apr 24 07:48:45 2015 +0200 opengl: add shader helper functions. Helper functions to compile, link and run opengl shader programs. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 2e1c92daff752c056ae10087e6b1702b0460af88 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon May 4 14:18:09 2015 +0200 coverity: fix address_space_rw model If the is_write argument is true, address_space_rw writes to memory and thus reads from the buffer. The opposite holds if is_write is false. Fix the model. Cc: Markus Armbruster <armbru@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Markus Armbruster <armbru@xxxxxxxxxx> commit d98bc0b654b97d130338e76e0928296f84e6d6fd Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Jan 16 13:59:17 2015 +0100 opengl: add shader build infrastructure perl script to transform shader programs into c include files with static string constands containing the shader programs, so we can easily embed them into qemu. Also some Makefile logic for them. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 5bccbb04a4abba7af4398de992bf06d585fd1333 Merge: f90f5b9 4a4d614 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Apr 30 20:34:54 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block patches # gpg: Signature made Thu Apr 30 19:51:16 2015 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: Enable NVMe start controller for Windows guest. MAINTAINERS: Add qemu-block list where missing MAINTAINERS: make block layer core Kevin Wolf's responsibility MAINTAINERS: make image fuzzer Stefan Hajnoczi's responsibility MAINTAINERS: make block I/O path Stefan Hajnoczi's responsibility MAINTAINERS: split out image formats MAINTAINERS: make virtio-blk Stefan Hajnoczi's responsibility Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 41063e1e7afcb2f13e103720fe96221657f5dbbc Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Mar 18 14:21:43 2015 +0100 exec: move rcu_read_lock/unlock to address_space_translate callers Once address_space_translate will be called outside the BQL, the returned MemoryRegion might disappear as soon as the RCU read-side critical section ends. Avoid this by moving the critical section to the callers. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1426684909-95030-3-git-send-email-pbonzini@xxxxxxxxxx> commit 4c6637525290dc863a00be7f58fc11d07b780bd4 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 8 13:30:58 2015 +0200 kvm: add support for memory transaction attributes Let kvm_arch_post_run convert fields in the kvm_run struct to MemTxAttrs. These are then passed to address_space_rw. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f8a9f720dd2fa5c1560838c26c6dad396a0cef5b Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Apr 8 12:57:11 2015 +0200 mtree: also print disabled regions Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e48816aac6eef50c851e3833add886f0403b6f11 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Wed Apr 8 12:53:47 2015 +0200 mtree: tag & indent a bit better Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 813297541196698f60525d611dd09007fa60b45b Author: Denis V. Lunev <den@xxxxxxxxxx> Date: Tue Apr 7 16:53:52 2015 +0300 apic_common: improve readability of apic_reset_common Replace call of cpu_is_bsp(s->cpu) which really returns !!(s->apicbase & MSR_IA32_APICBASE_BSP) with directly collected value. Due to this the tracepoint trace_cpu_get_apic_base((uint64_t)s->apicbase); will not be hit anymore in apic_reset_common. Signed-off-by: Denis V. Lunev <den@xxxxxxxxxx> CC: Andreas FÃ?¤rber <afaerber@xxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1428414832-3104-1-git-send-email-den@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 03a96b83b539498510e22aab585e41015ba18247 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Mon Apr 27 18:59:04 2015 +0200 kvm: Silence warning from valgrind valgrind complains here about uninitialized bytes with the following message: ==17814== Syscall param ioctl(generic) points to uninitialised byte(s) ==17814== at 0x466A780: ioctl (in /usr/lib64/power8/libc-2.17.so) ==17814== by 0x100735B7: kvm_vm_ioctl (kvm-all.c:1920) ==17814== by 0x10074583: kvm_set_ioeventfd_mmio (kvm-all.c:574) Let's fix it by using a proper struct initializer in kvm_set_ioeventfd_mmio(). Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Message-Id: <1430153944-24368-1-git-send-email-thuth@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit f90f5b9a9aa41e5ea47dc7a0f3e1f99196f485c3 Merge: 4981475 5530293 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Apr 30 15:18:30 2015 +0100 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-04-30' into staging trivial patches for 2015-04-30 # gpg: Signature made Thu Apr 30 14:07:50 2015 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-04-30: (42 commits) openrisc: cpu: Remove unused cpu_get_pc microblaze: fix memory leak tcg: Delete unused cpu_pc_from_tb() kvm: Silence warning from valgrind vhost-user: remove superfluous '\n' around error_report() target-mips: fix memory leak qmp-commands: Fix typo linux-user/elfload: use QTAILQ_FOREACH instead of open-coding it coroutine: remove unnecessary parentheses in qemu_co_queue_empty qemu-char: remove unused list node from FDCharDriver input: remove unused mouse_handlers list cpus: use first_cpu macro instead of QTAILQ_FIRST(&cpus) microblaze: cpu: delete unused cpu_interrupts_enabled microblaze: cpu: Renumber EXCP_* constants to close gap microblaze: cpu: Delete EXCP_NMI microblaze: cpu: Remove unused CC_OP enum microblaze: cpu: Remote unused cpu_get_pc microblaze: mmu: Delete flip_um fn prototype defconfigs: Piggyback microblazeel on microblaze libcacard: do not use full paths for include files in the same dir ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 4a4d614ff56b4cf15e83629946afe51dc116053f Author: Daniel Stekloff <dan@xxxxxxxxxx> Date: Fri Apr 24 11:55:42 2015 -0700 Enable NVMe start controller for Windows guest. Windows seems to send two separate calls to NVMe controller configuration. The first sends configuration info and the second the enable bit. I couldn't enable the Windows 8.1 in-box NVMe driver with base Qemu. I made the following change to store the configuration data and then handle enable and NVMe driver works on Windows 8.1. I am not a Windows expert and I'm not entirely sure this is the correct approach. I'm offering it for anyone who wishes to use NVMe on Windows 8.1 using Qemu. I have tested this change with Linux and Windows guests with NVMe devices. Signed-off-by: Daniel Stekloff <dan@xxxxxxxxxx> Acked-by: Keith Busch <keith.busch@xxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 498147529d1f8e902e6528a0115143b53475791e Merge: 06feaac 2c80e99 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Apr 30 14:15:56 2015 +0100 Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20150430' into staging First pile of s390x patches for 2.4, including: - some cleanup patches - sort most of the s390x devices into categories - support for the new STSI post handler, used to insert vm name and friends - support for the new MEM_OP ioctl (including access register mode) for accessing guest memory # gpg: Signature made Thu Apr 30 12:56:58 2015 BST using RSA key ID C6F02FAF # gpg: Good signature from "Cornelia Huck <huckc@xxxxxxxxxxxxxxxxxx>" # gpg: aka "Cornelia Huck <cornelia.huck@xxxxxxxxxx>" * remotes/cohuck/tags/s390x-20150430: kvm: better advice for failed s390x startup s390x/kvm: Support access register mode for KVM_S390_MEM_OP ioctl s390x/mmu: Use ioctl for reading and writing from/to guest memory s390x/kvm: Put vm name, extended name and UUID into STSI322 SYSIB linux-headers: update s390x/mmu: Use access type definitions instead of magic values s390x/ipl: sort into categories sclp: sort into categories s390-virtio: sort into categories virtio-ccw: sort into categories Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c95e4c0e53c774dd82a78ae751ea24f537e38778 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Apr 30 15:15:13 2015 +0200 MAINTAINERS: Add qemu-block list where missing Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 17f1e8f5acf0016bf0b14ef9ec591d3f5081fc60 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Apr 29 15:13:29 2015 +0100 MAINTAINERS: make block layer core Kevin Wolf's responsibility Kevin is now sole maintainer of the core block layer, including BlockDriverState graphs and monitor commands. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit abfe4e9408a9e82bec9e9834eabc65f53907f281 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Apr 29 15:13:28 2015 +0100 MAINTAINERS: make image fuzzer Stefan Hajnoczi's responsibility Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d55053b16e22d46db0d98819814a31ae5c33e2c7 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Apr 29 15:13:27 2015 +0100 MAINTAINERS: make block I/O path Stefan Hajnoczi's responsibility The block I/O path includes the asynchronous I/O machinery and read/write/flush/discard processing. It somewhat arbitrarily also includes block migration, which I've found myself reviewing patches for over the years. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e7c6e631b191c99eecb4a06fe19302e863f033c6 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Apr 29 15:13:26 2015 +0100 MAINTAINERS: split out image formats Block driver submaintainers has proven to be a good model. Kevin and Stefan are splitting up the unclaimed block drivers so each has a dedicated maintainer. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b457a5f54cd857815401dc4708a4c778481ec562 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Apr 29 15:13:25 2015 +0100 MAINTAINERS: make virtio-blk Stefan Hajnoczi's responsibility Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 553029351bac9f5b4f9ea72793e55f02e7677ec2 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Thu Apr 30 00:38:52 2015 -0700 openrisc: cpu: Remove unused cpu_get_pc This function is not used by anything. Remove. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 4d850406a859d3a5dcfca74eb9caa76ccc064ab3 Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Thu Mar 5 11:05:20 2015 +0800 microblaze: fix memory leak When not assign a -dtb argument, the variable dtb_filename storage returned from qemu_find_file(), which should be freed after use. Alternatively we define a local variable filename, with 'char *' type, free after use. Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit fee068e4f190a36ef3bda9aa7c802f90434ef8e5 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Wed Apr 29 00:52:21 2015 -0700 tcg: Delete unused cpu_pc_from_tb() No code uses the cpu_pc_from_tb() function. Delete from tricore and arm which each provide an unused implementation. Update the comment in tcg.h to reflect that this is obsoleted by synchronize_from_tb. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 2ed0c3dad769ab747e1f5448b70eeaf134c76982 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Mon Apr 27 18:59:04 2015 +0200 kvm: Silence warning from valgrind valgrind complains here about uninitialized bytes with the following message: ==17814== Syscall param ioctl(generic) points to uninitialised byte(s) ==17814== at 0x466A780: ioctl (in /usr/lib64/power8/libc-2.17.so) ==17814== by 0x100735B7: kvm_vm_ioctl (kvm-all.c:1920) ==17814== by 0x10074583: kvm_set_ioeventfd_mmio (kvm-all.c:574) Let's fix it by using a proper struct initializer in kvm_set_ioeventfd_mmio(). Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ab7c5aaf31213f5fc96018514e3d258e951d520f Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue Apr 28 17:11:04 2015 +0800 vhost-user: remove superfluous '\n' around error_report() Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 3ad9fd5a257794d516db515c217c78a5806112fe Author: Gonglei <arei.gonglei@xxxxxxxxxx> Date: Tue Apr 28 17:11:02 2015 +0800 target-mips: fix memory leak Coveristy reports that variable prom_buf/params_buf going out of scope leaks the storage it points to. Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx> Cc: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Gonglei <arei.gonglei@xxxxxxxxxx> Reviewed-by: Leon Alrae <leon.alrae@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 5403432f39fc09ce1973cc8c1a62e16502358bf7 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:20:41 2015 -0400 qmp-commands: Fix typo Just a trivial patch to correct a QMP example in qmp-commands.hx. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 52a53afebd2604af957d50fd4f3ce2012350a40d Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Mon Apr 27 12:45:33 2015 -0400 linux-user/elfload: use QTAILQ_FOREACH instead of open-coding it Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b1201addc7ceb8f1fcdc378071ec6f5ab5b3f7ab Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Mon Apr 27 12:45:32 2015 -0400 coroutine: remove unnecessary parentheses in qemu_co_queue_empty Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 63d229c32b72767461262ade78a5cb98dbe0f1b4 Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Mon Apr 27 12:45:30 2015 -0400 qemu-char: remove unused list node from FDCharDriver Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit dfbf272b77cfb6b74131746a67c82271ab009f2f Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Mon Apr 27 12:45:29 2015 -0400 input: remove unused mouse_handlers list Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit c28e399cadbeaa996e2a3d334368edd4cd6b6889 Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Mon Apr 27 12:45:28 2015 -0400 cpus: use first_cpu macro instead of QTAILQ_FIRST(&cpus) Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 93100f67c723f5812d0fa9a026208cf320ef46e6 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Apr 26 12:10:24 2015 -0700 microblaze: cpu: delete unused cpu_interrupts_enabled This function is unused. Remove. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 2161be35ce57ed5b0da0b98f902d003bfebac2c9 Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Wed Apr 29 08:34:29 2015 +0300 microblaze: cpu: Renumber EXCP_* constants to close gap After removal of EXCP_NMI there's a gap in EXCP_* numbering. Let's remove it. Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 059ec9aa34fd3c5bfe65141741c671b3e80ac6e7 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Apr 26 12:10:23 2015 -0700 microblaze: cpu: Delete EXCP_NMI This define is unused. Remove. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 004f979fbb83397349c9158946ec5d4f0036632b Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Apr 26 12:10:22 2015 -0700 microblaze: cpu: Remove unused CC_OP enum This enum is not used by anything. Remove. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit b133b09a9d8ae280bba279a1aba9af73a805e198 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Apr 26 12:10:21 2015 -0700 microblaze: cpu: Remote unused cpu_get_pc This function is not used by anything. Remove. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 19191a6bc537b2290e18430e1877de9c2db20510 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Apr 26 12:10:20 2015 -0700 microblaze: mmu: Delete flip_um fn prototype This is not implemented or used. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit a0970d91c94241c74b2b8027268d2a7e8fe19ae3 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Apr 26 12:10:19 2015 -0700 defconfigs: Piggyback microblazeel on microblaze Theres no difference in defconfig. Going forward microblazeel should superset microblaze so use an include. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f66759d3aec208651a7ad0cd37f4fec8d86fa7c1 Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Mon Apr 27 16:29:58 2015 +0300 libcacard: do not use full paths for include files in the same dir Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 28507a415a9b1e897aa8cdab658c6cdc00eff6cd Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Apr 27 12:34:18 2015 +0200 libcacard: stop including qemu-common.h This is a small step towards making libcacard standalone. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit d3e4abdddfcf70b2e678de1c6b9b1c6cd3ce541e Author: Laszlo Ersek <lersek@xxxxxxxxxx> Date: Mon Apr 27 13:32:35 2015 +0200 docs/atomics.txt: fix two typos Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 5ecaa4ed882aa6040d2ddbfc6f487d8b4bcd3b83 Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Apr 26 19:14:26 2015 -0700 configure: alphabetize tricore in target list tricore was out of alphabetical order in the target list. Fix. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Acked-by: Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ef1d27f4b17c4238ed3395724026910973026d2b Author: Peter Crosthwaite <crosthwaitepeter@xxxxxxxxx> Date: Sun Apr 26 18:38:18 2015 -0700 arm: cpu.h: Remove unused typdefs These CP accessor function prototypes are unused. Remove them. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@xxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 3bf2af7b40281f73d0e33ecca4095078feed07b1 Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Sat Mar 14 07:19:33 2015 +0100 util: Remove unused functions Delete the unused functions qemu_signalfd_available(), qemu_send_full() and qemu_recv_full(). Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ec29ea1b2b5ffed569d52393ad8e8d3f4215b9b3 Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Sat Mar 14 07:19:32 2015 +0100 usb: Remove unused functions Delete set_usb_string(), usb_ep_get_ifnum(), usb_ep_get_max_packet_size() usb_ep_get_max_streams() and usb_ep_set_pipeline() since they are not used anymore. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 26b93109c0dff55aab67da66ebbace2cc39becfc Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Sat Mar 14 07:19:31 2015 +0100 monitor: Remove unused functions The functions ringbuf_read_completion() and monitor_get_rs() are not used anywhere anymore, so let's remove them. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Cc: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 04768b985e8da35cba67b60dab02865a4d8ecdca Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Sat Mar 14 07:19:30 2015 +0100 pci: Remove unused function ich9_d2pbr_init() The function ich9_d2pbr_init() is completely unused and thus can be deleted. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 9dcfda1298662223af1b99f7aef1bcf94df134a8 Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Sat Mar 14 07:19:29 2015 +0100 vmxnet: Remove unused function vmxnet_rx_pkt_get_num_frags() The function is not used anymore and thus can be deleted. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Cc: Dmitry Fleytman <dmitry@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 825976153ee4c787326e0beb31144906f0a3c210 Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Mon Apr 27 11:12:49 2015 +0300 qemu-options: trivial spelling fix (messsage) Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit c2cb2b041b56e113e43da78528c9dfd8257e0206 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Fri Apr 24 19:41:26 2015 +0200 hostmem: Fix mem-path property name in error report The subtle difference between "property not found" and "property not set" is already confusing enough. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 29b558d87710a962203a45d9dd57bf7eab19dca0 Author: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Date: Wed Apr 15 10:18:55 2015 -0400 tpm: fix coding style Fix coding style in one instance. Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 1897b212b780a02a5605ad934a6dd16c76571fe3 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Apr 13 17:28:27 2015 +0200 qemu-config: remove stray inclusions of hw/ files Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit f2fbb40ea32445b281696a1b3f16de670951de2e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Apr 13 17:28:26 2015 +0200 range: remove useless inclusions Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 631b22ea206300f09b9d1bb9249169e0f0092639 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Thu Apr 9 20:32:39 2015 +0200 misc: Fix new collection of typos All of them were reported by codespell. Most typos are in comments, one is in an error message. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit c9f88ce330c3d9107adfabdde33bdf10dcc05934 Author: Chih-Min Chao <cmchao@xxxxxxxxx> Date: Thu Apr 9 02:04:14 2015 +0800 hw/display : remove 'struct' from 'typedef QXL struct' Signed-off-by: Chih-Min Chao <cmchao@xxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 9425c004fe287bfe95e2bf64634d6a618c2b596c Author: Chih-Min Chao <cmchao@xxxxxxxxx> Date: Thu Apr 9 02:04:13 2015 +0800 ui/console : remove 'struct' from 'typedef struct' type Signed-off-by: Chih-Min Chao <cmchao@xxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 4769a881cbe1130e7ba4650471ef37e2cf998a9c Author: Chih-Min Chao <cmchao@xxxxxxxxx> Date: Thu Apr 9 02:04:12 2015 +0800 ui/vnc : remove 'struct' of 'typedef struct' Signed-off-by: Chih-Min Chao <cmchao@xxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 494cb81741f867319f11ecfa0949168baf9f01d7 Author: Chih-Min Chao <cmchao@xxxxxxxxx> Date: Thu Apr 9 02:04:11 2015 +0800 ui/vnc : fix coding style reported by checkpatch.pl Signed-off-by: Chih-Min Chao <cmchao@xxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 4188e39055bfaf6d76b7d98294b0aeb8e4f3082d Author: Chih-Min Chao <cmchao@xxxxxxxxx> Date: Thu Apr 9 02:04:10 2015 +0800 bitops : fix coding style don't mix tab and space. The rule is 4 spaces Signed-off-by: Chih-Min Chao <cmchao@xxxxxxxxx> Reviewed-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 4d1ba9c4f8a4d68b9d053946d551ffa8f1006b77 Author: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Date: Tue Mar 31 14:49:10 2015 -0400 tpm: Modify DPRINTF to enable -Wformat checking Modify DPRINTF to always enable -Wformat checking. Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 070c7607f62f9623be9ff14623a43b0ca195c572 Author: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Date: Tue Mar 31 14:49:09 2015 -0400 tpm: Cast 64bit variables to int when used in DPRINTF Cast 64bit variables to int when used in DPRINTF. They only contain 32bit of data. Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 2c80e996e427ae31982f3405a762859578a6261d Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Thu Apr 23 17:03:46 2015 +0200 kvm: better advice for failed s390x startup If KVM_CREATE failed on s390x, we print a hint to enable the switch_amode kernel parameter. This only applies to old kernels, and only if the error was -EINVAL. Moreover, with new kernels, the most likely reason for -EINVAL is that pgstes were not enabled. Let's update the error message to give a better hint on where things may need fixing. Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 6cb1e49de58cab8f243b05a971a9a1f80ab3223d Author: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Date: Thu Mar 5 12:36:48 2015 +0300 s390x/kvm: Support access register mode for KVM_S390_MEM_OP ioctl Access register mode is one of the modes that control dynamic address translation. In this mode the address space is specified by values of the access registers. The effective address-space-control element is obtained from the result of the access register translation. See the "Access-Register Introduction" section of the chapter 5 "Program Execution" in "Principles of Operations" for more details. When the CPU is in AR mode, the s390_cpu_virt_mem_rw() function must know which access register number to use for address translation. This patch does several things: - add new parameter 'uint8_t ar' to that function - decode ar number from intercepted instructions - pass the ar number to s390_cpu_virt_mem_rw(), which in turn passes it to the KVM_S390_MEM_OP ioctl. Signed-off-by: Alexander Yarygin <yarygin@xxxxxxxxxxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit a9bcd1b8719dea2e91512238d810e2a0037e174d Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Fri Feb 6 15:54:58 2015 +0100 s390x/mmu: Use ioctl for reading and writing from/to guest memory Add code to make use of the new ioctl for reading from / writing to virtual guest memory. By using the ioctl, the memory accesses are now protected with the so-called ipte-lock in the kernel. [CH: moved error message into kvm_s390_mem_op()] Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit f07177a5599fb204e42a007db4820ceda1bc85ba Author: Ekaterina Tumanova <tumanova@xxxxxxxxxxxxxxxxxx> Date: Tue Mar 3 18:35:27 2015 +0100 s390x/kvm: Put vm name, extended name and UUID into STSI322 SYSIB KVM prefills the SYSIB, returned by STSI 3.2.2. This patch allows userspace to intercept execution, and fill in the values, that are known to qemu: machine name (8 chars), extended machine name (256 chars), extended machine name encoding (equals 2 for UTF-8) and UUID. STSI322 qemu handler also finds a highest virtualization level in level-3 virtualization stack that doesn't support Extended Names (Ext Name delimiter) and propagates zero Ext Name to all levels below, because this level is not capable of managing Extended Names of lower levels. Signed-off-by: Ekaterina Tumanova <tumanova@xxxxxxxxxxxxxxxxxx> Reviewed-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Reviewed-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 7a52ce8a160739c5d37469b0e344d3239eb86462 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Mar 31 16:07:08 2015 +0200 linux-headers: update This updates linux-headers against master 4.1-rc1 (commit b787f68c36d49bb1d9236f403813641efa74a031). Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 217a4acb211d603f33199cf94ada9fce3ac419b5 Author: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Date: Thu Mar 19 15:04:50 2015 +0100 s390x/mmu: Use access type definitions instead of magic values Since there are now proper definitions for the MMU access type, let's use them in the s390x MMU code, too, instead of the hard-to-understand magic values. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> Reviewed-by: Jens Freimann <jfrei@xxxxxxxxxxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit b4ab4572b319f2c26435b2ed18cfd3fb602c7439 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Fri Mar 20 10:17:08 2015 +0100 s390x/ipl: sort into categories The s390 ipl device has no real home (it's not really a storage device), so let's sort it into the misc category. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 183f6b8d7e7adf6b892523644e38b534c5954be1 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Mar 17 13:44:39 2015 +0100 sclp: sort into categories Sort the sclp consoles into the input category, just as virtio-serial. Various other sclp devices don't have an obvious category, sort them into misc. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 4d1866de9422c4b359f61819ee01efc9b988187b Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Mar 17 13:43:26 2015 +0100 s390-virtio: sort into categories Sort the various s390-virtio devices into the same categories as their virtio-pci counterparts. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit cd20d61634092a9fa19c8c6f0a749526e9958374 Author: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Date: Tue Mar 17 13:42:03 2015 +0100 virtio-ccw: sort into categories Sort the various virtio-ccw devices into the same categories as their virtio-pci counterparts. Reviewed-by: David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> Acked-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> Signed-off-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> commit 06feaacfb4cfef10cc0c93d97df7bfc8a71dbc7e Merge: a1fe58f d064d9f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Apr 30 12:04:11 2015 +0100 Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging - miscellaneous cleanups for TCG (Emilio) and NBD (Bogdan) - next part in the thread-safe address_space_* saga: atomic access to the bounce buffer and the map_clients list, from Fam - optional support for linking with tcmalloc, also from Fam - reapplying Peter Crosthwaite's "Respect as_translate_internal length clamp" after fixing the SPARC fallout. - build system fix from Wei Liu - small acpi-build and ioport cleanup by myself # gpg: Signature made Wed Apr 29 09:34:00 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@xxxxxxx>" # gpg: aka "Paolo Bonzini <pbonzini@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: (22 commits) nbd/trivial: fix type cast for ioctl translate-all: use bitmap helpers for PageDesc's bitmap target-i386: disable LINT0 after reset Makefile.target: prepend $libs_softmmu to $LIBS milkymist: do not modify libs-softmmu configure: Add support for tcmalloc exec: Respect as_translate_internal length clamp ioport: reserve the whole range of an I/O port in the AddressSpace ioport: loosen assertions on emulation of 16-bit ports ioport: remove wrong comment ide: there is only one data port gus: clean up MemoryRegionPortio sb16: remove useless mixer_write_indexw sun4m: fix slavio sysctrl and led register sizes acpi-build: remove dependency from ram_addr.h memory: add memory_region_ram_resize dma-helpers: Fix race condition of continue_after_map_failure and dma_aio_cancel exec: Notify cpu_register_map_client caller if the bounce buffer is available exec: Protect map_client_list with mutex linux-user, bsd-user: Remove two calls to cpu_exec_init_all ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a1fe58f6ad2282399da256b8579b49b43527e486 Merge: 52b7aba c836867 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Apr 30 10:10:31 2015 +0100 Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging # gpg: Signature made Wed Apr 29 00:03:44 2015 BST using RSA key ID AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/ide-pull-request: qtest: Add assertion that required environment variable is set qtest/ahci: add flush retry test libqos: add blkdebug_prepare_script libqtest: add qmp_async libqtest: add qmp_eventwait qtest/ahci: Allow override of default CLI options qtest/ahci: Add simple flush test qtest/ahci: test different disk sectors qtest/ahci: add qcow2 support to ahci-test fdc: remove sparc sun4m mutations Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit d064d9f381b00538e41f14104b88a1ae85d78865 Author: Bogdan Purcareata <bogdan.purcareata@xxxxxxxxxxxxx> Date: Fri Apr 3 11:01:54 2015 +0000 nbd/trivial: fix type cast for ioctl This fixes ioctl behavior on powerpc e6500 platforms with 64bit kernel and 32bit userspace. The current type cast has no effect there and the value passed to the kernel is still 0. Probably an issue related to the compiler, since I'm assuming the same configuration works on a similar setup on x86. Also ensure consistency with previous type cast in TRACE message. Signed-off-by: Bogdan Purcareata <bogdan.purcareata@xxxxxxxxxxxxx> Message-Id: <1428058914-32050-1-git-send-email-bogdan.purcareata@xxxxxxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx [Fix parens as noticed by Michael. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 510a647fa27a12b66be40da4c2c098430003225c Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Wed Apr 22 17:50:52 2015 -0400 translate-all: use bitmap helpers for PageDesc's bitmap Here we have an open-coded byte-based bitmap implementation. Get rid of it since there's a ulong-based implementation to be used by all code. Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit b8eb5512fd8a115f164edbbe897cdf8884920ccb Author: Nadav Amit <namit@xxxxxxxxxxxxxxxxx> Date: Mon Apr 13 02:32:08 2015 +0300 target-i386: disable LINT0 after reset Due to old Seabios bug, QEMU reenable LINT0 after reset. This bug is long gone and therefore this hack is no longer needed. Since it violates the specifications, it is removed. Signed-off-by: Nadav Amit <namit@xxxxxxxxxxxxxxxxx> Message-Id: <1428881529-29459-2-git-send-email-namit@xxxxxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 7398dfc7799a50097803db4796c7edb6cd7d47a1 Author: Wei Liu <wei.liu2@xxxxxxxxxx> Date: Mon Mar 9 14:54:33 2015 +0000 Makefile.target: prepend $libs_softmmu to $LIBS I discovered a problem when trying to build QEMU statically with gcc. libm is an element of LIBS while libpixman-1 is an element in libs_softmmu. Libpixman references functions in libm, so the original ordering makes linking fail. This fix is to reorder $libs_softmmu and $LIBS to make -lm appear after -lpixman-1. However I'm not quite sure if this is the right fix, hence the RFC tag. Normally QEMU is built with c++ compiler which happens to link in libm (at least this is the case with g++), so building QEMU statically normally just works and nobody notices this issue. Signed-off-by: Wei Liu <wei.liu2@xxxxxxxxxx> Message-Id: <1425912873-21215-1-git-send-email-wei.liu2@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 738e4171de478da2516180c7a139f1b762443618 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Mar 10 11:17:48 2015 +0100 milkymist: do not modify libs-softmmu This is better and prepares for the next patch. When we copy libs_softmmu's value into LIBS with a := assignment, we cannot anymore modify libs_softmmu in the Makefiles. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 2847b46958ab0bd604e1b3fcafba0f5ba4375833 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Thu Mar 26 11:03:12 2015 +0800 configure: Add support for tcmalloc This adds "--enable-tcmalloc" and "--disable-tcmalloc" to allow linking to libtcmalloc from gperftools. tcmalloc is a malloc implementation that works well with threads and is fast, so it is good for performance. It is disabled by default, because the MALLOC_PERTURB_ flag we use in tests doesn't work with tcmalloc. However we can enable tcmalloc specific heap checker and profilers later. An IOPS gain can be observed with virtio-blk-dataplane, other parts of QEMU will directly benefit from it as well: ========================================================== glibc malloc ---------------------------------------------------------- rw bs iodepth bw iops latency read 4k 1 150 38511 24 ---------------------------------------------------------- ========================================================== tcmalloc ---------------------------------------------------------- rw bs iodepth bw iops latency read 4k 1 156 39969 23 ---------------------------------------------------------- Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1427338992-27057-1-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c8368674980b299604e3cfe9215c4105acefa516 Author: Ed Maste <emaste@xxxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 qtest: Add assertion that required environment variable is set Signed-off-by: Ed Maste <emaste@xxxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1427911244-22565-1-git-send-email-emaste@xxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit cf5aa89e9d32ae39bd9df27c9b2aec03c0d240b2 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 qtest/ahci: add flush retry test Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1426018503-821-7-git-send-email-jsnow@xxxxxxxxxx commit 72c85e949fd162b039614d588d94393ff3e2dae3 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 libqos: add blkdebug_prepare_script Pull this helper out of ide-test and into libqos, to be shared with ahci-test. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1426018503-821-6-git-send-email-jsnow@xxxxxxxxxx commit ba4ed39346c1bdbfefd1d781b39009f90822b956 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 libqtest: add qmp_async Add qmp_async, which lets us send QMP commands asynchronously. This is useful when we want to send commands that will trigger event responses, but we don't know in what order to expect them. Sometimes the event responses may arrive even before the command confirmation will show up, so it is convenient to leave the responses in the stream. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1426018503-821-5-git-send-email-jsnow@xxxxxxxxxx commit 8fe941f749b2db3735abade1c298552de4eab496 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 libqtest: add qmp_eventwait Allow the user to poll until a desired interrupt occurs. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1426018503-821-4-git-send-email-jsnow@xxxxxxxxxx commit debaaa114a8877a939533ba846e64168fb287b7b Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 qtest/ahci: Allow override of default CLI options Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1426018503-821-3-git-send-email-jsnow@xxxxxxxxxx commit 4e217074ca3f704d9a1c3bd1ebb03eb7621ab882 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 qtest/ahci: Add simple flush test Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Message-id: 1426018503-821-2-git-send-email-jsnow@xxxxxxxxxx commit 727be1a7550b5caad0b94098a41de8033ad43f85 Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 qtest/ahci: test different disk sectors Test sector offset 0, 1, and the last sector(s) in LBA28 and LBA48 modes. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Acked-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1426274523-22661-3-git-send-email-jsnow@xxxxxxxxxx commit 122fdf2d8822699482723e6f50f34c9c3933360b Author: John Snow <jsnow@xxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 qtest/ahci: add qcow2 support to ahci-test This will enable the testing of high offsets without wasting a lot of disk space, and does not impact the previous tests. mkimg and mkqcow2 are added to libqos for other tests. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Acked-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1426274523-22661-2-git-send-email-jsnow@xxxxxxxxxx commit 24a5c62cfe3cbe3fb4722f79661b9900a2579316 Author: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Date: Tue Apr 28 15:27:51 2015 -0400 fdc: remove sparc sun4m mutations They were introduced in 6f7e9aec5eb5bdfa57a9e458e391b785c283a007 and 82407d1a4035e5bfefb53ffdcb270872f813b34c and lots of bug fixes were done after that. This fixes (at least) the detection of the floppy controller on Debian 4.0r9/SPARC, and SS-5's OBP initialization routine still works. Signed-off-by: Hervé Poussineau <hpoussin@xxxxxxxxxxx> Tested-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Message-id: 1426351846-6497-1-git-send-email-hpoussin@xxxxxxxxxxx Signed-off-by: John Snow <jsnow@xxxxxxxxxx> commit 52b7aba62f02cf90f57ee7e02f67d2d8445e7e40 Merge: a9392bc 5655f93 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Apr 28 18:58:15 2015 +0100 Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150428.0' into staging VFIO updates - Correction to BAR overflow - Fix error sign - Reset workaround for AMD Bonaire & Hawaii GPUs # gpg: Signature made Tue Apr 28 18:26:43 2015 BST using RSA key ID 3BB08B22 # gpg: Good signature from "Alex Williamson <alex.williamson@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex@xxxxxxxxxxx>" # gpg: aka "Alex Williamson <alwillia@xxxxxxxxxx>" # gpg: aka "Alex Williamson <alex.l.williamson@xxxxxxxxx>" * remotes/awilliam/tags/vfio-update-20150428.0: vfio-pci: Reset workaround for AMD Bonaire and Hawaii GPUs vfio-pci: Fix error path sign vfio-pci: Further fix BAR size overflow Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 5655f931abcfa5f100d12d021eaed606c2d4ef52 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Tue Apr 28 11:14:02 2015 -0600 vfio-pci: Reset workaround for AMD Bonaire and Hawaii GPUs Somehow these GPUs manage not to respond to a PCI bus reset, removing our primary mechanism for resetting graphics cards. The result is that these devices typically work well for a single VM boot. If the VM is rebooted or restarted, the guest driver is not able to init the card from the dirty state, resulting in a blue screen for Windows guests. The workaround is to use a device specific reset. This is not 100% reliable though since it depends on the incoming state of the device, but it substantially improves the usability of these devices in a VM. Credit to Alex Deucher <alexander.deucher@xxxxxxx> for his guidance. Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit c6d231e2fd3773ef9a566ca24962f2314cb78f73 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Tue Apr 28 11:14:02 2015 -0600 vfio-pci: Fix error path sign This is an impossible error path due to the fact that we're reading a kernel provided, rather than user provided link, which will certainly always fit in PATH_MAX. Currently it returns a fixed 26 char path plus %d group number, which typically maxes out at double digits. However, the caller of the initfn certainly expects a less-than zero return value on error, not just a non-zero value. Therefore we should correct the sign here. Reported-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit 07ceaf98800519ef9c5dc893af00f1fe1f9144e4 Author: Alex Williamson <alex.williamson@xxxxxxxxxx> Date: Tue Apr 28 11:14:02 2015 -0600 vfio-pci: Further fix BAR size overflow In an analysis by Laszlo, the resulting type of our calculation for the end of the MSI-X table, and thus the start of memory after the table, is uint32_t. We're therefore not correctly preventing the corner case overflow that we intended to fix here where a BAR >=4G could place the MSI-X table to end exactly at the 4G boundary. The MSI-X table offset is defined by the hardware spec to 32bits, so we simply use a cast rather than changing data structure types. This scenario is purely theoretically, typically the MSI-X table is located at the front of the BAR. Reported-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx> commit a9392bc93c8615ad1983047e9f91ee3fa8aae75f Merge: 84cbd63 61007b3 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Apr 28 16:55:03 2015 +0100 Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block patches # gpg: Signature made Tue Apr 28 15:35:05 2015 BST using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@xxxxxxxxxx>" * remotes/kevin/tags/for-upstream: (76 commits) block: move I/O request processing to block/io.c block: extract bdrv_setup_io_funcs() block: add bdrv_set_dirty()/bdrv_reset_dirty() to block_int.h block: replace bdrv_states iteration with bdrv_next() vmdk: Widen before shifting 32 bit header field block/dmg: make it modular block/mirror: Always call block_job_sleep_ns() iotests: add incremental backup granularity tests iotests: add incremental backup failure recovery test iotests: add simple incremental backup case iotests: add QMP event waiting queue iotests: add invalid input incremental backup tests hbitmap: truncate tests block: Resize bitmaps on bdrv_truncate block: Ensure consistent bitmap function prototypes block: add BdrvDirtyBitmap documentation qmp: Add dirty bitmap status field in query-block qmp: add block-dirty-bitmap-clear qmp: Add support of "dirty-bitmap" sync mode for drive-backup block: Add bitmap successors ... Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit da2f84d1270d203027d82f778d5bcc1f7a49bab0 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue Apr 28 19:51:13 2015 +0800 virtio-scsi: Move DEFINE_VIRTIO_SCSI_FEATURES to virtio-scsi So far virtio-scsi-device can't expose host features to guest while using virtio-mmio because it doesn't set DEFINE_VIRTIO_SCSI_FEATURES on backend or transport. The host features belong to the backends while virtio-scsi-pci, virtio-scsi-s390 and virtio-scsi-ccw set the DEFINE_VIRTIO_SCSI_FEATURES on transports. But they already have the ability to forward property accesses to the backend child. So if we move the host features to backends, it doesn't break the backwards compatibility for them and make host features work while using virtio-mmio. Move DEFINE_VIRTIO_SCSI_FEATURES to the backend virtio-scsi. The transports just sync the host features from backends. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit da3e8a23492dbc13c4b70d90b6ae42970624e63a Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Tue Apr 28 19:51:12 2015 +0800 virtio-net: Move DEFINE_VIRTIO_NET_FEATURES to virtio-net So far virtio-net-device can't expose host features to guest while using virtio-mmio because it doesn't set DEFINE_VIRTIO_NET_FEATURES on backend or transport. So the performance is low. The host features belong to the backend while virtio-net-pci, virtio-net-s390 and virtio-net-ccw set the DEFINE_VIRTIO_NET_FEATURES on transports. But they already have the ability to forward property accesses to the backend child. So if we move the host features to backends, it doesn't break the backwards compatibility for them and make host features work while using virtio-mmio. Here we move DEFINE_VIRTIO_NET_FEATURES to the backend virtio-net. The transports just sync the host features from backend. Meanwhile move virtio_net_set_config_size to virtio-net to make sure the config size is correct and don't expose it. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 51f7cb974ba1af9f68302f2bae4bf0161fb0ab03 Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Tue Apr 28 12:50:07 2015 +0200 pci: Merge pci_nic_init() into pci_nic_init_nofail() The error reporting in pci_nic_init() is quite erratic: Some errors are printed directly with error_report(), and some are passed back to the caller pci_nic_init_nofail() via an Error pointer. Since pci_nic_init() is only used by pci_nic_init_nofail(), the functions can be simply merged to clean up this inconsistency. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Markus Armbruster <armbru@xxxxxxxxxx> commit 61007b316cd71ee7333ff7a0a749a8949527575f Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Apr 28 14:27:52 2015 +0100 block: move I/O request processing to block/io.c The block.c file has grown to over 6000 lines. It is time to split this file so there are fewer conflicts and the code is easier to maintain. Extract I/O request processing code: * Read * Write * Zero writes and making the image empty * Flush * Discard * ioctl * Tracked requests and queuing * Throttling and copy-on-read * Block status and allocated functions * Refreshing block limits * Reading/writing vmstate * qemu_blockalign() and friends The patch simply moves code from block.c into block/io.c. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 0eb7217e49b84553bb30f97bc34380633fd846fe Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Apr 28 14:27:51 2015 +0100 block: extract bdrv_setup_io_funcs() Move the code to install coroutine and aio emulation function pointers in a BlockDriver to its own function. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e0c47b6cb1de430fbc6f828f7acffa851c580840 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Apr 28 14:27:50 2015 +0100 block: add bdrv_set_dirty()/bdrv_reset_dirty() to block_int.h The dirty bitmap functions are called from the block I/O processing code. Make them visible to block_int.h users so they can be used outside block.c. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4f5472cb2d3d37ec3282cc3829612f9d696c2df7 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Tue Apr 28 14:27:49 2015 +0100 block: replace bdrv_states iteration with bdrv_next() The bdrv_states list is a static variable in block.c. bdrv_drain_all() and bdrv_flush_all() use this variable to iterate over all drives. The next patch will move bdrv_drain_all() and bdrv_flush_all() out of block.c so it's necessary to switch to the public bdrv_next() interface. Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7237aecd7e8fcc3ccf7fded77b6c127b4df5d3ac Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Apr 27 22:23:01 2015 +0800 vmdk: Widen before shifting 32 bit header field Coverity spotted this. The field is 32 bits, but if it's possible to overflow in 32 bit left shift. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5505e8b76f86f925c35ecc2b2d311886bb36534c Author: Michael Tokarev <mjt@xxxxxxxxxx> Date: Mon Apr 27 14:51:56 2015 +0300 block/dmg: make it modular dmg can optionally utilize libbz2, make it modular Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 001c95b740b2ed3d8b486952f68b5f06e609f1f2 Author: Max Reitz <mreitz@xxxxxxxxxx> Date: Mon Apr 27 13:07:31 2015 +0200 block/mirror: Always call block_job_sleep_ns() The mirror block job is trying to take a clever shortcut if delay_ns is 0 and skips block_job_sleep_ns() in that case. But that function must be called in every block job iteration, because otherwise it is for example impossible to pause the job. Signed-off-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 59fc5d844fe192494308d0f07507b712ec395129 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:09 2015 -0400 iotests: add incremental backup granularity tests Test what happens if you fiddle with the granularity. Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-22-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 24618f5381da650bd50c78feea07b35cf82e7d6c Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:08 2015 -0400 iotests: add incremental backup failure recovery test Test the failure case for incremental backups. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-21-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a3d715958c4456afea402e891288864fe4e51547 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:07 2015 -0400 iotests: add simple incremental backup case Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-20-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7898f74e78a5900fc079868e255b65d807fa8a8f Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:06 2015 -0400 iotests: add QMP event waiting queue A filter is added to allow callers to request very specific events to be pulled from the event queue, while leaving undesired events still in the stream. This allows us to poll for completion data for multiple asynchronous events in any arbitrary order. A new timeout context is added to the qmp pull_event method's wait parameter to allow tests to fail if they do not complete within some expected period of time. Also fixed is a bug in qmp.pull_event where we try to retrieve an event from an empty list if we attempt to retrieve an event with wait=False but no events have occurred. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-19-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9f7264f57c8307bca32e78427348b8b323d5db21 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:05 2015 -0400 iotests: add invalid input incremental backup tests Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-18-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a94e87c08cfff73ac4b179adc3d0d9c3b8d2ddef Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:04 2015 -0400 hbitmap: truncate tests The general approach is to set bits close to the boundaries of where we are truncating and ensure that everything appears to have gone OK. We test growing and shrinking by different amounts: - Less than the granularity - Less than the granularity, but across a boundary - Less than sizeof(unsigned long) - Less than sizeof(unsigned long), but across a ulong boundary - More than sizeof(unsigned long) Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-17-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ce1ffea8cdcea41533bde87759b8390f0e3a9ad3 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:03 2015 -0400 block: Resize bitmaps on bdrv_truncate Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-16-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 20dca81075e712ebcbc151eed9b1a02d4e5d08f5 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:02 2015 -0400 block: Ensure consistent bitmap function prototypes We often don't need the BlockDriverState for functions that operate on bitmaps. Remove it. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-15-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit aa0c7ca506bb3f661be673b3d5c1320f37e52fdb Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:01 2015 -0400 block: add BdrvDirtyBitmap documentation Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-14-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a113534ffb8f2580d323e6397e6908d5f4bfa0b7 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:50:00 2015 -0400 qmp: Add dirty bitmap status field in query-block Add the "frozen" status booleans, to inform clients when a bitmap is occupied doing a task. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1429314609-29776-13-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e74e6b78e6fe0c9ee426d1278fff45f5fa0af766 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:59 2015 -0400 qmp: add block-dirty-bitmap-clear Add bdrv_clear_dirty_bitmap and a matching QMP command, qmp_block_dirty_bitmap_clear that enables a user to reset the bitmap attached to a drive. This allows us to reset a bitmap in the event of a full drive backup. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1429314609-29776-12-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d58d84539784d27c826924a79d9436178b07ff69 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:58 2015 -0400 qmp: Add support of "dirty-bitmap" sync mode for drive-backup For "dirty-bitmap" sync mode, the block job will iterate through the given dirty bitmap to decide if a sector needs backup (backup all the dirty clusters and skip clean ones), just as allocation conditions of "top" sync mode. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-11-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9bd2b08f27b9c27bb40d73b6466321b8c635086e Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:57 2015 -0400 block: Add bitmap successors A bitmap successor is an anonymous BdrvDirtyBitmap that is intended to be created just prior to a sensitive operation (e.g. Incremental Backup) that can either succeed or fail, but during the course of which we still want a bitmap tracking writes. On creating a successor, we "freeze" the parent bitmap which prevents its deletion, enabling, anonymization, or creating a bitmap with the same name. On success, the parent bitmap can "abdicate" responsibility to the successor, which will inherit its name. The successor will have been tracking writes during the course of the backup operation. The parent will be safely deleted. On failure, we can "reclaim" the successor from the parent, unifying them such that the resulting bitmap describes all writes occurring since the last successful backup, for instance. Reclamation will thaw the parent, but not explicitly re-enable it. BdrvDirtyBitmap operations that target a single bitmap are protected by assertions that the bitmap is not frozen and/or disabled. BdrvDirtyBitmap operations that target a group of bitmaps, such as bdrv_{set,reset}_dirty will ignore frozen/disabled drives with a conditional instead. Internal functions that enable/disable dirty bitmaps have assertions added to them to prevent modifying frozen bitmaps. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1429314609-29776-10-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit b8e6fb752e43b45b428487c244cab35f0ab94b10 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:56 2015 -0400 block: Add bitmap disabled status Add a status indicating the enabled/disabled state of the bitmap. A bitmap is by default enabled, but you can lock the bitmap into a read-only state by setting disabled = true. A previous version of this patch added a QMP interface for changing the state of the bitmap, but it has since been removed for now until a use case emerges where this state must be revealed to the user. The disabled state WILL be used internally for bitmap migration and bitmap persistence. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-9-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit be58721dbf882fa8830f3669f499b0a5b501e90f Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:55 2015 -0400 hbitmap: add hbitmap_merge We add a bitmap merge operation to assist in error cases where we wish to combine two bitmaps together. This is algorithmically O(bits) provided HBITMAP_LEVELS remains constant. For a full bitmap on a 64bit machine: sum(bits/64^k, k, 0, HBITMAP_LEVELS) ~= 1.01587 * bits We may be able to improve running speed for particularly sparse bitmaps by using iterators, but the running time for dense maps will be worse. We present the simpler solution first, and we can refine it later if needed. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-8-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8515efbef1759b9143f06e9722c8f4e145032181 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:54 2015 -0400 hbitmap: cache array lengths As a convenience: between incremental backups, bitmap migrations and bitmap persistence we seem to need to recalculate these a lot. Because the lengths are a little bit-twiddly, let's just solidly cache them and be done with it. Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-7-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 592fdd02ae987a439a2ba25a2a973673f1484805 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:53 2015 -0400 block: Introduce bdrv_dirty_bitmap_granularity() This returns the granularity (in bytes) of dirty bitmap, which matches the QMP interface and the existing query interface. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-6-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 341ebc2f81b14862347e4d4c1fcb3759f815237a Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:52 2015 -0400 qmp: Add block-dirty-bitmap-add and block-dirty-bitmap-remove The new command pair is added to manage a user created dirty bitmap. The dirty bitmap's name is mandatory and must be unique for the same device, but different devices can have bitmaps with the same names. The granularity is an optional field. If it is not specified, we will choose a default granularity based on the cluster size if available, clamped to between 4K and 64K to mirror how the 'mirror' code was already choosing granularity. If we do not have cluster size info available, we choose 64K. This code has been factored out into a helper shared with block/mirror. This patch also introduces the 'block_dirty_bitmap_lookup' helper, which takes a device name and a dirty bitmap name and validates the lookup, returning NULL and setting errp if there is a problem with either field. This helper will be re-used in future patches in this series. The types added to block-core.json will be re-used in future patches in this series, see: 'qapi: Add transaction support to block-dirty-bitmap-{add, enable, disable}' Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1429314609-29776-5-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5fba6c0e50b66691568b34d5a2f4be0b39f5e20a Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:51 2015 -0400 qmp: Ensure consistent granularity type We treat this field with a variety of different types everywhere in the code. Now it's just uint32_t. Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-4-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 0db6e54a8a2c6e16780356422da671b71f862341 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 17 19:49:50 2015 -0400 qapi: Add optional field "name" to block dirty bitmap This field will be set for user created dirty bitmap. Also pass in an error pointer to bdrv_create_dirty_bitmap, so when a name is already taken on this BDS, it can report an error message. This is not global check, two BDSes can have dirty bitmap with a common name. Implemented bdrv_find_dirty_bitmap to find a dirty bitmap by name, will be used later when other QMP commands want to reference dirty bitmap by name. Add bdrv_dirty_bitmap_make_anon. This unsets the name of dirty bitmap. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1429314609-29776-3-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit efcfa278dca27f1c9db8b8283eac54f5e19074e7 Author: John Snow <jsnow@xxxxxxxxxx> Date: Fri Apr 17 19:49:49 2015 -0400 docs: incremental backup documentation Signed-off-by: John Snow <jsnow@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1429314609-29776-2-git-send-email-jsnow@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9eac3622a2b1159ab50b10540e822f3e58fdc383 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:33 2015 +0200 block/iscsi: use the allocationmap also if cache.direct=on the allocationmap has only a hint character. The driver always double checks that blocks marked unallocated in the cache are still unallocated before taking the fast path and return zeroes. So using the allocationmap is migration safe and can also be enabled with cache.direct=on. Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-10-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 03e40fef4678f9a42846c91a804b6d3c820e8b90 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:32 2015 +0200 block/iscsi: bump year in copyright notice Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-9-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e380aff831c24b37c023010852e7ddd2ae1ec385 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:31 2015 +0200 block/iscsi: handle SCSI_STATUS_TASK_SET_FULL a target may issue a SCSI_STATUS_TASK_SET_FULL status if there is more than one "BUSY" command queued already. Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-8-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 59dd0a22ca4c3ac70c37263208b9e49cfeacf2e4 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:30 2015 +0200 block/iscsi: increase retry count The idea is that a command is retried in a BUSY condition up a time of approx. 60 seconds before it is failed. This should be far higher than any command timeout in the guest. Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-7-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 73b5394e2e4af3bbe01e221fa395373facc67f78 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:29 2015 +0200 block/iscsi: optimize WRITE10/16 if cache.writeback is not set SCSI allowes to tell the target to not return from a write command if the date is not written to the disk. Use this so called FUA bit if it is supported to optimize WRITE commands if writeback is not allowed. In this case qemu always issues a WRITE followed by a FLUSH. This is 2 round trip times. If we set the FUA bit we can ignore the following FLUSH. Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-6-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 752ce45150d3d70aabc4eb46a7a9cdfd8b4640fd Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:28 2015 +0200 block/iscsi: store DPOFUA bit from the modesense command Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-5-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 7191f2080c70228c6483b6604cc1c18943d8d766 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:27 2015 +0200 block/iscsi: rename iscsi_write_protected and let it return void Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-4-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 0a386e48527d16e5dedbc1ff62aa0042a1cbdac5 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:26 2015 +0200 block/iscsi: change all iscsilun properties from uint8_t to bool Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-3-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 20474e9aa040b9a255c63127f1eb873c29c54f68 Author: Peter Lieven <pl@xxxxxxx> Date: Thu Apr 16 16:08:25 2015 +0200 block/iscsi: do not forget to logout from target We actually were always impolitely dropping the connection and not cleanly logging out. CC: qemu-stable@xxxxxxxxxx Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1429193313-4263-2-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d5a8ee60a0fbc20a2c2d02f3bda1bb1bd365f1ee Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Fri Apr 17 14:52:43 2015 +0300 qmp: fill in the image field in BlockDeviceInfo The image field in BlockDeviceInfo is supposed to contain an ImageInfo object. However that is being filled in by bdrv_query_info(), not by bdrv_block_device_info(), which is where BlockDeviceInfo is actually created. Anyone calling bdrv_block_device_info() directly will get a null image field. As a consequence of this, the HMP command 'info block -n -v' crashes QEMU. This patch moves the code that fills in that field from bdrv_query_info() to bdrv_block_device_info(). Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1429271563-3765-1-git-send-email-berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9419874f709469de16c1bced7731bfecb07fe1cf Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Apr 22 11:15:10 2015 +0100 Revert "hmp: fix crash in 'info block -n -v'" This reverts commit 638b8366200130cc7cf7a026630bc6bfb63b0c4c. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit dc881b441d74b8fc6c9c007cd03d5d05bca388dd Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Apr 8 12:29:20 2015 +0300 block: add 'node-name' field to BLOCK_IMAGE_CORRUPTED Since this event can occur in nodes that cannot have a device name associated, include also a field with the node name. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: 147cec5b3594f4bec0cb41c98afe5fcbfb67567c.1428485266.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 81e5f78a9f4f13548ec1edddaf780d339f18e2d2 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Apr 8 12:29:19 2015 +0300 block: use bdrv_get_device_or_node_name() in error messages There are several error messages that identify a BlockDriverState by its device name. However those errors can be produced in nodes that don't have a device name associated. In those cases we should use bdrv_get_device_or_node_name() to fall back to the node name and produce a more meaningful message. The messages are also updated to use the more generic term 'node' instead of 'device'. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 9823a1f0514fdb0692e92868661c38a9e00a12d6.1428485266.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9b2aa84f87f5b95cb0295dcae38fbfbf115df2be Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Wed Apr 8 12:29:18 2015 +0300 block: add bdrv_get_device_or_node_name() This function gets the device name associated with a BlockDriverState, or its node name if the device name is empty. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 4fa30aa8d61d9052ce266fd5429a59a14e941255.1428485266.git.berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ec683d604069dcdaaa516789274bc0cdc14e5247 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Apr 15 11:43:42 2015 +0100 block: document block-stream in qmp-commands.hx The 'block-stream' QMP command is documented in block-core.json but not qmp-commands.hx. Add a summary of the command to qmp-commands.hx (similar to the documentation for 'block-commit'). Reported-by: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> Message-id: 1429094622-26218-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit c485cf9c9277ca9b3d5227c99a13c374e812f42b Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Wed Apr 15 10:43:44 2015 +0100 m25p80: fix s->blk usage before assignment Delay the call to blk_blockalign() until s->blk has been assigned. This never caused a crash because blk_blockalign(NULL, size) defaults to 4096 alignment but it's technically incorrect. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1429091024-25098-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d07063e46047242c4f010ff9ddbff5e02f15d9e7 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Apr 14 17:29:47 2015 +0200 m25p80: add missing blk_attach_dev_nofail Of the block devices that poked into -drive options via drive_get_next, m25p80 was the only one who also did not attach itself to the BlockBackend. Since sd does it, and all other devices go through a "drive" property, with this change all block backends attached to the guest will have a non-NULL result for blk_get_attached_dev(). Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-id: 1429025387-11077-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 4eb867e98c1815d9d7a2a9380182005df12064a7 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Sun Apr 12 17:55:17 2015 +0200 virtio_blk: comment fix update virtio blk header from latest linux, include comment fixups. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Message-id: 1428854036-12806-1-git-send-email-mst@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 0b5a24454fc551f0294fe93821e8c643214a55f5 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Sat Mar 28 07:37:18 2015 +0100 block: avoid unnecessary bottom halves bdrv_aio_* APIs can use coroutines to achieve asynchronicity. However, the coroutine may terminate without having yielded back to the caller (for example because of something that invokes a nested event loop, or because the coroutine is doing nothing at all). In this case, the bdrv_aio_* API must delay the completion to the next iteration of the main loop, because bdrv_aio_* will never invoke the callback before returning. This can be done with a bottom half, and indeed bdrv_aio_* is always using one for simplicity. It is possible to gain some performance (~3%) by avoiding this in the common case. A new field in the BlockAIOCBCoroutine struct is set to true until the first time the corotine has yielded to its creator, and completion goes through a new function bdrv_co_complete. If the flag is false, bdrv_co_complete invokes the callback immediately. If it is true, the caller will notice that the coroutine has completed and schedule the bottom half itself. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427524638-28157-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit a7282330c01364ef00260749bc6a37c7f16ec047 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 3 22:05:21 2015 +0800 blockjob: Update function name in comments Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1428069921-2957-5-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e62303a437af72141c8d04c36799521a56d6f4f6 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 3 22:05:20 2015 +0800 qemu-iotests: Test that "stop" doesn't drain block jobs Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1428069921-2957-4-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 69da3b0b47c8f6016e9109fcfa608e9e7e99bc05 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 3 22:05:19 2015 +0800 block: Pause block jobs in bdrv_drain_all This is necessary to suppress more IO requests from being generated from block job coroutines. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1428069921-2957-3-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 751ebd76e654bd1e65da08ecf694325282b4cfcc Author: Fam Zheng <famz@xxxxxxxxxx> Date: Fri Apr 3 22:05:18 2015 +0800 blockjob: Allow nested pause This patch changes block_job_pause to increase the pause counter and block_job_resume to decrease it. The counter will allow calling block_job_pause/block_job_resume unconditionally on a job when we need to suspend the IO temporarily. From now on, each block_job_resume must be paired with a block_job_pause to keep the counter balanced. The user pause from QMP or HMP will only trigger block_job_pause once until it's resumed, this is achieved by adding a user_paused flag in BlockJob. One occurrence of block_job_resume in mirror_complete is replaced with block_job_enter which does what is necessary. In block_job_cancel, the cancel flag is good enough to instruct coroutines to quit loop, so use block_job_enter to replace the unpaired block_job_resume. Upon block job IO error, user is notified about the entering to the pause state, so this pause belongs to user pause, set the flag accordingly and expect a matching QMP resume. [Extended doc comments as suggested by Paolo Bonzini <pbonzini@xxxxxxxxxx>. --Stefan] Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1428069921-2957-2-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 199667a8c843d268f0fe80f09041b8c7193f1ba5 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Apr 1 09:45:40 2015 +0800 MAINTAINERS: Add Fam Zheng as Null block driver maintainer Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427852740-24315-4-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 1c2b49a17282f3abd9ccf71b65d0be62d3b3192e Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Apr 1 09:45:39 2015 +0800 block/null: Support reopen Reopen is used in block-commit. With this always-succeed operation, it is now possible to test committing to a null drive, by specifying "null-aio://" or "null-co://" as the backing image when creating the qcow2 image. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427852740-24315-3-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e5e51dd3af6a0872dedce290ee41437b5aeed109 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Apr 1 09:45:38 2015 +0800 block/null: Latency simulation by adding new option "latency-ns" Aio context switch should just work because the requests will be drained, so the scheduled timer(s) on the old context will be freed. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427852740-24315-2-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 9eddd6a4b3b187ba50038800b6e4aeda4973b365 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Mar 26 22:42:34 2015 +0000 scripts: add 'qemu coroutine' command to qemu-gdb.py The 'qemu coroutine <coroutine-address>' GDB command prints the backtrace for a CoroutineUContext. This is useful for peeking inside yielded coroutines that are waiting for file descriptor events, timers, etc. For example: $ gdb tests/test-coroutine (gdb) b test_yield (gdb) r (gdb) b qemu_coroutine_enter (gdb) c (gdb) c Continuing. Breakpoint 2, qemu_coroutine_enter (co=0x555555c66520, opaque=0x0) at qemu-coroutine.c:103 103 { (gdb) source scripts/qemu-gdb.py (gdb) qemu coroutine 0x555555c66520 #0 0x000055555557a740 in qemu_coroutine_switch (from_=<optimized out>, to_=0x7ffff7f90a70, action=COROUTINE_YIELD) at coroutine-ucontext.c:177 #1 0x0000555555566af9 in yield_5_times (opaque=0x7fffffffdbb7) at tests/test-coroutine.c:107 #2 0x000055555557a7aa in coroutine_trampoline (i0=<optimized out>, i1=<optimized out>) at coroutine-ucontext.c:80 #3 0x00007ffff08de000 in __start_context () at /lib64/libc.so.6 Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427409754-8556-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 1faa5bb73247339bf3d797433a9ade990ef0fb32 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Apr 2 17:39:22 2015 +0100 thread-pool: clean up thread_pool_completion_bh() This patch simplifies thread_pool_completion_bh(). The function first checks elem->state: if (elem->state != THREAD_DONE) { continue; } It then goes on to check elem->state == THREAD_DONE although we already know this must be the case. The QLIST_REMOVE() is duplicated down both branches of an if-else statement so that can be lifted out as well. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1427992762-10126-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit d1a126c53ddc563b7b731cee013e0362f7a5f22f Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Apr 14 16:36:16 2015 +0200 vhdx: Fix zero-fill iov length Fix the length of the zero-fill for the back, which was accidentally using the same value as for the front. This is caught by qemu-iotests 033. For consistency, change the code for the front as well to use the length stored in the iov (it is the same value, copied four lines above). Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Acked-by: Jeff Cody <jcody@xxxxxxxxxx> commit 8eedfbd4a50299f03b3630659c34ad1b01f69370 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Apr 14 16:32:45 2015 +0200 blkdebug: Add bdrv_truncate() This is, amongst others, required for qemu-iotests 033 to run as intended on VHDX, which uses explicit bdrv_truncate() calls to bs->file when allocating new blocks. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Jeff Cody <jcody@xxxxxxxxxx> commit e4f587492331df0ac50bad6131ea273d527af796 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Mar 19 13:33:33 2015 +0100 qemu-iotests: Some qemu-img convert tests This adds a regression test for some problems that the qemu-img convert rewrite just fixed. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 690c7301600162421b928c7f26fd488fd8fa464e Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Mar 19 13:33:32 2015 +0100 qemu-img convert: Rewrite copying logic The implementation of qemu-img convert is (a) messy, (b) buggy, and (c) less efficient than possible. The changes required to beat some sense into it are massive enough that incremental changes would only make my and the reviewers' life harder. So throw it away and reimplement it from scratch. Let me give some examples what I mean by messy, buggy and inefficient: (a) The copying logic of qemu-img convert has two separate branches for compressed and normal target images, which roughly do the same - except for a little code that handles actual differences between compressed and uncompressed images, and much more code that implements just a different set of optimisations and bugs. This is unnecessary code duplication, and makes the code for compressed output (unsurprisingly) suffer from bitrot. The code for uncompressed ouput is run twice to count the the total length for the progress bar. In the first run it just takes a shortcut and runs only half the loop, and when it's done, it toggles a boolean, jumps out of the loop with a backwards goto and starts over. Works, but pretty is something different. (b) Converting while keeping a backing file (-B option) is broken in several ways. This includes not writing to the image file if the input has zero clusters or data filled with zeros (ignoring that the backing file will be visible instead). It also doesn't correctly limit every iteration of the copy loop to sectors of the same status so that too many sectors may be copied to in the target image. For -B this gives an unexpected result, for other images it just does more work than necessary. Conversion with a compressed target completely ignores any target backing file. (c) qemu-img convert skips reading and writing an area if it knows from metadata that copying isn't needed (except for the bug mentioned above that ignores a status change in some cases). It does, however, read from the source even if it knows that it will read zeros, and then search for non-zero bytes in the read buffer, if it's possible that a write might be needed. This reimplementation of the copying core reorganises the code to remove the duplication and have a much more obvious code flow, by essentially splitting the copy iteration loop into three parts: 1. Find the number of contiguous sectors of the same status at the current offset (This can also be called in a separate loop before the copying loop in order to determine the total sectors for the progress bar.) 2. Read sectors. If the status implies that there is no data there to read (zero or unallocated cluster), don't do anything. 3. Write sectors depending on the status. If it's data, write it. If we want the backing file to be visible (with -B), don't write it. If it's zeroed, skip it if you can, otherwise use bdrv_write_zeroes() to optimise the write at least where possible. Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit 0df89e8e6f62aea32a7302e73a86b7bfe5821018 Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Thu Mar 19 13:33:31 2015 +0100 block-backend: Expose bdrv_write_zeroes() Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Max Reitz <mreitz@xxxxxxxxxx> commit a0710f7995f914e3044e5899bd8ff6c43c62f916 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Feb 20 17:26:52 2015 +0100 iothread: release iothread around aio_poll This is the first step towards having fine-grained critical sections in dataplane threads, which resolves lock ordering problems between address_space_* functions (which need the BQL when doing MMIO, even after we complete RCU-based dispatch) and the AioContext. Because AioContext does not use contention callbacks anymore, the unit test has to be changed. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1424449612-18215-4-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 49110174f8835ec3d5ca7fc076ee1f51c18564fe Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Feb 20 17:26:51 2015 +0100 AioContext: acquire/release AioContext during aio_poll This is the first step in pushing down acquire/release, and will let rfifolock drop the contention callback feature. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1424449612-18215-3-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit e98ab097092e54999f046e9efa1ca1dd52f0c9e5 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Fri Feb 20 17:26:50 2015 +0100 aio-posix: move pollfds to thread-local storage By using thread-local storage, aio_poll can stop using global data during g_poll_ns. This will make it possible to drop callbacks from rfifolock. [Moved npfd = 0 assignment to end of walking_handlers region as suggested by Paolo. This resolves the assert(npfd == 0) assertion failure in pollfds_cleanup(). --Stefan] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1424449612-18215-2-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit de50a20a4cc368d241d67c600f8c0f667186a8b5 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Wed Mar 25 15:27:26 2015 +0800 block: Switch to host monotonic clock for IO throttling Currently, throttle timers won't make any progress when VCPU is not running, which would stall the request queue in utils, qtest, vm suspending, and live migration, without special handling. Block jobs are confusingly inconsistent between with and without throttling: if user sets a bps limit, stops the vm, then start a block job, the block job will not make any progress; in contrary, if user unsets the bps limit, or if it's not set, the block job will run normally. After this patch, with the host clock, even if the VCPUs are stopped, the throttle queues will be processed. This patch also enables potential to add throttle to bdrv_drain_all. Currently all requests are drained immediately. In other words whenever it is called, IO throttling goes ineffective (examples: system reset, migration and many block job operations.). This is a loophole that guest could exploit. If we use the host clock, we can later just trust the nested poll. This could be done on top. Note that for qemu-iotests case 093, which uses qtest, we still keep vm clock so the script can control the clock stepping in order to be deterministic. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-id: 1427268446-6426-1-git-send-email-famz@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 8b6ee9aeb3f0508ed2a41381cde13bdb8707b7be Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 23 15:29:31 2015 +0000 checkpatch: complain about ffs(3) calls The ffs(3) family of functions is not portable. MinGW doesn't always provide the function. Use ctz32() or ctz64() instead. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-10-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit f450a85899585776ccd0913d2361dd8f82666e44 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 23 15:29:30 2015 +0000 os-win32: drop ffs(3) prototype The lack of ffs(3) in the MinGW headers is a hint that we shouldn't rely on it. MinGW 4.9.2 does not make it available for linking when QEMU's ./configure --enable-debug is used (release builds are fine though). Now that all QEMU code has been switched to ctz32() there is no need for ffs(3). Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-9-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 41074f3d3ff0e9a3c6f638627c12ebbf6d757cea Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 15:29:29 2015 +0000 omap_intc: convert ffs(3) to ctz32() in omap_inth_sir_update() Rewrite the loop using level &= level - 1 to clear the least significant bit after each iteration. This simplifies the loop and makes it easy to replace ffs(3) with ctz32(). Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-8-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit c9d933185181cb1cf81bc4c9e5c3a10a5934b017 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 23 15:29:28 2015 +0000 sd: convert sd_normal_command() ffs(3) call to ctz32() ffs() cannot be replaced with ctz32() when the argument might be zero, because ffs(0) returns 0 while ctz32(0) returns 32. The ffs(3) call in sd_normal_command() is a special case though. It can be converted to ctz32() + 1 because the argument is never zero: if (!(req.arg >> 8) || (req.arg >> (ctz32(req.arg & ~0xff) + 1))) { ~~~~~~~~~~~~~~~ ^--------------- req.arg cannot be zero Cc: Markus Armbruster <armbru@xxxxxxxxxx> Cc: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-7-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit bd2a88840e2496e29442f333c8fdd6491e831a35 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 23 15:29:27 2015 +0000 Convert ffs() != 0 callers to ctz32() There are a number of ffs(3) callers that do roughly: bit = ffs(val); if (bit) { do_something(bit - 1); } This pattern can be converted to ctz32() like this: zeroes = ctz32(val); if (zeroes != 32) { do_something(zeroes); } Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-6-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 786a4ea82ec9c87e3a895cf41081029b285a5fe5 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 23 15:29:26 2015 +0000 Convert (ffs(val) - 1) to ctz32(val) This commit was generated mechanically by coccinelle from the following semantic patch: @@ expression val; @@ - (ffs(val) - 1) + ctz32(val) The call sites have been audited to ensure the ffs(0) - 1 == -1 case never occurs (due to input validation, asserts, etc). Therefore we don't need to worry about the fact that ctz32(0) == 32. Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-5-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 5863d374a32c98a7adb4c5e49d62de3cdc16d2ea Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 23 15:29:25 2015 +0000 uninorth: convert ffs(3) to ctz32() It is not clear from the code how a 0 parameter should be handled by the hardware. Keep the same behavior as ffs(0) - 1 == -1. Cc: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-4-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ad5f5fdca83cccd1a4c269b1fd8ba2fce8d1ba26 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 23 15:29:24 2015 +0000 hw/arm/nseries: convert ffs(3) to ctz32() It is not clear from the code how a 0 parameter should be handled by the hardware. Keep the same behavior as ffs(0) - 1 == -1. Cc: Andrzej Zaborowski <balrog@xxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-3-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 588ef9d411339012fc3c94bfad8911e9d0a517a2 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Mon Mar 23 15:29:23 2015 +0000 bt-sdp: fix broken uuids power-of-2 calculation The binary search in sdp_uuid_match() only works when the number of elements to search is a power of two. lo = record->uuid; hi = record->uuids; while (hi >>= 1) if (lo[hi] <= val) lo += hi; return *lo == val; I noticed that the record->uuids calculation in sdp_service_record_build() was suspect: record->uuids = 1 << ffs(record->uuids - 1); Unlike most ffs(val) - 1 users, the expression is ffs(val - 1)! Actually ffs() is the wrong function to use for power-of-2. Use pow2ceil() to achieve the correct effect. Now the record->uuid[] array is sized correctly and the binary search in sdp_uuid_match() should work. I'm not sure how to run/test this code. Cc: Andrzej Zaborowski <balrog@xxxxxxxxx> Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Message-id: 1427124571-28598-2-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit ecdda9e03d73d2cc1c82c00cccc02f087741b6a5 Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Mon Mar 16 18:22:05 2015 +0200 MAINTAINERS: Add myself as the maintainer of the Quorum driver Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1426522925-14444-1-git-send-email-berto@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 407bc15033b2a8faeb7ca42aab63b7bcede76e10 Author: Yi Wang <up2wing@xxxxxxxxx> Date: Thu Mar 12 22:54:42 2015 +0800 savevm: create snapshot failed when id_str already exists The command "virsh create" will fail in such condition: vm has two disks: vda and vdb. vda has snapshot s1 with id "1", vdb doesn't have s1 but has snapshot s2 with id "1". When we want to run command "virsh create s1", del_existing_snapshots() only deletes s1 in vda, and bdrv_snapshot_create() tries to create vdb's snapshot s1 with id "1", but id "1" alreay exists in vdb with name "s2"! The simplest way is call find_new_snapshot_id() unconditionally. Signed-off-by: Yi Wang <up2wing@xxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> commit 84cbd63f87c1d246f51ec8eee5367a5588f367fd Merge: 54965ee 726a8ff Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Apr 28 12:22:20 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging X86 queue, 2015-04-27 (v2) # gpg: Signature made Mon Apr 27 19:42:39 2015 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-pull-request: target-i386: Remove AMD feature flag aliases from CPU model table target-i386: X86CPU::xlevel2 QOM property target-i386: Make "level" and "xlevel" properties static qemu-config: Accept empty option values MAINTAINERS: Change status of X86 to Maintained MAINTAINERS: Add myself to X86 Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 54965ee61dbc114e98777f456b7cd6a778fbb412 Merge: da378d0 2f54eb9 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Apr 28 11:33:47 2015 +0100 Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into staging NUMA queue, 2015-04-27 # gpg: Signature made Mon Apr 27 19:02:19 2015 BST using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@xxxxxxxxxx>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/numa-pull-request: MAINTAINERS: Add myself as NUMA code maintainer Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit da378d014d27fe3a243bd8e7e060e9eb8c1a272b Merge: 3d27b09 4eb2764 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Apr 28 10:31:03 2015 +0100 Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20150427' into staging target-arm queue: * memory system updates to support transaction attributes * set user-mode and secure attributes for accesses made by ARM CPUs * rename c1_coproc to cpacr_el1 * adjust id_aa64pfr0 when has_el3 CPU property disabled * allow ARMv8 SCR.SMD updates # gpg: Signature made Mon Apr 27 16:14:30 2015 BST using RSA key ID 14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@xxxxxxxxxx>" * remotes/pmaydell/tags/pull-target-arm-20150427: Allow ARMv8 SCR.SMD updates target-arm: Adjust id_aa64pfr0 when has_el3 CPU property disabled target-arm: rename c1_coproc to cpacr_el1 target-arm: Check watchpoints against CPU security state target-arm: Use attribute info to handle user-only watchpoints target-arm: Add user-mode transaction attribute target-arm: Use correct memory attributes for page table walks target-arm: Honour NS bits in page tables Switch non-CPU callers from ld/st*_phys to address_space_ld/st* exec.c: Capture the memory attributes for a watchpoint hit exec.c: Add new address_space_ld*/st* functions exec.c: Make address_space_rw take transaction attributes exec.c: Convert subpage memory ops to _with_attrs Add MemTxAttrs to the IOTLB Make CPU iotlb a structure rather than a plain hwaddr memory: Replace io_mem_read/write with memory_region_dispatch_read/write memory: Define API for MemoryRegionOps to take attrs and return status Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7824df3889499acc7466317175a3fb24a0824002 Author: Gal Hammer <ghammer@xxxxxxxxxx> Date: Tue Apr 21 11:26:12 2015 +0300 acpi: add a missing backslash to the \_SB scope. A predefined scope in the ACPI specs is precede with a backslash. Signed-off-by: Gal Hammer <ghammer@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> commit bc09e06113e79e5d70cf2b37015a26f2102cc03e Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Mon Apr 27 16:47:22 2015 +0800 qmp-event: add event notification for memory hot unplug error When memory hot unplug fails, this patch adds support to send QMP event to notify mgmt about this failure. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit c06b2ffb02bfcc642c67300d2c4dffd5aa54932b Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Mon Apr 27 16:47:21 2015 +0800 acpi: add hardware implementation for memory hot unplug - implements QEMU hardware part of memory hot unplug protocol described at "docs/spec/acpi_mem_hotplug.txt" - handles memory remove notification event - handles device eject notification Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 660e8ec70065c8b1fd68b2cb137de16d831959f4 Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Mon Apr 27 16:47:20 2015 +0800 acpi: fix "Memory device control fields" register 0 bit in Memory device control fields must be cleared before writing to register. But now this field isn't cleared when other fields are written. To solve this bug, This patch fixes UpdateRule to WriteAsZeros in "Memory device control fields" register. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit af5098973136029211848b4999ad5d38bc90180f Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Mon Apr 27 16:47:19 2015 +0800 acpi: extend aml_field() to support UpdateRule The flags field is declared with default update rule 'Preserve', this patch extends aml_field() to support UpdateRule so that we can specify different values per field. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit f7d3e29db5a5900a1f0ed10f8313f7c3f28e5b59 Author: Tang Chen <tangchen@xxxxxxxxxxxxxx> Date: Mon Apr 27 16:47:18 2015 +0800 acpi, mem-hotplug: add unplug cb for memory device This patch adds unplug cb for memory device. It resets memory status "is_enabled" in acpi_memory_unplug_cb(), removes the corresponding memory region, unregisters vmstate, and unparents the object. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Tang Chen <tangchen@xxxxxxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 64fec58e8ab62490edd2638e4214d8c9f84518c9 Author: Tang Chen <tangchen@xxxxxxxxxxxxxx> Date: Mon Apr 27 16:47:17 2015 +0800 acpi, mem-hotplug: add unplug request cb for memory device This patch adds unplug request cb for memory device, and adds the is_removing boolean field to MemStatus. This field is used to indicate whether the memory device in slot has been requested to be ejected. This field is set to true in acpi_memory_unplug_request_cb(). Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Tang Chen <tangchen@xxxxxxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4aae99b63333e71b2097b106bb15a6fde7f9b55b Author: Tang Chen <tangchen@xxxxxxxxxxxxxx> Date: Mon Apr 27 16:47:16 2015 +0800 acpi, mem-hotplug: add acpi_memory_slot_status() to get MemStatus Add a new API named acpi_memory_slot_status() to obtain a single memory slot status. Doing this is because this procedure will be used by other functions in the next coming patches. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Tang Chen <tangchen@xxxxxxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 4fccb4834d0455519ff6d7a81551a8dfd360fefa Author: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Date: Mon Apr 27 16:47:15 2015 +0800 docs: update documentation for memory hot unplug Add specification about how to use memory hot unplug, and add a flow diagram to explain memory hot unplug process. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Zhu Guihua <zhugh.fnst@xxxxxxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 850d00700ba787988b6c5404e8c1a3add7141db1 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Mon Apr 27 21:01:20 2015 +0200 virtio: coding style tweak no space needed after *. Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit a0ccd2123ee2f83a1f081e4c39013c3316f9ec7a Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:49 2015 +0800 pci: remove hard-coded bar size in msix_init_exclusive_bar() This patch lets msix_init_exclusive_bar() can calculate the bar and pba size based on the number of MSI-X vectors other than using a hard-coded limit 4096. This is needed to allow device to have more than 128 MSI_X vectors. To keep migration compatibility, keep using 4096 as bar size and 2048 for pba offset. Notes: We don't care about the case that using vectors > 128 for legacy machine type. Since we limit the queue max to 64, so vectors >= 65 is meaningless. Virtio device will be the first user for this. Cc: Keith Busch <keith.busch@xxxxxxxxx> Cc: Kevin Wolf <kwolf@xxxxxxxxxx> Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 851c2a75a6e80c8aa5e713864d98cfb512e7229b Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:47 2015 +0800 virtio-pci: speedup MSI-X masking and unmasking This patch tries to speed up the MSI-X masking and unmasking through the mapping between vector and queues. With this patch it will there's no need to go through all possible virtqueues, which may help to reduce the time spent when doing MSI-X masking/unmasking a single vector when more than hundreds or even thousands of virtqueues were supported. Tested with 80 queue pairs virito-net-pci by changing the smp affinity in the background and doing netperf in the same time: Before the patch: 5711.70 Gbits/sec After the patch: 6830.98 Gbits/sec About 19.6% improvements in throughput. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit e0d686bf4b9d018ba5449f057b486bb5e1fa1a0d Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:46 2015 +0800 virtio: introduce vector to virtqueues mapping Currently we will try to traverse all virtqueues to find a subset that using a specific vector. This is sub optimal when we will support hundreds or even thousands of virtqueues. So this patch introduces a method which could be used by transport to get all virtqueues that using a same vector. This is done through QLISTs and the number of QLISTs was queried through a transport specific method. When guest setting vectors, the virtqueue will be linked and helpers for traverse the list was also introduced. The first user will be virtio pci which will use this to speed up MSI-X masking and unmasking handling. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 955cc8c9541779e09895a9c5ccbf8ace15d884f5 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:40 2015 +0800 virtio-ccw: using VIRTIO_NO_VECTOR instead of 0 for invalid virtqueue It's a bad idea to need to use vector 0 for invalid virtqueue. So this patch changes to using VIRTIO_NO_VECTOR instead. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: Cornelia Huck <cornelia.huck@xxxxxxxxxx> CC: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Alexander Graf <agraf@xxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Acked-by: Cornelia Huck <cornelia.huck@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit bcfa4d60144fb879f0ffef0a6d174faa37b2df82 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:39 2015 +0800 monitor: check return value of qemu_find_net_clients_except() qemu_find_net_clients_except() may return a value which is greater than the size of array we provided. So we should check this value before using it, otherwise this may cause unexpected memory access. This patch fixes the net related command completion when we have a virtio-net nic with more than 255 queues. Cc: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit eaed483c1b3db1ac312116fca5d20c45b4b418b2 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:38 2015 +0800 monitor: replace the magic number 255 with MAX_QUEUE_NUM This patch replace the magic number 255, and increase it to MAX_QUEUE_NUM which is maximum number of queues supported by a nic. Cc: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit d25228e7befac33b665cd9250292de47ae6b78b5 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:37 2015 +0800 ppc: spapr: add 2.4 machine type The following patches will limit the following things to legacy machine type: - maximum number of virtqueues for virtio-pci were limited to 64 Cc: Alexander Graf <agraf@xxxxxxx> Cc: qemu-ppc@xxxxxxxxxx Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Alexander Graf <agraf@xxxxxxx> commit 3d27b09cf6f62ec61c1330d0a811811a91e7514d Merge: 3f9d69b 700cd85 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Apr 27 20:00:57 2015 +0100 Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20150427-1' into staging spice: misc fixes. # gpg: Signature made Mon Apr 27 12:03:16 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/spice/tags/pull-spice-20150427-1: spice: learn to hide cursor spice: set pointer position on hotspot spice: fix mouse cursor position spice: fix simple display on bigendian hosts monitor: Make client_migrate_info synchronous Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b0e966d0209fa5c93d510d1756a87dd4229b1f8a Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:36 2015 +0800 spapr: add machine type specific instance init function This patches adds machine type specific instance initialization functions. Those functions will be used by following patches to compat class properties for legacy machine types. Cc: Alexander Graf <agraf@xxxxxxx> Cc: qemu-ppc@xxxxxxxxxx Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 5cb50e0acc7ba6063b87664404103cce217c0493 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:35 2015 +0800 pc: add 2.4 machine types The following patches will limit the following things to legacy machine type: - maximum number of virtqueues for virtio-pci were limited to 64 - auto msix bar size for virtio-net-pci were disabled by default Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: Richard Henderson <rth@xxxxxxxxxxx> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 27a46dcf5038e20451101ed2d5414aebf3846e27 Author: Jason Wang <jasowang@xxxxxxxxxx> Date: Thu Apr 23 14:21:34 2015 +0800 virtio-net: fix the upper bound when trying to delete queues Virtqueue were indexed from zero, so don't delete virtqueue whose index is n->max_queues * 2 + 1. Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> Cc: qemu-stable <qemu-stable@xxxxxxxxxx> Signed-off-by: Jason Wang <jasowang@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 294ce717e0f212ed0763307f3eab72b4a1bdf4d0 Author: Luke Gorrie <luke@xxxxxxxx> Date: Sun Apr 26 15:00:49 2015 +0200 vhost-user: Send VHOST_RESET_OWNER on vhost stop Ensure that the vhost-user slave knows when the vrings are valid and when they are invalid, for example during a guest reboot. The vhost-user protocol says this of VHOST_RESET_OWNER: Issued when a new connection is about to be closed. The Master will no longer own this connection (and will usually close it). Send this message to tell the vhost-user slave that the vhost session has ended and that session state (e.g. vrings) is no longer valid. Signed-off-by: Luke Gorrie <luke@xxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 658c27181bf3b08a9cf2fab00ecce7f76065f6af Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri Apr 3 18:03:34 2015 +0800 hw/i386/acpi-build: move generic acpi building helpers into dedictated file Move generic acpi building helpers into dedictated file and this can be shared with other machines. Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 395e5fb4421a03c9d3a002bbb55d56b74024a568 Author: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Date: Fri Apr 3 18:03:33 2015 +0800 hw/i386: Move ACPI header definitions in an arch-independent location The ACPI related header file acpi-defs.h, includes definitions that apply on other architectures as well. Move it in `include/hw/acpi/` to sanely include it from other architectures. Signed-off-by: Alvise Rigo <a.rigo@xxxxxxxxxxxxxxxxxxxxxx> Signed-off-by: Shannon Zhao <zhaoshenglong@xxxxxxxxxx> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 853cff8e2815c99429d53baa71110416c1de2798 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Wed Apr 15 10:55:46 2015 +0200 acpi-build: close } in comment missing } confuses editors Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> commit 726a8ff68677d8d5fba17eb0ffb85076bfb598dc Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Fri Apr 10 14:45:00 2015 -0300 target-i386: Remove AMD feature flag aliases from CPU model table When CPU vendor is AMD, the AMD feature alias bits on CPUID[0x80000001].EDX are already automatically copied from CPUID[1].EDX on x86_cpu_realizefn(). When CPU vendor is Intel, those bits are reserved and should be zero. On either case, those bits shouldn't be set in the CPU model table. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 01431f3ce0f31e123172cc99c12c98c0ddbe9917 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Apr 2 17:22:27 2015 -0300 target-i386: X86CPU::xlevel2 QOM property We already have "level" and "xlevel", only "xlevel2" is missing. Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit b9472b76d273c7796d877c49af50969c0a879c50 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Thu Apr 2 17:21:53 2015 -0300 target-i386: Make "level" and "xlevel" properties static Static properties require only 1 line of code, much simpler than the existing code that requires writing new getters/setters. As a nice side-effect, this fixes an existing bug where the setters were incorrectly allowing the properties to be changed after the CPU was already realized. Reviewed-by: Igor Mammedov <imammedo@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit d9f7e29ee5a6915caa049ba64c0a9f28766351d2 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Apr 8 14:57:31 2015 -0300 qemu-config: Accept empty option values Currently it is impossible to set an option in a config file to an empty string, because the parser matches only lines containing non-empty strings between double-quotes. As sscanf() "[" conversion specifier only matches non-empty strings, add a special case for empty strings. Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit b203a4ba93fc25bf1eb49039a8ec4b260b446211 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Apr 8 08:36:24 2015 -0300 MAINTAINERS: Change status of X86 to Maintained "Odd Fixes" doesn't reflect the current status of target-i386. We have people looking after it, now. Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit e1a0433956bbe68b56853e6ae633a5004b1f6351 Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Apr 8 08:34:56 2015 -0300 MAINTAINERS: Add myself to X86 Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 3f9d69ba12da6f2874631f6e426a7ef148ba4c82 Merge: 0d81cdd 1a01716 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Apr 27 19:06:08 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-gtk-20150427-1' into staging gtk: support text consoles without vte, bugfixes. # gpg: Signature made Mon Apr 27 14:34:15 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-gtk-20150427-1: gtk: Avoid accel key leakage into guest on console switch gtk: Fix VTE focus grabbing console/gtk: add qemu_console_get_label gtk: bind to text terminal consoles too gtk: handle switch_surface(NULL) properly Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2f54eb98c3255154dc6bdbb8b38982af9b3f3a8f Author: Eduardo Habkost <ehabkost@xxxxxxxxxx> Date: Wed Apr 8 08:34:33 2015 -0300 MAINTAINERS: Add myself as NUMA code maintainer The "srat" and "numa" keywords will help get_maintainer.pl catch NUMA-related code in other files too. Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Eduardo Habkost <ehabkost@xxxxxxxxxx> commit 0d81cdddaa40a1988b24657aeac19959cfad0fde Merge: e1a5476 2d5a834 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Apr 27 17:28:41 2015 +0100 Merge remote-tracking branch 'remotes/qmp-unstable/tags/for-upstream' into staging Four little fixes # gpg: Signature made Fri Apr 24 19:56:51 2015 BST using RSA key ID E24ED5A7 # gpg: Good signature from "Luiz Capitulino <lcapitulino@xxxxxxxxx>" * remotes/qmp-unstable/tags/for-upstream: qmp: Give saner messages related to qmp_capabilities misuse qmp-commands: fix incorrect uses of ":O" specifier qapi: Drop dead genlist parameter balloon: improve error msg when adding second device Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 23820dbfc79d1c9dce090b4c555994f2bb6a69b3 Author: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Date: Mon Mar 16 22:35:54 2015 -0700 exec: Respect as_translate_internal length clamp address_space_translate_internal will clamp the *plen length argument based on the size of the memory region being queried. The iommu walker logic in addresss_space_translate was ignoring this by discarding the post fn call value of *plen. Fix by just always using *plen as the length argument throughout the fn, removing the len local variable. This fixes a bootloader bug when a single elf section spans multiple QEMU memory regions. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> Message-Id: <1426570554-15940-1-git-send-email-peter.crosthwaite@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 4080a13c11398d684668d286da27b6f8ee668e44 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 30 12:35:00 2015 +0200 ioport: reserve the whole range of an I/O port in the AddressSpace When an I/O port is more than 1 byte long, ioport.c is currently creating "short" regions, for example 0x1ce-0x1ce for the 16-bit Bochs index port. When I/O ports are memory mapped, and thus accessed via a subpage_ops memory region, subpage_accepts gets confused because it finds a hole at 0x1cf and rejects the access. In order to fix this, modify registration of the region to cover the whole size of the I/O port. Attempts to access an invalid port will be blocked by find_portio returning NULL. This only affects the VBE DISPI regions. For all other cases, the MemoryRegionPortio entries for 2- or 4-byte accesses overlap an entry for 1-byte accesses, thus the size of the memory region is not affected. Reported-by: Zoltan Balaton <balaton@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 147ed379838176d4780688157891c06f49403b19 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 30 12:49:40 2015 +0200 ioport: loosen assertions on emulation of 16-bit ports Right now, ioport.c assumes that the entire range specified with MemoryRegionPortio includes a region with size == 1. This however is not true for the VBE DISPI ports, which are 16-bit only. The next patch will make these regions' length equal to two, which can cause the assertions to trigger. Replace them with simple conditionals. Also, ioport.c will emulate a 16-bit ioport with two distinct reads or writes, even if one of the two accesses is out of the bounds given by the MemoryRegionPortio array. Do not do this anymore, instead discard writes to the incorrect register and read it as all-ones. This ensures that the mrp->read and mrp->write callbacks get an in-range ioport number. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 30476b2282c69c9ec1e44e33a4c0b5d5f4bc884e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 30 12:50:36 2015 +0200 ioport: remove wrong comment ioport.c has not been using an alias since commit b40acf9 (ioport: Switch dispatching to memory core layer, 2013-06-24). Remove the obsolete comment. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e477317cce98c399a2299d025bcb6bf0fd69df49 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 30 13:19:16 2015 +0200 ide: there is only one data port IDE PIO data must be written, for example, at 0x1f0. You cannot do word or dword writes to 0x1f1..0x1f3 to access the data register. Adjust the ide_portio_list accordingly. Cc: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 54da54e543eea8e689a625fcb3dada1b296f5d3d Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 30 13:12:32 2015 +0200 gus: clean up MemoryRegionPortio Remove 16-bit reads/writes, since ioport.c is able to synthesize them. Remove the two MIDI registers (0x300 and 0x301) from gus_portio_list1, and add the second MIDI register (0x301) to gus_portio_list2. Tested with Second Reality. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 3337d0b2794131425d0b5cb525e67c5989f4a9dd Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 30 12:34:17 2015 +0200 sb16: remove useless mixer_write_indexw ioport.c is already able to split a 16-bit access into two 8-bit accesses to consecutive ports. Tested with Epic Pinball. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 0e1cd6576c55269b6e5251dc739a7fc819f9b4a6 Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Thu Apr 2 16:09:30 2015 +0100 sun4m: fix slavio sysctrl and led register sizes These were being incorrectly declared as MISC_SIZE (1 byte) rather than 4 bytes and 2 bytes respectively. As a result accesses clamped to the real register size would unexpectedly fail. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> CC: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1427987370-15897-1-git-send-email-mark.cave-ayland@xxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 339240b5cd42bd13d4f6629f2aedf8b4b07459fb Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:24:16 2015 +0100 acpi-build: remove dependency from ram_addr.h ram_addr_t is an internal interface, everyone should go through MemoryRegion. Clean it up by making rom_add_blob return a MemoryRegion* and using the new qemu_ram_resize infrastructure. Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 37d7c08413cd4307f53c83d43b1b06cf2701d7a7 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Mon Mar 23 10:21:46 2015 +0100 memory: add memory_region_ram_resize This is a simple MemoryRegion wrapper for qemu_ram_resize. Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e95205e1f9cd2c4262b7a7b1c992a94512c86d0e Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Mar 16 17:03:37 2015 +0800 dma-helpers: Fix race condition of continue_after_map_failure and dma_aio_cancel If DMA's owning thread cancels the IO while the bounce buffer's owning thread is notifying the "cpu client list", a use-after-free happens: continue_after_map_failure dma_aio_cancel ------------------------------------------------------------------ aio_bh_new qemu_bh_delete qemu_bh_schedule (use after free) Also, the old code doesn't run the bh in the right AioContext. Fix both problems by passing a QEMUBH to cpu_register_map_client. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-Id: <1426496617-10702-6-git-send-email-famz@xxxxxxxxxx> [Remove unnecessary forward declaration. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 33b6c2edf6214f02b9beaea61b169506c01f90aa Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Mar 16 17:03:36 2015 +0800 exec: Notify cpu_register_map_client caller if the bounce buffer is available The caller's workflow is like if (!address_space_map()) { ... cpu_register_map_client(); } If bounce buffer became available after address_space_map() but before cpu_register_map_client(), the caller could miss it and has to wait for the next bounce buffer notify, which may never happen in the worse case. Just notify the list in cpu_register_map_client(). Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1426496617-10702-5-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 38e047b50d2bfd1df99fbbca884c9f1db0785ff4 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Mar 16 17:03:35 2015 +0800 exec: Protect map_client_list with mutex So that accesses from multiple threads are safe. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1426496617-10702-4-git-send-email-famz@xxxxxxxxxx> [Remove #if from cpu_exec_init_all. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 02f4035c47b4d34cdc61780292ee288f400b9c49 Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Mar 16 17:03:34 2015 +0800 linux-user, bsd-user: Remove two calls to cpu_exec_init_all The function is a nop for user mode, so just remove them. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1426496617-10702-3-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit c2cba0ffe495b60c4cc58080281e99c7a6580d4b Author: Fam Zheng <famz@xxxxxxxxxx> Date: Mon Mar 16 17:03:33 2015 +0800 exec: Atomic access to bounce buffer There could be a race condition when two processes call address_space_map concurrently and both want to use the bounce buffer. Add an in_use flag in BounceBuffer to sync it. Signed-off-by: Fam Zheng <famz@xxxxxxxxxx> Message-Id: <1426496617-10702-2-git-send-email-famz@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit e3a0abfda71db1fa83be894dcff7c4871b36cc8d Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Thu Apr 9 16:07:33 2015 -0400 translate-all: use glib for all page descriptor allocations Since commit b7b5233a "bsd-user/mmap.c: Don't try to override g_malloc/g_free" the exception we make here for usermode has been unnecessary. Get rid of it. Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Message-Id: <1428610053-26148-1-git-send-email-cota@xxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> commit 700cd855def54c2a9f2b6a016dcebf75fe19c238 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Date: Tue Mar 24 17:50:13 2015 +0100 spice: learn to hide cursor Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit dc8dceee64f45820c20f3ffa3c3fecd7b6539990 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Date: Tue Mar 24 17:50:12 2015 +0100 spice: set pointer position on hotspot The Spice protocol uses cursor position on hotspot: the client is applying hotspot offset when drawing the cursor. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit d0df04a1569c75f6442123fdda0b2e9aadc3fcc7 Author: Marc-André Lureau <marcandre.lureau@xxxxxxxxx> Date: Tue Mar 24 17:50:11 2015 +0100 spice: fix mouse cursor position Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit c1d37cd353be3ea4c5773fc227ba8459c1f20470 Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Apr 14 08:56:21 2015 +0200 spice: fix simple display on bigendian hosts Denis Kirjanov is busy getting spice run on ppc64 and trapped into this one. Spice wire format is little endian, so we have to explicitly say we want little endian when letting pixman convert the data for us. Reported-by: Denis Kirjanov <kirjanov@xxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 3b5704b2f80189b2f9fdddf1690998e566eeacab Author: Markus Armbruster <armbru@xxxxxxxxxx> Date: Thu Mar 5 09:30:16 2015 +0100 monitor: Make client_migrate_info synchronous Live migration with spice works like this today: (1) client_migrate_info monitor cmd (2) spice server notifies client, client connects to target host. (3) qemu waits until spice client connect is finished. (4) send over vmstate (i.e. main part of live migration). (5) spice handover to target host. (3) is implemented by making client_migrate_info a async monitor command. This is the only async monitor command we have. The original reason to implement this dance was that qemu did not accept new tcp connections while the incoming migration was running, so (2) and (4) could not be done in parallel. That issue was fixed long ago though. Qemu version 1.3.0 (released Dec 2012) and newer happily accept tcp connects while the incoming migration runs. Time to drop step (3). This patch does exactly that, by making the monitor command synchronous and removing the code needed to handle the async monitor command in ui/spice-core.c Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 1a01716a307387e5cf1336f61a96f772dddadc90 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Sun Apr 26 21:04:21 2015 +0200 gtk: Avoid accel key leakage into guest on console switch GTK2 sends the accel key to the guest when switching to the graphic console via that shortcut. Resolve this by ignoring any keys until the next key-release event. However, do not ignore keys when switching via the menu or when on GTK3. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 9d677e1c2fa479336fb7a2b90aea78c10d037e98 Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Sun Apr 26 21:04:20 2015 +0200 gtk: Fix VTE focus grabbing At least on GTK2, the VTE terminal has to be specified as target of gtk_widget_grab_focus. Otherwise, switching from one VTE terminal to another causes the focus to get lost. CC: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> [ kraxel: fixed build with CONFIG_VTE=n ] Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit 4eb276408363aef5435a72a8e818f24220b5edd0 Author: Greg Bellows <greg.bellows@xxxxxxxxxx> Date: Sun Apr 26 16:49:26 2015 +0100 Allow ARMv8 SCR.SMD updates Updated scr_write to always allow updates to the SCR.SMD bit on ARMv8 regardless of whether virtualization (EL2) is enabled or not. Signed-off-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Message-id: 1429888797-4378-1-git-send-email-greg.bellows@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 3d5c84ff21a8a7a3bfb3a75154be8905e62f51db Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Sun Apr 26 16:49:26 2015 +0100 target-arm: Adjust id_aa64pfr0 when has_el3 CPU property disabled Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Message-id: 1429669112-29835-1-git-send-email-serge.fdrv@xxxxxxxxx Reviewed-by: Greg Bellows <greg.bellows@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 7ebd5f2e03a00889619bb97e83062d27066d4a26 Author: Sergey Fedorov <serge.fdrv@xxxxxxxxx> Date: Sun Apr 26 16:49:25 2015 +0100 target-arm: rename c1_coproc to cpacr_el1 Rename the field holding CPACR_EL1 system register state in AArch64 naming style. Signed-off-by: Sergey Fedorov <serge.fdrv@xxxxxxxxx> [PMM: also fixed a couple of missed occurrences in cpu.c] Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ef7bab8d73580b48bda83b8d16b5eea8a3ac43fe Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:25 2015 +0100 target-arm: Check watchpoints against CPU security state Fix a TODO in bp_wp_matches() now that we have a function for testing whether the CPU is currently in Secure mode or not. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit 9e1fc5bdfdf94564abf7621c0ef644599196360f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:25 2015 +0100 target-arm: Use attribute info to handle user-only watchpoints Now that we have memory access attribute information in the watchpoint checking code, we can correctly implement handling of watchpoints which should match only on userspace accesses, where LDRT/STRT/LDT/STT from EL1 are treated as userspace accesses. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit 0995bf8cd91b81ec9c1078e37b808794080dc5c0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:25 2015 +0100 target-arm: Add user-mode transaction attribute Add a transaction attribute indicating that a memory access is being done from user-mode (unprivileged). This corresponds to an equivalent signal in ARM AMBA buses. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit ebca90e4c3aaaae5ed1ee7c569dea00d5d6ed476 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:25 2015 +0100 target-arm: Use correct memory attributes for page table walks Factor out the page table walk memory accesses into their own function, so that we can specify the correct S/NS memory attributes for them. This will also provide a place to use the correct endianness and handle the need for a stage-2 translation when virtualization is supported. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit 8bf5b6a9c1911d2c8473385fc0cebfaaeef42dbc Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:25 2015 +0100 target-arm: Honour NS bits in page tables Honour the NS bit in ARM page tables: * when adding entries to the TLB, include the Secure/NonSecure transaction attribute * set the NS bit in the PAR when doing ATS operations Note that we don't yet correctly use the NSTable bit to cause the page table walk itself to use the right attributes. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit 42874d3a8c6267ff7789a0396843c884b1d0933a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:24 2015 +0100 Switch non-CPU callers from ld/st*_phys to address_space_ld/st* Switch all the uses of ld/st*_phys to address_space_ld/st*, except for those cases where the address space is the CPU's (ie cs->as). This was done with the following script which generates a Coccinelle patch. A few over-80-columns lines in the result were rewrapped by hand where Coccinelle failed to do the wrapping automatically, as well as one location where it didn't put a line-continuation '\' when wrapping lines on a change made to a match inside a macro definition. ===begin=== #!/bin/sh -e # Usage: # ./ldst-phys.spatch.sh > ldst-phys.spatch # spatch -sp_file ldst-phys.spatch -dir . | sed -e '/^+/s/\t/ /g' > out.patch # patch -p1 < out.patch for FN in ub uw_le uw_be l_le l_be q_le q_be uw l q; do cat <<EOF @ cpu_matches_ld_${FN} @ expression E1,E2; identifier as; @@ ld${FN}_phys(E1->as,E2) @ other_matches_ld_${FN} depends on !cpu_matches_ld_${FN} @ expression E1,E2; @@ -ld${FN}_phys(E1,E2) +address_space_ld${FN}(E1,E2, MEMTXATTRS_UNSPECIFIED, NULL) EOF done for FN in b w_le w_be l_le l_be q_le q_be w l q; do cat <<EOF @ cpu_matches_st_${FN} @ expression E1,E2,E3; identifier as; @@ st${FN}_phys(E1->as,E2,E3) @ other_matches_st_${FN} depends on !cpu_matches_st_${FN} @ expression E1,E2,E3; @@ -st${FN}_phys(E1,E2,E3) +address_space_st${FN}(E1,E2,E3, MEMTXATTRS_UNSPECIFIED, NULL) EOF done ===endit=== Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit 66b9b43c42049bcae37668e890fedde9a72c8167 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:24 2015 +0100 exec.c: Capture the memory attributes for a watchpoint hit Capture the memory attributes for the transaction which triggered a watchpoint; this allows CPU specific code to implement features like ARM's "user-mode only WPs also hit for LDRT/STRT accesses made from privileged code". This change also correctly passes through the memory attributes to the underlying device when a watchpoint access doesn't hit. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit 500131154d677930fce35ec3a6f0b5a26bcd2973 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:24 2015 +0100 exec.c: Add new address_space_ld*/st* functions Add new address_space_ld*/st* functions which allow transaction attributes and error reporting for basic load and stores. These are named to be in line with the address_space_read/write/rw buffer operations. The existing ld/st*_phys functions are now wrappers around the new functions. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit 5c9eb0286c819c1836220a32f2e1a7b5004ac79a Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:24 2015 +0100 exec.c: Make address_space_rw take transaction attributes Make address_space_rw take transaction attributes, rather than always using the 'unspecified' attributes. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit f25a49e0057bbfcc2b1111f60785d919b6ddaeea Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:24 2015 +0100 exec.c: Convert subpage memory ops to _with_attrs Convert the subpage memory ops to _with_attrs; this will allow us to pass the attributes through to the underlying access functions. (Nothing uses the attributes yet.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit fadc1cbe85c6b032d5842ec0d19d209f50fcb375 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:24 2015 +0100 Add MemTxAttrs to the IOTLB Add a MemTxAttrs field to the IOTLB, and allow target-specific code to set it via a new tlb_set_page_with_attrs() function; pass the attributes through to the device when making IO accesses. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit e469b22ffda40188954fafaf6e3308f58d50f8f8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:23 2015 +0100 Make CPU iotlb a structure rather than a plain hwaddr Make the CPU iotlb a structure rather than a plain hwaddr; this will allow us to add transaction attributes to it. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit 3b6434953934e6d4a776ed426d8c6d6badee176f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:23 2015 +0100 memory: Replace io_mem_read/write with memory_region_dispatch_read/write Rather than retaining io_mem_read/write as simple wrappers around the memory_region_dispatch_read/write functions, make the latter public and change all the callers to use them, since we need to touch all the callsites anyway to add MemTxAttrs and MemTxResult support. Delete io_mem_read and io_mem_write entirely. (All the callers currently pass MEMTXATTRS_UNSPECIFIED and convert the return value back to bool or ignore it.) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit cc05c43ad942165ecc6ffd39e41991bee43af044 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sun Apr 26 16:49:23 2015 +0100 memory: Define API for MemoryRegionOps to take attrs and return status Define an API so that devices can register MemoryRegionOps whose read and write callback functions are passed an arbitrary pointer to some transaction attributes and can return a success-or-failure status code. This will allow us to model devices which: * behave differently for ARM Secure/NonSecure memory accesses * behave differently for privileged/unprivileged accesses * may return a transaction failure (causing a guest exception) for erroneous accesses This patch defines the new API and plumbs the attributes parameter through to the memory.c public level functions io_mem_read() and io_mem_write(), where it is currently dummied out. The success/failure response indication is also propagated out to io_mem_read() and io_mem_write(), which retain the old-style boolean true-for-error return. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alex Bennée <alex.bennee@xxxxxxxxxx> commit e1a5476354d396773e4c555f126d752d4ae58fa9 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Sat Apr 25 22:05:07 2015 +0100 Open 2.4 development tree Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2d5a8346a484250934526a15b3a522bdba7e6772 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Wed Apr 15 09:19:23 2015 -0600 qmp: Give saner messages related to qmp_capabilities misuse Pretending that QMP doesn't understand a command merely because we are not in the right mode doesn't help first-time users figure out what to do to correct things. Although the documentation for QMP calls out capabilities negotiation, we should also make it clear in our error messages what we were expecting. With this patch, I now get the following transcript: $ ./x86_64-softmmu/qemu-system-x86_64 -qmp stdio -nodefaults {"QMP": {"version": {"qemu": {"micro": 93, "minor": 2, "major": 2}, "package": ""}, "capabilities": []}} {"execute":"huh"} {"error": {"class": "CommandNotFound", "desc": "The command huh has not been found"}} {"execute":"quit"} {"error": {"class": "CommandNotFound", "desc": "Expecting capabilities negotiation with 'qmp_capabilities' before command 'quit'"}} {"execute":"qmp_capabilities"} {"return": {}} {"execute":"qmp_capabilities"} {"error": {"class": "CommandNotFound", "desc": "Capabilities negotiation is already complete, command 'qmp_capabilities' ignored"}} {"execute":"quit"} {"return": {}} {"timestamp": {"seconds": 1429110729, "microseconds": 181935}, "event": "SHUTDOWN"} Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Tested-By: Kashyap Chamarthy <kchamart@xxxxxxxxxx> Reviewed-by: Paulo Vital <paulo.vital@xxxxxxxxxxxxxxxx> Reviewed-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 43d0a2c1af5bc77ed067636db956209779351dfe Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Wed Apr 15 13:30:04 2015 +0200 qmp-commands: fix incorrect uses of ":O" specifier As far as the QMP parser is concerned, neither the 'O' nor the 'q' format specifiers put any constraint on the command. However, there are two differences: 1) from a documentation point of view 'O' says that this command takes a dictionary. The dictionary will be converted to QemuOpts in the handler to match the corresponding HMP command. 2) 'O' sets QMP_ACCEPT_UNKNOWNS, resulting in the command accepting invalid extra arguments. For example the following is accepted: { "execute": "send-key", "arguments": { "keys": [ { "type": "qcode", "data": "ctrl" }, { "type": "qcode", "data": "alt" }, { "type": "qcode", "data": "delete" } ], "foo": "bar" } } Neither send-key nor migrate-set-capabilities take a QemuOpts-like dictionary; they take an array of dictionaries. And neither command really wants to have extra unknown arguments. Thus, the right specifier to use in this case is 'q'; with this patch the above command fails with {"error": {"class": "GenericError", "desc": "Invalid parameter 'foo'"}} as intended. Reported-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Alberto Garcia <berto@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 6540e9f35bfeea2baf4509745516172070dca412 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Fri Apr 10 15:07:59 2015 -0600 qapi: Drop dead genlist parameter Defaulting a parameter to True, then having all callers omit or pass an explicit True for that parameter, is pointless. Looks like it has been dead since introduction in commit 06d64c6, more than 4 years ago. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> commit 46abb8124006887d071921c5e657eeec3c50a9e2 Author: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Date: Tue Mar 31 13:00:26 2015 -0400 balloon: improve error msg when adding second device A VM supports only one balloon device, but due to several changes in infrastructure the error message got messed up when trying to add a second device. Fix it. Before this fix Command-line: qemu-qmp: -device virtio-balloon-pci,id=balloon0: Another balloon device already registered qemu-qmp: -device virtio-balloon-pci,id=balloon0: Adding balloon handler failed qemu-qmp: -device virtio-balloon-pci,id=balloon0: Device 'virtio-balloon-pci' could not be initialized HMP: Another balloon device already registered Adding balloon handler failed Device 'virtio-balloon-pci' could not be initialized QMP: { "execute": "device_add", "arguments": { "driver": "virtio-balloon-pci", "id": "balloon0" } } { "error": { "class": "GenericError", "desc": "Adding balloon handler failed" } } After this fix Command-line: qemu-qmp: -device virtio-balloon-pci,id=balloon0: Only one balloon device is supported qemu-qmp: -device virtio-balloon-pci,id=balloon0: Device 'virtio-balloon-pci' could not be initialized HMP: (qemu) device_add virtio-balloon-pci,id=balloon0 Only one balloon device is supported Device 'virtio-balloon-pci' could not be initialized (qemu) QMP: { "execute": "device_add", "arguments": { "driver": "virtio-balloon-pci", "id": "balloon0" } } { "error": { "class": "GenericError", "desc": "Only one balloon device is supported" } } Signed-off-by: Luiz Capitulino <lcapitulino@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> commit e5b3a24181ea0cebf1c5b20f44d016311b7048f0 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Apr 24 15:05:06 2015 +0100 Update version for v2.3.0 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 779ce88fbd3f977112bc77ccb028b0ace762105e Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Tue Feb 17 10:41:08 2015 +0100 console/gtk: add qemu_console_get_label Add a new function to get a nice label for a given QemuConsole. Drop the labeling code in gtk.c and use the new function instead. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f8c223f69ac58488ea830597281b7ddd33037c4c Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Thu May 22 11:08:54 2014 +0200 gtk: bind to text terminal consoles too This way gtk has text terminal consoles even when building without vte. Most notably you'll get a monitor tab on windows now. Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f98f43eab0fcc536c5f95df3a94943d5dff5ccdc Author: Gerd Hoffmann <kraxel@xxxxxxxxxx> Date: Fri Feb 27 14:36:09 2015 +0100 gtk: handle switch_surface(NULL) properly Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit f2a581010cb8e3a2564a45a2863a33a732cc2fc7 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Apr 20 17:13:16 2015 +0100 Update version for v2.3.0-rc4 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit e05ca8200216149008fa1b1d1d847bf16691f6b4 Author: Michael S. Tsirkin <mst@xxxxxxxxxx> Date: Fri Apr 17 17:13:24 2015 +0200 vhost: fix log base address VHOST_SET_LOG_BASE got an incorrect address, causing migration errors and potentially even memory corruption. Reported-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Signed-off-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Amos Kong <akong@xxxxxxxxxx> Message-id: 1429283565-32265-1-git-send-email-mst@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 638b8366200130cc7cf7a026630bc6bfb63b0c4c Author: Alberto Garcia <berto@xxxxxxxxxx> Date: Fri Apr 17 15:44:48 2015 +0300 hmp: fix crash in 'info block -n -v' The image field in BlockDeviceInfo should never be null, however bdrv_block_device_info() is not filling it in. This makes the 'info block -n -v' command crash QEMU. The proper solution is probably to move the relevant code from bdrv_query_info() to bdrv_block_device_info(), but since we're too close to the release for that this simpler workaround solves the crash. Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx> Message-id: 1429274688-8115-1-git-send-email-berto@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 87a8adc0876c11a434d3ecdfb10cd797259ddaaa Merge: b6df74c 0ca4f94 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Apr 17 12:54:46 2015 +0100 Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150417-2' into staging MIPS patches 2015-04-17 Changes: * fix broken fulong2e # gpg: Signature made Fri Apr 17 12:14:37 2015 BST using RSA key ID 0B29DA6B # gpg: Can't check signature: public key not found * remotes/lalrae/tags/mips-20150417-2: mips: fix broken fulong2e machine Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b6df74c46528646f3163890cf16b74af551c3494 Merge: 993ebe4 6cec43e Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Apr 17 12:37:38 2015 +0100 Merge remote-tracking branch 'remotes/kraxel/tags/pull-fwcfg-20150414-1' into staging fw_cfg: add documentation file (docs/specs/fw_cfg.txt) # gpg: Signature made Tue Apr 14 12:22:20 2015 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann <gerd@xxxxxxxxxx>" # gpg: aka "Gerd Hoffmann (private) <kraxel@xxxxxxxxx>" * remotes/kraxel/tags/pull-fwcfg-20150414-1: fw_cfg: add documentation file (docs/specs/fw_cfg.txt) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 0ca4f94195cce77b624edc6d9abcf14a3bf01f06 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Apr 16 21:11:23 2015 +0100 mips: fix broken fulong2e machine After commit 5312bd8 the bonito_readl() and bonito_writel() have been accessing incorrect addresses. Consequently QEMU is crashing when trying to boot Linux kernel on fulong2e machine. Cc: qemu-stable@xxxxxxxxxx Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Leon Alrae <leon.alrae@xxxxxxxxxx> commit 993ebe4a0be9aa4e4821818a81fab00b1ab1a79a Author: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Date: Fri Apr 17 08:16:49 2015 +0100 target-ppc: don't invalidate msr MSR_HVB bit in cpu_post_load The invalidation code introduced in commit 2360b works by inverting most bits of env->msr to ensure that hreg_store_msr() will forcibly update the CPU env state to reflect the new msr value post-migration. Unfortunately hreg_store_msr() is called with alter_hv set to 0 which preserves the MSR_HVB state from the CPU env which is now the opposite value to what it should be. Ensure that we don't invalidate the msr MSR_HVB bit during cpu_post_load so that the correct value is restored. This fixes suspend/resume for PPC64. Reported-by: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx> Reviewed-by: Alexander Graf <agraf@xxxxxxx> Message-id: 1429255009-12751-1-git-send-email-mark.cave-ayland@xxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6cec43e178cde38a3eac43a2cd741ce741b10f36 Author: Gabriel L. Somlo <somlo@xxxxxxx> Date: Thu Apr 9 10:40:01 2015 -0400 fw_cfg: add documentation file (docs/specs/fw_cfg.txt) This document covers the guest-side hardware interface, as well as the host-side programming API of QEMU's firmware configuration (fw_cfg) device. Signed-off-by: Jordan Justen <jordan.l.justen@xxxxxxxxx> Signed-off-by: Gabriel Somlo <somlo@xxxxxxx> Reviewed-by: Laszlo Ersek <lersek@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> commit b8df9208f357d2b36e1b19634aea973618dc7ba8 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Mon Apr 13 17:35:44 2015 +0100 Update version for v2.3.0-rc3 release Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit ae6e8ef11e6cb43ec83a5846e8f3b266834cf280 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Fri Apr 10 13:58:01 2015 +0100 Revert seccomp tests that allow it to be used on non-x86 architectures Unfortunately it turns out that libseccomp 2.2 still does not work correctly on non-x86 architectures; return to the previous configure setup of insisting on libseccomp 2.1 or better and i386/x86_64 and disabling seccomp support in all other situations. This reverts the two commits: * "seccomp: libseccomp version varying according to arch" (commit 896848f0d3e2393905845ef2b244bb2601f9df0c) * "seccomp: update libseccomp version and remove arch restriction" (commit 8e27fc200457e3f2473d0069263774d4ba17bd85) Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Message-id: 1428670681-23032-1-git-send-email-peter.maydell@xxxxxxxxxx commit 4d0ecde44ae6dab3aa9d10c23e61d9d43789731a Author: Thomas Huth <thuth@xxxxxxxxxx> Date: Thu Apr 9 15:32:45 2015 +0200 pci: Fix crash with illegal "-net nic, model=xxx" option Current QEMU crashes when specifying an illegal model with the "-net nic,model=xxx" option, e.g.: $ qemu-system-x86_64 -net nic,model=n/a qemu-system-x86_64: Unsupported NIC model: n/a Program received signal SIGSEGV, Segmentation fault. The gdb backtrace looks like this: 0x0000555555965fe0 in error_get_pretty (err=0x0) at util/error.c:152 152 return err->msg; (gdb) bt 0 0x0000555555965fe0 in error_get_pretty (err=0x0) at util/error.c:152 1 0x0000555555965ffd in error_report_err (err=0x0) at util/error.c:157 2 0x0000555555809c90 in pci_nic_init_nofail (nd=0x555555e49860 <nd_table>, rootbus=0x5555564409b0, default_model=0x55555598c37b "e1000", default_devaddr=0x0) at hw/pci/pci.c:1663 3 0x0000555555691e42 in pc_nic_init (isa_bus=0x555556f71900, pci_bus=0x5555564409b0) at hw/i386/pc.c:1506 4 0x000055555569396b in pc_init1 (machine=0x5555562abbf0, pci_enabled=1, kvmclock_enabled=1) at hw/i386/pc_piix.c:248 5 0x0000555555693d27 in pc_init_pci (machine=0x5555562abbf0) at hw/i386/pc_piix.c:310 6 0x000055555572ddf5 in main (argc=3, argv=0x7fffffffe018, envp=0x7fffffffe038) at vl.c:4226 The problem is that pci_nic_init_nofail() does not check whether the err parameter from pci_nic_init has been set up and thus passes a NULL pointer to error_report_err(). Fix it by correctly checking the err parameter. Signed-off-by: Thomas Huth <thuth@xxxxxxxxxx> Reviewed-by: Michael S. Tsirkin <mst@xxxxxxxxxx> Reviewed-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 342b0711cd62ddc08d334d879eac57b68f925fd5 Author: Andreas Färber <afaerber@xxxxxxx> Date: Fri Apr 10 16:37:56 2015 +0200 stm32f205: Fix SoC type name The type name for the SoC device, unlike those of its sub-devices, did not follow the QOM naming conventions. While the usage is internal only, this is exposed through QMP and HMP, so fix it before release. Cc: Alistair Francis <alistair.francis@xxxxxxxxxx> Signed-off-by: Andreas Färber <afaerber@xxxxxxx> Reviewed-by: Alistair Francis <alistair@xxxxxxxxxxxxx> Message-id: 1428676676-23056-1-git-send-email-afaerber@xxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit c0c8584142a13e728178e51f2477c23a84ce74b4 Author: Dirk Müller <dirk@xxxxxxxx> Date: Sat Apr 4 14:15:10 2015 +0200 cris: memory: Replace memory_region_init_ram with memory_region_allocate_system_memory Commit 0b183fc871:"memory: move mem_path handling to memory_region_allocate_system_memory" split memory_region_init_ram and memory_region_init_ram_from_file. Also it moved mem-path handling a step up from memory_region_init_ram to memory_region_allocate_system_memory. Therefore for any board that uses memory_region_init_ram directly, -mem-path is not supported. Fix this by replacing memory_region_init_ram with memory_region_allocate_system_memory. Tested-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> Cc: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxx> Signed-off-by: Dirk Mueller <dmueller@xxxxxxxx> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xxxxxxxxxx> commit 58c24a4775ef7ccf16cfcd695753dfdf149fe29d Author: Dirk Müller <dirk@xxxxxxxx> Date: Sat Apr 4 14:14:14 2015 +0200 alpha: memory: Replace memory_region_init_ram with memory_region_allocate_system_memory Commit 0b183fc871:"memory: move mem_path handling to memory_region_allocate_system_memory" split memory_region_init_ram and memory_region_init_ram_from_file. Also it moved mem-path handling a step up from memory_region_init_ram to memory_region_allocate_system_memory. Therefore for any board that uses memory_region_init_ram directly, -mem-path is not supported. Fix this by replacing memory_region_init_ram with memory_region_allocate_system_memory. Cc: Richard Henderson <rth@xxxxxxxxxxx> Signed-off-by: Dirk Mueller <dmueller@xxxxxxxx> Acked-by: Richard Henderson <rth@xxxxxxxxxxx> Message-id: CAL5wTH64_ykF17cw2T1Axq8P3vCWm=6WbUJ3qJrLF-u+-MmzUw@xxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit b7ccb83f44eca09e48c61866a090425c762598f0 Author: Dirk Müller <dirk@xxxxxxxx> Date: Sat Apr 4 14:16:18 2015 +0200 lm32: memory: Replace memory_region_init_ram with memory_region_allocate_system_memory Commit 0b183fc871:"memory: move mem_path handling to memory_region_allocate_system_memory" split memory_region_init_ram and memory_region_init_ram_from_file. Also it moved mem-path handling a step up from memory_region_init_ram to memory_region_allocate_system_memory. Therefore for any board that uses memory_region_init_ram directly, -mem-path is not supported. Fix this by replacing memory_region_init_ram with memory_region_allocate_system_memory. Cc: Michael Walle <michael@xxxxxxxx> Signed-off-by: Dirk Mueller <dmueller@xxxxxxxx> Acked-by: Michael Walle <michael@xxxxxxxx> Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 81b23ef82cd1be29ca3d69ab7e98b5b5e55926ce Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Mar 31 15:18:03 2015 +0100 xen: limit guest control of PCI command register Otherwise the guest can abuse that control to cause e.g. PCIe Unsupported Request responses (by disabling memory and/or I/O decoding and subsequently causing [CPU side] accesses to the respective address ranges), which (depending on system configuration) may be fatal to the host. This is CVE-2015-2756 / XSA-126. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx> Message-id: alpine.DEB.2.02.1503311510300.7690@xxxxxxxxxxxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 6a460ed18a3fda0eb2d9c96b8b01817b4dcbded4 Author: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Date: Thu Apr 9 14:52:18 2015 +0100 configure: disable Archipelago by default and warn about libxseg GPLv3 license libxseg has changed license to GPLv3. QEMU includes GPL "v2 only" code which is not compatible with GPLv3. This means the resulting binaries may not be redistributable! Disable Archipelago (libxseg) by default to prevent accidental license violations. Also warn if linking against libxseg is enabled to remind the user. Note that this commit does not constitute any advice about software licensing. If you have doubts you should consult a lawyer. Cc: Chrysostomos Nanakos <cnanakos@xxxxxxxx> Suggested-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reported-by: Andreas Färber <afaerber@xxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Reviewed-by: Andreas Färber <afaerber@xxxxxxx> Message-id: 1428587538-8765-1-git-send-email-stefanha@xxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit a6f2cb037a82fb8679e70e175cfbc879dd829e06 Merge: cf811ff 05b685f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Thu Apr 9 12:05:00 2015 +0100 Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging # gpg: Signature made Thu Apr 9 10:55:11 2015 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@xxxxxxxxxx>" # gpg: aka "Stefan Hajnoczi <stefanha@xxxxxxxxx>" * remotes/stefanha/tags/block-pull-request: block/iscsi: handle zero events from iscsi_which_events aio: strengthen memory barriers for bottom half scheduling virtio-blk: correctly dirty guest memory qcow2: Fix header update with overridden backing file Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit cf811fff2ae20008f00455d0ab2212a4dea0b56f Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Wed Apr 8 20:57:09 2015 +0100 tcg/tcg-op.c: Fix ld/st of 64 bit values on 32-bit bigendian hosts Commit 951c6300f7 out-of-lined the 32-bit-host versions of tcg_gen_{ld,st}_i64, but in the process it inadvertently changed an #ifdef HOST_WORDS_BIGENDIAN to #ifdef TCG_TARGET_WORDS_BIGENDIAN. Since the latter doesn't get defined anywhere this meant we always took the "LE host" codepath, and stored the two halves of the value in the wrong order on BE hosts. This typically breaks any 64-bit guest on a 32-bit BE host completely, and will have possibly more subtle effects even for 32-bit guests. Switch the ifdef back to HOST_WORDS_BIGENDIAN. Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> Reviewed-by: Richard Henderson <rth@xxxxxxxxxxx> Tested-by: Andreas Färber <afaerber@xxxxxxx> Message-id: 1428523029-13620-1-git-send-email-peter.maydell@xxxxxxxxxx commit 05b685fbabb7fdcab72cb42b27db916fd74b2265 Author: Peter Lieven <pl@xxxxxxx> Date: Tue Apr 7 22:08:15 2015 +0200 block/iscsi: handle zero events from iscsi_which_events newer libiscsi versions may return zero events from iscsi_which_events. In this case iscsi_service will return immediately without any progress. To avoid busy waiting for iscsi_which_events to change we deregister all read and write handlers in this case and schedule a timer to periodically check iscsi_which_events for changed events. Next libiscsi version will introduce async reconnects and zero events are returned while libiscsi is waiting for a reconnect retry. Signed-off-by: Peter Lieven <pl@xxxxxxx> Message-id: 1428437295-29577-1-git-send-email-pl@xxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e8d3b1a25f284cdf9705b7cf0412281cc9ee3a36 Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Tue Apr 7 17:16:19 2015 +0200 aio: strengthen memory barriers for bottom half scheduling There are two problems with memory barriers in async.c. The fix is to use atomic_xchg in order to achieve sequential consistency between the scheduling of a bottom half and the corresponding execution. First, if bh->scheduled is already 1 in qemu_bh_schedule, QEMU does not execute a memory barrier to order any writes needed by the callback before the read of bh->scheduled. If the other side sees req->state as THREAD_ACTIVE, the callback is not invoked and you get deadlock. Second, the memory barrier in aio_bh_poll is too weak. Without this patch, it is possible that bh->scheduled = 0 is not "published" until after the callback has returned. Another thread wants to schedule the bottom half, but it sees bh->scheduled = 1 and does nothing. This causes a lost wakeup. The memory barrier should have been changed to smp_mb() in commit 924fe12 (aio: fix qemu_bh_schedule() bh->ctx race condition, 2014-06-03) together with qemu_bh_schedule()'s. Guess who reviewed that patch? Both of these involve a store and a load, so they are reproducible on x86_64 as well. It is however much easier on aarch64, where the libguestfs test suite triggers the bug fairly easily. Even there the failure can go away or appear depending on compiler optimization level, tracing options, or even kernel debugging options. Paul Leveille however reported how to trigger the problem within 15 minutes on x86_64 as well. His (untested) recipe, reproduced here for reference, is the following: 1) Qcow2 (or 3) is critical â?? raw files alone seem to avoid the problem. 2) Use â??cache=directsyncâ?? rather than the default of â??cache=noneâ?? to make it happen easier. 3) Use a server with a write-back RAID controller to allow for rapid IO rates. 4) Run a random-access load that (mostly) writes chunks to various files on the virtual block device. a. I use â??diskload.exe c:25â??, a Microsoft HCT load generator, on Windows VMs. b. Iometer can probably be configured to generate a similar load. 5) Run multiple VMs in parallel, against the same storage device, to shake the failure out sooner. 6) IvyBridge and Haswell processors for certain; not sure about others. A similar patch survived over 12 hours of testing, where an unpatched QEMU would fail within 15 minutes. This bug is, most likely, also the cause of failures in the libguestfs testsuite on AArch64. Thanks to Laszlo Ersek for initially reporting this bug, to Stefan Hajnoczi for suggesting closer examination of qemu_bh_schedule, and to Paul for providing test input and a prototype patch. Reported-by: Laszlo Ersek <lersek@xxxxxxxxxx> Reported-by: Paul Leveille <Paul.Leveille@xxxxxxxxxxx> Reported-by: John Snow <jsnow@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Message-id: 1428419779-26062-1-git-send-email-pbonzini@xxxxxxxxxx Suggested-by: Paul Leveille <Paul.Leveille@xxxxxxxxxxx> Suggested-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit c8623c0215e18eb4a8ec73eba014d97e51ed707e Author: Dirk Müller <dirk@xxxxxxxx> Date: Sat Apr 4 14:24:38 2015 +0200 arm: memory: Replace memory_region_init_ram with memory_region_allocate_system_memory Commit 0b183fc871:"memory: move mem_path handling to memory_region_allocate_system_memory" split memory_region_init_ram and memory_region_init_ram_from_file. Also it moved mem-path handling a step up from memory_region_init_ram to memory_region_allocate_system_memory. Therefore for any board that uses memory_region_init_ram directly, -mem-path is not supported. Fix this by replacing memory_region_init_ram with memory_region_allocate_system_memory. Signed-off-by: Dirk Mueller <dmueller@xxxxxxxx> Message-id: CAL5wTH4UHYKpJF=dLJfFzxpufjY189chnCow47-ySuLf8GLbug@xxxxxxxxxxxxxx Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 2a6cdd6d35158bc7a6aacd92b5b0302f28ec480e Author: Paolo Bonzini <pbonzini@xxxxxxxxxx> Date: Thu Apr 2 19:50:44 2015 +0200 virtio-blk: correctly dirty guest memory After qemu_iovec_destroy, the QEMUIOVector's size is zeroed and the zero size ultimately is used to compute virtqueue_push's len argument. Therefore, reads from virtio-blk devices did not migrate their results correctly. (Writes were okay). Save the size in virtio_blk_handle_request, and use it when the request is completed. Based on a patch by Wen Congyang. Signed-off-by: Wen Congyang <wency@xxxxxxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Tested-by: Li Zhijian <lizhijian@xxxxxxxxxxxxxx> Message-id: 1427997044-392-1-git-send-email-pbonzini@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit e4603fe139e2161464d7e75faa3a650e31f057fc Author: Kevin Wolf <kwolf@xxxxxxxxxx> Date: Tue Apr 7 15:03:16 2015 +0200 qcow2: Fix header update with overridden backing file In recent qemu versions, it is possible to override the backing file name and format that is stored in the image file with values given at runtime. In such cases, the temporary override could end up in the image header if the qcow2 header was updated, while obviously correct behaviour would be to leave the on-disk backing file path/format unchanged. Fix this and add a test case for it. Reported-by: Michael Tokarev <mjt@xxxxxxxxxx> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx> Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> Message-id: 1428411796-2852-1-git-send-email-kwolf@xxxxxxxxxx Signed-off-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> commit 5a24f20a7208a58fb80d78ca0521bba6f4d7b145 Merge: f2155a0 9be6e69 Author: Peter Maydell <peter.maydell@xxxxxxxxxx> Date: Tue Apr 7 14:33:46 2015 +0100 Merge remote-tracking branch 'remotes/mjt/tags/pull-trivial-patches-2015-04-04' into staging trivial patches for 2015-04-04 # gpg: Signature made Sat Apr 4 08:07:49 2015 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@xxxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxx>" # gpg: aka "Michael Tokarev <mjt@xxxxxxxxxx>" * remotes/mjt/tags/pull-trivial-patches-2015-04-04: vhost: fix typo in vq_index description gitignore: Ignore more .pod files. target-tricore: Fix check which was always false target-i386: remove superfluous TARGET_HAS_SMC macro pcspk: Fix I/O port name Signed-off-by: Peter Maydell <peter.maydell@xxxxxxxxxx> commit 9be6e69f12bc65e9c43ee5b8eb026412f11b8b71 Author: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Date: Thu Mar 26 12:10:29 2015 +0100 vhost: fix typo in vq_index description Signed-off-by: Greg Kurz <gkurz@xxxxxxxxxxxxxxxxxx> Acked-by: Jason Wang <jasowang@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 085feb61dbc6130bfd2e6c3f59d03220ff9e1bb3 Author: Eric Blake <eblake@xxxxxxxxxx> Date: Fri Mar 20 10:30:44 2015 -0600 gitignore: Ignore more .pod files. kvm_stat.{1,pod} started showing up as untracked files in my directory, and I nearly accidentally merged them into a commit with my usual habit of 'git add .'. Rather than spelling out each such file, just ignore the entire pattern. Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> Reviewed-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 7b4b0b5795e934a9b7efb916af86715b68555be9 Author: Stefan Weil <sw@xxxxxxxxxxx> Date: Sat Mar 21 14:44:58 2015 +0100 target-tricore: Fix check which was always false With a mask value of 0x00400000, the result will never be 1. This fixes a Coverity warning. Signed-off-by: Stefan Weil <sw@xxxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit 9c04146ad4696b20c440bfbb4a6ab27ea254e7ca Author: Emilio G. Cota <cota@xxxxxxxxx> Date: Sat Mar 21 13:29:09 2015 -0400 target-i386: remove superfluous TARGET_HAS_SMC macro Signed-off-by: Emilio G. Cota <cota@xxxxxxxxx> Reviewed-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> commit ecf2e5a46d7559f258a2c914131ba25d3c5326bf Author: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Date: Thu Mar 19 13:08:40 2015 +0100 pcspk: Fix I/O port name Probably a copy&paste bug. Fixing it helps identifying the device model behind port 0x61. Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> Reviewed-by: Gonglei <arei.gonglei@xxxxxxxxxx> Signed-off-by: Michael Tokarev <mjt@xxxxxxxxxx> Revision graph left in /home/logs/results/bisect/qemu-mainline/test-amd64-i386-xl-qemuu-debianhvm-amd64.debian-hvm-install.{dot,ps,png,html,svg}. ---------------------------------------- 65229: tolerable ALL FAIL flight 65229 qemu-mainline real-bisect [real] http://logs.test-lab.xenproject.org/osstest/logs/65229/ Failures :-/ but no regressions. Tests which did not succeed, including tests which could not be run: test-amd64-i386-xl-qemuu-debianhvm-amd64 9 debian-hvm-install fail baseline untested jobs: test-amd64-i386-xl-qemuu-debianhvm-amd64 fail ------------------------------------------------------------ sg-report-flight on osstest.test-lab.xenproject.org logs: /home/logs/logs images: /home/logs/images Logs, config files, etc. are available at http://logs.test-lab.xenproject.org/osstest/logs Explanation of these reports, and of osstest in general, is at http://xenbits.xen.org/gitweb/?p=osstest.git;a=blob;f=README.email;hb=master http://xenbits.xen.org/gitweb/?p=osstest.git;a=blob;f=README;hb=master Test harness code can be found at http://xenbits.xen.org/gitweb?p=osstest.git;a=summary _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |